Cumulus4j API
(1.1.0)

org.cumulus4j.store.crypto.keymanager
Class KeyManagerCryptoSession

java.lang.Object
  extended by org.cumulus4j.store.crypto.AbstractCryptoSession
      extended by org.cumulus4j.store.crypto.keymanager.KeyManagerCryptoSession
All Implemented Interfaces:
CryptoSession

public class KeyManagerCryptoSession
extends AbstractCryptoSession

Implementation of CryptoSession working with a key-manager as shown in Deployment scenarios.

Author:
Marco หงุ่ยตระกูล-Schulze - marco at nightlabs dot de

Field Summary
 
Fields inherited from interface org.cumulus4j.store.crypto.CryptoSession
PROPERTY_CRYPTO_SESSION_ID
 
Constructor Summary
KeyManagerCryptoSession()
           
 
Method Summary
 void close()
          Close the session.
 Plaintext decrypt(CryptoContext cryptoContext, Ciphertext ciphertext)
           Decrypt the given ciphertext.
 Ciphertext encrypt(CryptoContext cryptoContext, Plaintext plaintext)
           Encrypt the given plaintext.
 
Methods inherited from class org.cumulus4j.store.crypto.AbstractCryptoSession
assertNotClosed, getCreationTimestamp, getCryptoManager, getCryptoSessionID, getKeyStoreID, getLastUsageTimestamp, isClosed, setCryptoManager, setCryptoSessionID, updateLastUsageTimestamp
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

KeyManagerCryptoSession

public KeyManagerCryptoSession()
Method Detail

encrypt

public Ciphertext encrypt(CryptoContext cryptoContext,
                          Plaintext plaintext)

Encrypt the given plaintext.

This method is thread-safe. Thus, implementors should keep in mind that Cipher is not thread-safe!

The implementation in KeyManagerCryptoSession stores every plaintext encoded in the following form:

BytesDescription
1Version number
2EncryptionCoordinateSet.getEncryptionCoordinateSetID() (only 2 bytes, thus limiting to 65K possible values)
1ivLen: Length of the IV in bytes
ivLenActual IV (random initialisation vector).
1macKeyLen: MAC's key length in bytes
1macIVLen: MAC's IV length in bytes
1macLen: Actual MAC's length in bytes
ENCRYPTED
BytesDescription
macKeyLenMAC's key (random)
macIVLenMAC's IV (random)
all until MACActual data
macLenActual MAC

Parameters:
cryptoContext - context used to encrypt or decrypt data.
plaintext - the unencrypted information (aka plaintext) to be encrypted.
Returns:
the encrypted information (aka ciphertext).

decrypt

public Plaintext decrypt(CryptoContext cryptoContext,
                         Ciphertext ciphertext)
Description copied from interface: CryptoSession

Decrypt the given ciphertext.

This method is thread-safe. Thus, implementors should keep in mind that Cipher is not thread-safe!

Parameters:
cryptoContext - context used to encrypt or decrypt data.
ciphertext - the encrypted information (aka ciphertext) to be decrypted.
Returns:
the unencrypted information (aka plaintext).

close

public void close()
Description copied from class: AbstractCryptoSession

Close the session.

After closing, the CryptoSession cannot be used for encryption/decryption anymore, i.e. CryptoSession.encrypt(CryptoContext, Plaintext) and CryptoSession.decrypt(CryptoContext, Ciphertext) very likely throw an exception. The other methods might still work.

This method can be called multiple times - every following call will be silently ignored.

When overriding this method, you should first call super.close(); and then perform your own closing operations.

Specified by:
close in interface CryptoSession
Overrides:
close in class AbstractCryptoSession

Cumulus4j API
(1.1.0)

Copyright © 2013 NightLabs Consulting GmbH. All Rights Reserved.