All Packages  Class Hierarchy  This Package  Previous  Next  Index

Class semper.crypto.CRMModule

java.lang.Object
   |
   +----semper.crypto.CRMModule

public class CRMModule
extends Object
Module supplying cryptographic services based on CRM's cryptotools. All services can be used by static calls. The module provides implementations of the cryptographic services needed by the manager.

Version:
$Revision: 1.8 $ $Date: 1997/11/05 14:24:36 $
Author:
Torben Pedersen (tpp@cryptomathic.aau.dk)

Constructor Index

 o CRMModule()
Constructor for module.

Method Index

 o decipher(int, int, byte[], int, byte[], byte[])
Decipher an array of bytes using the symmetric algorithm described by alg.
 o encipher(int, int, byte[], int, byte[], byte[])
Encipher an array of bytes using the symmetric algorithm described by alg.
 o generateHash(int, byte[], int, byte[])
 o generateMAC(int, int, byte[], int, byte[], byte[])
Generate a MAC.
 o generatePubKeyPair(int, int, int, byte[], int, byte[], byte[], byte[])
Generate a random public key pair.
 o generateSignature(int, int, byte[], int, byte[], byte[], byte[])
Sign a string.
 o generateSymKey(int, byte[], int, byte[])
Generate a random symmetric key.
 o getRandomBytes(int, byte[])
Method for obtaining a required number of random bytes.
 o initModule(byte[], int)
Method for initialising PRG of module.
 o pkDecipher(int, int, int, byte[], byte[], byte[], byte[])
Decipher an encrypted conventional key using an asymmetric crypto system
 o pkEncipher(int, int, int, byte[], boolean, byte[], byte[], byte[])
Encrypts a key to a conventional system under a public key.
 o verifyMAC(int, int, byte[], int, byte[], byte[])
Verify a MAC.
 o verifySignature(int, int, byte[], int, byte[], byte[], byte[])
Verify a signature.
 o whichAlgs(int, int[])
Gives information of supported algorithms.

Constructors

 o CRMModule
 public CRMModule()
Constructor for module. Should not be used as all services can be used by static calls. This constructor does not do anything at all.

Methods

 o initModule
 public static native int initModule(byte seed[],
                                     int seedLength)
Method for initialising PRG of module.

Parameters:
seed - is a random string for initialising PRG
seedLenght - is the lenght of the seed
Returns:
return code indicating the result of initialisation (0 success)
 o getRandomBytes
 public static native int getRandomBytes(int length,
                                         byte randomBytes[])
Method for obtaining a required number of random bytes. This method assumes that the module has been initialised. Otherwise an error is returned.

Parameters:
lenght - is the number of bytes requested
randomBytes - coontains the random bytes
Returns:
return code indicating the result (0 success)
 o generateSymKey
 public static native int generateSymKey(int alg,
                                         byte seed[],
                                         int seedLength,
                                         byte symKey[])
Generate a random symmetric key. A key for use by a symmetric algorithm is generated and returned. The key generation will be based on the PRG of the module. However, if a seed is provided this will be used instead. If the module has not been initialised and no seed is provided an error is returned

Parameters:
alg, - an integer identifying the symmetric algorithm for which a key is requested
seed - is the random seed needed for the key generation
seedLength - is the length of the seed
symKey, - a byte array containing the symmetric key
Returns:
0 indicates succes. Error possibilities (wrong alg identifier)
See Also:
initModule
 o generatePubKeyPair
 public static native int generatePubKeyPair(int alg,
                                             int keyInf,
                                             int keyLength,
                                             byte seed[],
                                             int seedLength,
                                             byte commonKey[],
                                             byte secKey[],
                                             byte pubKey[])
Generate a random public key pair. A key pair for use by an asymmetric algorithm is generated and returned.The key generation will be based on the PRG of the module. However, if a seed is provided this will be used instead. If the module has not been initialised and no seed is provided an error is returned

Parameters:
alg - the asymmetric algorithm for which a key pair is requested
keyInf - may be used to describe further requirements on the key (RSA: restrictions on the exponent; DSS: whether a given common part should be used or a new generated)
keyLength - indicates the length of the key
seed - is the random seed needed for the key generation
seedLength - is the length of the seed
commonKey - contains a part of a public key which is generated beforehand and is common to many users (e.g., parameters describing the group in case of DL based systems)
secKey, - a byte array containing the secret key
pubKey - is a byte array containing the public key
Returns:
integer return code
See Also:
initModule
 o generateHash
 public static native int generateHash(int alg,
                                       byte message[],
                                       int messageLength,
                                       byte hashVal[])
 o encipher
 public static native int encipher(int alg,
                                   int paddingMode,
                                   byte message[],
                                   int messageLength,
                                   byte key[],
                                   byte cipher[])
Encipher an array of bytes using the symmetric algorithm described by alg.

Parameters:
alg - identifies the symmetric algorithm to be used
paddingMode - inicates the method for padding
message - the message to encipher
messageLength - is the length of the message in bytes (0 indicates that message is the name of a file to be encrypted)
key - is the symmetric key to be used of the encryption
cipher - contains the resulting cipher text (if messageLength is 0 cipher must specify a file)
Returns:
return code (0 if successful=
See Also:
decipher, pkEncipher
 o decipher
 public static native int decipher(int alg,
                                   int paddingMode,
                                   byte cipher[],
                                   int cipherLength,
                                   byte key[],
                                   byte message[])
Decipher an array of bytes using the symmetric algorithm described by alg.

Parameters:
alg - identifies the algorithm to be used
paddingMode - inicates the method for padding
cipher - contains the cipher text
cipherLength - is the length of the message in bytes (0 indicates that message is the name of a file to be decrypted)
key - is the symmetric key to be used of the decryption
message - is the message recovered in clear text (if cipherLength is 0 message must specify a file)
Returns:
return code (0 if successful). The return code gives the number of padding bits, which have been stripped of.
See Also:
encipher
 o pkEncipher
 public static native int pkEncipher(int pubKeyAlg,
                                     int keyEncMode,
                                     int convAlg,
                                     byte convKey[],
                                     boolean makeConvKey,
                                     byte commonKey[],
                                     byte pubkey[],
                                     byte pubCipher[])
Encrypts a key to a conventional system under a public key. The key may either be supplied as input or the function will generate one and return it.

Parameters:
pubKeyAlg - identifies the asymmetric algorithm to be used
keyEncMode - specifies the padding of the key when encrypted
convAlg - identifies the symmetric algorithm to be used (may be 0 if the key is given as input)
convKey - is the key to be encrypted. Always contains the key in clear afterwards.
makeConvKey - flag telling if a new key should be generated (true) or the one supplied in convKey should be encrypted.
commonKey - is the common part of a public key
pubKey - is the public key to be used
pubCipher - contains the encryption under public key system (of a the key in convKey)
Returns:
return code (0 if successful)
See Also:
generatePubKeyPair, decipher, pkDecipher
 o pkDecipher
 public static native int pkDecipher(int pubKeyAlg,
                                     int keyEncMode,
                                     int convAlg,
                                     byte pubCipher[],
                                     byte commonKey[],
                                     byte secKey[],
                                     byte convKey[])
Decipher an encrypted conventional key using an asymmetric crypto system

Parameters:
pubKeyAlg - identifies the asymmetric algorithm to be used
keyEncMode - specifies the padding of the data key
convAlg - describes the conventional algorithm corresponding to the key
pubCipher - contains the encryption under the public key indicates that message is the name of a file to be decrypted)
commonKey - is the common paart of the secret key
secKey - is the secret key to be used for decryption
convKey - the key recovered in clear text
Returns:
return code (0 if successful)
See Also:
pkEncipher
 o generateSignature
 public static native int generateSignature(int signatureAlg,
                                            int hashAlg,
                                            byte message[],
                                            int messageLength,
                                            byte commonKey[],
                                            byte secKey[],
                                            byte signature[])
Sign a string. A digital signature is applied to the message using a secret signature key.

Parameters:
signatureAlg - identifies the signature algorithm to be used
hashAlg - identifies the hash algorithm to be used (0 indicates no hashing)
message - is a byte array containing the message
messageLength - is the length of the message in bytes (0 indicates that message is the name of a file to be signed)
commonKey - is the common paart of the secret key
secKey - is a byte array containing the secret key
signature - is a byte array containing the digital signature (if the message is a file and no hash algorithm is chosen, the signature must be writte to a file)
Returns:
an integer encoding possible errors (0 for success)
See Also:
verifySignature
 o verifySignature
 public static native int verifySignature(int signatureAlg,
                                          int hashAlg,
                                          byte message[],
                                          int messageLength,
                                          byte signature[],
                                          byte commonKey[],
                                          byte pubKey[])
Verify a signature. A digital signature on a message is verified using a public signature key.

Parameters:
signatureAlg - identifies the signature algorithm to be used
hashAlg - identifies the hash algorithm to be used (0 indicates no hashing)
message - the message on which to verify a signature
messageLength - is the length of the message in bytes (0 indicates that message is the name of a file)
signature - is a byte array containing the digital signature (if the message is a file and no hash algorithm is chosen, the signature must be a file)
commonKey - is the common part of the public key
pubKey - is a byte array containing the secret key
Returns:
an integer encoding possible errors 0: signature good 1: all computations succeeded, but signature didn't verify other values to be defined
See Also:
generateSignature
 o generateMAC
 public static native int generateMAC(int MACalg,
                                      int convAlg,
                                      byte message[],
                                      int messageLength,
                                      byte MACVal[],
                                      byte key[])
Generate a MAC. A message authentication code is generated on a message using a symmetric key.

Parameters:
MACalg - identifies the algorithm to be used (this also defines the possible padding of the mess)
convAlg - identifies the conventional algorithm to be used (in case this is needed by the algorithm defined by MACalg)
message - the message on which to generate a MAC
messageLength - is the length of the message in bytes (0 indicates that message is the name of a file)
MACVal - the MAC value
key - an array of bytes with the conventional key
Returns:
an integer encoding possible errors (0 for success)
See Also:
verifyMAC
 o verifyMAC
 public static native int verifyMAC(int MACalg,
                                    int convAlg,
                                    byte message[],
                                    int messageLength,
                                    byte MAC[],
                                    byte key[])
Verify a MAC. A message authentication code is verified using a symmetric key key.

Parameters:
MACalg - identifies the algorithm to be used
convAlg - identifies the conventional algorithm to be used (in case this is needed by the algorithm defined by MACalg)
message - the message on which to verify the MAC
messageLength - is the length of the message in bytes (0 indicates that message is the name of a file)
MAC - the MAC to verify
key - describes the key to be used
Returns:
an integer encoding the result of the verification (same encoding as for signature verification)
See Also:
verifySignature, generateMAC
 o whichAlgs
 public static native int whichAlgs(int secService,
                                    int algorithms[])
Gives information of supported algorithms. The security services are encoded as follows. 0: Conventional krypto system 1: MAC algorithm 2: Public key de/encryption 3: Methods for making signatures 4: Hash functions

Parameters:
secService - is an integer describing the security service for which the algorithms should be used
algorithms - is an array of integers describing the supported algorithms (at most 10)
Returns:
the number of algorithms supported

All Packages  Class Hierarchy  This Package  Previous  Next  Index