otie.security
Class SecurityManager

java.lang.Object
  otie.security.SecurityManager

public class SecurityManager

extends java.lang.Object

Title: SecurityManager

Description: The security manager acts both as a library class and as a wrapper class for centralizing security functionalities. The library functions can be used e.g. to encrypt and decrypt strings and to calculate message digests. The wrapping class provides a way to define the used algorithms (and passwords) in a separate metadata file (XML) and thus to change the functionality of the class on-the-fly.

Copyright: Copyright (c) Petteri Nurmi 2004

Company: Helsinki Insitute for Information Technology HIIT/BRU 2004

Version:

0.75

Author:

Petteri Nurmi

Field Summary

private java.lang.String	AlgorithmString The AlgorithmString attribute describes the algorithm that is to be used.
private sun.misc.BASE64Decoder	bDec A decoder for transforming the contents of an encrypted string into a screen-friendly format.
private sun.misc.BASE64Encoder	bEnc A encoder for transforming the contents of an encrypted string into a screen-friendly format.
private java.lang.String	encoding The encoding attribute defines the character encoding scheme that is used to map the encrypted strings into screen-friendly string.
private byte[]	IV_BYTES Random bytes that are used to create the initialization vector.
private javax.crypto.spec.IvParameterSpec	iVector The IvParameterSpec describes the initialization vector spefication.
private byte[]	KEY_BYTES Random bytes used when generating new keys.
private java.security.KeyPair	keyPair The initially generated random public/private key pair for asymmetric encryption.
private static byte[]	salt The salt used in crypting operations.
private javax.crypto.Cipher	symmetricCipher The Cipher object stays always the same so it is rational to implement it as a separate attribute
private javax.crypto.SecretKey	symmetricKey The random key that is used for symmetric encryption within this object.

Constructor Summary

SecurityManager()
The default constructor.

Method Summary

private void	createArrays() A method that initializes the byte[] arrays used for encryption.
java.lang.String	Decrypt(java.lang.String text) Decrypts a given String using the key value generated in the constuctor call.
java.lang.String	Encrypt(java.lang.String text) A method for encoding a given String using symmetric encryption.
static javax.crypto.SecretKey	getPBESecretKey(java.lang.String material) A method for generating a secret key from the given key material.
static java.lang.String	MD5Digest(java.lang.String text) A method for generating a MD5 digest for a given string.
static java.lang.String	PBEDecode(java.lang.String cipherText, javax.crypto.SecretKey sKey) A method for performing password based decryption using a PBE key.
static java.lang.String	PBEEncode(java.lang.String text, javax.crypto.SecretKey sKey) A method for performing password based encryption using a PBE key.
static java.lang.String	SHADigest(java.lang.String text) A method for generating a SHA digest for a given string.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

salt

private static byte[] salt

The salt used in crypting operations.

KEY_BYTES

private byte[] KEY_BYTES

Random bytes used when generating new keys.

IV_BYTES

private byte[] IV_BYTES

Random bytes that are used to create the initialization vector.

symmetricCipher

private javax.crypto.Cipher symmetricCipher

The Cipher object stays always the same so it is rational to implement it as a separate attribute

iVector

private javax.crypto.spec.IvParameterSpec iVector

The IvParameterSpec describes the initialization vector spefication.

symmetricKey

private javax.crypto.SecretKey symmetricKey

The random key that is used for symmetric encryption within this object.

keyPair

private java.security.KeyPair keyPair

The initially generated random public/private key pair for asymmetric encryption.

bEnc

private sun.misc.BASE64Encoder bEnc

A encoder for transforming the contents of an encrypted string into a screen-friendly format.

bDec

private sun.misc.BASE64Decoder bDec

A decoder for transforming the contents of an encrypted string into a screen-friendly format.

AlgorithmString

private java.lang.String AlgorithmString

The AlgorithmString attribute describes the algorithm that is to be used.

encoding

private java.lang.String encoding

The encoding attribute defines the character encoding scheme that is used to map the encrypted strings into screen-friendly string. Default value ISO-8859-1. For more universal support please use UTF-8.

Constructor Detail

SecurityManager

public SecurityManager()
                throws java.security.NoSuchAlgorithmException,
                       java.security.spec.InvalidKeySpecException,
                       javax.crypto.NoSuchPaddingException

The default constructor. Creates a new class with default parameters and also creates random keys that are used in encryption.

Throws:

java.security.NoSuchAlgorithmException - An error occurred when loading the encryption algorithm. Most probably this is due to an old JCE version as the functionality has been designed for Java SDK versions 1.4 and higher.

java.security.spec.InvalidKeySpecException - The key specification that is used inside the constructor has an error.

javax.crypto.NoSuchPaddingException - The default padding scheme is not supported by the system. Either change the padding scheme or install approriate JCE extensions.

Method Detail

getPBESecretKey

public static javax.crypto.SecretKey getPBESecretKey(java.lang.String material)
                                              throws java.security.NoSuchAlgorithmException,
                                                     java.security.spec.InvalidKeySpecException

A method for generating a secret key from the given key material. This method can only be used for password based encryption and is not recommended for asymmetric encryption.

Parameters:

material - String The key material from which the key is to be constructed.

Returns:

SecretKey

Throws:

java.security.NoSuchAlgorithmException - The system configuration is false and the requested encryption algorithm is not available.

java.security.spec.InvalidKeySpecException - Creating a key specification from the given material failed due to, e.g., invalid key material.

PBEEncode

public static java.lang.String PBEEncode(java.lang.String text,
                                         javax.crypto.SecretKey sKey)
                                  throws java.security.NoSuchAlgorithmException,
                                         javax.crypto.NoSuchPaddingException,
                                         java.security.InvalidKeyException,
                                         java.security.InvalidAlgorithmParameterException,
                                         javax.crypto.IllegalBlockSizeException,
                                         javax.crypto.BadPaddingException

A method for performing password based encryption using a PBE key. For symmetric encryption the methods Encode and Decode should be favoured.

Parameters:

text - String The string that is to be encoded.

sKey - SecretKey The secret key for

Returns:

String Returns the encoded string (cipher text).

Throws:

java.security.NoSuchAlgorithmException - The operating systems does not have the proper JCE installed.

javax.crypto.NoSuchPaddingException - The padding defined for the cipher algorithm is invalid.

java.security.InvalidKeyException - The secret key is invalid, i.e., it is of wrong type.

java.security.InvalidAlgorithmParameterException - The parameters speficied for the algorithm are faulty.

javax.crypto.IllegalBlockSizeException - The block size used with the algorithm is invalid.

javax.crypto.BadPaddingException - The padding of the cipher resulted in an invalid String.

PBEDecode

public static java.lang.String PBEDecode(java.lang.String cipherText,
                                         javax.crypto.SecretKey sKey)
                                  throws java.security.NoSuchAlgorithmException,
                                         javax.crypto.NoSuchPaddingException,
                                         java.security.InvalidKeyException,
                                         java.security.InvalidAlgorithmParameterException,
                                         javax.crypto.IllegalBlockSizeException,
                                         javax.crypto.BadPaddingException

A method for performing password based decryption using a PBE key. For symmetric encryption the methods Encode and Decode should be favoured.

Parameters:

cipherText - String The string that is to be decoded.

sKey - SecretKey The secret key for

Returns:

String Returns the encoded string (cipher text).

Throws:

java.security.NoSuchAlgorithmException - The operating systems does not have the proper JCE installed.

javax.crypto.NoSuchPaddingException - The padding defined for the cipher algorithm is invalid.

java.security.InvalidKeyException - The secret key is invalid, i.e., it is of wrong type.

java.security.InvalidAlgorithmParameterException - The parameters speficied for the algorithm are faulty.

javax.crypto.IllegalBlockSizeException - The block size used with the algorithm is invalid.

javax.crypto.BadPaddingException - The padding of the cipher resulted in an invalid String.

MD5Digest

public static java.lang.String MD5Digest(java.lang.String text)
                                  throws java.security.NoSuchAlgorithmException

A method for generating a MD5 digest for a given string.

Parameters:

text - String The String to be hashed.

Returns:

String The digested String.

Throws:

java.security.NoSuchAlgorithmException - The installed Java SDK does not support the MD5 algorithm for some reason. Most probably this means that the SDK does not have a cryptographic extension installed to it.

SHADigest

public static java.lang.String SHADigest(java.lang.String text)
                                  throws java.security.NoSuchAlgorithmException

A method for generating a SHA digest for a given string.

Parameters:

text - String The String to be hashed.

Returns:

String The digested String.

Throws:

java.security.NoSuchAlgorithmException - The installed Java SDK does not support the SHA-1 algorithm for some reason. Most probably this means that the SDK does not have a cryptographic extension installed to it.

Encrypt

public java.lang.String Encrypt(java.lang.String text)
                         throws java.security.InvalidKeyException,
                                javax.crypto.BadPaddingException,
                                javax.crypto.IllegalBlockSizeException,
                                java.security.InvalidAlgorithmParameterException,
                                java.io.UnsupportedEncodingException

A method for encoding a given String using symmetric encryption. The random key generated in the constructor is used as the key.

Parameters:

text - String The String to be encoded.

Returns:

String Returns the encrypted string.

Throws:

java.security.InvalidKeyException - The key generated in the constructor is corrupted and encryption is impossible.

javax.crypto.BadPaddingException - The padding of the Block is erroneous. Either this results from a system failure or the String is corrupted.

javax.crypto.IllegalBlockSizeException - The defined block size to be used with the algorithm is invalid.

java.security.InvalidAlgorithmParameterException - The parameters of the algorithm are invalud. Either the byte values have invalid entries or something was wrong in the initialization of the algorithm.

java.io.UnsupportedEncodingException - The character-encoding described in the encoding parameter is invalid.

Decrypt

public java.lang.String Decrypt(java.lang.String text)
                         throws java.security.InvalidKeyException,
                                javax.crypto.BadPaddingException,
                                javax.crypto.IllegalBlockSizeException,
                                java.security.InvalidAlgorithmParameterException,
                                java.io.UnsupportedEncodingException,
                                java.io.IOException

Decrypts a given String using the key value generated in the constuctor call.

Parameters:

text - String The cipher text.

Returns:

String Returns the decrypted String.

Throws:

java.security.InvalidKeyException - The key generated in the constructor is corrupted and encryption is impossible.

javax.crypto.BadPaddingException - The padding of the Block is erroneous. Either this results from a system failure or the String is corrupted.

javax.crypto.IllegalBlockSizeException - The defined block size to be used with the algorithm is invalid.

java.security.InvalidAlgorithmParameterException - The parameters of the algorithm are invalud. Either the byte values have invalid entries or something was wrong in the initialization of the algorithm.

java.io.UnsupportedEncodingException - The character-encoding described in the encoding parameter is invalid.

java.io.IOException - Failure when reading the stream buffer (Cipher).

createArrays

private void createArrays()

A method that initializes the byte[] arrays used for encryption.