AES256JNCryptor (jncryptor 1.2.0 API)

Package

Class

Use

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

org.cryptonode.jncryptor
Class AES256JNCryptor

java.lang.Object
  org.cryptonode.jncryptor.AES256JNCryptor

All Implemented Interfaces:: JNCryptor

public class AES256JNCryptor
extends Object
implements JNCryptor
extends Object
implements JNCryptor

This JNCryptor instance produces data in version 3 format. It can read data in any format since version 2.

 | version | options | encryption salt | HMAC salt |   IV   | ... ciphertext ... |     HMAC    |
 |    0    |    1    |       2->9      |   10->17  | 18->33 | <-      ...     -> | (n-32) -> n |

version (1 byte): Data format version.
options (1 byte): 0x00 if keys are used, 0x01 if a password is used.
encryption salt (8 bytes)
HMAC salt (8 bytes)
IV (16 bytes)
ciphertext (variable): 256-bit AES encrypted, CBC-mode with PKCS #5 padding.
HMAC (32 bytes)

The encryption key is derived using the PKBDF2 function, using a random eight-byte encryption salt, the supplied password and 10,000 iterations. The iteration count can be changed using the setPBKDFIterations(int) method. The HMAC key is derived in a similar fashion, using its own random eight-byte HMAC salt. Both salt values are stored in the ciphertext output (as shown above).

The ciphertext is AES-256-CBC encrypted, using a randomly generated IV and the encryption key (described above), with PKCS #5 padding.

The HMAC is calculated across all the data (except the HMAC itself, of course), generated using the HMAC key described above and the SHA-256 PRF.

This class is thread-safe. Multiple threads may share one instance of this class, or each thread may have its own instance.

See https://github .com/rnapier/RNCryptor/wiki/Data-Format, from which most of the information above was shamelessly copied.

Since:: 0.5

Constructor Summary
`AES256JNCryptor()` Creates a new `AES256JNCryptor` instance.
`AES256JNCryptor(int iterations)` Creates a new `AES256JNCryptor` instance that uses a specific number of PBKDF iterations.

Method Summary
`byte[]`	`decryptData(byte[] ciphertext, char[] password)` Decrypts data with the supplied password.
`byte[]`	`decryptData(byte[] ciphertext, SecretKey decryptionKey, SecretKey hmacKey)` Decrypts data with the supplied keys.
`byte[]`	`encryptData(byte[] plaintext, char[] password)` Encrypts data with the supplied password.
`byte[]`	`encryptData(byte[] plaintext, char[] password, byte[] encryptionSalt, byte[] hmacSalt, byte[] iv)` Encrypts data with the supplied password, salt values and IV.
`byte[]`	`encryptData(byte[] plaintext, PasswordKey encryptionKey, PasswordKey hmacKey)` Encrypts data using pre-computed keys, producing data in the password output format (i.e.
`byte[]`	`encryptData(byte[] plaintext, SecretKey encryptionKey, SecretKey hmacKey)` Encrypts data with the supplied keys.
`PasswordKey`	`getPasswordKey(char[] password)` Generates a key from a password and a random salt.
`int`	`getPBKDFIterations()` Gets the number of iterations used by this `JNCryptor`.
`int`	`getVersionNumber()` Returns the version number of the data format produced by this `JNCryptor`.
`SecretKey`	`keyForPassword(char[] password, byte[] salt)` Generates a key given a password and salt using a PBKDF.
`void`	`setPBKDFIterations(int iterations)` Changes the number of iterations used by this `JNCryptor`.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Constructor Detail

AES256JNCryptor

public AES256JNCryptor()

Creates a new AES256JNCryptor instance. Uses the default number of PBKDF iterations.

AES256JNCryptor

public AES256JNCryptor(int iterations)

Creates a new AES256JNCryptor instance that uses a specific number of PBKDF iterations.

Parameters:: iterations - the number of PBKDF iterations to perform

Method Detail