Package de.hda.fbi.ucs.eucrite

Class EasyEncrypter

java.lang.Object
de.hda.fbi.ucs.eucrite.EasyEncrypter
public class EasyEncrypter
extends Object
The EasyEncrypter is an encrypter that can handle classical and quantum-safe encryption schemes. The key material used for encryption and decryption is handled by an instance of KeyManager. After initializing the EasyEncrypter, no further interaction with the key material is needed, but possible.

Use withExistingKey(StorageParameters storageParameters) to initialize the EasyEncrypter with existing key material (key pair or secret key), e.g. from an KeyStore file, or withNewKey(AlgorithmParameters algorithmParameters, StorageParameters storageParameters) to let the EasyEncrypter create new key material with the parameters given by algorithmParameters. In both cases, storageParameters holds all the necessary information to load and store the key material.

To find the right algorithmParamters, the eUCRITE API provides templates with fitting parameters for certain requirements or use cases, e.g. security levels. We recommend using these templates (as shown in the example below), especially for inexperienced users.

Example: Initializing the encrypter for AES with a newly generated key pair, encrypt a message and decrypt the generated cipher may look like this: 

 
 String password = ...;
 AlgorithmParameters algorithmParameters = AlgorithmParameters.Template.Hybrid_Encryption.Security_Level.MEDIUM.getParameters();
 KeystoreParameters keystoreParameters = new KeystoreParameters(new File("data/key"), "secure_password");
 EasyEncrypter encrypter = EasyEncrypter.withNewKey(algorithmParameters, keystoreParameters);
 String toBeEncrypted = "TopSecretMessage";
 byte[] cipher = encrypter.encrypt(toBeEncrypted.getBytes());
 String decryptedMessage = new String(encrypter.decrypt(cipher));
Author:
Alexander Zeier

  • Constructor Details

  • Method Details

    • withExistingKey

      public static EasyEncrypter withExistingKey​(StorageParameters storageParameters) throws FileNotFoundException, NoSuchAlgorithmException
      Creates a EasyEncrypter with an existing key pair. The location of the key pair and other information to access the key material are given by the storageParameters.

      Example: 

       
 KeystoreParameters keystoreParameters = new KeystoreParameters(new File("data/key"), "secure_password");
 EasyEncrypter encrypter = EasyEncrypter.withExistingKey(keystoreParameters);
      Parameters:
      storageParameters - The parameters defining the storage location and everything else necessary to access the key pair.
      Returns:
      The EasyEncrypter
      Throws:
      FileNotFoundException - If the file couldn't be found.
      NoSuchAlgorithmException - If the key pair belongs to an algorithm that is not supported by this Signer.
      IllegalArgumentException - If the arguments are not valid, e.g. null.

    • withNewKey

      public static EasyEncrypter withNewKey​(AlgorithmParameters algorithmParameters, StorageParameters storageParameters) throws FileAlreadyExistsException, NoSuchAlgorithmException
      Creates a EasyEncrypter with newly generated key material. The location of the key material and other information to access the key material are given by the storageParameters. The algorithm to use with all necessary parameters are given by the algorithmParameters.

      To find the right algorithmParamters, the eUCRITE API provides templates with fitting parameters for certain requirements or use cases, e.g. security levels. We recommend using these templates, especially for inexperienced users.

      Example: 

       
 AlgorithmParameters algorithmParameters = AlgorithmParameters algorithmParameters = AlgorithmParameters.Template.Hybrid_Encryption.Security_Level.HIGH.getParameters();
 KeystoreParameters keystoreParameters = new KeystoreParameters("data/key", "secure_password");
 EasyEncrypter encrypter = EasyEncrypter.withNewKey(algorithmParameters, keystoreParameters);
      Parameters:
      algorithmParameters - The parameters defining the cipher algorithm with the necessary parameters.
      storageParameters - The parameters defining the storage location and everything else necessary to access the key pair.
      Returns:
      An instance of the EasyEncrypter.
      Throws:
      FileAlreadyExistsException - If the file already exists.
      NoSuchAlgorithmException - If the key pair belongs to an algorithm that is not supported by this Signer.

    • encrypt

      public byte[] encrypt​(byte[] toBeEncrypted, Key publicOrSecretKey)
      Encrypt the given byte[] toBeEncrypted using the given public or secret key.

      Example: 

       
 byte[] toBeEncrypted = "Secret Message".getBytes();
 byte[] cipher = encrypter.encrypt(toBeEncrypted, publicKey);
      Parameters:
      toBeEncrypted - The data that should be encrypted.
      publicOrSecretKey - The public or secret key that should be used for encryption.
      Returns:
      The encrypted data.

    • encrypt

      public byte[] encrypt​(InputStream toBeEncrypted, Key publicOrSecretKey) throws IOException
      Encrypt the given InputStream toBeEncrypted using the given public or secret key. An InputStream can be generated e.g. from an byte[] with ByteArrayInputStream or a File with FileInputStream.

      Using the InputStream will leave it empty after encrypting is completed.

      Example: 

       
 byte[] toBeEncrypted = ...;
 byte[] cipher = encrypter.encrypt(toBeEncrypted, publicKey);
      Parameters:
      toBeEncrypted - The data that should be encrypted.
      publicOrSecretKey - The public or secret key that should be used for encryption.
      Returns:
      The encrypted data.
      Throws:
      IOException - if no data from the given InputStream can be read.

    • encrypt

      public byte[] encrypt​(byte[] toBeEncrypted)
      Encrypt the given byte[] toBeEncrypted with the public or secret key stored in the EasyEncrypter.

      Example: 

       
 byte[] toBeEncrypted = ...;
 byte[] cipher = encrypter.encrypt(toBeEncrypted);
      Parameters:
      toBeEncrypted - The data that should be encrypted.
      Returns:
      The encrypted data.

    • encrypt

      public byte[] encrypt​(InputStream toBeEncrypted) throws IOException
      Encrypt the given InputStream toBeEncrypted with the public or secret key stored in the EasyEncrypter. An InputStream can be generated e.g. from an byte[] with ByteArrayInputStream or a File with FileInputStream.

      Using the InputStream will leave it empty after encrypting is completed.

      Example: 

       
 FileInputStream toBeEncrypted = new FileInputStream("data/file.txt");
 byte[] cipher = encrypter.encrypt(toBeEncrypted);
 FileOutputStream encryptedFileOut = new FileInputStream("data/encryptedFile);
 encryptedFileOut.write(cipher);
      Parameters:
      toBeEncrypted - The data that should be encrypted.
      Returns:
      The encrypted data in form of a byte array.
      Throws:
      IOException - if no data from the given InputStream can be read.

    • decrypt

      public byte[] decrypt​(byte[] toBeDecrypted)
      Decrypt the given byte[] toBeDecrypted with the private or secret key stored in the EasyEncrypter.

      Example: 

       
 byte[] toBeDecrypted = ...;
 byte[] cleartext = encrypter.decrypt(toBeDecrypted);
      Parameters:
      toBeDecrypted - The data that should be decrypted.
      Returns:
      The decrypted data.

    • decrypt

      public byte[] decrypt​(InputStream toBeDecrypted) throws IOException
      Decrypt the given InputStream toBeDecrypted with the private or secret key stored in the EasyEncrypter. An InputStream can be generated e.g. from an byte[] with ByteArrayInputStream or a File with FileInputStream.

      Using the InputStream will leave it empty after decrypting is completed.

      Example: 

       
 FileInputStream toBeDecrypted = new FileInputStream("data/encryptedFile");
 byte[] cleartext = encrypter.decrypt(toBeDecrypted);
 FileOutputStream decryptedFileOut = new FileInputStream("data/originalFile.jpeg);
 decryptedFileOut.write(cleartext);
      Parameters:
      toBeDecrypted - The data that should be decrypted.
      Returns:
      The decrypted data in form of a byte array.
      Throws:
      IOException - if no data from the given InputStream can be read.

    • getPublicKey

      public PublicKey getPublicKey()
      Get the PublicKey from the KeyManager.
      Returns:
      The PublicKey.

    • getCertificate

      public Certificate getCertificate()
      Get the Certificate from the KeyManager.
      Returns:
      The Certificate.

    • getKeyManager

      public KeyManager getKeyManager()
      Get the KeyManager
      Returns:
      The KeyManager.