tribble.crypto.FileEncrypter
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object
public class FileEncrypter
Encrypts or decrypts a data file using a stream cipher.
A file can be encrypted or decrypted by supplying a passphrase. The passphrase is hashed (using the SHA-1 algorithm) to generate a 128-bit encryption key, which is then used to encrypt or decrypt the contents of a specified file (using an AES-128 CFB-8 stream cipher algorithm).
Note: The key hashing method has been changed in revision 2.1 (2009-01-27). The '-p1' command line option is provided for backward compatibility, so that data files that were encrypted with earlier versions of this program can still be decrypted.
AESCipher,
StreamCipherSpi| Field Summary | |
|---|---|
protected static java.lang.String |
HASH_ALG
Hashing algorithm to use to convert a passphrase into a key. |
protected static int |
KEY_LEN
Stream cipher key size (in bytes). |
static int |
MODE_CFB8
|
static int |
MODE_NONE
|
static int |
MODE_OFB128
|
static int |
RC_OKAY
Exit code: Success. |
static int |
RC_PASSWORD
Exit code: Bad passphrase. |
static int |
RC_READ
Exit code: Can't read input. |
static int |
RC_USAGE
Exit code: Bad command usage. |
static int |
RC_WRITE
Exit code: Can't write output. |
static boolean |
s_debugs
Enable verbose debugging output. |
| Constructor Summary | |
|---|---|
FileEncrypter()
Default constructor. |
|
| Method Summary | |
|---|---|
long |
decrypt(java.io.InputStream in,
java.io.OutputStream out,
byte[] key,
boolean hasIV,
boolean squeezed,
boolean base64,
int mode)
Decrypt an input stream. |
static byte[] |
deriveKey_v1(java.lang.String pwd,
int keyLen)
Derive a cipher encryption key from a passphrase. |
static byte[] |
deriveKey(byte[] pwd,
int keyLen)
Derive an encryption key from a passphrase. |
static byte[] |
deriveKey(java.lang.String pwd,
int keyLen)
Derive a cipher encryption key from a passphrase. |
long |
encrypt(java.io.InputStream in,
java.io.OutputStream out,
byte[] key,
boolean hasIV,
boolean squeezed,
boolean base64,
int mode)
Encrypt an input stream. |
protected void |
finalize()
Finalization. |
static void |
main(java.lang.String[] args)
Encrypt or decrypt a data file. |
void |
reset()
Wipe all sensitive information from this file encrypter/decrypter. |
| Methods inherited from class java.lang.Object |
|---|
clone, equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Field Detail |
|---|
public static final int MODE_NONE
public static final int MODE_CFB8
public static final int MODE_OFB128
public static final int RC_OKAY
public static final int RC_READ
public static final int RC_WRITE
public static final int RC_PASSWORD
public static final int RC_USAGE
protected static final java.lang.String HASH_ALG
protected static final int KEY_LEN
public static boolean s_debugs
| Constructor Detail |
|---|
public FileEncrypter()
| Method Detail |
|---|
public static void main(java.lang.String[] args)
throws java.lang.Exception
java tribble.crypto.FileEncrypter [-p passphrase] [-options...] file
Options:
If a passphrase is not specified, it will be read from the standard input.
args - Command line arguments.
java.lang.Exception - Thrown if an I/O or encryption error occurs.
public static byte[] deriveKey(java.lang.String pwd,
int keyLen)
An encryption key is derived by hashing (using SHA-1) the text passphrase and extracting the upper bits of the hash.
pwd - A user-supplied passphrase.keyLen - Length of the key to generate (in bytes).
java.lang.RuntimeException - (unchecked)
Thrown if the hashing (message digest) class could not be loaded.
public static byte[] deriveKey_v1(java.lang.String pwd,
int keyLen)
Note: This method has been renamed as of revision 2.1, being
replaced with a new algorithm used in method
deriveKey().
An encryption key is derived by hashing (using SHA-1) the text passphrase and extracting the upper bits of the hash.
pwd - A user-supplied passphrase.keyLen - Length of the key to generate (in bytes).
java.lang.RuntimeException - (unchecked)
Thrown if the hashing (message digest) class could not be loaded.
public static byte[] deriveKey(byte[] pwd,
int keyLen)
An encryption key is derived by hashing (using SHA-1) the text passphrase and extracting the upper bits of the hash.
pwd - A user-supplied text passphrase.keyLen - Length of the key to generate (in bytes).
java.lang.RuntimeException - (unchecked)
Thrown if the hashing (message digest) class could not be loaded.public void reset()
public long encrypt(java.io.InputStream in,
java.io.OutputStream out,
byte[] key,
boolean hasIV,
boolean squeezed,
boolean base64,
int mode)
throws java.io.IOException,
java.security.InvalidKeyException
Random IV bytes are prepended to the output stream to make it harder to crack the encryption. Note: Not using a random prepended IV severly compromises the security of the stream cipher. Likewise, no two messages (files) should ever be encrypted using the same passphrase+IV combination.
Stream Cipher - CFB-8 Encryption Mode
Random +---------------+
IV | | | | | | | | | (128 bits, 16 bytes)
+---------------+
:
v
State +-------------+-+
Block | | | | | | | |C| <------+
+-------------+-+ :
Si : :
: :
+---------------+ : :
Key | | | | | | | | | : :
+---------------+ : :
: v :
: +===============+ :
+--> [ ] :
[ Cipher ] :
[ ] :
+===============+ :
: :
v :
Encrypted +-------------+-+ :
Block |E| | | | | | | | :
+-------------+-+ :
: Ei :
v +-+ Encrypted
[ XOR ] ----------------> |C| --> Output
^ +-+ Stream
: Ci
Plaintext +-+
Input -------> |P|
Stream +-+
Pi
The state block is initially filled with the IV. As each plaintext byte Pi is read from the input stream, the state block is encrypted using the encryption key to produce the next encryption keystream block Ei. The last byte of the keystream block is XORed with the plaintext input byte Pi to produce the output ciphertext byte Ci, which is written to the output stream. The encrypted byte Ci is then shifted into the state block, which prepares the state block for the next input byte Pi+1.
Stream Cipher - OFB-128 Encryption Mode
Random +---------------+
IV | | | | | | | | | (128 bits, 16 bytes)
+---------------+
:
v
State +---------------+
Block | | | | | | | | | <---+
+---------------+ :
Si : :
: :
+---------------+ : :
Key | | | | | | | | | : :
+---------------+ : :
: v :
: +===============+ :
+--> [ ] :
[ Cipher ] :
[ ] :
+===============+ :
: :
v :
Encrypted +---------------+ :
Block | | | | | | | | | ----+
+---------------+
Ei :
v +-+-+-+-+-+-+-+-+
[ XOR ] --> | | | | | | |X|X| --> Output
^ +-+-+-+-+-+-+-+-+ Stream
: Ci
Input +-+-+-+-+-+-+-+-+
Stream ------> | | | | | | |X|X|
+-+-+-+-+-+-+-+-+
Pi
The state block is initially filled with the IV. As each block of plaintext bytes Pi is read from the input stream, the state block is encrypted using the encryption key to produce the next encryption keystream block Ei. The bytes of the keystream block are XORed with the plaintext input bytes Pi to produce the output ciphertext bytes Ci, which are written to the output stream. The encrypted bytes Ei are then shifted into the state block, which prepares the state block for the next input block Pi+1.
in - A binary input stream to encrypt.out - A binary output stream to write the encrypted data to.key - Encryption key, which must be either 128, 192, or 256 bits (16, 24, or 32
bytes) long.hasIV - If true, the encrypted output stream will have random IV bytes prepended
to it, otherwise not.squeezed -
If true, the plaintext data from the input stream is compressed (using
the ZIP "deflate" compression method) prior to being encrypted. This not
only makes the resulting encrypted output stream smaller than the original
input stream, it also makes it harder to crack the encrypted data using
chosen plaintext attacks.base64 -
If true, the encrypted output data is written as base-64 (a.k.a. radix-64)
ASCII text instead of as binary data. This character text data is
suitable for inclusion in normal text and email documents.mode -
Ciphering mode to use, which is one of the
MODE_XXX constants.
java.io.IOException - Thrown if either in or out is null.
java.security.InvalidKeyException - If key is not the correct length or otherwise invalid.
public long decrypt(java.io.InputStream in,
java.io.OutputStream out,
byte[] key,
boolean hasIV,
boolean squeezed,
boolean base64,
int mode)
throws java.io.IOException,
java.security.InvalidKeyException
Random IV bytes may have been prepended to the output stream to make it harder to crack the encryption. Note: Not using a random prepended IV severly compromises the security of the stream cipher. Likewise, no two messages (files) should ever be encrypted using the same passphrase+IV combination.
Stream Cipher - CFB-8 Decryption Mode
The decryption algorithm is identical to the encryption algorithm.
Random +---------------+
IV | | | | | | | | | (128 bits, 16 bytes)
+---------------+
:
v
State +-------------+-+
Block | | | | | | | |P| <------+
+-------------+-+ :
Si : :
: :
+---------------+ : :
Key | | | | | | | | | : :
+---------------+ : :
: v :
: +===============+ :
+--> [ ] :
[ Cipher ] :
[ ] :
+===============+ :
: :
v :
Encrypted +-------------+-+ :
Block | | | | | | | |E| :
+-------------+-+ :
: Ei :
v +-+ : Decrypted
[ XOR ] ------------> |P| ------> Output
^ +-+ : Stream
: Pi :
Encrypted +-+ :
Input -------> |C| ---------------------+
Stream +-+
Ci
The state block is initially filled with the IV. As each ciphertext byte Ci is read from the input stream, the state block is encrypted using the encryption key to produce the next encryption keystream block Ei. The last byte of the keystream block is XORed with the ciphertext input byte Ci to produce the output plaintext byte Pi, which is written to the output stream. The encrypted byte Ci is then shifted into the state block, which prepares the state block for the next input byte Ci+1.
Stream Cipher - OFB-128 Decryption Mode
The decryption algorithm is identical to the encryption algorithm.
Random +---------------+
IV | | | | | | | | | (128 bits, 16 bytes)
+---------------+
:
v
State +---------------+
Block | | | | | | | | | <---+
+---------------+ :
Si : :
: :
+---------------+ : :
Key | | | | | | | | | : :
+---------------+ : :
: v :
: +===============+ :
+--> [ ] :
[ Cipher ] :
[ ] :
+===============+ :
: :
v :
Encrypted +---------------+ :
Block | | | | | | | | | ----+
+---------------+
Ei :
v +-+-+-+-+-+-+-+-+
[ XOR ] --> | | | | | | |X|X| --> Output
^ +-+-+-+-+-+-+-+-+ Stream
: Pi
Input +-+-+-+-+-+-+-+-+
Stream ------> | | | | | | |X|X|
+-+-+-+-+-+-+-+-+
Ci
The state block is initially filled with the IV. As each block of ciphertext bytes Ci is read from the input stream, the state block is encrypted using the encryption key to produce the next encryption keystream block Ei. The bytes of the keystream block are XORed with the ciphertext input bytes Ci to produce the output plaintext bytes Pi, which are written to the output stream. The encrypted bytes Ei are then shifted into the state block, which prepares the state block for the next input block Ci+1.
in - A binary input stream to decrypt.out - A binary output stream to write the decrypted data to.key - Encryption key, which must be either 128, 192, or 256 bits (16, 24, or 32
bytes) long.hasIV - If true, the encrypted input stream has random IV bytes prepended to it,
otherwise not.squeezed -
If true, the decrypted data from the input stream is decompressed (using
the ZIP "inflate" compression method) after being decrypted.base64 -
If true, the encrypted input data is read as base-64 (a.k.a. radix-64)
ASCII text instead of as binary data.mode -
Ciphering mode to use, which is one of the
MODE_XXX constants.
java.io.IOException - Thrown if either in or out is null.
java.security.InvalidKeyException - If key is not the correct length or otherwise invalid.
protected void finalize()
throws java.lang.Throwable
finalize in class java.lang.Objectjava.lang.Throwablereset()
|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||