Class Summary | |
---|---|
AbstractCallbackHandler | |
AESSpi | The implementation of the AES Service Provider Interface (SPI) adapter. |
AnonymousClient |
The ANONYMOUS client-side mechanism. |
AnonymousServer | The ANONYMOUS server-side mechanism. |
AnonymousUtil | An ANONYMOUS-specific utility class. |
Anubis |
Anubis is a 128-bit block cipher that accepts a variable-length key. |
AnubisKeyGeneratorImpl | |
AnubisSecretKeyFactoryImpl | |
AnubisSpi | The implementation of the Anubis Service Provider Interface (SPI) adapter. |
ARCFour | RC4 is a stream cipher developed by Ron Rivest. |
ARCFourRandomSpi | Implementation of the Service Provider Interface (SPI) for the ARCFOUR keystream generator. |
ARCFourSpi | The Service Provider Interface (SPI) for the ARCFOUR stream cipher. |
Assembly |
An |
AuthenticatedEntry | |
AuthInfo | A static class for creating IAuthInfoProvider providers. |
AuthInfoProviderFactory | The concrete SASL authentication information provider factory. |
AuthorityKeyIdentifier | |
AWTCallbackHandler | |
Base64 | Most of this implementation is from Robert Harder's public domain Base64 code (version 1.4.1 available from <http://iharder.net/xmlizable>). |
Base64InputStream | A filter input stream that decodes data encoded in the Base-64 encoding scheme. |
BaseCipher |
A basic abstract class to facilitate implementing symmetric key block ciphers. |
BaseHash |
A base abstract class to facilitate hash implementations. |
BaseKeyAgreementParty |
A base abstract class to facilitate implementations of concrete key agreement protocol handlers. |
BaseKeyring | |
BaseMac |
A base abstract class to facilitate MAC (Message Authentication Code) implementations. |
BaseMode |
A basic abstract class to facilitate implementing block cipher modes of operations. |
BasePad |
An abstract class to facilitate implementing padding algorithms. |
BasePRNG |
An abstract class to facilitate implementing PRNG algorithms. |
BaseSignature |
A base abstract class to facilitate implementations of concrete Signatures. |
BasicConstraints | |
BinaryDataEntry | A binary data entry is a primitive entry that simply contains some amount of arbitrary binary data and an optional content type. |
BitString | Immutable representation of a bit string, which is equivalent to a byte array except some number of the rightmost bits are ignored. |
BlockCipherParameters | An implementation of algorithm parameters for the GNU Crypto block ciphers. |
BlockCipherParameterSpec | Block cipher parameters in GNU Crypto are the cipher's name, its block and key sizes, and an optional initialization vector. |
Blowfish | Blowfish is a 16-round, 64-bit Feistel cipher designed by Bruce Schneier. |
BlowfishKeyGeneratorImpl | |
BlowfishSecretKeyFactoryImpl | |
BlowfishSpi | The implementation of the Blowfish Service Provider Interface (SPI) adapter. |
CALG |
A Factory class that returns CALG (Confidentiality Algorithm) instances that operate as described in the draft-burdis-cat-sasl-srp-08. The designated CALG block cipher should be used in OFB (Output Feedback Block) mode in the ISO variant, as described in The Handbook of Applied Cryptography, algorithm 7.20. Let |
Cascade |
A Cascade Cipher is the concatenation of two or more block ciphers each with independent keys. |
CascadeStage |
A Cascade Stage in a Cascade Cipher. |
CascadeTransformer | An Adapter to use any Cascade as a Transformer in an Assembly. |
Cast5 |
An implmenetation of the |
Cast5KeyGeneratorImpl | |
Cast5SecretKeyFactoryImpl | |
Cast5Spi |
The implementation of the CAST5 (a.k.a. |
CBC | The Cipher Block Chaining mode. |
CertificateEntry |
An immutable class representing a trusted certificate entry. |
CertificatePolicies | |
CertPathEntry | A primitive entry that contains a path of X.509 certificates. |
CFB | The cipher feedback mode. |
CipherAdapter |
The implementation of a generic Cipher Adapter class to wrap GNU Crypto cipher instances. This class defines the Service Provider Interface (SPI) for the Cipher class, which provides the functionality of symmetric-key block ciphers, such as the AES.
This base class defines all of the abstract methods in CipherSpi, but does not define the (non-abstract) key wrapping functions that extended the base cipher SPI, and these methods thus immediately throw an UnsupportedOperationException. |
CipherFactory |
A Factory to instantiate symmetric block cipher instances. |
CipherSpeed |
A tool to exercise a block cipher in order to measure its performance in terms of encrypted/decrypted bytes per second. |
ClientFactory | The implementation of SaslClientFactory. |
ClientMechanism |
A base class to facilitate implementing SASL client-side mechanisms. |
ClientStore |
The client-side implementation of the SRP security context store. |
CollectionCertStoreImpl | |
Command | |
CompressedEntry | |
ConfidentialityException | Used by mechanisms that offer a security services layer, this checked exception is thrown to indicate that a violation has occured during the processing of a confidentiality protection filter. |
ConsoleCallbackHandler |
An implementation of CallbackHandler that reads and writes
information to and from System.in and System.out . |
CramMD5AuthInfoProvider | The CRAM-MD5 mechanism authentication information provider implementation. |
CramMD5Client | The CRAM-MD5 SASL client-side mechanism. |
CramMD5Registry | A list of properties common to CRAM-MD5 classes. |
CramMD5Server |
The CRAM-MD5 SASL server-side mechanism. |
CramMD5Util | A package-private CRAM-MD5-specific utility class. |
CRLNumber | |
CSPRNG |
An entropy pool-based pseudo-random number generator based on the PRNG in Peter Gutmann's cryptlib (http://www.cs.auckland.ac.nz/~pgut001/cryptlib/). The basic properties of this generator are:
|
CSPRNGSpi |
The implementation of the continuously-seeded SecureRandom
Service Provider Interface (SPI) adapter.
|
CTR |
The implementation of the Counter Mode. The algorithm steps are formally described as follows: CTR Encryption: O[j] = E(K)(T[j]); for j = 1, 2...n; C[j] = P[j] ^ O[j]; for j = 1, 2...n. |
DefaultCallbackHandler | This trivial implementation of CallbackHandler sets its Callback arguments to default values, with no user interaction. |
DeflateTransformer |
A Transformer Adapter allowing inclusion of a DEFLATE compression algorithm in an Assembly chain. |
Delete | |
DER | The set of tags for DER types. |
DEREncodingException | |
DEREncodingException | |
DERReader | This class decodes DER sequences into Java objects. |
DERReader | |
DERValue | |
DERWriter | Methods that allow various Java types to be written as a DER (Distinguished Encoding Rules) stream to the specified output stream. |
DERWriter | |
DES |
The Data Encryption Standard. |
DESedeSecretKeyFactoryImpl | |
DESKeyGeneratorImpl | |
DESSecretKeyFactoryImpl | |
DESSpi | The implementation of the DES Service Provider Interface (SPI) adapter. |
DES.Context | Simple wrapper class around the session keys. |
DHKeyPairRawCodec |
An object that implements the IKeyPairCodec operations for the Raw format to use with Diffie-Hellman keypairs. |
DiffieHellmanKeyAgreement |
The basic version of the Diffie-Hellman key agreement is described in the Handbook of Applied Cryptography [HAC] as follows:
RFC-2631 describes a Static-Static Mode of operations with Diffie-Hellman keypairs as follows: "In Static-Static mode, both the sender and the recipient have a static (and certified) key pair. |
DiffieHellmanReceiver |
This implementation is the receiver's part of the basic version of the Diffie-Hellman key agreement exchange (B in [HAC]). |
DiffieHellmanSender |
This implementation is the sender's part of the basic version of the Diffie-Hellman key agreement exchange (A in [HAC]). |
Direction |
An enumeration type for wiring Stage instances into Cascade Cipher chains, as well as for operating a Cascade in a given direction. The possible values for this type are two:
|
DSAParameters | |
DSASignature | |
DSSKey |
A base asbtract class for both public and private DSS (Digital Signature Standard) keys. |
DSSKeyPairGenerator |
A key-pair generator for asymetric keys to use in conjunction with the DSS (Digital Signature Standard). References:Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186. |
DSSKeyPairGeneratorSpi |
The implementation of a java.security.KeyPairGenerator adapter class
to wrap gnu.crypto DSS keypair generator instances.
In case the client does not explicitly initialize the KeyPairGenerator (via
a call to an
|
DSSKeyPairRawCodec |
An object that implements the IKeyPairCodec operations for the Raw format to use with DSS keypairs. |
DSSPrivateKey |
An object that embodies a DSS (Digital Signature Standard) private key. |
DSSPublicKey |
An object that embodies a DSS (Digital Signature Standard) public key. |
DSSRawSignatureSpi |
The implementation of Service Provider Interface (SPI) adapter
for the DSS (Digital Signature Standard) signature scheme, encoded and/or
decoded in RAW format.
|
DSSSignature |
The DSS (Digital Signature Standard) algorithm makes use of the following parameters:
The integers |
DSSSignatureRawCodec |
An object that implements the ISignatureCodec operations for the Raw format to use with DSS signatures. |
EAX |
A conventional two-pass authenticated-encrypted mode, EAX. |
ECB |
The implementation of the Electronic Codebook mode. The Electronic Codebook (ECB) mode is a confidentiality mode that is defined as follows:
In ECB encryption, the forward cipher function is applied directly, and independently, to each block of the plaintext. |
ElGamalKeyAgreement |
The ElGamal key agreement, also known as the half-certified Diffie-Hellman key agreement, is described in the Handbook of Applied Cryptography [HAC] as follows:
|
ElGamalReceiver |
This implementation is the receiver's part of the ElGamal key agreement exchange (B in [HAC]). |
ElGamalSender |
This implementation is the sender's part of the ElGamal key agreement exchange (A in [HAC]). |
EME_PKCS1_V1_5 |
An implementation of the EME-PKCS1-V1.5 encoding and decoding methods. EME-PKCS1-V1.5 is parameterised by the entity References:
|
EMSA_PKCS1_V1_5 |
An implementation of the EMSA-PKCS1-V1.5 encoding scheme. EMSA-PKCS1-V1.5 is parameterised by the choice of hash function Hash and hLen which denotes the length in octets of the hash function output. References:
|
EMSA_PSS |
An implementation of the EMSA-PSS encoding/decoding scheme. EMSA-PSS coincides with EMSA4 in IEEE P1363a D5 except that EMSA-PSS acts on octet strings and not on bit strings. |
EncodedKeyFactory | A factory for keys encoded in either the X.509 format (for public keys) or the PKCS#8 format (for private keys). |
EncryptedEntry | |
Engine | Generic implementation of the getInstance methods in the various engine classes in java.security. |
Ent |
This is a Java implementation of Ent (A Pseudorandom Number Sequence Test Program) developed by John Walker) which applies various tests to sequences of bytes generated by the GNU Crypto library pseudo-random number generator implementations. It is useful for those evaluating pseudorandom number generators for encryption and statistical sampling applications, compression algorithms, and other applications where the various computed indices are of interest. For a designated PRNG algorithm, this class computes the following indices:
|
EntropySource | A generic interface for adding random bytes to an entropy pool. |
Entry | An immutable class representing a single entry in a keyring. |
EnvelopeEntry | An envelope entry is a generic container for some number of primitive and other envelope entries. |
ExpirableObject | The base class for objects with sensitive data that are automatically destroyed after a timeout elapses. |
Export | |
ExtendedKeyUsage | |
Extension | |
Extension.Value | |
FIPS186 |
An implementation of the DSA parameters generation as described in FIPS-186. References:Digital Signature Standard (DSS), Federal Information Processing Standards Publication 186. |
Fortuna | The Fortuna continuously-seeded pseudo-random number generator. |
Fortuna.Generator | The Fortuna generator function. |
GeneralNames | |
GenKey | |
GnuCallbacks | |
GnuCrypto |
The GNU Crypto implementation of the Java Cryptographic Extension (JCE) Provider. |
GnuDHKey |
A base asbtract class for both public and private Diffie-Hellman keys. |
GnuDHKeyPairGenerator |
An implementation of a Diffie-Hellman keypair generator. Reference:
|
GnuDHPrivateKey |
An implementation of the Diffie-Hellman private key. Reference:
|
GnuDHPublicKey |
An implementation of the Diffie-Hellman public key. Reference:
|
GnuDHPublicKey | |
GnuDSAPrivateKey | |
GnuDSAPublicKey | |
GnuKeyring | |
GnuPki | |
GnuPKIExtension | |
GnuPrivateKeyring |
. |
GnuPublicKeyring | |
GnuRSAKey |
A base asbtract class for both public and private RSA keys. |
GnuRSAPrivateKey |
An object that embodies an RSA private key. References:
|
GnuRSAPrivateKey | |
GnuRSAPublicKey |
An object that encapsulates an RSA public key. References:
|
GnuRSAPublicKey | |
GnuSasl | |
GnuSecretKey | A secret key composed of a sequence of raw, unformatted octets. |
GnuSecurity |
A provider for classes defined in the java.security package. |
HashFactory |
A Factory to instantiate message digest algorithm instances. |
HashSpeed | A tool to exercise a hash in order to measure its performance in terms of number of bytes per second. |
Haval |
The HAVAL message-digest algorithm is a variable output length, with variable number of rounds. |
HavalRandomSpi |
The implementation of the HAVAL-based SecureRandom Service Provider
Interface (SPI) Adapter.
|
HavalSpi |
The implementation of the HAVAL Service Provider Interface
(SPI) Adapter.
|
Helix | The Helix stream cipher and message authentication code. |
HMac |
The implementation of the HMAC (Keyed-Hash Message Authentication Code). HMAC can be used in combination with any iterated cryptographic hash function. |
HMacFactory |
A Factory to instantiate Keyed-Hash Message Authentication Code (HMAC) algorithm instances. |
HMacHavalSpi | The implementation of the HMAC-HAVAL Service Provider Interface (SPI) Adapter. |
HMacMD2Spi | The implementation of the HMAC-MD2 Service Provider Interface (SPI) adapter. |
HMacMD4Spi | The implementation of the HMAC-MD4 Service Provider Interface (SPI) adapter. |
HMacMD5Spi | The implementation of the HMAC-MD5 Service Provider Interface (SPI) adapter. |
HMacRipeMD128Spi | The implementation of the HMAC-RIPEMD-128 Service Provider Interface (SPI) adapter. |
HMacRipeMD160Spi | The implementation of the HMAC-RIPEMD-160 Service Provider Interface (SPI) adapter. |
HMacSHA160Spi | The implementation of the HMAC-SHA-160 Service Provider Interface (SPI) adapter. |
HMacSHA256Spi |
The implementation of the HMAC-SHA-256 Service Provider Interface (SPI) adapter. |
HMacSHA384Spi |
The implementation of the HMAC-SHA-384 Service Provider Interface (SPI) adapter. |
HMacSHA512Spi |
The implementation of the HMAC-SHA-512 Service Provider Interface (SPI) adapter. |
HMacTigerSpi | The implementation of the Tiger Service Provider Interface (SPI) adapter. |
HMacWhirlpoolSpi | The implementation of the HMAC-Whirlpool Service Provider Interface (SPI) adapter. |
IALG |
A Factory class that returns IALG (Integrity Algorithm) instances that operate as described in the draft-burdis-cat-sasl-srp-04 and later. |
IAuthenticatedMode | The interface for encryption modes that also produce a message authentication tag. |
IAuthInfoProvider | The visible methods of any authentication information provider. |
IAuthInfoProviderFactory | The visible method of every authentication information provider factory. |
IBlockCipher |
The basic visible methods of any symmetric key block cipher. A symmetric key block cipher is a function that maps n-bit plaintext blocks to n-bit ciphertext blocks; n being the cipher's block size. |
IBlockCipherSpi |
Package-private interface exposing mandatory methods to be implemented by concrete BaseCipher sub-classes. |
ICM |
An implementation of David McGrew Integer Counter Mode (ICM) as an IMode. ICM is a way to define a pseudorandom keystream generator using a block cipher. |
ICMGenerator |
Counter Mode is a way to define a pseudorandom keystream generator using a block cipher. |
ICMRandomSpi |
An Adapter class around ICMGenerator to allow using this algorithm as a JCE java.security.SecureRandom. |
IKeyAgreementParty |
The visible methods of an key agreement protocol participating party. |
IKeyPairCodec |
The visible methods of an object that knows how to encode and decode cryptographic asymmetric keypairs. |
IKeyPairGenerator |
The visible methods of every asymmetric keypair generator.
|
IKeyring |
The top-level interface to a keyring: a file that is used to store and protect public and private cryptographic keys. A keyring is modelled as a mapping of one alias to one or more entries (optionally of different types). See also the sub-interfaces IPublicKeyring and IPrivateKeyring for special types of keyrings --the difference being in the type of entries they contain. |
IllegalMechanismStateException | A checked exception thrown to indicate that an operation that should be invoked on a completed mechanism was invoked but the authentication phase of that mechanism was not completed yet, or that an operation that should be invoked on incomplete mechanisms was invoked but the authentication phase of that mechanism was already completed. |
Import | |
IMac |
The basic visible methods of any MAC (Message Authentication Code) algorithm. A MAC provides a way to check the integrity of information transmitted over, or stored in, an unreliable medium, based on a secret key. |
IMessageDigest |
The basic visible methods of any hash algorithm. A hash (or message digest) algorithm produces its output by iterating a basic compression function on blocks of data. |
IMode |
The basic visible methods of any block cipher mode. Block ciphers encrypt plaintext in fixed size n-bit blocks. |
IncomingMessage |
An implementation of an incoming message for use with key agreement protocols. |
InputBuffer |
The implementation of an incoming SASL buffer. The data elements this class caters for are described in [1]. References:
|
IntegrityException | Used by mechanisms that offer a security services layer, this checked exception is thrown to indicate that a violation has occured during the processing of an integrity protection filter, including replay detection. |
IPad |
The basic visible methods of any padding algorithm. Padding algorithms serve to pad and unpad byte arrays usually as the last step in an encryption or respectively a decryption operation. |
IPBE |
Trivial interface to group Password-based encryption property names. |
IPrivateKeyring |
An interface to private, or "personal", keyrings, which contain private credentials. |
IPublicKeyring |
An interface for keyrings that contain trusted (by the owner) public credentials (incl. certificates). |
IRandom |
The basic visible methods of any pseudo-random number generator. The [HAC] defines a PRNG (as implemented in this library) as follows:
IMPLEMENTATION NOTE: Although all the concrete classes in this package implement the Cloneable interface, it is important to note here that such an operation, for those algorithms that use an underlting symmetric key block cipher, DOES NOT clone any session key material that may have been used in initialising the source PRNG (the instance to be cloned). |
IssuerAlternativeNames | |
ISignature |
The visible methods of every signature-with-appendix scheme. The Handbook of Applied Cryptography (HAC), by A. |
ISignatureCodec |
The visible methods of an object that knows how to encode and decode cryptographic signatures. |
KDF |
The SASL-SRP KDF implementation, which is also used, depending on how it was instantiated, as a secure Pseudo Random Number Generator. |
KeyAgreementException | A generic exception indicating that an unexpected condition has been detected during the setup and/or processing of a key agreement protocol exchange. |
KeyAgreementFactory |
A Factory class to generate key agreement protocol handlers. |
KeyPairCodecFactory |
A Factory class to instantiate key encoder/decoder instances. |
KeyPairGeneratorAdapter |
The implementation of a generic java.security.KeyPairGenerator
adapter class to wrap gnu.crypto keypair generator instances. This class defines the Service Provider Interface (SPI) for the java.security.KeyPairGenerator class, which is used to generate pairs of public and private keys. All the abstract methods in the java.security.KeyPairGeneratorSpi class are implemented by this class and all its sub-classes.
In case the client does not explicitly initialize the KeyPairGenerator (via
a call to an |
KeyPairGeneratorFactory |
A Factory to instantiate asymmetric keypair generators. |
KeyUsage | |
Khazad |
Khazad is a 64-bit (legacy-level) block cipher that accepts a 128-bit key. |
KhazadKeyGeneratorImpl | |
KhazadSecretKeyFactoryImpl | |
KhazadSpi | The implementation of the Khazad Service Provider Interface (SPI) adapter. |
LimitReachedException | A checked exception that indicates that a pseudo random number generated has reached its theoretical limit in generating random bytes. |
List | |
LoopbackTransformer | A trivial Transformer to allow closing a chain in an Assembly. |
MacAdapter |
The implementation of a generic javax.crypto.Mac adapter class to wrap GNU Crypto MAC instances. This class defines the Service Provider Interface (SPI) for the javax.crypto.Mac class, which provides the functionality of a message authentication code algorithm, such as the Hashed Message Authentication Code (HMAC) algorithms. |
MacFactory |
A Factory that instantiates instances of every supported Message Authentication Code algorithms, including all HMAC algorithms. |
MacInputStream | A filtering input stream that computes a MAC (message authentication code) over all data read from the stream. |
MacOutputStream |
A filtering output stream that computes a MAC (message authentication code) over all data written to the stream. |
Main | |
MalformedKeyringException | |
MaskableEnvelopeEntry | An envelope entry that can be "masked" -- placed in a state where the envelope's contents cannot be accessed, due to the envelope not being fully decoded, for example. |
MD2 |
An implementation of the MD2 message digest algorithm. MD2 is not widely used. |
MD2RandomSpi |
The implementation of the MD2-based SecureRandom Service Provider
Interface (SPI) adapter.
|
MD2Spi |
The implementation of the MD2 Service Provider Interface (SPI) adapter. |
MD2withRSA | |
MD4 |
An implementation of Ron Rivest's MD4 message digest algorithm. MD4 was the precursor to the stronger MD5 algorithm, and while not considered cryptograpically secure itself, MD4 is in use in various applications. |
MD4RandomSpi |
The implementation of the MD4-based SecureRandom Service Provider
Interface (SPI) adapter.
|
MD4Spi |
The implementation of the MD4 Service Provider Interface (SPI) adapter. |
MD4withRSA | |
MD5 |
The MD5 message-digest algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. |
MD5RandomSpi |
The implementation of the MD5-based SecureRandom Service Provider
Interface (SPI) adapter.
|
MD5Spi |
The implementation of the MD5 Service Provider Interface (SPI)
adapter.
|
MD5withRSA | |
MDGenerator |
A simple pseudo-random number generator that relies on a hash algorithm,
that (a) starts its operation by hashing a |
MessageDigestAdapter |
The implementation of a generic java.security.MessageDigest adapter
class to wrap gnu.crypto hash instances. This class defines the Service Provider Interface (SPI) for the java.security.MessageDigest class, which provides the functionality of a message digest algorithm, such as MD5 or SHA. |
MeteredInputStream | |
ModeFactory |
A Factory to instantiate block cipher modes of operations. |
ModeStage |
An IMode Stage in a Cascade Cipher chain. Such a stage wraps an implementation of a Block Cipher Mode of Operation (IMode) to allow inclusion of such an instance in a cascade of block ciphers. |
NessieCipherTVEmitter |
A utility class to generate NESSIE test vectors for a designated cipher algorithm and optionally a key size (in bits). NOTE: The set4 test vectors set will be generated iff the global system environment variable named "TORTURE" is set. |
NessieHashTVEmitter |
A utility class to generate NESSIE test vectors for a designated hash
algorithm. NOTE: The test3 test vector will be generated iff the global system environment variable named "TORTURE" is set. |
NistKat |
For a designated symmetric block cipher algorithm, this command generates and exercises Known Answer Tests data for either, or both, Variable Key and Variable Text suites. NistKat's output file format is in conformance with the layout described in Section 3 of NIST's document "Description of Known Answer Tests and Monte Carlo Tests for Advanced Encryption Standard (AES) Candidate Algorithm Submissions" dated January 7, 1998. References: |
NistMCT |
For a designated symmetric block cipher algorithm, this command generates and exercises Monte Carlo Tests data for both Encryption and Decryption in Electronic Codebook (ECB) and Cipher Block Chaining (CBC) modes. NistMCT's output file format is in conformance with the layout described in Section 4 of NIST's document "Description of Known Answer Tests and Monte Carlo Tests for Advanced Encryption Standard (AES) Candidate Algorithm Submissions" dated January 7, 1998. References: |
NoSuchMechanismException | A checked exception thrown to indicate that a designated SASL mechanism implementation was not found. |
NoSuchUserException | A checked exception thrown to indicate that a designated user is unknown to the authentication layer. |
NullCipher |
The implementation of a Null block cipher. This cipher does not alter its input at all, claims to process block sizes 128-, 192- and 256-bit long, and key sizes from 64- to 512-bit in 8-bit increments. |
NullCipherSpi | The implementation of the Null cipher Service Provider Interface (SPI) adapter. |
OFB |
The Output Feedback (OFB) mode is a confidentiality mode that requires a
unique |
OID | This immutable class represents an object identifier, or OID. |
OMAC |
The One-Key CBC MAC, OMAC. |
OMacAnubisImpl | |
OMacBlowfishImpl | |
OMacCast5Impl | |
OMacDESImpl | |
OMacImpl | |
OMacImpl.Anubis | |
OMacImpl.Blowfish | |
OMacImpl.Cast5 | |
OMacImpl.DES | |
OMacImpl.Khazad | |
OMacImpl.Rijndael | |
OMacImpl.Serpent | |
OMacImpl.Square | |
OMacImpl.TripleDES | |
OMacImpl.Twofish | |
OMacKhazadImpl | |
OMacRijndaelImpl | |
OMacSerpentImpl | |
OMacSquareImpl | |
OMacTripleDESImpl | |
OMacTwofishImpl | |
Operation |
An enumeration type for specifying the operation type of a Transformer. The possible values for this type are two:
|
OutgoingMessage |
An implementation of outgoing messages for use with key agreement protocols. |
OutputBuffer |
The implementation of an outgoing SASL buffer. The data elements this class caters for are described in [1]. References:
|
PaddingTransformer |
An Adapter to use any IPad as a Transformer in an Assembly. When using such a Transformer, in an Assembly, there must be at least one element behind this instance in the constructed chain; otherwise, a TransformerException is thrown at initialisation time. |
PadFactory |
A Factory to instantiate padding schemes. |
Password | Immutible, though destroyable, password class. |
PasswordAuthenticatedEntry |
An entry authenticated with a password-based MAC. |
PasswordEncryptedEntry | An envelope that is encrypted with a password-derived key. |
PasswordFile | The CRAM-MD5 password file representation. |
PasswordFile | A representation of a Plain password file. |
PasswordFile |
The implementation of SRP password files. For SRP, there are three (3) files:
|
PasswordProtectedEntry | |
Path | |
PBES2 |
. |
PBES2.HMacHaval | |
PBES2.HMacHaval.AES | |
PBES2.HMacHaval.Anubis | |
PBES2.HMacHaval.Blowfish | |
PBES2.HMacHaval.Cast5 | |
PBES2.HMacHaval.DES | |
PBES2.HMacHaval.Khazad | |
PBES2.HMacHaval.Serpent | |
PBES2.HMacHaval.Square | |
PBES2.HMacHaval.TripleDES | |
PBES2.HMacHaval.Twofish | |
PBES2.HMacMD2 | |
PBES2.HMacMD2.AES | |
PBES2.HMacMD2.Anubis | |
PBES2.HMacMD2.Blowfish | |
PBES2.HMacMD2.Cast5 | |
PBES2.HMacMD2.DES | |
PBES2.HMacMD2.Khazad | |
PBES2.HMacMD2.Serpent | |
PBES2.HMacMD2.Square | |
PBES2.HMacMD2.TripleDES | |
PBES2.HMacMD2.Twofish | |
PBES2.HMacMD4 | |
PBES2.HMacMD4.AES | |
PBES2.HMacMD4.Anubis | |
PBES2.HMacMD4.Blowfish | |
PBES2.HMacMD4.Cast5 | |
PBES2.HMacMD4.DES | |
PBES2.HMacMD4.Khazad | |
PBES2.HMacMD4.Serpent | |
PBES2.HMacMD4.Square | |
PBES2.HMacMD4.TripleDES | |
PBES2.HMacMD4.Twofish | |
PBES2.HMacMD5 | |
PBES2.HMacMD5.AES | |
PBES2.HMacMD5.Anubis | |
PBES2.HMacMD5.Blowfish | |
PBES2.HMacMD5.Cast5 | |
PBES2.HMacMD5.DES | |
PBES2.HMacMD5.Khazad | |
PBES2.HMacMD5.Serpent | |
PBES2.HMacMD5.Square | |
PBES2.HMacMD5.TripleDES | |
PBES2.HMacMD5.Twofish | |
PBES2.HMacRipeMD128 | |
PBES2.HMacRipeMD128.AES | |
PBES2.HMacRipeMD128.Anubis | |
PBES2.HMacRipeMD128.Blowfish | |
PBES2.HMacRipeMD128.Cast5 | |
PBES2.HMacRipeMD128.DES | |
PBES2.HMacRipeMD128.Khazad | |
PBES2.HMacRipeMD128.Serpent | |
PBES2.HMacRipeMD128.Square | |
PBES2.HMacRipeMD128.TripleDES | |
PBES2.HMacRipeMD128.Twofish | |
PBES2.HMacRipeMD160 | |
PBES2.HMacRipeMD160.AES | |
PBES2.HMacRipeMD160.Anubis | |
PBES2.HMacRipeMD160.Blowfish | |
PBES2.HMacRipeMD160.Cast5 | |
PBES2.HMacRipeMD160.DES | |
PBES2.HMacRipeMD160.Khazad | |
PBES2.HMacRipeMD160.Serpent | |
PBES2.HMacRipeMD160.Square | |
PBES2.HMacRipeMD160.TripleDES | |
PBES2.HMacRipeMD160.Twofish | |
PBES2.HMacSHA1 | |
PBES2.HMacSHA1.AES | |
PBES2.HMacSHA1.Anubis | |
PBES2.HMacSHA1.Blowfish | |
PBES2.HMacSHA1.Cast5 | |
PBES2.HMacSHA1.DES | |
PBES2.HMacSHA1.Khazad | |
PBES2.HMacSHA1.Serpent | |
PBES2.HMacSHA1.Square | |
PBES2.HMacSHA1.TripleDES | |
PBES2.HMacSHA1.Twofish | |
PBES2.HMacSHA256 | |
PBES2.HMacSHA256.AES | |
PBES2.HMacSHA256.Anubis | |
PBES2.HMacSHA256.Blowfish | |
PBES2.HMacSHA256.Cast5 | |
PBES2.HMacSHA256.DES | |
PBES2.HMacSHA256.Khazad | |
PBES2.HMacSHA256.Serpent | |
PBES2.HMacSHA256.Square | |
PBES2.HMacSHA256.TripleDES | |
PBES2.HMacSHA256.Twofish | |
PBES2.HMacSHA384 | |
PBES2.HMacSHA384.AES | |
PBES2.HMacSHA384.Anubis | |
PBES2.HMacSHA384.Blowfish | |
PBES2.HMacSHA384.Cast5 | |
PBES2.HMacSHA384.DES | |
PBES2.HMacSHA384.Khazad | |
PBES2.HMacSHA384.Serpent | |
PBES2.HMacSHA384.Square | |
PBES2.HMacSHA384.TripleDES | |
PBES2.HMacSHA384.Twofish | |
PBES2.HMacSHA512 | |
PBES2.HMacSHA512.AES | |
PBES2.HMacSHA512.Anubis | |
PBES2.HMacSHA512.Blowfish | |
PBES2.HMacSHA512.Cast5 | |
PBES2.HMacSHA512.DES | |
PBES2.HMacSHA512.Khazad | |
PBES2.HMacSHA512.Serpent | |
PBES2.HMacSHA512.Square | |
PBES2.HMacSHA512.TripleDES | |
PBES2.HMacSHA512.Twofish | |
PBES2.HMacTiger | |
PBES2.HMacTiger.AES | |
PBES2.HMacTiger.Anubis | |
PBES2.HMacTiger.Blowfish | |
PBES2.HMacTiger.Cast5 | |
PBES2.HMacTiger.DES | |
PBES2.HMacTiger.Khazad | |
PBES2.HMacTiger.Serpent | |
PBES2.HMacTiger.Square | |
PBES2.HMacTiger.TripleDES | |
PBES2.HMacTiger.Twofish | |
PBES2.HMacWhirlpool | |
PBES2.HMacWhirlpool.AES | |
PBES2.HMacWhirlpool.Anubis | |
PBES2.HMacWhirlpool.Blowfish | |
PBES2.HMacWhirlpool.Cast5 | |
PBES2.HMacWhirlpool.DES | |
PBES2.HMacWhirlpool.Khazad | |
PBES2.HMacWhirlpool.Serpent | |
PBES2.HMacWhirlpool.Square | |
PBES2.HMacWhirlpool.TripleDES | |
PBES2.HMacWhirlpool.Twofish | |
PBKDF2 |
An implementation of the key derivation function KDF2 from PKCS #5: Password-Based Cryptography (PBE). |
PBKDF2SecretKeyFactory | |
PBKDF2SecretKeyFactory.HMacHaval | |
PBKDF2SecretKeyFactory.HMacMD2 | |
PBKDF2SecretKeyFactory.HMacMD4 | |
PBKDF2SecretKeyFactory.HMacMD5 | |
PBKDF2SecretKeyFactory.HMacRipeMD128 | |
PBKDF2SecretKeyFactory.HMacRipeMD160 | |
PBKDF2SecretKeyFactory.HMacSHA1 | |
PBKDF2SecretKeyFactory.HMacSHA256 | |
PBKDF2SecretKeyFactory.HMacSHA384 | |
PBKDF2SecretKeyFactory.HMacSHA512 | |
PBKDF2SecretKeyFactory.HMacTiger | |
PBKDF2SecretKeyFactory.HMacWhirlpool | |
PKCS1_V1_5 |
A padding algorithm implementation of the EME-PKCS1-V1.5 encoding/decoding algorithm as described in section 7.2 of RFC-3447. |
PKCS7 |
The implementation of the PKCS7 padding algorithm. This algorithm is described for 8-byte blocks in [RFC-1423] and extended to block sizes of up to 256 bytes in [PKCS-7]. References:RFC-1423: Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers. IETF. |
PKIXCertPathValidator | An implementation of the Public Key Infrastructure's X.509 certificate path validation algorithm. |
PlainAuthInfoProvider | The PLAIN mechanism authentication information provider implementation. |
PlainClient |
The PLAIN SASL client-side mechanism. |
PlainRegistry | |
PlainServer |
The PLAIN SASL server-side mechanism. |
PolicyConstraint | |
PolicyMappings | |
PolicyNodeImpl | |
Prime |
A collection of prime number related utilities used in this library. |
PrimitiveEntry | A primitive entry is an entry that contains a single cryptographic entity. |
PrivateKeyEntry |
An immutable class representing a private or secret key entry. |
PrivateKeyUsagePeriod | |
Properties |
A global object containing build-specific properties that affect the behaviour of the generated binaries from this library. |
Properties |
A set of (name => value) pairs used in keyring entries.
|
PRNG |
A useful Singleton hash-based (SHA) pseudo-random number generator used throughout this library. |
PRNGFactory |
A Factory to instantiate pseudo random number generators. |
PublicKeyEntry | |
RandomEvent | An interface for entropy accumulators that will be notified of random events. |
RandomEventListener | An interface for entropy accumulators that will be notified of random events. |
ReasonCode | |
Registry | A placeholder for names and literals used throughout this library. |
Revoke | |
RFC2631 |
An implementation of the Diffie-Hellman parameter generation as defined in RFC-2631. Reference:
|
Rijndael |
Rijndael --pronounced Reindaal-- is the AES. |
RijndaelKeyGeneratorImpl | |
RijndaelSecretKeyFactoryImpl | |
RijndaelSpi | The implementation of the Rijndael Service Provider Interface (SPI) adapter. |
RipeMD128 |
RIPEMD-128 is a 128-bit message digest. References:
|
RipeMD128RandomSpi |
The implementation of the RIPEMD128-based SecureRandom Service Provider Interface (SPI) adapter.
|
RipeMD128Spi |
The implementation of the RIPEMD-128 Service Provider Interface
(SPI) adapter.
|
RipeMD160 |
RIPEMD-160 is a 160-bit message digest. References:
|
RipeMD160RandomSpi |
The implementation of the RIPEMD160-based SecureRandom Service Provider
Interface (SPI) adapter.
|
RipeMD160Spi |
The implementation of the RIPEMD-160 Service Provider Interface
(SPI) adapter.
|
RSA | |
RSA |
Utility methods related to the RSA algorithm. References:
|
RSAKeyFactory | |
RSAKeyPairGenerator |
A key-pair generator for asymetric keys to use in conjunction with the RSA scheme. Reference: |
RSAKeyPairGeneratorSpi |
The implementation of a java.security.KeyPairGenerator adapter class
to wrap gnu.crypto RSA keypair generator instances.
In case the client does not explicitly initialize the KeyPairGenerator (via
a call to an
|
RSAKeyPairRawCodec |
An object that implements the IKeyPairCodec interface for the Raw format to use with RSA keypairs. |
RSAPKCS1V1_5Signature |
The RSA-PKCS1-V1.5 signature scheme is a digital signature scheme with appendix (SSA) combining the RSA algorithm with the EMSA-PKCS1-v1_5 encoding method. References:
|
RSAPSSRawSignatureSpi |
The implementation of Service Provider Interface (SPI) adapter
for the RSA-PSS signature scheme, encoded and/or decoded in RAW format.
|
RSAPSSSignature |
The RSA-PSS signature scheme is a public-key encryption scheme combining the RSA algorithm with the Probabilistic Signature Scheme (PSS) encoding method. The inventors of RSA are Ronald L. |
RSAPSSSignatureRawCodec |
An object that implements the ISignatureCodec operations for the Raw format to use with RSA-PSS signatures. |
SaslC |
A basic client-side test class to exercise SASL mechanisms. The |
SaslConnection | A sample client-side protocol driver. |
SaslEncodingException | A checked exception, thrown when an exception occurs while decoding a SASL buffer and/or a SASL data element from/to a buffer. |
SaslInputStream | An input stream that uses either a SaslClient or a SaslServer to process the data through these entities' security layer filter(s). |
SaslOutputStream | An output stream that uses either a SaslClient or a SaslServer to process the data through these entities' security layer filter(s). |
SaslS |
A basic server-side test class to exercise SASL mechanisms that exchange their response/challenge in SASL Buffers. |
SaslUtil | Utility methods for SASL-related classes. |
SecretKeyFactoryImpl | |
SecretKeyGeneratorImpl | |
SecureRandomAdapter |
The implementation of a generic java.security.SecureRandom adapter class to wrap gnu.crypto prng instances based on Message Digest algorithms. This class defines the Service Provider Interface (SPI) for the java.security.SecureRandom class, which provides the functionality of a cryptographically strong pseudo-random number generator. All the abstract methods in the SecureRandomSpi class are implemented by this class and all its sub-classes. |
SecurityContext |
A package-private placeholder for an SRP security context. |
Sequence | A monotonic sequence of integers in the finite field 232. |
Serpent |
Serpent is a 32-round substitution-permutation network block cipher, operating on 128-bit blocks and accepting keys of 128, 192, and 256 bits in length. |
SerpentKeyGeneratorImpl | |
SerpentSecretKeyFactoryImpl | |
SerpentSpi | The implementation of the Serpent Service Provider Interface (SPI) adapter. |
ServerFactory | The implementation of the SaslServerFactory. |
ServerMechanism |
A base class to facilitate implementing SASL server-side mechanisms. |
ServerStore |
The server-side implementation of the SRP security context store. |
Sha160 |
The Secure Hash Algorithm (SHA-1) is required for use with the Digital Signature Algorithm (DSA) as specified in the Digital Signature Standard (DSS) and whenever a secure hash algorithm is required for federal applications. |
Sha160RandomSpi |
The implementation of the SHA1-based SecureRandom Service Provider
Interface (SPI) adapter.
|
Sha160Spi |
The implementation of the SHA-1 (160-bit) Service Provider Interface
(SPI) adapter.
|
Sha256 |
Implementation of SHA2-1 [SHA-256] per the IETF Draft Specification. References:
|
Sha256RandomSpi |
The implementation of the SHA-256 based SecureRandom Service Provider Interface (SPI) adapter. |
Sha256Spi |
The implementation of the SHA-2-1 (256-bit) Service Provider Interface (SPI) adapter. |
Sha384 |
Implementation of SHA2-2 [SHA-384] per the IETF Draft Specification. References:
|
Sha384RandomSpi |
The implementation of the SHA-384 based SecureRandom Service Provider Interface (SPI) adapter. |
Sha384Spi |
The implementation of the SHA-2-2 (384-bit) Service Provider Interface (SPI) adapter. |
Sha512 |
Implementation of SHA2-3 [SHA-512] per the IETF Draft Specification. References:
|
Sha512RandomSpi |
The implementation of the SHA-512 based SecureRandom Service Provider Interface (SPI) adapter. |
Sha512Spi |
The implementation of the SHA-2-3 (512-bit) Service Provider Interface (SPI) adapter. |
SHA1withRSA | |
Sign | |
SignatureAdapter |
The implementation of a generic java.security.Signature adapter class
to wrap gnu.crypto signature instances. This class defines the Service Provider Interface (SPI) for the java.security.Signature class, which provides the functionality of a digital signature algorithm. |
SignatureFactory |
A Factory to instantiate signature-with-appendix handlers. |
SimpleCallbackHandler | A simple CallbackHandler for test purposes. |
SimpleList | A simple way to create immutable n-tuples. |
SMTPClient | |
Square |
Square is a 128-bit key, 128-bit block cipher algorithm developed by Joan Daemen, Lars Knudsen and Vincent Rijmen. References: |
SquareKeyGeneratorImpl | |
SquareSecretKeyFactoryImpl | |
SquareSpi | The implementation of the Square Service Provider Interface (SPI) adapter. |
SRP |
A Factory class that returns SRP Singletons that know all SRP-related mathematical computations and protocol-related operations for both the client- and server-sides. |
SRP6Host |
The implementation of the Host in the SRP-6 key agreement protocol. Reference:
|
SRP6KeyAgreement |
The Secure Remote Password (SRP) key agreement protocol, also known as SRP-6, is designed by Thomas J. |
SRP6SaslClient |
A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for the User (client side). In this alternative, the exchange goes as follows: C -> S: I (identifies self) S -> C: N, g, s, B = 3v + g^b (sends salt, b = random number) C -> S: A = g^a (a = random number) All elements are computed the same way as in the standard version. Reference: |
SRP6SaslServer |
A variation of the SRP-6 protocol as used in the SASL-SRP mechanism, for the Host (server side). In this alternative, the exchange goes as follows: C -> S: I (identifies self) S -> C: N, g, s, B = 3v + g^b (sends salt, b = random number) C -> S: A = g^a (a = random number) All elements are computed the same way as in the standard version. Reference: |
SRP6TLSClient |
A variation of the SRP6 key agreement protocol, for the client-side as proposed in Using SRP for TLS Authentication. |
SRP6TLSServer |
A variation of the SRP6 key agreement protocol, for the server-side as proposed in Using SRP for TLS Authentication. |
SRP6User |
The implementation of the User in the SRP-6 protocol. Reference:
|
SRPAlgorithm |
Utilities for use with SRP-6 based methods and protocols. Reference:
|
SRPAuthInfoProvider |
The SRP mechanism authentication information provider implementation. |
SRPClient |
The SASL-SRP client-side mechanism. |
SRPKey |
An abstract representation of a base SRP ephemeral key. This object encapsulates the two numbers:
Note that in SRP, all arithmetic is done modulo N. Reference:
|
SRPKeyPairGenerator |
Reference:
|
SRPKeyPairRawCodec |
An object that implements the IKeyPairCodec operations for the Raw format to use with SRP keypairs. Reference:
|
SRPPrivateKey |
A representation of an SRP ephemeral private key. Reference:
|
SRPPublicKey |
A representation of an SRP ephemeral public key. Reference:
|
SRPRegistry |
A list of key names designating the values exchanged between the server and client in an SRP communication authentication phase. |
SRPServer |
The SASL-SRP server-side mechanism. |
SSL3 | The padding scheme used by the Secure Sockets Layer, version 3. |
Stage |
A Stage in a Cascade Cipher. Each stage may be either an implementation of a Block Cipher Mode of Operation (IMode) or another Cascade Cipher (Cascade). |
StoreEntry |
A simple timing-related object for use by SRP re-use code. |
SubjectAlternativeNames | |
SubjectKeyIdentifier | |
SWTCallbackHandler | |
TBC |
The implementation of the Trailing Bit Complement (TBC) padding algorithm. In this mode, "...the data string is padded at the trailing end with the complement of the trailing bit of the unpadded message: if the trailing bit is 1, then 0 bits are appended, and if the trailing bit is 0, then 1 bits are appended. |
Tiger | The Tiger message digest. |
TigerRandomSpi |
The implementation of the Tiger based SecureRandom Service Provider
Interface (SPI) adapter.
|
TigerSpi |
The implementation of the Tiger Service Provider Interface (SPI) adapter. |
TLS1 | The padding scheme used by the Transport Layer Security protocol, version 1. |
TMMH16 |
TMMH is a universal hash function suitable for message authentication in the Wegman-Carter paradigm, as in the Stream Cipher Security Transform. |
TMMH16Spi | The implementation of the TMMH16 Service Provider Interface (SPI) adapter. |
TMMHParameterSpec | This class represents the algorithm parameters for the Truncated Multi-Modular Hash function for use with JCE-derived instances of TMMH16. |
Transformer |
A |
TransformerException | |
TripleDES | Triple-DES, 3DES, or DESede is a combined cipher that uses three iterations of the Data Encryption Standard cipher to improve the security (at the cost of speed) of plain DES. |
TripleDESKeyGeneratorImpl | |
TripleDESSpi | The implementation of the Triple-DES Service Provider Interface (SPI) adapter. |
Trust | |
Twofish |
Twofish is a balanced 128-bit Feistel cipher, consisting of 16 rounds. |
TwofishKeyGeneratorImpl | |
TwofishSecretKeyFactoryImpl | |
TwofishSpi | The implementation of the Twofish Service Provider Interface (SPI) adapter. |
UHash32 |
UHASH is a keyed hash function, which takes as input a string of arbitrary length, and produces as output a string of fixed length (such as 8 bytes). |
UHash32Spi | The implementation of the UHash-32 Service Provider Interface (SPI) adapter. |
UHash32.L1Hash32 | First hash stage of the UHash32 algorithm. |
UHash32.L2Hash32 |
Second hash stage of the UHash32 algorithm. 5.4 L2-HASH-32: Second-layer hash.
|
UHash32.L3Hash32 | Third hash stage of the UHash32 algorithm. |
UMac32 |
The implementation of the UMAC (Universal Message Authentication Code). The UMAC algorithms described are parameterized. |
UMac32ParameterSpec | This class represents the parameters for the UMAC-32 message authentication code algorithm. |
UMac32Spi | The implementation of the UMAC-32 Service Provider Interface (SPI) adapter. |
UMacGenerator |
KDFs (Key Derivation Functions) are used to stretch user-supplied key material to specific size(s) required by high level cryptographic primitives. |
UMacRandomSpi |
An Adapter class around UMacGenerator to allow using this algorithm as a JCE java.security.SecureRandom. |
UserAlreadyExistsException | A checked exception thrown to indicate that a designated user is already known to the the authentication layer. |
UST |
The Universal Security Transform (UST) is a cryptographic transform for providing confidentiality, message authentication, and replay protection. |
Util | A collection of useful class methods. |
Util |
A collection of utility methods used throughout this project. |
WeakKeyException |
Checked exception thrown to indicate that a weak key has been generated and or specified instead of a valid non-weak value. |
Whirlpool |
Whirlpool, a new 512-bit hashing function operating on messages less than 2 ** 256 bits in length. |
WhirlpoolRandomSpi |
The implementation of the Whirlpool-based SecureRandom Service Provider
Interface (SPI) adapter.
|
WhirlpoolSpi |
The implementation of the Whirlpool Service Provider Interface
(SPI) adapter.
|
WrongPaddingException |
A checked exception that indicates that a padding algorithm did not find the expected padding bytes when unpadding some data. |
X500Name | |
X509CertificateBuilder | |
X509CertificateFactory | |
X509CertificateImpl | An implementation of X.509 certificates. |
X509CertPath | A certificate path (or certificate chain) of X509Certificates. |
X509CertSelectorImpl | Sun's implementation of X509CertSelector sucks. |
X509CRLEntryImpl | A single entry in a X.509 certificate revocation list. |
X509CRLImpl | X.509 certificate revocation lists. |
X509CRLSelectorImpl | Sun's implementation of X509CRLSelector sucks. |