index.html - turbine-fulcrum-yaafi-crypto - Git at Google

 <!DOCTYPE html>
 <!--
  | Generated by Apache Maven Doxia Site Renderer 1.9.2 from xdocs/index.xml at 14 September 2021
  | Rendered using Apache Maven Fluido Skin 1.9
 -->
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en">
   <head>
     <meta charset="UTF-8" />
     <meta name="viewport" content="width=device-width, initial-scale=1" />
     <meta name="generator" content="Apache Maven Doxia Site Renderer 1.9.2" />
     <meta name="author" content="Siegfried Goeschl" />
     <title>Fulcrum YAAFI Crypto Library &#x2013; Fulcrum Crypto Library</title>
     <link rel="stylesheet" href="./css/apache-maven-fluido-1.9.min.css" />
     <link rel="stylesheet" href="./css/site.css" />
     <link rel="stylesheet" href="./css/print.css" media="print" />
     <script src="./js/apache-maven-fluido-1.9.min.js"></script>
   </head>
   <body class="topBarDisabled">
     <div class="container-fluid">
       <header>
         <div id="banner">
           <div class="pull-left"><a href="https://turbine.apache.org/" id="bannerLeft" title="Apache Turbine"><img src="https://turbine.apache.org/images/turbine-project.png"  alt="Apache Turbine"/></a></div>
           <div class="pull-right"></div>
           <div class="clear"><hr/></div>
         </div>

         <div id="breadcrumbs">
           <ul class="breadcrumb">
         <li id="publishDate">Last Published: 14 September 2021<span class="divider">|</span>
 </li>
           <li id="projectVersion">Version: 2.0.2-SNAPSHOT</li>
       <li class="pull-right"><span class="divider">|</span>
 <a href="https://turbine.apache.org/fulcrum/" class="externalLink" title="Fulcrum">Fulcrum</a></li>
       <li class="pull-right"><span class="divider">|</span>
 <a href="https://turbine.apache.org/" class="externalLink" title="Turbine">Turbine</a></li>
       <li class="pull-right"><a href="https://www.apache.org" class="externalLink" title="Apache">Apache</a></li>
           </ul>
         </div>
       </header>
       <div class="row-fluid">
         <header id="leftColumn" class="span2">
           <nav class="well sidebar-nav">
   <ul class="nav nav-list">
    <li class="nav-header">Overview</li>
     <li class="active"><a href="#"><span class="none"></span>Overview</a></li>
     <li><a href="examples.html" title="Examples"><span class="none"></span>Examples</a></li>
     <li><a href="downloads.html" title="Downloads"><span class="none"></span>Downloads</a></li>
    <li class="nav-header">Project Documentation</li>
     <li><a href="project-info.html" title="Project Information"><span class="icon-chevron-down"></span>Project Information</a>
      <ul class="nav nav-list">
       <li><a href="dependencies.html" title="Dependencies"><span class="none"></span>Dependencies</a></li>
       <li><a href="dependency-info.html" title="Dependency Information"><span class="none"></span>Dependency Information</a></li>
       <li><a href="distribution-management.html" title="Distribution Management"><span class="none"></span>Distribution Management</a></li>
       <li class="active"><a href="#"><span class="none"></span>About</a></li>
       <li><a href="issue-management.html" title="Issue Management"><span class="none"></span>Issue Management</a></li>
       <li><a href="licenses.html" title="Licenses"><span class="none"></span>Licenses</a></li>
       <li><a href="mailing-lists.html" title="Mailing Lists"><span class="none"></span>Mailing Lists</a></li>
       <li><a href="plugin-management.html" title="Plugin Management"><span class="none"></span>Plugin Management</a></li>
       <li><a href="plugins.html" title="Plugins"><span class="none"></span>Plugins</a></li>
       <li><a href="scm.html" title="Source Code Management"><span class="none"></span>Source Code Management</a></li>
       <li><a href="summary.html" title="Summary"><span class="none"></span>Summary</a></li>
       <li><a href="team.html" title="Team"><span class="none"></span>Team</a></li>
      </ul></li>
     <li><a href="project-reports.html" title="Project Reports"><span class="icon-chevron-right"></span>Project Reports</a></li>
    <li class="nav-header">Apache</li>
     <li><a href="https://www.apache.org/" class="externalLink" title="Apache Website"><span class="none"></span>Apache Website</a></li>
     <li><a href="https://www.apache.org/licenses/" class="externalLink" title="License"><span class="none"></span>License</a></li>
     <li><a href="https://www.apache.org/foundation/how-it-works.html" class="externalLink" title="How the ASF works"><span class="none"></span>How the ASF works</a></li>
     <li><a href="https://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsorship"><span class="none"></span>Sponsorship</a></li>
     <li><a href="https://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks"><span class="none"></span>Thanks</a></li>
     <li><a href="https://www.apache.org/security/" class="externalLink" title="Security"><span class="none"></span>Security</a></li>
   </ul>
           </nav>
           <div class="well sidebar-nav">
             <hr />
             <div id="poweredBy">
               <div class="clear"></div>
               <div class="clear"></div>
               <div class="clear"></div>
 <a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" /></a>
             </div>
           </div>
         </header>
         <main id="bodyColumn"  class="span10" >


     <section>
 <h2><a name="Overview"></a>Overview</h2>

 <p> Fulcrum YAFFI Crypto Library is an extension library for Fulcrum YAAFI to support
         transparent decryption of configuration files. The encryption/decryption is based by default on <a class="externalLink" href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html" target="blank_">PBEWith&lt;digest&gt;And&lt;encryption&gt;</a> algorithm (PBEWithHmacSHA256AndAES_256) with 128bit key length.</p>
     </section>

     <section>
 <h2><a name="Functionality"></a>Functionality</h2>

 <p> This library exposes the following functionality </p>
 <ul>

 <li>password factory to create safer passwords</li>

 <li>creation of decrypting input streams</li>

 <li>creation of enrypting output streams</li>
         </ul>

       <section>
 <h3><a name="Password_Creation"></a>Password Creation</h3>

 <p> Why someone need a password factory to create safer password?! People tend to use weak
           password vulnerable to dictionary attacks. To improve the situation you have a base
           password which you convert into the real password using the PasswordFactory. For the
           password generation the base password is salted and repeatedly hashed to generate a UUID
           string (which you can still manually enter on the keyboard). Furthermore the password
           generation allows you to hide the &quot;real&quot; password in the case that you need to store your
           password directly in your code or configuration.</p>
 <table border="0" class="table table-striped">

 <tr class="a">

 <td>Base Text Password</td>

 <td>Computed Text Password</td>
             </tr>

 <tr class="b">

 <td>fulcrum-yaafi</td>

 <td>727a-98b9-93be-4537c</td>
             </tr>

 <tr class="a">

 <td>mysecret</td>

 <td>62cc-bf14-1814-672da</td>
             </tr>
           </table>

       </section>
       <section>
 <h3><a name="Decrypting_InputStreams"></a>Decrypting InputStreams</h3>

 <p> A decrypting input stream allows to apply transparent decryption of an input stream.
           Transparently also means that the implementation is able to look at the content to decide
           if it is encrypted at all - this is a so-called &quot;SmartDecryptingInputStream&quot;. </p>
       </section>
       <section>
 <h3><a name="Encrypting_OutputStreams"></a>Encrypting OutputStreams</h3>

 <p> A encrypting output stream allows to apply transparent encryption of an output stream.
         </p>
       </section>
     </section>

     <section>
 <h2><a name="Cryptography_Support"></a>Cryptography Support</h2>
       <section>
 <h3><a name="JDK_Support"></a>JDK Support</h3>

 <table border="0" class="table table-striped">

 <tr class="a">

 <td>JDK 1.3.x</td>

 <td> For JDK 1.3.x the <a class="externalLink" href="http://java.sun.com/products/jce/index-122.html"> Java
                 Cryptography Extension (JCE) 1.2.2</a> needs to be installed. Furthermore you need
               to add the jce1_2_2.jar to your Maven repository and project.xml </td>
           </tr>

 <tr class="b">

 <td>JDK 1.4.x</td>

 <td> The current JDK's have the JCA built-in therefore no extra configuration is
               required. </td>
           </tr>

 <tr class="a">

 <td>JDK 1.5.x</td>

 <td> The current JDK's have the JCA built-in therefore no extra configuration is
               required. </td>
           </tr>

 <tr class="b">

 <td>JDK 1.6.x</td>

 <td> The current JDK's have the JCA built-in therefore no extra configuration is
               required.
               <a class="externalLink" href="https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html">
             Java Cryptography Architecture Sun Providers Documentation for JavaTM Platform Standard Edition 6</a>
                </td>
           </tr>

 <tr class="a">

 <td>JDK 1.7.x</td>

 <td> <a class="externalLink" href="https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html">
             Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7</a>
             </td>
           </tr>

 <tr class="b">

 <td>JDK 1.8.x</td>

 <td> <a class="externalLink" href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html">
             Java Cryptography Architecture Oracle Providers Documentation for JDK 8</a>
             </td>
           </tr>

 <tr class="a">

 <td>JDK 14</td>

 <td> <a class="externalLink" href="https://docs.oracle.com/en/java/javase/14/security/java-cryptography-architecture-jca-reference-guide.html">
             Java Cryptography Architecture Oracle Providers Documentation for JDK 14</a>
             </td>
           </tr>
         </table>
       </section>
       <section>
 <h3><a name="Availabe_Cipher_Algorithms_.28Algorithm_Modes.29"></a>Availabe Cipher Algorithms (Algorithm Modes)</h3>

 <table border="0" class="table table-striped">

 <tr class="a">

 <th>Provider Version</th>

 <th>Algorithms</th>
           </tr>

 <tr class="b">

 <td>SunJCE 1.22</td>

 <td>PBEWithMD5AndDES</td>
           </tr>

 <tr class="a">

 <td>SunJCE 1.42</td>

 <td>PBEWithMD5AndDES</td>
           </tr>

 <tr class="b">

 <td>SunJCE (Java 8)</td>

 <td>PBEWithHmacSHA256AndAES_256</td>
           </tr>

 <tr class="a">

 <td>SunJCE (Java 8)</td>

 <td>AES_128/GCM/NoPadding</td>
           </tr>
         </table>
       </section>
      </section>


         </main>
       </div>
     </div>
     <hr/>
     <footer>
       <div class="container-fluid">
         <div class="row-fluid">
             <p>&#169;      2008&#x2013;2021
 <a href="https://www.apache.org/">The Apache Software Foundation</a>
 </p>
         </div>
       </div>
     </footer>
   </body>
 </html>
	<!DOCTYPE html>
	<!--
	\| Generated by Apache Maven Doxia Site Renderer 1.9.2 from xdocs/index.xml at 14 September 2021
	\| Rendered using Apache Maven Fluido Skin 1.9
	-->
	<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
	<head>
	<meta charset="UTF-8" />
	<meta name="viewport" content="width=device-width, initial-scale=1" />
	<meta name="generator" content="Apache Maven Doxia Site Renderer 1.9.2" />
	<meta name="author" content="Siegfried Goeschl" />
	<title>Fulcrum YAAFI Crypto Library – Fulcrum Crypto Library</title>
	<link rel="stylesheet" href="./css/apache-maven-fluido-1.9.min.css" />
	<link rel="stylesheet" href="./css/site.css" />
	<link rel="stylesheet" href="./css/print.css" media="print" />
	<script src="./js/apache-maven-fluido-1.9.min.js"></script>
	</head>
	<body class="topBarDisabled">
	<div class="container-fluid">
	<header>
	<div id="banner">
	<div class="pull-left"><a href="https://turbine.apache.org/" id="bannerLeft" title="Apache Turbine"><img src="https://turbine.apache.org/images/turbine-project.png" alt="Apache Turbine"/></a></div>
	<div class="pull-right"></div>
	<div class="clear"><hr/></div>
	</div>

	<div id="breadcrumbs">
	<ul class="breadcrumb">
	<li id="publishDate">Last Published: 14 September 2021<span class="divider">\|</span>
	</li>
	<li id="projectVersion">Version: 2.0.2-SNAPSHOT</li>
	<li class="pull-right"><span class="divider">\|</span>
	<a href="https://turbine.apache.org/fulcrum/" class="externalLink" title="Fulcrum">Fulcrum</a></li>
	<li class="pull-right"><span class="divider">\|</span>
	<a href="https://turbine.apache.org/" class="externalLink" title="Turbine">Turbine</a></li>
	<li class="pull-right"><a href="https://www.apache.org" class="externalLink" title="Apache">Apache</a></li>
	</ul>
	</div>
	</header>
	<div class="row-fluid">
	<header id="leftColumn" class="span2">
	<nav class="well sidebar-nav">
	<ul class="nav nav-list">
	<li class="nav-header">Overview</li>
	<li class="active"><a href="#"><span class="none"></span>Overview</a></li>
	<li><a href="examples.html" title="Examples"><span class="none"></span>Examples</a></li>
	<li><a href="downloads.html" title="Downloads"><span class="none"></span>Downloads</a></li>
	<li class="nav-header">Project Documentation</li>
	<li><a href="project-info.html" title="Project Information"><span class="icon-chevron-down"></span>Project Information</a>
	<ul class="nav nav-list">
	<li><a href="dependencies.html" title="Dependencies"><span class="none"></span>Dependencies</a></li>
	<li><a href="dependency-info.html" title="Dependency Information"><span class="none"></span>Dependency Information</a></li>
	<li><a href="distribution-management.html" title="Distribution Management"><span class="none"></span>Distribution Management</a></li>
	<li class="active"><a href="#"><span class="none"></span>About</a></li>
	<li><a href="issue-management.html" title="Issue Management"><span class="none"></span>Issue Management</a></li>
	<li><a href="licenses.html" title="Licenses"><span class="none"></span>Licenses</a></li>
	<li><a href="mailing-lists.html" title="Mailing Lists"><span class="none"></span>Mailing Lists</a></li>
	<li><a href="plugin-management.html" title="Plugin Management"><span class="none"></span>Plugin Management</a></li>
	<li><a href="plugins.html" title="Plugins"><span class="none"></span>Plugins</a></li>
	<li><a href="scm.html" title="Source Code Management"><span class="none"></span>Source Code Management</a></li>
	<li><a href="summary.html" title="Summary"><span class="none"></span>Summary</a></li>
	<li><a href="team.html" title="Team"><span class="none"></span>Team</a></li>
	</ul></li>
	<li><a href="project-reports.html" title="Project Reports"><span class="icon-chevron-right"></span>Project Reports</a></li>
	<li class="nav-header">Apache</li>
	<li><a href="https://www.apache.org/" class="externalLink" title="Apache Website"><span class="none"></span>Apache Website</a></li>
	<li><a href="https://www.apache.org/licenses/" class="externalLink" title="License"><span class="none"></span>License</a></li>
	<li><a href="https://www.apache.org/foundation/how-it-works.html" class="externalLink" title="How the ASF works"><span class="none"></span>How the ASF works</a></li>
	<li><a href="https://www.apache.org/foundation/sponsorship.html" class="externalLink" title="Sponsorship"><span class="none"></span>Sponsorship</a></li>
	<li><a href="https://www.apache.org/foundation/thanks.html" class="externalLink" title="Thanks"><span class="none"></span>Thanks</a></li>
	<li><a href="https://www.apache.org/security/" class="externalLink" title="Security"><span class="none"></span>Security</a></li>
	</ul>
	</nav>
	<div class="well sidebar-nav">
	<hr />
	<div id="poweredBy">
	<div class="clear"></div>
	<div class="clear"></div>
	<div class="clear"></div>
	<a href="http://maven.apache.org/" title="Built by Maven" class="poweredBy"><img class="builtBy" alt="Built by Maven" src="./images/logos/maven-feather.png" /></a>
	</div>
	</div>
	</header>
	<main id="bodyColumn" class="span10" >




	<section>
	<h2><a name="Overview"></a>Overview</h2>

	<p> Fulcrum YAFFI Crypto Library is an extension library for Fulcrum YAAFI to support
	transparent decryption of configuration files. The encryption/decryption is based by default on <a class="externalLink" href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html" target="blank_">PBEWith<digest>And<encryption></a> algorithm (PBEWithHmacSHA256AndAES_256) with 128bit key length.</p>
	</section>

	<section>
	<h2><a name="Functionality"></a>Functionality</h2>

	<p> This library exposes the following functionality </p>
	<ul>

	<li>password factory to create safer passwords</li>

	<li>creation of decrypting input streams</li>

	<li>creation of enrypting output streams</li>
	</ul>

	<section>
	<h3><a name="Password_Creation"></a>Password Creation</h3>

	<p> Why someone need a password factory to create safer password?! People tend to use weak
	password vulnerable to dictionary attacks. To improve the situation you have a base
	password which you convert into the real password using the PasswordFactory. For the
	password generation the base password is salted and repeatedly hashed to generate a UUID
	string (which you can still manually enter on the keyboard). Furthermore the password
	generation allows you to hide the "real" password in the case that you need to store your
	password directly in your code or configuration.</p>
	<table border="0" class="table table-striped">

	<tr class="a">

	<td>Base Text Password</td>

	<td>Computed Text Password</td>
	</tr>

	<tr class="b">

	<td>fulcrum-yaafi</td>

	<td>727a-98b9-93be-4537c</td>
	</tr>

	<tr class="a">

	<td>mysecret</td>

	<td>62cc-bf14-1814-672da</td>
	</tr>
	</table>

	</section>
	<section>
	<h3><a name="Decrypting_InputStreams"></a>Decrypting InputStreams</h3>

	<p> A decrypting input stream allows to apply transparent decryption of an input stream.
	Transparently also means that the implementation is able to look at the content to decide
	if it is encrypted at all - this is a so-called "SmartDecryptingInputStream". </p>
	</section>
	<section>
	<h3><a name="Encrypting_OutputStreams"></a>Encrypting OutputStreams</h3>

	<p> A encrypting output stream allows to apply transparent encryption of an output stream.
	</p>
	</section>
	</section>

	<section>
	<h2><a name="Cryptography_Support"></a>Cryptography Support</h2>
	<section>
	<h3><a name="JDK_Support"></a>JDK Support</h3>

	<table border="0" class="table table-striped">

	<tr class="a">

	<td>JDK 1.3.x</td>

	<td> For JDK 1.3.x the <a class="externalLink" href="http://java.sun.com/products/jce/index-122.html"> Java
	Cryptography Extension (JCE) 1.2.2</a> needs to be installed. Furthermore you need
	to add the jce1_2_2.jar to your Maven repository and project.xml </td>
	</tr>

	<tr class="b">

	<td>JDK 1.4.x</td>

	<td> The current JDK's have the JCA built-in therefore no extra configuration is
	required. </td>
	</tr>

	<tr class="a">

	<td>JDK 1.5.x</td>

	<td> The current JDK's have the JCA built-in therefore no extra configuration is
	required. </td>
	</tr>

	<tr class="b">

	<td>JDK 1.6.x</td>

	<td> The current JDK's have the JCA built-in therefore no extra configuration is
	required.
	<a class="externalLink" href="https://docs.oracle.com/javase/6/docs/technotes/guides/security/SunProviders.html">
	Java Cryptography Architecture Sun Providers Documentation for JavaTM Platform Standard Edition 6</a>
	</td>
	</tr>

	<tr class="a">

	<td>JDK 1.7.x</td>

	<td> <a class="externalLink" href="https://docs.oracle.com/javase/7/docs/technotes/guides/security/SunProviders.html">
	Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7</a>
	</td>
	</tr>

	<tr class="b">

	<td>JDK 1.8.x</td>

	<td> <a class="externalLink" href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/SunProviders.html">
	Java Cryptography Architecture Oracle Providers Documentation for JDK 8</a>
	</td>
	</tr>

	<tr class="a">

	<td>JDK 14</td>

	<td> <a class="externalLink" href="https://docs.oracle.com/en/java/javase/14/security/java-cryptography-architecture-jca-reference-guide.html">
	Java Cryptography Architecture Oracle Providers Documentation for JDK 14</a>
	</td>
	</tr>
	</table>
	</section>
	<section>
	<h3><a name="Availabe_Cipher_Algorithms_.28Algorithm_Modes.29"></a>Availabe Cipher Algorithms (Algorithm Modes)</h3>

	<table border="0" class="table table-striped">

	<tr class="a">

	<th>Provider Version</th>

	<th>Algorithms</th>
	</tr>

	<tr class="b">

	<td>SunJCE 1.22</td>

	<td>PBEWithMD5AndDES</td>
	</tr>

	<tr class="a">

	<td>SunJCE 1.42</td>

	<td>PBEWithMD5AndDES</td>
	</tr>

	<tr class="b">

	<td>SunJCE (Java 8)</td>

	<td>PBEWithHmacSHA256AndAES_256</td>
	</tr>

	<tr class="a">

	<td>SunJCE (Java 8)</td>

	<td>AES_128/GCM/NoPadding</td>
	</tr>
	</table>
	</section>
	</section>



	</main>
	</div>
	</div>
	<hr/>
	<footer>
	<div class="container-fluid">
	<div class="row-fluid">
	<p>© 2008–2021
	<a href="https://www.apache.org/">The Apache Software Foundation</a>
	</p>
	</div>
	</div>
	</footer>
	</body>
	</html>