public class SecretDecoderRing
extends java.lang.Object
A dedicated key is used to encrypt all SecretDecoderRing data. The same key is used for all SDR data, and not for any other data. This key will be generated the first time it is needed.
The cipher used is DES3-EDE (Triple-DES) in CBC mode. The ciphertext is DER-encoded in the following ASN.1 data structure:
SEQUENCE { keyid OCTET STRING, alg AlgorithmIdentifier, ciphertext OCTET STRING }
You must set the password on the Internal Key Storage Token (aka software token, key3.db) before you use the SecretDecoderRing.
Modifier and Type | Field and Description |
---|---|
static java.lang.String |
encodingFormat |
Constructor and Description |
---|
SecretDecoderRing() |
Modifier and Type | Method and Description |
---|---|
byte[] |
decrypt(byte[] ciphertext)
Decrypts the given ciphertext with the Secret Decoder Ring key stored
in the NSS key database.
|
java.lang.String |
decryptToString(byte[] ciphertext)
Decrypts the given ciphertext with the Secret Decoder Ring key stored
in the NSS key database, returning the original plaintext string.
|
byte[] |
encrypt(byte[] plaintext)
Encrypts the given plaintext with the Secret Decoder Ring key stored
in the NSS key database.
|
byte[] |
encrypt(java.lang.String plaintext)
Encrypts the given plaintext string with the Secret Decoder Ring key
stored in the NSS key database.
|
public static final java.lang.String encodingFormat
public byte[] encrypt(byte[] plaintext) throws TokenException
TokenException
public byte[] encrypt(java.lang.String plaintext) throws TokenException
TokenException
public byte[] decrypt(byte[] ciphertext) throws TokenException
TokenException
public java.lang.String decryptToString(byte[] ciphertext) throws TokenException
TokenException