SymmetricKey (crypto 3.14.5 API)

java.lang.Object
- com.icodici.crypto.AbstractKey
- - com.icodici.crypto.SymmetricKey

All Implemented Interfaces:

KeyMatcher, java.io.Serializable, net.sergeych.tools.Bindable, net.sergeych.tools.Hashable
```
public class SymmetricKey
extends AbstractKey
implements java.io.Serializable, net.sergeych.tools.Hashable
```
Symmetric key: main interface to the symmetric cipher used in attesta. This implementation uses AES256 in CRT mode with IV to encrypt / decrypt. To change it, derive your class and simply override getCipher().
The cipher set and HMAC method maight be extended, using this class guaranteees compatibility.
Created by sergeych on 04/06/16.

See Also:

Serialized Form

Nested Class Summary

Nested Classes
Modifier and Type	Class	Description
`class`	`SymmetricKey.AuthenticationFailed`	Exception raised by the `SymmetricKey.EtaDecryptingStream` when HMAC verification failed or other situations of the kind.
`class`	`SymmetricKey.EtaDecryptingStream`	Read and decrypt AE (EtA) stream.
`class`	`SymmetricKey.EtaEncryptingStream`	Encrypts an AE (EtA) stream using Sha256-based HMAC.

Nested classes/interfaces inherited from interface net.sergeych.tools.Hashable
net.sergeych.tools.Hashable.Error

Field Summary
- Fields inherited from class com.icodici.crypto.AbstractKey
  FINGERPRINT_SHA256, FINGERPRINT_SHA384, keyInfo, TYPE_PRIVATE, TYPE_PRIVATE_PASSWORD, TYPE_PRIVATE_PASSWORD_V2, TYPE_PUBLIC

Constructor Summary

Constructors
Constructor	Description
`SymmetricKey()`	Create random symmetric key (AES256, CTR)
`SymmetricKey(byte[] key)`
`SymmetricKey(byte[] key, KeyInfo keyInfo)`

Method Summary

All Methods Static Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`byte[]`	`decrypt(byte[] ciphertext)`
`java.io.InputStream`	`decryptStream(java.io.InputStream inputStream)`
`byte[]`	`encrypt(byte[] plaintext)`
`java.io.OutputStream`	`encryptStream(java.io.OutputStream outputStream)`
`boolean`	`equals(java.lang.Object obj)`
`byte[]`	`etaDecrypt(byte[] data)`	Decrypt data using AE (EtA) with SHA256-based HMAC.
`SymmetricKey.EtaDecryptingStream`	`etaDecryptStream(java.io.InputStream in)`	Decrypt some stream on the fly using AE (EtA) and SHA256-based HMAC.
`byte[]`	`etaEncrypt(byte[] data)`	Encrypt data suing AE (EtA) with HMAC based on SHA256.
`SymmetricKey.EtaEncryptingStream`	`etaEncryptStream(java.io.OutputStream out)`	Encrypt some stream on hte fly using AE (EtA) with SHA256-based HMAC.
`byte[]`	`etaSign(byte[] data)`	Rare case: HMAC-signing data without ebcrypting it.
`static SymmetricKey`	`fromPassword(java.lang.String password, int rounds)`
`static SymmetricKey`	`fromPassword(java.lang.String password, int rounds, byte[] salt)`
`int`	`getBitStrength()`
`protected BlockCipher`	`getCipher()`
`byte[]`	`getKey()`
`int`	`getSize()`
`int`	`hashCode()`
`byte[]`	`pack()`
`void`	`setKey(byte[] key)`
`java.util.Map<java.lang.String,java.lang.Object>`	`toHash()`
`void`	`updateFromHash(java.util.Map<java.lang.String,java.lang.Object> hash)`
`static byte[]`	`xor(byte[] src, int value)`

Methods inherited from class com.icodici.crypto.AbstractKey
address, asKeySource, canSign, createAnonymousId, fingerprint, fromBinder, getLongAddress, getPublicKey, getShortAddress, info, isMatchingKey, isMatchingKeyAddress, isPrivate, isPublic, matchAnonymousId, matchTag, matchType, packedInfo, packToBase64String, setTag, setTag, sign, sign, toBinder, toString, unpack, updateDigestWithKeyComponents, updateFrom, verify, verify, verify

Methods inherited from class java.lang.Object
clone, finalize, getClass, notify, notifyAll, wait, wait, wait

- Constructor Detail
  - SymmetricKey
```
public SymmetricKey()
```
    Create random symmetric key (AES256, CTR)
  - SymmetricKey
```
public SymmetricKey(byte[] key)
```
  - SymmetricKey
```
public SymmetricKey(byte[] key,
                    KeyInfo keyInfo)
```
- Method Detail
  - fromPassword
```
public static SymmetricKey fromPassword(java.lang.String password,
                                        int rounds)
```
  - fromPassword
```
public static SymmetricKey fromPassword(java.lang.String password,
                                        int rounds,
                                        byte[] salt)
```
  - setKey
```
public void setKey(byte[] key)
```
  - getKey
```
public byte[] getKey()
```
  - getBitStrength
```
public int getBitStrength()
```
  - getSize
```
public int getSize()
```
  - toHash
```
public java.util.Map<java.lang.String,java.lang.Object> toHash()
                                                              throws java.lang.IllegalStateException
```
    Specified by:
    
    toHash in interface net.sergeych.tools.Hashable
    
    Throws:
    
    java.lang.IllegalStateException
  - updateFromHash
```
public void updateFromHash(java.util.Map<java.lang.String,java.lang.Object> hash)
                    throws net.sergeych.tools.Hashable.Error
```
    Specified by:
    
    updateFromHash in interface net.sergeych.tools.Hashable
    
    Throws:
    
    net.sergeych.tools.Hashable.Error
  - getCipher
```
protected BlockCipher getCipher()
```
  - encrypt
```
public byte[] encrypt(byte[] plaintext)
               throws EncryptionError
```
    Overrides:
    
    encrypt in class AbstractKey
    
    Throws:
    
    EncryptionError
  - decrypt
```
public byte[] decrypt(byte[] ciphertext)
               throws EncryptionError
```
    Overrides:
    
    decrypt in class AbstractKey
    
    Throws:
    
    EncryptionError
  - encryptStream
```
public java.io.OutputStream encryptStream(java.io.OutputStream outputStream)
                                   throws java.io.IOException,
                                          EncryptionError
```
    Throws:
    
    java.io.IOException
    
    EncryptionError
  - decryptStream
```
public java.io.InputStream decryptStream(java.io.InputStream inputStream)
                                  throws java.io.IOException,
                                         EncryptionError
```
    Throws:
    
    java.io.IOException
    
    EncryptionError
  - etaEncryptStream
```
public SymmetricKey.EtaEncryptingStream etaEncryptStream(java.io.OutputStream out)
                                                  throws java.io.IOException,
                                                         EncryptionError
```
    Encrypt some stream on hte fly using AE (EtA) with SHA256-based HMAC. Caller must call SymmetricKey.EtaEncryptingStream.end() or SymmetricKey.EtaEncryptingStream.close() in order to properly finish AE process. Note, to get the maximum security you should put some random sized random data in the file. As a variant, write some number N and then N random bytes. Have N also random. When reading, read N and skip N bytes first. Otherwise, use Boss streams to write structured data and put some random bytes in the beginning then skip it.
    
    Parameters:
    
    out - stream where to put encrypted data.
    
    Returns:
    
    encrpyting stream
    
    Throws:
    
    java.io.IOException
    
    EncryptionError
  - etaDecryptStream
```
public SymmetricKey.EtaDecryptingStream etaDecryptStream(java.io.InputStream in)
                                                  throws java.io.IOException,
                                                         EncryptionError
```
    Decrypt some stream on the fly using AE (EtA) and SHA256-based HMAC. Simply read the returned to the end stream. When it reaches the end, HMAC record will be extracted and checked, and the SymmetricKey.AuthenticationFailed will be thrown as need.
    
    Parameters:
    
    in - stream to decrypt
    
    Returns:
    
    stream with decrypted data.
    
    Throws:
    
    java.io.IOException
    
    EncryptionError
  - etaEncrypt
```
public byte[] etaEncrypt(byte[] data)
                  throws EncryptionError
```
    Encrypt data suing AE (EtA) with HMAC based on SHA256. It is advisory ro add some random-sized random data chunk (easiest is to add it to the beginning), or use Boss to serialize structored data and add random chunk somewhere. Make the hacker effor hopeless and silly ;) Keeping the right data size reveals some information on the package contents, just don't.
    It uses IV-based CTR encryption, see encrypt(byte[]) for details.
    
    Parameters:
    
    data - to encrypt
    
    Returns:
    
    encrypted data.
    
    Throws:
    
    EncryptionError
  - etaSign
```
public byte[] etaSign(byte[] data)
               throws EncryptionError
```
    Rare case: HMAC-signing data without ebcrypting it. Right now we use it only for testing, but if need can extends with verification of the plain data.
    
    Parameters:
    
    data - to sign
    
    Returns:
    
    data + HMAC (last 32 bytes)
    
    Throws:
    
    EncryptionError
  - etaDecrypt
```
public byte[] etaDecrypt(byte[] data)
                  throws EncryptionError,
                         SymmetricKey.AuthenticationFailed
```
    Decrypt data using AE (EtA) with SHA256-based HMAC.
    
    Parameters:
    
    data - to decrypt
    
    Returns:
    
    decrypted data
    
    Throws:
    
    EncryptionError
    
    SymmetricKey.AuthenticationFailed - if the authentication record does not match the data.
  - xor
```
public static byte[] xor(byte[] src,
                         int value)
```
  - pack
```
public byte[] pack()
```
    Overrides:
    
    pack in class AbstractKey
  - equals
```
public boolean equals(java.lang.Object obj)
```
    Overrides:
    
    equals in class java.lang.Object
  - hashCode
```
public int hashCode()
```
    Overrides:
    
    hashCode in class java.lang.Object

Class SymmetricKey

Nested Class Summary

Nested classes/interfaces inherited from interface net.sergeych.tools.Hashable

Field Summary

Fields inherited from class com.icodici.crypto.AbstractKey

Constructor Summary

Method Summary

Methods inherited from class com.icodici.crypto.AbstractKey

Methods inherited from class java.lang.Object

Constructor Detail

SymmetricKey

SymmetricKey

SymmetricKey

Method Detail

fromPassword

fromPassword

setKey

getKey

getBitStrength

getSize

toHash

updateFromHash

getCipher

encrypt

decrypt

encryptStream

decryptStream

etaEncryptStream

etaDecryptStream

etaEncrypt

etaSign

etaDecrypt

xor

pack

equals

hashCode