org.jets3t.service.security
Class EncryptionUtil

java.lang.Object
  extended by org.jets3t.service.security.EncryptionUtil

public class EncryptionUtil
extends Object

Utility class to handle encryption and decryption in the JetS3t suite.

This class uses properties obtained through Jets3tProperties. For more information on these properties please refer to JetS3t Configuration

Author:
James Murty

Field Summary
static String DEFAULT_ALGORITHM
           
static String DEFAULT_VERSION
           
 
Constructor Summary
EncryptionUtil(String encryptionKey)
          Constructs class configured with the provided password, and set up to use the default encryption algorithm PBEWithMD5AndDES.
EncryptionUtil(String encryptionKey, String algorithm, String version)
          Constructs class configured with the provided password, and set up to use the encryption method specified.
 
Method Summary
static byte[] convertRsaPemToDer(InputStream is)
          Convert a PEM encoded RSA certificate file into a DER format byte array.
 byte[] decrypt(byte[] data)
          Decrypts byte data to bytes.
 byte[] decrypt(byte[] data, int startIndex, int endIndex)
          Decrypts a byte data range to bytes.
 CipherInputStream decrypt(InputStream is)
          Wraps an input stream in an decrypting cipher stream.
 CipherOutputStream decrypt(OutputStream os)
          Wraps an output stream in a decrypting cipher stream.
 String decryptString(byte[] data)
          Decrypts byte data to a UTF-8 string.
 String decryptString(byte[] data, int startIndex, int endIndex)
          Decrypts a UTF-8 string.
 byte[] encrypt(byte[] data)
          Encrypts byte data to bytes.
 CipherInputStream encrypt(InputStream is)
          Wraps an input stream in an encrypting cipher stream.
 CipherOutputStream encrypt(OutputStream os)
          Wraps an output stream in an encrypting cipher stream.
 byte[] encrypt(String data)
          Encrypts a UTF-8 string to byte data.
 String getAlgorithm()
           
 long getEncryptedOutputSize(long inputSize)
          Returns an estimate of the number of bytes that will result when data of the given length is encrypted.
static boolean isCipherAvailableForUse(String cipher)
          Returns true if the given cipher is available and can be used by this encryption utility.
static String[] listAvailablePbeCiphers(boolean testAvailability)
          Lists the PBE ciphers available on the system, optionally eliminating those ciphers that are apparently available but cannot actually be used (perhaps due to the lack of export-grade JCE settings).
static Provider[] listAvailableProviders()
           
static void main(String[] args)
           
static byte[] signWithRsaSha1(byte[] derPrivateKeyBytes, byte[] dataToSign)
          Generate an RSA SHA1 signature of the given data using the given private key DER certificate.
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

DEFAULT_VERSION

public static final String DEFAULT_VERSION
See Also:
Constant Field Values

DEFAULT_ALGORITHM

public static final String DEFAULT_ALGORITHM
See Also:
Constant Field Values
Constructor Detail

EncryptionUtil

public EncryptionUtil(String encryptionKey,
                      String algorithm,
                      String version)
               throws InvalidKeyException,
                      NoSuchAlgorithmException,
                      NoSuchPaddingException,
                      InvalidKeySpecException
Constructs class configured with the provided password, and set up to use the encryption method specified.

Parameters:
encryptionKey - the password to use for encryption/decryption.
algorithm - the Java name of an encryption algorithm to use, eg PBEWithMD5AndDES
version - the version of encyption to use, for historic and future compatibility. Unless using an historic version, this should always be DEFAULT_VERSION
Throws:
InvalidKeyException
NoSuchAlgorithmException
NoSuchPaddingException
InvalidKeySpecException

EncryptionUtil

public EncryptionUtil(String encryptionKey)
               throws InvalidKeyException,
                      NoSuchAlgorithmException,
                      NoSuchPaddingException,
                      InvalidKeySpecException
Constructs class configured with the provided password, and set up to use the default encryption algorithm PBEWithMD5AndDES.

Parameters:
encryptionKey - the password to use for encryption/decryption.
Throws:
InvalidKeyException
NoSuchAlgorithmException
NoSuchPaddingException
InvalidKeySpecException
Method Detail

encrypt

public byte[] encrypt(String data)
               throws IllegalStateException,
                      IllegalBlockSizeException,
                      BadPaddingException,
                      UnsupportedEncodingException,
                      InvalidKeySpecException,
                      InvalidKeyException,
                      InvalidAlgorithmParameterException,
                      NoSuchAlgorithmException,
                      NoSuchPaddingException
Encrypts a UTF-8 string to byte data.

Parameters:
data - data to encrypt.
Returns:
encrypted data.
Throws:
IllegalStateException
IllegalBlockSizeException
BadPaddingException
UnsupportedEncodingException
InvalidKeySpecException
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

decryptString

public String decryptString(byte[] data)
                     throws InvalidKeyException,
                            InvalidAlgorithmParameterException,
                            UnsupportedEncodingException,
                            IllegalStateException,
                            IllegalBlockSizeException,
                            BadPaddingException,
                            NoSuchAlgorithmException,
                            NoSuchPaddingException
Decrypts byte data to a UTF-8 string.

Parameters:
data - data to decrypt.
Returns:
UTF-8 string of decrypted data.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
UnsupportedEncodingException
IllegalStateException
IllegalBlockSizeException
BadPaddingException
NoSuchAlgorithmException
NoSuchPaddingException

decryptString

public String decryptString(byte[] data,
                            int startIndex,
                            int endIndex)
                     throws InvalidKeyException,
                            InvalidAlgorithmParameterException,
                            UnsupportedEncodingException,
                            IllegalStateException,
                            IllegalBlockSizeException,
                            BadPaddingException,
                            NoSuchAlgorithmException,
                            NoSuchPaddingException
Decrypts a UTF-8 string.

Parameters:
data - data to decrypt.
startIndex - start index of data to decrypt.
endIndex - end index of data to decrypt.
Returns:
UTF-8 string of decrypted data.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
UnsupportedEncodingException
IllegalStateException
IllegalBlockSizeException
BadPaddingException
NoSuchAlgorithmException
NoSuchPaddingException

encrypt

public byte[] encrypt(byte[] data)
               throws IllegalStateException,
                      IllegalBlockSizeException,
                      BadPaddingException,
                      InvalidKeyException,
                      InvalidAlgorithmParameterException,
                      NoSuchAlgorithmException,
                      NoSuchPaddingException
Encrypts byte data to bytes.

Parameters:
data - data to encrypt.
Returns:
encrypted data.
Throws:
IllegalStateException
IllegalBlockSizeException
BadPaddingException
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

decrypt

public byte[] decrypt(byte[] data)
               throws InvalidKeyException,
                      InvalidAlgorithmParameterException,
                      IllegalStateException,
                      IllegalBlockSizeException,
                      BadPaddingException,
                      NoSuchAlgorithmException,
                      NoSuchPaddingException
Decrypts byte data to bytes.

Parameters:
data - data to decrypt
Returns:
decrypted data.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
IllegalStateException
IllegalBlockSizeException
BadPaddingException
NoSuchAlgorithmException
NoSuchPaddingException

decrypt

public byte[] decrypt(byte[] data,
                      int startIndex,
                      int endIndex)
               throws InvalidKeyException,
                      InvalidAlgorithmParameterException,
                      IllegalStateException,
                      IllegalBlockSizeException,
                      BadPaddingException,
                      NoSuchAlgorithmException,
                      NoSuchPaddingException
Decrypts a byte data range to bytes.

Parameters:
data -
startIndex -
endIndex -
Returns:
decrypted data.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
IllegalStateException
IllegalBlockSizeException
BadPaddingException
NoSuchAlgorithmException
NoSuchPaddingException

encrypt

public CipherInputStream encrypt(InputStream is)
                          throws InvalidKeyException,
                                 InvalidAlgorithmParameterException,
                                 NoSuchAlgorithmException,
                                 NoSuchPaddingException
Wraps an input stream in an encrypting cipher stream.

Parameters:
is -
Returns:
encrypting cipher input stream.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

decrypt

public CipherInputStream decrypt(InputStream is)
                          throws InvalidKeyException,
                                 InvalidAlgorithmParameterException,
                                 NoSuchAlgorithmException,
                                 NoSuchPaddingException
Wraps an input stream in an decrypting cipher stream.

Parameters:
is -
Returns:
decrypting cipher input stream.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

encrypt

public CipherOutputStream encrypt(OutputStream os)
                           throws InvalidKeyException,
                                  InvalidAlgorithmParameterException,
                                  NoSuchAlgorithmException,
                                  NoSuchPaddingException
Wraps an output stream in an encrypting cipher stream.

Parameters:
os -
Returns:
encrypting cipher output stream.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

decrypt

public CipherOutputStream decrypt(OutputStream os)
                           throws InvalidKeyException,
                                  InvalidAlgorithmParameterException,
                                  NoSuchAlgorithmException,
                                  NoSuchPaddingException
Wraps an output stream in a decrypting cipher stream.

Parameters:
os -
Returns:
decrypting cipher output stream.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

getEncryptedOutputSize

public long getEncryptedOutputSize(long inputSize)
                            throws InvalidKeyException,
                                   InvalidAlgorithmParameterException,
                                   NoSuchAlgorithmException,
                                   NoSuchPaddingException
Returns an estimate of the number of bytes that will result when data of the given length is encrypted. The accuracy of this estimate may depend on the cipher you are using, so be wary of trusting this estimate without supporting evidence.

Parameters:
inputSize - The number of bytes you intend to encrypt.
Returns:
an estimate of the number of bytes that will be generated by the encryption cipher for the given number of bytes of input.
Throws:
InvalidKeyException
InvalidAlgorithmParameterException
NoSuchAlgorithmException
NoSuchPaddingException

getAlgorithm

public String getAlgorithm()
Returns:
the Java name of the cipher algorithm being used by this class.

isCipherAvailableForUse

public static boolean isCipherAvailableForUse(String cipher)
Returns true if the given cipher is available and can be used by this encryption utility. To determine whether the cipher can actually be used a test string is encrypted using the cipher.

Parameters:
cipher -
Returns:
true if the cipher is available and can be used, false otherwise.

listAvailablePbeCiphers

public static String[] listAvailablePbeCiphers(boolean testAvailability)
Lists the PBE ciphers available on the system, optionally eliminating those ciphers that are apparently available but cannot actually be used (perhaps due to the lack of export-grade JCE settings).

Parameters:
testAvailability - if true each apparently available cipher is tested and only those that pass isCipherAvailableForUse(String) are returned.
Returns:
a list of all the available PBE cipher names on the system.

listAvailableProviders

public static Provider[] listAvailableProviders()

signWithRsaSha1

public static byte[] signWithRsaSha1(byte[] derPrivateKeyBytes,
                                     byte[] dataToSign)
                              throws NoSuchAlgorithmException,
                                     InvalidKeyException,
                                     SignatureException,
                                     InvalidKeySpecException,
                                     NoSuchProviderException
Generate an RSA SHA1 signature of the given data using the given private key DER certificate. Based on example code from: http://www.java2s.com/Tutorial/Java/0490__Security/RSASignatureGeneration.htm http://forums.sun.com/thread.jspa?threadID=5175986

Throws:
NoSuchAlgorithmException
InvalidKeyException
SignatureException
InvalidKeySpecException
NoSuchProviderException

convertRsaPemToDer

public static byte[] convertRsaPemToDer(InputStream is)
                                 throws IOException
Convert a PEM encoded RSA certificate file into a DER format byte array.

Parameters:
is - Input stream for PEM encoded RSA certificate data.
Returns:
The RSA certificate data in DER format.
Throws:
IOException

main

public static void main(String[] args)
                 throws Exception
Throws:
Exception