org.ccnx.ccn.impl.security.crypto.ContentKeys Class Reference
ContentKeys is a container class holding a key and optional IV or counter value, plus an algorithm specifier.
More...
List of all members.
Classes |
class | ContentInfo |
class | KeyAndIV |
Public Member Functions |
| ContentKeys (ContentKeys other) |
void | requireDefaultAlgorithm () |
| Put this here temporarily.
|
String | getBaseAlgorithm () |
Cipher | getCipher () |
| Create a cipher for the encryption algorithm used by this ContentKeys.
|
Cipher | getSegmentEncryptionCipher (ContentName contentName, PublisherPublicKeyDigest publisher, long segmentNumber) throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
| Make an encrypting or decrypting Cipher to be used in making a CipherStream to wrap CCN data.
|
Cipher | getSegmentDecryptionCipher (ContentName contentName, PublisherPublicKeyDigest publisher, long segmentNumber) throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
| Create a decryption cipher for the specified segment.
|
abstract ContentKeys | clone () |
Key | getMasterKey () |
byte[] | getMasterIVCtr () |
Static Public Member Functions |
static byte[] | segmentNumberToByteArray (long segmentNumber) |
| Converts a segment number to a byte array representation (big-endian).
|
Static Public Attributes |
static final String | DEFAULT_KEY_ALGORITHM = CryptoConstants.AES_ALGORITHM |
static final String | DEFAULT_CIPHER_ALGORITHM = CryptoConstants.AES_CTR_MODE |
static final int | DEFAULT_KEY_LENGTH = 16 |
Protected Member Functions |
| ContentKeys (String encryptionAlgorithm, byte[] masterEncryptionKey, byte[] masterIVCtr) throws NoSuchAlgorithmException, NoSuchPaddingException |
| ContentKeys (String encryptionAlgorithm, Key masterEncryptionKey, byte[] masterIVCtr) throws NoSuchAlgorithmException, NoSuchPaddingException |
String | getEncryptionAlgorithm () |
| Get the full algorithm specification, including mode and padding.
|
String | getKeyAlgorithm () |
| Get the simple algorithm specification for the algorithm used by the key (e.g.
|
abstract Cipher | getSegmentCipher (ContentName contentName, PublisherPublicKeyDigest publisher, long segmentNumber, boolean encryption) throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException |
| Generate a segment encryption or decryption cipher using these ContentKeys to encrypt or decrypt a particular segment.
|
synchronized boolean | hasCachedKeyInformation (ContentInfo contentInfo) |
| Helper methods to let subclasses cache derived key information that might be expensive to re-derive.
|
synchronized void | addCachedKeyInformation (ContentInfo contentInfo, KeyAndIV keyAndIV) |
synchronized KeyAndIV | getCachedKeyInformation (ContentInfo contentInfo) |
Static Protected Member Functions |
static synchronized SecureRandom | getRandom () |
Protected Attributes |
String | _encryptionAlgorithm |
KeyAndIV | _masterKeyAndIVCtr |
HashMap< ContentInfo, KeyAndIV > | _keyCache |
| Not used in this class, but available to subclasses.
|
Detailed Description
ContentKeys is a container class holding a key and optional IV or counter value, plus an algorithm specifier.
It is used to carry the state necessary to perform symmetric encryption of content. To do so, it requires a function that maps from a key set to the keying data to be used to encrypt/decrypt a specific block of content (see getSegmentEncryptionCipher and getSegmentDecryptionCipher), which may, either use this key material directly or use a key derivation function to obtain subkeys specific to each segment.
Member Function Documentation
String org.ccnx.ccn.impl.security.crypto.ContentKeys.getBaseAlgorithm |
( |
|
) |
|
- Returns:
- The base algorithm used in the encryption algorithm specified for this ContentKeys. For example, if the encryptionAlgorithm is "AES/CTR/NoPadding", the base algorithm is AES.
Cipher org.ccnx.ccn.impl.security.crypto.ContentKeys.getCipher |
( |
|
) |
|
Create a cipher for the encryption algorithm used by this ContentKeys.
- Returns:
- the cipher
String org.ccnx.ccn.impl.security.crypto.ContentKeys.getEncryptionAlgorithm |
( |
|
) |
[protected] |
Get the full algorithm specification, including mode and padding.
- Returns:
String org.ccnx.ccn.impl.security.crypto.ContentKeys.getKeyAlgorithm |
( |
|
) |
[protected] |
Get the simple algorithm specification for the algorithm used by the key (e.g.
"AES").
- Returns:
abstract Cipher org.ccnx.ccn.impl.security.crypto.ContentKeys.getSegmentCipher |
( |
ContentName |
contentName, |
|
|
PublisherPublicKeyDigest |
publisher, |
|
|
long |
segmentNumber, |
|
|
boolean |
encryption | |
|
) |
| | throws InvalidKeyException, InvalidAlgorithmParameterException, ContentEncodingException [protected, pure virtual] |
Generate a segment encryption or decryption cipher using these ContentKeys to encrypt or decrypt a particular segment.
- Parameters:
-
| segmentNumber | segment to encrypt/decrypt |
| encryption | true for encryption, false for decryption |
- Returns:
- the Cipher
- Exceptions:
-
| InvalidKeyException | |
| InvalidAlgorithmParameterException | |
| ContentEncodingException | |
- See also:
- getSegmentEncryptionCipher(long)
Implemented in org.ccnx.ccn.impl.security.crypto.StaticContentKeys.
Create a decryption cipher for the specified segment.
- Parameters:
-
| segmentNumber | the segment to decrypt |
- Returns:
- the Cipher
- Exceptions:
-
| InvalidKeyException | |
| InvalidAlgorithmParameterException | |
| ContentEncodingException | |
- See also:
- getSegmentEncryptionCipher(long)
Make an encrypting or decrypting Cipher to be used in making a CipherStream to wrap CCN data.
- Exceptions:
-
void org.ccnx.ccn.impl.security.crypto.ContentKeys.requireDefaultAlgorithm |
( |
|
) |
|
Put this here temporarily.
It will disappear as soon as we get the rest of the CBC code in place. Test if this is using the default encryption algorithm. A number of users of ContentKeys only support using the default algorithm, and use this to verify.
- Exceptions:
-
| UnsupportedOperationException | if the algorithm for this object is not the default. |
static byte [] org.ccnx.ccn.impl.security.crypto.ContentKeys.segmentNumberToByteArray |
( |
long |
segmentNumber |
) |
[static] |
Converts a segment number to a byte array representation (big-endian).
- Parameters:
-
| segmentNumber | the segment number to convert |
- Returns:
- the byte array representation of segmentNumber
The documentation for this class was generated from the following file:
- src/org/ccnx/ccn/impl/security/crypto/ContentKeys.java