Class JCEHandler

java.lang.Object
org.jpos.security.jceadapter.JCEHandler
public class JCEHandler extends Object

Provides some higher level methods that are needed by the JCE Security Module, yet they are generic and can be used elsewhere.

It depends on the JavaTM Cryptography Extension (JCE).

  • Nested Class Summary

    Nested Classes
    Modifier and Type
    Class
    Description
    protected static class 
    JCEHandler.MacEngineKey
    Class used for indexing MAC algorithms in cache

  • Constructor Summary

    Constructors
    Constructor
    Description
    JCEHandler()
     

  • Method Summary

    Modifier and Type
    Method
    Description
    byte[]
    decryptData(byte[] encryptedData, Key key)
    Decrypts data
    byte[]
    decryptDataCBC(byte[] encryptedData, Key key, byte[] iv)
    Decrypts data
    Key
    decryptDESKey(short keyLength, byte[] encryptedDESKey, Key encryptingKey, boolean checkParity)
    Decrypts an encrypted DES/Triple-DES key
    byte[]
    encryptData(byte[] data, Key key)
    Encrypts data
    byte[]
    encryptDataCBC(byte[] data, Key key, byte[] iv)
    Encrypts data
    byte[]
    encryptDESKey(short keyLength, Key clearDESKey, Key encryptingKey)
    Encrypts (wraps) a clear DES Key, it also sets odd parity before encryption
    protected byte[]
    extractDESKeyMaterial(short keyLength, Key clearDESKey)
    Extracts the DES/DESede key material
    protected Key
    formDESKey(short keyLength, byte[] clearKeyBytes)
    Forms the clear DES key given its "RAW" encoded bytes Does the inverse of extractDESKeyMaterial
    Key
    generateDESKey(short keyLength)
    Generates a clear DES (DESede) key
    byte[]
    generateMAC(byte[] data, Key kd, String macAlgorithm)
    Generates MAC (Message Message Authentication Code) for some data.

    Methods inherited from class Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Constructor Details

  • Method Details

    • generateDESKey

      public Key generateDESKey(short keyLength) throws JCEHandlerException
      Generates a clear DES (DESede) key
      Parameters:
      keyLength - the bit length (key size) of the generated key (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)
      Returns:
      generated clear DES (or DESede) key
      Throws:
      JCEHandlerException

    • encryptDESKey

      public byte[] encryptDESKey(short keyLength, Key clearDESKey, Key encryptingKey) throws JCEHandlerException
      Encrypts (wraps) a clear DES Key, it also sets odd parity before encryption
      Parameters:
      keyLength - bit length (key size) of the clear DES key (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)
      clearDESKey - DES/Triple-DES key whose format is "RAW" (for a DESede with 2 Keys, keyLength = 128 bits, while DESede key with 3 keys keyLength = 192 bits)
      encryptingKey - can be a key of any type (RSA, DES, DESede...)
      Returns:
      encrypted DES key
      Throws:
      JCEHandlerException

    • extractDESKeyMaterial

      protected byte[] extractDESKeyMaterial(short keyLength, Key clearDESKey) throws JCEHandlerException
      Extracts the DES/DESede key material
      Parameters:
      keyLength - bit length (key size) of the DES key. (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)
      clearDESKey - DES/Triple-DES key whose format is "RAW"
      Returns:
      encoded key material
      Throws:
      JCEHandlerException

    • decryptDESKey

      public Key decryptDESKey(short keyLength, byte[] encryptedDESKey, Key encryptingKey, boolean checkParity) throws JCEHandlerException
      Decrypts an encrypted DES/Triple-DES key
      Parameters:
      keyLength - bit length (key size) of the DES key to be decrypted. (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)
      encryptedDESKey - the byte[] representing the encrypted key
      encryptingKey - can be of any algorithm (RSA, DES, DESede...)
      checkParity - if true, the parity of the key is checked
      Returns:
      clear DES (DESede) Key
      Throws:
      JCEHandlerException - if checkParity==true and the key does not have correct parity

    • formDESKey

      protected Key formDESKey(short keyLength, byte[] clearKeyBytes) throws JCEHandlerException
      Forms the clear DES key given its "RAW" encoded bytes Does the inverse of extractDESKeyMaterial
      Parameters:
      keyLength - bit length (key size) of the DES key. (LENGTH_DES, LENGTH_DES3_2KEY or LENGTH_DES3_3KEY)
      clearKeyBytes - the RAW DES/Triple-DES key
      Returns:
      clear key
      Throws:
      JCEHandlerException

    • encryptData

      public byte[] encryptData(byte[] data, Key key) throws JCEHandlerException
      Encrypts data
      Parameters:
      data -
      key -
      Returns:
      encrypted data
      Throws:
      JCEHandlerException

    • decryptData

      public byte[] decryptData(byte[] encryptedData, Key key) throws JCEHandlerException
      Decrypts data
      Parameters:
      encryptedData -
      key -
      Returns:
      clear data
      Throws:
      JCEHandlerException

    • encryptDataCBC

      public byte[] encryptDataCBC(byte[] data, Key key, byte[] iv) throws JCEHandlerException
      Encrypts data
      Parameters:
      data -
      key -
      iv - 8 bytes initial vector
      Returns:
      encrypted data
      Throws:
      JCEHandlerException

    • decryptDataCBC

      public byte[] decryptDataCBC(byte[] encryptedData, Key key, byte[] iv) throws JCEHandlerException
      Decrypts data
      Parameters:
      encryptedData -
      key -
      iv - 8 bytes initial vector
      Returns:
      clear data
      Throws:
      JCEHandlerException

    • generateMAC

      public byte[] generateMAC(byte[] data, Key kd, String macAlgorithm) throws JCEHandlerException
      Generates MAC (Message Message Authentication Code) for some data.
      Parameters:
      data - the data to be MACed
      kd - the key used for MACing
      macAlgorithm - MAC algorithm name suitable for Mac.getInstance(String)
      Returns:
      the MAC
      Throws:
      JCEHandlerException