org.jets3t.service.security

Class EncryptionUtil

java.lang.Object

org.jets3t.service.security.EncryptionUtil

public class EncryptionUtil
extends java.lang.Object

Utility class to handle encryption and decryption in the JetS3t suite.

This class uses properties obtained through Jets3tProperties. For more information on these properties please refer to JetS3t Configuration

Field Summary

Fields

Modifier and Type	Field and Description
static java.lang.String	DEFAULT_ALGORITHM
static java.lang.String	DEFAULT_VERSION

Constructor Summary

Constructors

Constructor and Description
EncryptionUtil(java.lang.String encryptionKey) Constructs class configured with the provided password, and set up to use the default encryption algorithm PBEWithMD5AndDES.
EncryptionUtil(java.lang.String encryptionKey, java.lang.String algorithm, java.lang.String version) Constructs class configured with the provided password, and set up to use the encryption method specified.

Method Summary

Modifier and Type	Method and Description
static byte[]	convertRsaPemToDer(java.io.InputStream is) Convert a PEM encoded RSA certificate file into a DER format byte array.
byte[]	decrypt(byte[] data) Decrypts byte data to bytes.
byte[]	decrypt(byte[] data, int startIndex, int endIndex) Decrypts a byte data range to bytes.
javax.crypto.CipherInputStream	decrypt(java.io.InputStream is) Wraps an input stream in an decrypting cipher stream.
javax.crypto.CipherOutputStream	decrypt(java.io.OutputStream os) Wraps an output stream in a decrypting cipher stream.
java.lang.String	decryptString(byte[] data) Decrypts byte data to a UTF-8 string.
java.lang.String	decryptString(byte[] data, int startIndex, int endIndex) Decrypts a UTF-8 string.
byte[]	encrypt(byte[] data) Encrypts byte data to bytes.
javax.crypto.CipherInputStream	encrypt(java.io.InputStream is) Wraps an input stream in an encrypting cipher stream.
javax.crypto.CipherOutputStream	encrypt(java.io.OutputStream os) Wraps an output stream in an encrypting cipher stream.
byte[]	encrypt(java.lang.String data) Encrypts a UTF-8 string to byte data.
java.lang.String	getAlgorithm()
long	getEncryptedOutputSize(long inputSize) Returns an estimate of the number of bytes that will result when data of the given length is encrypted.
protected javax.crypto.Cipher	initDecryptModeCipher()
protected javax.crypto.Cipher	initEncryptModeCipher()
static boolean	isCipherAvailableForUse(java.lang.String cipher) Returns true if the given cipher is available and can be used by this encryption utility.
static java.lang.String[]	listAvailablePbeCiphers(boolean testAvailability) Lists the PBE ciphers available on the system, optionally eliminating those ciphers that are apparently available but cannot actually be used (perhaps due to the lack of export-grade JCE settings).
static java.security.Provider[]	listAvailableProviders()
static void	main(java.lang.String[] args)
static byte[]	signWithRsaSha1(byte[] derPrivateKeyBytes, byte[] dataToSign) Generate an RSA SHA1 signature of the given data using the given private key DER certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

DEFAULT_VERSION

public static final java.lang.String DEFAULT_VERSION

See Also:

Constant Field Values

DEFAULT_ALGORITHM

public static final java.lang.String DEFAULT_ALGORITHM

See Also:

Constant Field Values

Constructor Detail

EncryptionUtil

public EncryptionUtil(java.lang.String encryptionKey,
                      java.lang.String algorithm,
                      java.lang.String version)
               throws java.security.InvalidKeyException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.NoSuchPaddingException,
                      java.security.spec.InvalidKeySpecException

Constructs class configured with the provided password, and set up to use the encryption method specified.

Parameters:

encryptionKey - the password to use for encryption/decryption.

algorithm - the Java name of an encryption algorithm to use, eg PBEWithMD5AndDES

version - the version of encyption to use, for historic and future compatibility. Unless using an historic version, this should always be DEFAULT_VERSION

Throws:

java.security.InvalidKeyException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

java.security.spec.InvalidKeySpecException

EncryptionUtil

public EncryptionUtil(java.lang.String encryptionKey)
               throws java.security.InvalidKeyException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.NoSuchPaddingException,
                      java.security.spec.InvalidKeySpecException

Constructs class configured with the provided password, and set up to use the default encryption algorithm PBEWithMD5AndDES.

Parameters:

encryptionKey - the password to use for encryption/decryption.

Throws:

java.security.InvalidKeyException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

java.security.spec.InvalidKeySpecException

Method Detail

initEncryptModeCipher

protected javax.crypto.Cipher initEncryptModeCipher()
                                             throws java.security.NoSuchAlgorithmException,
                                                    javax.crypto.NoSuchPaddingException,
                                                    java.security.InvalidKeyException,
                                                    java.security.InvalidAlgorithmParameterException

Throws:

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

initDecryptModeCipher

protected javax.crypto.Cipher initDecryptModeCipher()
                                             throws java.security.NoSuchAlgorithmException,
                                                    javax.crypto.NoSuchPaddingException,
                                                    java.security.InvalidKeyException,
                                                    java.security.InvalidAlgorithmParameterException

Throws:

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

encrypt

public byte[] encrypt(java.lang.String data)
               throws java.lang.IllegalStateException,
                      javax.crypto.IllegalBlockSizeException,
                      javax.crypto.BadPaddingException,
                      java.io.UnsupportedEncodingException,
                      java.security.spec.InvalidKeySpecException,
                      java.security.InvalidKeyException,
                      java.security.InvalidAlgorithmParameterException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.NoSuchPaddingException

Encrypts a UTF-8 string to byte data.

Parameters:

data - data to encrypt.

Returns:

encrypted data.

Throws:

java.lang.IllegalStateException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.io.UnsupportedEncodingException

java.security.spec.InvalidKeySpecException

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

decryptString

public java.lang.String decryptString(byte[] data)
                               throws java.security.InvalidKeyException,
                                      java.security.InvalidAlgorithmParameterException,
                                      java.io.UnsupportedEncodingException,
                                      java.lang.IllegalStateException,
                                      javax.crypto.IllegalBlockSizeException,
                                      javax.crypto.BadPaddingException,
                                      java.security.NoSuchAlgorithmException,
                                      javax.crypto.NoSuchPaddingException

Decrypts byte data to a UTF-8 string.

Parameters:

data - data to decrypt.

Returns:

UTF-8 string of decrypted data.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.io.UnsupportedEncodingException

java.lang.IllegalStateException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

decryptString

public java.lang.String decryptString(byte[] data,
                                      int startIndex,
                                      int endIndex)
                               throws java.security.InvalidKeyException,
                                      java.security.InvalidAlgorithmParameterException,
                                      java.io.UnsupportedEncodingException,
                                      java.lang.IllegalStateException,
                                      javax.crypto.IllegalBlockSizeException,
                                      javax.crypto.BadPaddingException,
                                      java.security.NoSuchAlgorithmException,
                                      javax.crypto.NoSuchPaddingException

Decrypts a UTF-8 string.

Parameters:

data - data to decrypt.

startIndex - start index of data to decrypt.

endIndex - end index of data to decrypt.

Returns:

UTF-8 string of decrypted data.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.io.UnsupportedEncodingException

java.lang.IllegalStateException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

encrypt

public byte[] encrypt(byte[] data)
               throws java.lang.IllegalStateException,
                      javax.crypto.IllegalBlockSizeException,
                      javax.crypto.BadPaddingException,
                      java.security.InvalidKeyException,
                      java.security.InvalidAlgorithmParameterException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.NoSuchPaddingException

Encrypts byte data to bytes.

Parameters:

data - data to encrypt.

Returns:

encrypted data.

Throws:

java.lang.IllegalStateException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

decrypt

public byte[] decrypt(byte[] data)
               throws java.security.InvalidKeyException,
                      java.security.InvalidAlgorithmParameterException,
                      java.lang.IllegalStateException,
                      javax.crypto.IllegalBlockSizeException,
                      javax.crypto.BadPaddingException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.NoSuchPaddingException

Decrypts byte data to bytes.

Parameters:

data - data to decrypt

Returns:

decrypted data.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.lang.IllegalStateException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

decrypt

public byte[] decrypt(byte[] data,
                      int startIndex,
                      int endIndex)
               throws java.security.InvalidKeyException,
                      java.security.InvalidAlgorithmParameterException,
                      java.lang.IllegalStateException,
                      javax.crypto.IllegalBlockSizeException,
                      javax.crypto.BadPaddingException,
                      java.security.NoSuchAlgorithmException,
                      javax.crypto.NoSuchPaddingException

Decrypts a byte data range to bytes.

Parameters:

data -

startIndex -

endIndex -

Returns:

decrypted data.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.lang.IllegalStateException

javax.crypto.IllegalBlockSizeException

javax.crypto.BadPaddingException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

encrypt

public javax.crypto.CipherInputStream encrypt(java.io.InputStream is)
                                       throws java.security.InvalidKeyException,
                                              java.security.InvalidAlgorithmParameterException,
                                              java.security.NoSuchAlgorithmException,
                                              javax.crypto.NoSuchPaddingException

Wraps an input stream in an encrypting cipher stream.

Parameters:

is -

Returns:

encrypting cipher input stream.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

decrypt

public javax.crypto.CipherInputStream decrypt(java.io.InputStream is)
                                       throws java.security.InvalidKeyException,
                                              java.security.InvalidAlgorithmParameterException,
                                              java.security.NoSuchAlgorithmException,
                                              javax.crypto.NoSuchPaddingException

Wraps an input stream in an decrypting cipher stream.

Parameters:

is -

Returns:

decrypting cipher input stream.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

encrypt

public javax.crypto.CipherOutputStream encrypt(java.io.OutputStream os)
                                        throws java.security.InvalidKeyException,
                                               java.security.InvalidAlgorithmParameterException,
                                               java.security.NoSuchAlgorithmException,
                                               javax.crypto.NoSuchPaddingException

Wraps an output stream in an encrypting cipher stream.

Parameters:

os -

Returns:

encrypting cipher output stream.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

decrypt

public javax.crypto.CipherOutputStream decrypt(java.io.OutputStream os)
                                        throws java.security.InvalidKeyException,
                                               java.security.InvalidAlgorithmParameterException,
                                               java.security.NoSuchAlgorithmException,
                                               javax.crypto.NoSuchPaddingException

Wraps an output stream in a decrypting cipher stream.

Parameters:

os -

Returns:

decrypting cipher output stream.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

getEncryptedOutputSize

public long getEncryptedOutputSize(long inputSize)
                            throws java.security.InvalidKeyException,
                                   java.security.InvalidAlgorithmParameterException,
                                   java.security.NoSuchAlgorithmException,
                                   javax.crypto.NoSuchPaddingException

Returns an estimate of the number of bytes that will result when data of the given length is encrypted. The accuracy of this estimate may depend on the cipher you are using, so be wary of trusting this estimate without supporting evidence.

Parameters:

inputSize - The number of bytes you intend to encrypt.

Returns:

an estimate of the number of bytes that will be generated by the encryption cipher for the given number of bytes of input.

Throws:

java.security.InvalidKeyException

java.security.InvalidAlgorithmParameterException

java.security.NoSuchAlgorithmException

javax.crypto.NoSuchPaddingException

getAlgorithm

public java.lang.String getAlgorithm()

Returns:

the Java name of the cipher algorithm being used by this class.

isCipherAvailableForUse

public static boolean isCipherAvailableForUse(java.lang.String cipher)

Returns true if the given cipher is available and can be used by this encryption utility. To determine whether the cipher can actually be used a test string is encrypted using the cipher.

Parameters:

cipher -

Returns:

true if the cipher is available and can be used, false otherwise.

listAvailablePbeCiphers

public static java.lang.String[] listAvailablePbeCiphers(boolean testAvailability)

Lists the PBE ciphers available on the system, optionally eliminating those ciphers that are apparently available but cannot actually be used (perhaps due to the lack of export-grade JCE settings).

Parameters:

testAvailability - if true each apparently available cipher is tested and only those that pass isCipherAvailableForUse(String) are returned.

Returns:

a list of all the available PBE cipher names on the system.

listAvailableProviders

public static java.security.Provider[] listAvailableProviders()

signWithRsaSha1

public static byte[] signWithRsaSha1(byte[] derPrivateKeyBytes,
                                     byte[] dataToSign)
                              throws java.security.NoSuchAlgorithmException,
                                     java.security.InvalidKeyException,
                                     java.security.SignatureException,
                                     java.security.spec.InvalidKeySpecException,
                                     java.security.NoSuchProviderException

Generate an RSA SHA1 signature of the given data using the given private key DER certificate. Based on example code from: http://www.java2s.com/Tutorial/Java/0490__Security/RSASignatureGeneration.htm http://forums.sun.com/thread.jspa?threadID=5175986

Throws:

java.security.NoSuchAlgorithmException

java.security.InvalidKeyException

java.security.SignatureException

java.security.spec.InvalidKeySpecException

java.security.NoSuchProviderException

convertRsaPemToDer

public static byte[] convertRsaPemToDer(java.io.InputStream is)
                                 throws java.io.IOException

Convert a PEM encoded RSA certificate file into a DER format byte array.

Parameters:

is - Input stream for PEM encoded RSA certificate data.

Returns:

The RSA certificate data in DER format.

Throws:

java.io.IOException

main

public static void main(java.lang.String[] args)
                 throws java.lang.Exception

Throws:

java.lang.Exception