Public Member Functions | |
ContentKeys (ContentKeys other) | |
void | requireDefaultAlgorithm () |
Put this here temporarily. | |
String | getBaseAlgorithm () |
Cipher | getCipher () |
Create a cipher for the encryption algorithm used by this ContentKeys. | |
Cipher | getSegmentEncryptionCipher (ContentName contentName, PublisherPublicKeyDigest publisher, long segmentNumber) throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
Make an encrypting or decrypting Cipher to be used in making a CipherStream to wrap CCN data. | |
Cipher | getSegmentDecryptionCipher (ContentName contentName, PublisherPublicKeyDigest publisher, long segmentNumber) throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
Create a decryption cipher for the specified segment. | |
abstract ContentKeys | clone () |
Key | getMasterKey () |
byte[] | getMasterIVCtr () |
Static Public Member Functions | |
static byte[] | segmentNumberToByteArray (long segmentNumber) |
Converts a segment number to a byte array representation (big-endian). | |
Static Public Attributes | |
static final String | DEFAULT_KEY_ALGORITHM = CryptoConstants.AES_ALGORITHM |
static final String | DEFAULT_CIPHER_ALGORITHM = CryptoConstants.AES_CTR_MODE |
static final int | DEFAULT_KEY_LENGTH = 16 |
Protected Member Functions | |
ContentKeys (String encryptionAlgorithm, byte[] masterEncryptionKey, byte[] masterIVCtr) throws NoSuchAlgorithmException, NoSuchPaddingException | |
ContentKeys (String encryptionAlgorithm, Key masterEncryptionKey, byte[] masterIVCtr) throws NoSuchAlgorithmException, NoSuchPaddingException | |
String | getEncryptionAlgorithm () |
Get the full algorithm specification, including mode and padding. | |
String | getKeyAlgorithm () |
Get the simple algorithm specification for the algorithm used by the key (e.g. | |
abstract Cipher | getSegmentCipher (ContentName contentName, PublisherPublicKeyDigest publisher, long segmentNumber, boolean encryption) throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
Generate a segment encryption or decryption cipher using these ContentKeys to encrypt or decrypt a particular segment. | |
synchronized boolean | hasCachedKeyInformation (ContentInfo contentInfo) |
Helper methods to let subclasses cache derived key information that might be expensive to re-derive. | |
synchronized void | addCachedKeyInformation (ContentInfo contentInfo, KeyAndIV keyAndIV) |
synchronized KeyAndIV | getCachedKeyInformation (ContentInfo contentInfo) |
Static Protected Member Functions | |
static synchronized SecureRandom | getRandom () |
Protected Attributes | |
String | _encryptionAlgorithm |
KeyAndIV | _masterKeyAndIVCtr |
HashMap< ContentInfo, KeyAndIV > | _keyCache |
Not used in this class, but available to subclasses. | |
Classes | |
class | ContentInfo |
class | KeyAndIV |
It is used to carry the state necessary to perform symmetric encryption of content. To do so, it requires a function that maps from a key set to the keying data to be used to encrypt/decrypt a specific block of content (see getSegmentEncryptionCipher and getSegmentDecryptionCipher), which may, either use this key material directly or use a key derivation function to obtain subkeys specific to each segment.
String org.ccnx.ccn.impl.security.crypto.ContentKeys.getEncryptionAlgorithm | ( | ) | [protected] |
Get the full algorithm specification, including mode and padding.
String org.ccnx.ccn.impl.security.crypto.ContentKeys.getKeyAlgorithm | ( | ) | [protected] |
Get the simple algorithm specification for the algorithm used by the key (e.g.
"AES").
void org.ccnx.ccn.impl.security.crypto.ContentKeys.requireDefaultAlgorithm | ( | ) |
Put this here temporarily.
It will disappear as soon as we get the rest of the CBC code in place. Test if this is using the default encryption algorithm. A number of users of ContentKeys only support using the default algorithm, and use this to verify.
UnsupportedOperationException | if the algorithm for this object is not the default. |
String org.ccnx.ccn.impl.security.crypto.ContentKeys.getBaseAlgorithm | ( | ) |
Cipher org.ccnx.ccn.impl.security.crypto.ContentKeys.getCipher | ( | ) |
Cipher org.ccnx.ccn.impl.security.crypto.ContentKeys.getSegmentEncryptionCipher | ( | ContentName | contentName, | |
PublisherPublicKeyDigest | publisher, | |||
long | segmentNumber | |||
) | throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
Make an encrypting or decrypting Cipher to be used in making a CipherStream to wrap CCN data.
ContentEncodingException |
Cipher org.ccnx.ccn.impl.security.crypto.ContentKeys.getSegmentDecryptionCipher | ( | ContentName | contentName, | |
PublisherPublicKeyDigest | publisher, | |||
long | segmentNumber | |||
) | throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
Create a decryption cipher for the specified segment.
segmentNumber | the segment to decrypt |
InvalidKeyException | ||
InvalidAlgorithmParameterException | ||
ContentEncodingException |
abstract Cipher org.ccnx.ccn.impl.security.crypto.ContentKeys.getSegmentCipher | ( | ContentName | contentName, | |
PublisherPublicKeyDigest | publisher, | |||
long | segmentNumber, | |||
boolean | encryption | |||
) | throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException [protected, pure virtual] |
Generate a segment encryption or decryption cipher using these ContentKeys to encrypt or decrypt a particular segment.
segmentNumber | segment to encrypt/decrypt | |
encryption | true for encryption, false for decryption |
InvalidKeyException | ||
InvalidAlgorithmParameterException | ||
ContentEncodingException |
Implemented in org.ccnx.ccn.impl.security.crypto.StaticContentKeys.
static byte [] org.ccnx.ccn.impl.security.crypto.ContentKeys.segmentNumberToByteArray | ( | long | segmentNumber | ) | [static] |
Converts a segment number to a byte array representation (big-endian).
segmentNumber | the segment number to convert |