| <?xml version="1.0"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| |
| <document> |
| |
| <properties> |
| <title>Fulcrum Crypto Library</title> |
| <author email="siegfried.goeschl@it20one.at">Siegfried Goeschl</author> |
| </properties> |
| |
| <body> |
| |
| <section name="Overview"> |
| <p> Fulcrum YAFFI Crypto Library is an extension library for Fulcrum YAAFI to support |
| transparent decryption of configuration files. The encryption/decryption is based on DES |
| using 56 bit key length. </p> |
| </section> |
| |
| <section name="Functionality"> |
| <p> This library exposes the following functionality <ul> |
| <li>password factory to create safer passwords</li> |
| <li>creation of decrypting input streams</li> |
| <li>creation of enrypting output streams</li> |
| </ul> |
| </p> |
| <subsection name="Password Creation"> |
| <p> Why someone need a password factory to create safer password?! People tend to use weak |
| password vunerable to dictionary attacks. To improve the situation you have a base |
| password which you convert into the real password using the PasswordFactory. For the |
| password generation the base password is salted and repeatedly hashed to generate a UUID |
| string (which you can still manually enter on the keyboard). Furthermore the password |
| generation allows you to hide the "real" password in the case that you need to store your |
| password directly in your code or configuration.<table> |
| <tr> |
| <td>Base Text Password</td> |
| <td>Computed Text Password</td> |
| </tr> |
| <tr> |
| <td>fulcrum-yaafi</td> |
| <td>727a-98b9-93be-4537c</td> |
| </tr> |
| <tr> |
| <td>mysecret</td> |
| <td>62cc-bf14-1814-672da</td> |
| </tr> |
| </table> |
| </p> |
| </subsection> |
| <subsection name="Decrypting InputStreams"> |
| <p> A decrypting input stream allows to apply transparent decryption of an input stream. |
| Transparently also means that the implementation is able to look at the content to decide |
| if it is encrypted at all - this is a so-called "SmartDecryptingInputStream". </p> |
| </subsection> |
| <subsection name="Encrypting OutputStreams"> |
| <p> A encrypting output stream allows to apply transparent encryption of an output stream. |
| </p> |
| </subsection> |
| </section> |
| |
| <section name="Cryptography Support"> |
| <subsection name="JDK Support"> |
| <table> |
| <tr> |
| <td>JDK 1.3.x</td> |
| <td> For JDK 1.3.x the <a href="http://java.sun.com/products/jce/index-122.html"> Java |
| Cryptography Extension (JCE) 1.2.2</a> needs to be installed. Furthermore you need |
| to add the jce1_2_2.jar to your Maven repository and project.xml </td> |
| </tr> |
| <tr> |
| <td>JDK 1.4.x</td> |
| <td> The current JDK's have the JCA built-in therefore no extra configuration is |
| required. </td> |
| </tr> |
| <tr> |
| <td>JDK 1.5.x</td> |
| <td> The current JDK's have the JCA built-in therefore no extra configuration is |
| required. </td> |
| </tr> |
| <tr> |
| <td>JDK 1.6.x</td> |
| <td> The current JDK's have the JCA built-in therefore no extra configuration is |
| required. </td> |
| </tr> |
| </table> |
| </subsection> |
| <subsection name="Availabe Algorithms"> |
| <table> |
| <tr> |
| <th>Provider Version</th> |
| <th>Algorithms</th> |
| </tr> |
| <tr> |
| <td>SunJCE 1.22</td> |
| <td>PBEWithMD5AndDES</td> |
| </tr> |
| <tr> |
| <td>SunJCE 1.42</td> |
| <td> PBEWithMD5AndDES </td> |
| </tr> |
| </table> |
| </subsection> |
| </section> |
| |
| </body> |
| |
| </document> |