Difference between revisions of "Common-utils-encryption"

From Gcube Wiki
Jump to: navigation, search
(Scope)
Line 1: Line 1:
 
=== Scope ===
 
=== Scope ===
This library offers an easy way to encrypt and decrypt XML documents and String objects. It is based on a symmetric key based on the AES standard for cryptography.
+
This library offers an easy way to encrypt and decrypt XML documents and String objects.  
 +
 
 +
=== Design and implementation notes ===
 +
The library uses a symmetric key based on the [http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf AES] standard algorithm for cryptography. It does expect that such a key is available on the local classpath.
 +
In addition, the resulting encrypted data are encoded in the BASE 64 schema in order to represent them in the ASCII string format.
 +
 
 +
The library builds on top of the [http://santuario.apache.org Apache XML Security for Java] library and the [http://www.w3.org/TR/xmlenc-core/ XML Encryption] standard.
  
 
=== Sample Usage ===
 
=== Sample Usage ===

Revision as of 22:02, 25 January 2012

Scope

This library offers an easy way to encrypt and decrypt XML documents and String objects.

Design and implementation notes

The library uses a symmetric key based on the AES standard algorithm for cryptography. It does expect that such a key is available on the local classpath. In addition, the resulting encrypted data are encoded in the BASE 64 schema in order to represent them in the ASCII string format.

The library builds on top of the Apache XML Security for Java library and the XML Encryption standard.

Sample Usage

These samples are taken from the exploitation the resource library does of the encryption library for protecting the AccessData content of the RuntimeResource class.

Encryption

import org.gcube.common.utils.encryption.StringEncrypter;
 
//...
resource.setAccessData(new StringEncrypter("my sensible data").encrypt());

After serialization, the resource will appears as follows:

<?xml version='1.0' encoding='UTF-8' standalone='yes' ?>
<Resource version="0.4.x">
	<ID>ac41d0d0-4791-11e1-b442-a3a8a4cd06fd</ID>
	<Type>RuntimeResource</Type>
	<Profile>
		<Category>test category</Category>
		<Name>resource name</Name>
		<Description>a description</Description>
		<Platform>
			<Name>Test platform</Name>
			<Version>1</Version>
			<MinorVersion>1</MinorVersion>
		</Platform>
		<RunTime>
			<HostedOn>macos-manuele</HostedOn>
			<GHN UniqueID="123456789"/>
			<Status>READY</Status>
		</RunTime>
		<AccessPoint>
			<Interface>
				<Endpoint EntryName="ap">http://myaccesspoint.eu</Endpoint>
			</Interface>
			<AccessData>dtvKM4JImPLQvboHwBvKEur1tbvdnKXYB82AICLq5/c=</AccessData>
		</AccessPoint>
	</Profile>
</Resource>

Decryption

import org.gcube.common.utils.encryption.StringEncrypter;
 
//...
AccessPoint ap = new AccessPoint();
ap.setAccessData(new StringEncrypter(this.load("AccessData")).decrypt());
System.out.println("Access data's content: " + ap.getAccessData());

This will print the following line:

Access data's content: my sensible data