com.plumtree.openfoundation.security
Interface IXPPKICrypto

All Known Implementing Classes:
XPRSACrypto

public interface IXPPKICrypto

Interface defining a class which can be used to encrypt, decrypt, sign or verify data. The class uses public key encryption, therefore the a different key is used for encryption & decryption. See IXPCrypto for private key encryption.


Method Summary
 java.lang.String Decrypt(java.lang.String toDecrypt, IXPPKIPrivateKey key)
          Decrypts data which was encrypted using Encrypt.
 java.lang.String Encrypt(java.lang.String toEncrypt, IXPPKIPublicKey key)
          Encrypts data.
 IXPPKIKeyPair GenerateKeys(int strength, XPSecureRandom rand)
          Generates the public and private keys to use for PKI encryption.
 java.lang.String Sign(java.lang.String toSign, IXPPKIPrivateKey key)
          Signs the data using the supplied private key.
 java.lang.String VerifySignature(java.lang.String toVerify, IXPPKIPublicKey key)
          Verifies the data using the supplied public key.
 

Method Detail

Encrypt

public java.lang.String Encrypt(java.lang.String toEncrypt,
                                IXPPKIPublicKey key)
Encrypts data. Use Decrypt to decrypt the data.

Parameters:
toEncrypt - the data to encrypt
key - the key to use to encrypt the data
Returns:
the encrypted data

Decrypt

public java.lang.String Decrypt(java.lang.String toDecrypt,
                                IXPPKIPrivateKey key)
Decrypts data which was encrypted using Encrypt.

Parameters:
toDecrypt - the data to decrypt
key - the key to use to decrypt the data
Returns:
the decrypted data

Sign

public java.lang.String Sign(java.lang.String toSign,
                             IXPPKIPrivateKey key)
Signs the data using the supplied private key. This effectively encrypts the data using the private key and returns the encrypted data. Any one with the public key can then decrypt the data using VerfifySignature to be sure it was encrypted with the private key. Note: To sign large amounts of data it is recommended to create a hash of the data, sign the hash and send the hash along with the plaintext data. The recipient can then verify the hash without the (costly) need of encrypting all the data.

Parameters:
toSign - the data to sign
key - the key to use to sign the data
Returns:
the signed data

VerifySignature

public java.lang.String VerifySignature(java.lang.String toVerify,
                                        IXPPKIPublicKey key)
Verifies the data using the supplied public key. This effectively decrypts the data using the public key and returns the plaintext data. The signing requires the public key so demonstates that this data was created with the private key.

Parameters:
toVerify - the data to verify the signature for
key - the key to use to verify the signature
Returns:
the unsigned data

GenerateKeys

public IXPPKIKeyPair GenerateKeys(int strength,
                                  XPSecureRandom rand)
Generates the public and private keys to use for PKI encryption.

Parameters:
strength - the number of bits to use in the keys (1024 is recommended)
rand - source of randomness
Returns:
an object containing the public and private keys


Copyright 2002, 2003, 2004 Plumtree Software Inc. All Rights Reserved.