Package ptolemy.actor.lib.security

Class CipherActor

  • All Implemented Interfaces:
    java.lang.Cloneable, Actor, Executable, FiringsRecordable, Initializable, TypedActor, Changeable, Debuggable, DebugListener, Derivable, Instantiable, ModelErrorHandler, MoMLExportable, Moveable, Nameable
    Direct Known Subclasses:
    SymmetricDecryption, SymmetricEncryption
    public abstract class CipherActor
extends CryptographyActor
    A base class for actors that encrypt and decrypt data.

    Cipher actors are any actors which perform encryption or decryption based on the Java Cryptography Extension (JCE). See the CryptographyActor documentation for resources about JCA and JCE.

    Actors extending this class take in an unsigned byte array at the input, process the data based on the algorithm parameter and send a unsigned byte array to the output. The algorithms that may be implemented are limited to those that are implemented by "providers" following the JCE specifications and installed in the machine being run. The mode and padding of the algorithm can also be specified in the mode and padding parameters. In case a provider specific instance of an algorithm is needed, the provider may also be specified in the provider parameter. The keySize parameter allows implementations of algorithms using various key sizes.

    Concrete actors derived from this base class must implement the CryptographyActor._process(byte[]) method. The initialize() method of this actor sets _cipher to the value of javax.crypt.Cipher.getInstance() with an argument that is created from the values of the algorithm, padding and keySize parameters. Derived classes should call _cipher.init() with the value of the key in their fire() method. The_process() method in a derived class usually calls _cipher.doFinal().

    Since:
    Ptolemy II 4.0
    Version:
    $Id$
    Author:
    Christopher Hylands Brooks, Contributor: Rakesh Reddy
    Pt.AcceptedRating:
    Yellow (cxh)
    Pt.ProposedRating:
    Green (cxh)

    • Field Detail

      • mode

        public StringParameter mode
        The mode component when the Cipher is instantiated. Algorithms can be run in several different modes. The mode is specified as a string. Names for modes and modes implemented vary based on the provider. Possible values include
        (The empty string)
        Use the default setting for the algorithm.
        NONE
        No mode, meaning that the algorithm does not use a mode.
        CBC
        Cipher Block Chaining Mode, as defined in FIPS PUB 81. CBC is usually the mode that is used.
        CFB
        Cipher Feedback Mode, as defined in FIPS PUB 81.
        ECB
        Electronic Codebook Mode, as defined in: The National Institute of Standards and Technology (NIST) Federal Information Processing Standard (FIPS) PUB 81, "DES Modes of Operation," U.S. Department of Commerce, Dec 1980. ECM is best for encrypting small pieces of data. If possible, use CBC instead.
        OFB
        Output Feedback Mode, as defined in FIPS PUB 81.
        PCBC
        Propagating Cipher Block Chaining, as defined by Kerberos V4.

        The initial default is the empty string, which indicates that the default setting for the algorithm should be used.

        See the Java Cryptography Architecture Standard Algorithm Name Documentation for details.

      • padding

        public StringParameter padding
        The padding scheme used by the cipher during encryption. In cryptography, padding is used to handle situations where the input data must be an exact multiple of the block size for the algorithm http://www.di-mgt.com.au/cryptopad.html#whennopadding says:
        Block cipher algorithms like DES and Blowfish in Electronic Code Book (ECB) and Cipher Block Chaining (CBC) mode require their input to be an exact multiple of the block size. If the plaintext to be encrypted is not an exact multiple, you need to pad before encrypting by adding a padding string. When decrypting, the receiving party needs to know how to remove the padding, if any.

        The padding is specified as a string. Names for parameter and parameters implemented vary based on the provider. Possible values include

        (The empty string)
        Use the default setting for the algorithm.
        NoPadding
        No padding (do not use padding).
        OAEPWithdigestAndmgfPadding
        Optimal Asymmetric Encryption Padding scheme defined in PKCS #1, where digest should be replaced by the message digest and mgf by the mask generation function. Example: OAEPWithMD5AndMGF1Padding.
        PKCS5Padding
        The padding scheme described in: RSA Laboratories, "PKCS #5: Password-Based Encryption Standard," version 1.5, November 1993.
        SSL3Padding
        The padding scheme defined in the SSL Protocol Version 3.0, November 18, 1996, section 5.2.3.2 (CBC block cipher):

        The initial default is the empty string, which indicates that the no padding should be used.

        See the Java Cryptography Architecture Standard Algorithm Name Documentation for details.

      • _cipher

        protected javax.crypto.Cipher _cipher
        The cipher that will be used to process the data.

      • _mode

        protected java.lang.String _mode
        The mode to be used to process the data.

      • _padding

        protected java.lang.String _padding
        The padding scheme to be used process the data.

      • _updateCipherNeeded

        protected boolean _updateCipherNeeded
        Set to true if one of the parameters changed and we need to call _updateCipher().