XSECCryptoSymmetricKey Class Reference
[Cryptographic Abstraction Layer]

#include <XSECCryptoSymmetricKey.hpp>

Inheritance diagram for XSECCryptoSymmetricKey:

[legend]Collaboration diagram for XSECCryptoSymmetricKey:

[legend]List of all members.

---

Detailed Description

Base interface definition for symmetric key material.

All symmetric algorithms are implemented via this interface. Unlike the asymmetric key definitions, this is not further extended for particular algorithms. Rather it defines encrypt/decrypt functions that are implemented within particular providers for a particular algorithm.

Public Types
enum	SymmetricKeyType {   KEY_NONE,   KEY_3DES_192,   KEY_AES_128,   KEY_AES_192,   KEY_AES_256 }
	Symmetric Key types understood by the library. More...
enum	SymmetricKeyMode {   MODE_NONE,   MODE_ECB,   MODE_CBC }
Public Member Functions
Constructors and Destructors
	XSECCryptoSymmetricKey ()
	Constructor.
virtual	~XSECCryptoSymmetricKey ()
	Destructor.
Basic CryptoKey Interface methods
virtual KeyType	getKeyType ()
	Returns the type of this key.
virtual const XMLCh *	getProviderName ()=0
	Returns a string that identifies the crypto owner of this library.
virtual XSECCryptoKey *	clone ()=0
	Clone the key.
Symmetric key interface methods
virtual SymmetricKeyType	getSymmetricKeyType (void)=0
	What type of symmetric key is this?
virtual void	setKey (const unsigned char *key, unsigned int keyLen)=0
	Set the key from the provided bytes.
virtual bool	decryptInit (bool doPad=true, SymmetricKeyMode mode=MODE_CBC, const unsigned char *iv=NULL)=0
	Initialise an decryption process.
virtual unsigned int	decrypt (const unsigned char *inBuf, unsigned char *plainBuf, unsigned int inLength, unsigned int maxOutLength)=0
	Continue an decrypt operation using this key.
virtual unsigned int	decryptFinish (unsigned char *plainBuf, unsigned int maxOutLength)=0
	Finish a decryption operation.
virtual bool	encryptInit (bool doPad=true, SymmetricKeyMode mode=MODE_CBC, const unsigned char *iv=NULL)=0
	Initialise an encryption process.
virtual unsigned int	encrypt (const unsigned char *inBuf, unsigned char *cipherBuf, unsigned int inLength, unsigned int maxOutLength)=0
	Continue an encryption operation using this key.
virtual unsigned int	encryptFinish (unsigned char *plainBuf, unsigned int maxOutLength)=0
	Finish a encryption operation.

---

Member Enumeration Documentation

enum XSECCryptoSymmetricKey::SymmetricKeyMode

Enumeration values: MODE_NONE  MODE_ECB  An error condition MODE_CBC  Cipher Block Chaining

enum XSECCryptoSymmetricKey::SymmetricKeyType

Symmetric Key types understood by the library. This type defines the list of symmetric key types that the library understands. Enumeration values: KEY_NONE  KEY_3DES_192  KEY_AES_128  192 bit (3-Key) 3DES KEY_AES_192  128 bit AES KEY_AES_256  256 bit AES

---

Constructor & Destructor Documentation

XSECCryptoSymmetricKey::XSECCryptoSymmetricKey (   )  [inline]

Constructor.

virtual XSECCryptoSymmetricKey::~XSECCryptoSymmetricKey (   )  [inline, virtual]

Destructor. Implementations must ensure that the held key is properly destroyed (overwritten) when key objects are deleted.

---

Member Function Documentation

virtual XSECCryptoKey* XSECCryptoSymmetricKey::clone (   )  [pure virtual]

Clone the key. All keys need to be able to copy themselves and return a pointer to the copy. This allows the library to duplicate keys. Implements XSECCryptoKey. Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual unsigned int XSECCryptoSymmetricKey::decrypt (  const unsigned char *  inBuf, unsigned char *  plainBuf, unsigned int  inLength, unsigned int  maxOutLength )  [pure virtual]

Continue an decrypt operation using this key. Decryption must have been set up using an encryptInit call. Takes the inBuf and continues a decryption operation, writing the output to outBuf. This function does not have to guarantee that all input will be decrypted. In cases where the input is not a length of the block size, the implementation will need to hold back cipher-text to be handles during the next operation. Parameters: inBuf  Octets to be decrypted plainBuf  Buffer to place output in inLength  Number of bytes to decrypt maxOutLength  Maximum number of bytes to place in output buffer Returns: Bytes placed in output Buffer Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual unsigned int XSECCryptoSymmetricKey::decryptFinish (  unsigned char *  plainBuf, unsigned int  maxOutLength )  [pure virtual]

Finish a decryption operation. Complete a decryption process. No cipher text is passed in, as this should simply be removing any remaining text from the plain storage buffer. May throw an exception if there is some stored cipher text that is not the length of the block size for block algorithms. Parameters: plainBuf  Buffer to place any remaining plain text in maxOutLength  Maximum number of bytes to pace in output Returns: Bytes placed in output buffer Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual bool XSECCryptoSymmetricKey::decryptInit (  bool  doPad = true, SymmetricKeyMode  mode = MODE_CBC, const unsigned char *  iv = NULL )  [pure virtual]

Initialise an decryption process. Setup the key to get ready for a decryption session. Callers can pass in an IV. If one is not provided, but the algorithm requires one (e.g. 3DES_CBC), then implementations should assume that the start of the cipher text stream will in fact be the IV. Parameters: doPad  By default, we perform padding for last block mode  mode selection (Currently ECB or CBC mode only). Default is CBC iv  Initialisation Vector to be used. NULL if one is not required, or if IV will be set from data stream Returns: true if the initialisation succeeded. Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual unsigned int XSECCryptoSymmetricKey::encrypt (  const unsigned char *  inBuf, unsigned char *  cipherBuf, unsigned int  inLength, unsigned int  maxOutLength )  [pure virtual]

Continue an encryption operation using this key. Encryption must have been set up using an encryptInit call. Takes the inBuf and continues a encryption operation, writing the output to outBuf. This function does not have to guarantee that all input will be encrypted. In cases where the input is not a length of the block size, the implementation will need to hold back plain-text to be handled during the next operation. Parameters: inBuf  Octets to be encrypted cipherBuf  Buffer to place output in inLength  Number of bytes to encrypt maxOutLength  Maximum number of bytes to place in output buffer Returns: Bytes placed in output Buffer Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual unsigned int XSECCryptoSymmetricKey::encryptFinish (  unsigned char *  plainBuf, unsigned int  maxOutLength )  [pure virtual]

Finish a encryption operation. Complete a encryption process. No plain text is passed in, as this should simply be removing any remaining text from the plain storage buffer and creating a final padded block. Padding is performed by taking the remaining block, and setting the last byte to equal the number of bytes of padding. If the plain was an exact multiple of the block size, then an extra block of padding will be used. For example, if the block size is 8 bytes, and there were three remaining plain text bytes (0x01, 0x02 and 0x03), the final block will be : 0x010203????????05 Parameters: plainBuf  Buffer to place final block of cipher text in maxOutLength  Maximum number of bytes to pace in output Returns: Bytes placed in output buffer Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual bool XSECCryptoSymmetricKey::encryptInit (  bool  doPad = true, SymmetricKeyMode  mode = MODE_CBC, const unsigned char *  iv = NULL )  [pure virtual]

Initialise an encryption process. Setup the key to get ready for a decryption session. Callers can pass in an IV. If one is not provided, but the algorithm requires one (e.g. 3DES_CBC), then implementations are required to generate one. Parameters: doPad  By default, we perform padding for last block mode  What mode to handle blocks (Currently CBC or ECB) Default is CBC. iv  Initialisation Vector to be used. NULL if one is not required, or if IV is to be generated Returns: true if the initialisation succeeded. Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual KeyType XSECCryptoSymmetricKey::getKeyType (   )  [inline, virtual]

Returns the type of this key. Reimplemented from XSECCryptoKey.

virtual const XMLCh* XSECCryptoSymmetricKey::getProviderName (   )  [pure virtual]

Returns a string that identifies the crypto owner of this library. Implements XSECCryptoKey. Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual SymmetricKeyType XSECCryptoSymmetricKey::getSymmetricKeyType (  void   )  [pure virtual]

What type of symmetric key is this? There are a number of different types of symmetric key. This method allows callers to determine the type of this particular key Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

virtual void XSECCryptoSymmetricKey::setKey (  const unsigned char *  key, unsigned int  keyLen )  [pure virtual]

Set the key from the provided bytes. Symmetric keys can all be loaded from a buffer containing a series of bytes. Parameters: key  The buffer containing the key bytes keyLen  The number of key bytes in the buffer Implemented in OpenSSLCryptoSymmetricKey, and WinCAPICryptoSymmetricKey.

---

The documentation for this class was generated from the following file:

• XSECCryptoSymmetricKey.hpp

---