Package craterdog.security

Class MessageCryptex

java.lang.Object
craterdog.security.MessageCryptex
public abstract class MessageCryptex extends Object
This abstract class defines constants and implements invariant methods that are needed by all concrete classes that implement key and message encryption and decryption.
Author:
Derk Norton

  • Constructor Details

    • MessageCryptex

      public MessageCryptex()

  • Method Details

    • encodeBytes

      public final String encodeBytes(byte[] bytes)
      This method encodes a byte array into a base 64 string.
      Parameters:
      bytes - The byte array to be encoded.
      Returns:
      The base 64 encoded string for those bytes.

    • encodeBytes

      public final String encodeBytes(byte[] bytes, String indentation)
      This method encodes a byte array into a base 64 string where each line is prepended with an indentation string.
      Parameters:
      bytes - The byte array to be encoded.
      indentation - The indentation string that should be prepended to each line of the output.
      Returns:
      The base 64 encoded string for those bytes.

    • decodeString

      public final byte[] decodeString(String base64String)
      This method decodes a base 64 string into its original bytes.
      Parameters:
      base64String - The base 64 encoded string.
      Returns:
      The corresponding decoded bytes.

    • getHashAlgorithm

      public abstract String getHashAlgorithm()
      This method returns the hash algorithm.
      Returns:
      The hash algorithm.

    • hashString

      public abstract String hashString(String string)
      This method returns a base 64 encoded SHA256 one-way hash of the specified string.
      Parameters:
      string - The string to be hashed.
      Returns:
      A base 64 encoded one-way hash of the string.

    • getSymmetricKeyType

      public abstract String getSymmetricKeyType()
      This method returns the symmetric key type used by this cryptex.
      Returns:
      The type of the symmetric keys.

    • getSymmetricKeySize

      public abstract int getSymmetricKeySize()
      This method returns the symmetric key size used by this cryptex.
      Returns:
      The size of the symmetric keys.

    • getSymmetricEncryptionAlgorithm

      public abstract String getSymmetricEncryptionAlgorithm()
      This method returns the symmetric encryption algorithm used by this cryptex.
      Returns:
      The name of the algorithm.

    • generateSharedKey

      public abstract SecretKey generateSharedKey()
      This method generates a shared (secret) key to be used for encrypting large amounts of data.
      Returns:
      The new shared (secret) key.

    • encryptString

      public final byte[] encryptString(SecretKey sharedKey, String string)
      This method encrypts a string using a shared key.
      Parameters:
      sharedKey - The shared key used for the encryption.
      string - The string to be encrypted.
      Returns:
      The encrypted string.

    • decryptString

      public final String decryptString(SecretKey sharedKey, byte[] encryptedString)
      This method decrypts a string using a shared key.
      Parameters:
      sharedKey - The shared key used for the encryption.
      encryptedString - The encrypted string.
      Returns:
      The decrypted string.

    • encryptStream

      public final void encryptStream(SecretKey sharedKey, InputStream input, OutputStream output) throws IOException
      This method encrypts a byte stream using a shared key.
      Parameters:
      sharedKey - The shared key used for the encryption.
      input - The byte stream to be encrypted.
      output - The encrypted output stream.
      Throws:
      IOException - Unable to encrypt the stream.

    • decryptStream

      public final void decryptStream(SecretKey sharedKey, InputStream input, OutputStream output) throws IOException
      This method decrypts a byte stream from an encrypted byte stream.
      Parameters:
      sharedKey - The shared key used for the encryption.
      input - The encrypted byte stream.
      output - The decrypted byte stream.
      Throws:
      IOException - Unable to decrypt the stream.

    • encryptionOutputStream

      public abstract CipherOutputStream encryptionOutputStream(SecretKey sharedKey, OutputStream output) throws IOException
      This method generates an output stream that performs encryption on another output stream.
      Parameters:
      sharedKey - The shared key used for the encryption.
      output - The output stream to be encrypted.
      Returns:
      The encrypting output stream.
      Throws:
      IOException - Unable to create an encryption output stream.

    • decryptionInputStream

      public abstract CipherInputStream decryptionInputStream(SecretKey sharedKey, InputStream input) throws IOException
      This method generates an input stream that performs decryption on another input stream.
      Parameters:
      sharedKey - The shared key used for the encryption.
      input - The input stream to be decrypted.
      Returns:
      The decrypting input stream.
      Throws:
      IOException - Unable to create a decryption input stream.

    • getAsymmetricKeyType

      public abstract String getAsymmetricKeyType()
      This method returns the asymmetric key type string.
      Returns:
      The asymmetric key type string.

    • getAsymmetricKeySize

      public abstract int getAsymmetricKeySize()
      This method returns the asymmetric key size.
      Returns:
      The asymmetric key size.

    • getAsymmetricSignatureAlgorithm

      public abstract String getAsymmetricSignatureAlgorithm()
      This method returns the asymmetric signature algorithm used by this cryptex.
      Returns:
      The name of the algorithm.

    • getAsymmetricEncryptionAlgorithm

      public abstract String getAsymmetricEncryptionAlgorithm()
      This method returns the asymmetric encryption algorithm used by this cryptex.
      Returns:
      The name of the algorithm.

    • generateKeyPair

      public abstract KeyPair generateKeyPair()
      This method generates a new public/private key pair.
      Returns:
      The new key pair.

    • encodePublicKey

      public final String encodePublicKey(PublicKey key)
      This method encodes a public key into a PEM string.
      Parameters:
      key - The public key.
      Returns:
      The corresponding PEM string.

    • encodePublicKey

      public abstract String encodePublicKey(PublicKey key, String indentation)
      This method encodes a public key into a PEM string with a prepended indentation string.
      Parameters:
      key - The public key.
      indentation - The indentation string that should be prepended to each line of the output.
      Returns:
      The corresponding PEM string.

    • decodePublicKey

      public abstract PublicKey decodePublicKey(String pem)
      This method decodes public key from a PEM string.
      Parameters:
      pem - The PEM string for the public key.
      Returns:
      The corresponding key.

    • getPasswordEncodingType

      public abstract String getPasswordEncodingType()
      This method returns the password encoding type used for password based encryption (PBE) used by this cryptex.
      Returns:
      The type of the password encoding.

    • generatePasswordKey

      public abstract SecretKey generatePasswordKey(char[] password)
      This method generates a password (secret) key to be used for encrypting a private key.
      Parameters:
      password - The password.
      Returns:
      The password key.

    • encodePrivateKey

      public final String encodePrivateKey(PrivateKey privateKey, SecretKey passwordKey)
      This method encodes a private key into a PEM string.
      Parameters:
      privateKey - The private key.
      passwordKey - The secret key, generated from a password, to be used to encrypt the private key.
      Returns:
      The corresponding PEM string.

    • encodePrivateKey

      public abstract String encodePrivateKey(PrivateKey privateKey, SecretKey passwordKey, String indentation)
      This method encodes a private key into a PEM string with a prepended indentation string.
      Parameters:
      privateKey - The private key.
      passwordKey - The secret key, generated from a password, to be used to encrypt the private key.
      indentation - The indentation string that should be prepended to each line of the output.
      Returns:
      The corresponding PEM string.

    • decodePrivateKey

      public abstract PrivateKey decodePrivateKey(String pem, SecretKey passwordKey)
      This method decodes private key from a PEM string.
      Parameters:
      pem - The PEM string for the private key.
      passwordKey - The secret key, generated from a password, to be used to decrypt the private key.
      Returns:
      The corresponding key.

    • signBytes

      public abstract byte[] signBytes(PrivateKey privateKey, byte[] bytes)
      This method signs a byte array.
      Parameters:
      privateKey - The private key used for signing.
      bytes - The byte array to be signed.
      Returns:
      The resulting signature.

    • bytesAreValid

      public abstract boolean bytesAreValid(PublicKey certificate, byte[] bytes, byte[] signature)
      This method checks to see if the signature for a signed byte array is valid.
      Parameters:
      certificate - The certificate containing the matching public key for the private key that signed the bytes.
      bytes - The byte array to be signed.
      signature - The signature to be validated.
      Returns:
      Whether or not the signature matches the byte array.

    • encryptSharedKey

      public abstract byte[] encryptSharedKey(PublicKey certificate, SecretKey sharedKey)
      This method encrypts a shared key using the public certificate of the destination for a data stream that will be encrypted using the shared key. Shared key-based encryption is much faster than public/private key pair-based encryption. But the shared key must be passed to the destination for this to work so the shared key is first encrypted using public/private key encryption.
      Parameters:
      certificate - The public certificate of the destination.
      sharedKey - The shared key to be encrypted.
      Returns:
      The encrypted shared key.

    • decryptSharedKey

      public abstract SecretKey decryptSharedKey(PrivateKey privateKey, byte[] encryptedKey)
      This method decrypts a shared key using the private key that is paired with the public certificate that was used to encrypt it at the source. The public certificate and private key belong to the destination of the communication.
      Parameters:
      privateKey - The private key of the destination.
      encryptedKey - The encrypted shared key.
      Returns:
      The decrypted shared key.