public class SecureDocument extends Object
Modifier and Type | Field and Description |
---|---|
int |
changeFrequency
This is only used if there is a remote Public Key available, since this indicates
that an encryption password could be created at random for each message, and then
encrypted in the receivers public key.
|
boolean |
dontTimestampSignature |
boolean |
dontUseCompression |
byte[] |
encryptedKey |
Signature |
signature |
static int |
STATUS_DATA_IS_ENCRYPTED |
static int |
STATUS_HAS_ENCRYPTION_KEY |
static int |
STATUS_HAS_SIGNATURE |
Constructor and Description |
---|
SecureDocument()
Create a new SecureDocument.
|
Modifier and Type | Method and Description |
---|---|
byte[] |
authenticate(byte[] authenticator,
EncryptionKey myPrivateKey)
This is called by a server when it has received a sequence of bytes as created by
makeServerAuthenticator().
|
SecureDocument |
changeEncryption()
This forces the SecureDocument to change its encryption for encoding by choosing a new random key.
|
SecureDocument |
clearEncryption()
This removes all encryption parameters, leaving it in a state unable to encrypt
or decrypt any data.
|
ByteArray |
decode(ByteArray dest)
Decode the encrypted text as set by setData() into the plain text of the original document.
|
ByteArray |
encode(ByteArray destination)
Encode the plain text as set by setData() into a secure document sequence of bytes.
|
protected DataProcessor |
getDecryptor(byte[] key) |
protected DataProcessor |
getEncryptor(byte[] key) |
int |
getStatus()
Get the encryption status of the encoded document.
|
boolean |
hasEncryptionParameters()
Return whether or not this SecureDocument can encode() any data with any kind of
security.
|
byte[] |
makeAuthenticator(EncryptionKey serverPublicKey)
Call this on a new SecureDocument to create a byte sequence to be sent
to the server who you believe is holding the private key of the supplied
public key.
|
SecureDocument |
setData(byte[] source)
Set the source data.
|
SecureDocument |
setData(byte[] source,
int offset,
int length)
Set the source data.
|
SecureDocument |
setDecryptor(DataProcessor decryptor) |
SecureDocument |
setEncryptor(DataProcessor encryptor) |
SecureDocument |
setKeys(EncryptionKey receiverKey,
EncryptionKey creatorKey)
Set the private/public keys.
|
SecureDocument |
setPassword(byte[] key)
You can call this before encoding to explicitly set the key used for the symmetric encryption.
|
SecureDocument |
setPassword(String password)
You can call this before encoding to explicitly set the key used for the symmetric encryption.
|
protected byte[] |
stringToKey(String password) |
boolean |
validateAuthenticator(byte[] reply)
Validate the reply from the server as created by authenticate().
|
public boolean dontUseCompression
public boolean dontTimestampSignature
public Signature signature
public byte[] encryptedKey
public int changeFrequency
public static final int STATUS_HAS_ENCRYPTION_KEY
public static final int STATUS_DATA_IS_ENCRYPTED
public static final int STATUS_HAS_SIGNATURE
public SecureDocument()
public SecureDocument setData(byte[] source, int offset, int length)
source
- The source bytes.offset
- The offset.length
- The length.public SecureDocument setData(byte[] source)
source
- The source bytes.protected DataProcessor getEncryptor(byte[] key)
protected DataProcessor getDecryptor(byte[] key)
protected byte[] stringToKey(String password)
public SecureDocument setPassword(String password) throws IOException
key
- the key for the encryption.IOException
public SecureDocument setPassword(byte[] key) throws IOException
key
- the key for the encryption.IOException
public SecureDocument setEncryptor(DataProcessor encryptor) throws IOException
IOException
public SecureDocument setDecryptor(DataProcessor decryptor) throws IOException
IOException
public SecureDocument setKeys(EncryptionKey receiverKey, EncryptionKey creatorKey)
receiverKey
- The key of the receiver of the document - if this is not null, then random
symmetric keys will be used to encode the data and the key will be encrypted using the receiver's
public key.creatorKey
- The key of the creator of the document - this is used for signing the document.
If it is null, the document will not be signed.public SecureDocument clearEncryption()
public SecureDocument changeEncryption() throws IOException
IOException
public boolean hasEncryptionParameters()
public ByteArray encode(ByteArray destination) throws IOException, IllegalStateException
destination
- an optional destination ByteArray.IOException
- on an encryption error.IllegalStateException
- if no security options have been setup.public int getStatus() throws StreamCorruptedException
StreamCorruptedException
- if the data is corrupted.public ByteArray decode(ByteArray dest) throws IOException
dest
- an optional destination ByteArray.IOException
- on a decryption error.public byte[] makeAuthenticator(EncryptionKey serverPublicKey) throws IOException
serverPublicKey
- the public key of the server.IOException
- if this authentication cannot be carried out using the server's public key.public byte[] authenticate(byte[] authenticator, EncryptionKey myPrivateKey) throws IOException
authenticator
- the byte sequence as created by makeServerAuthenticator() on the client.myPrivateKey
- my private key.IOException
- if an error occurs decrypting or encrypting the data - which usually
indicates that the keys do not match.public boolean validateAuthenticator(byte[] reply)
reply
- the reply from the server as generated by authenticate().