Overview

Fulcrum YAFFI Crypto Library is an extension library for Fulcrum YAAFI to support transparent decryption of configuration files. The encryption/decryption is based by default on PBEWith<digest>And<encryption> algorithm (PBEWithHmacSHA256AndAES_256) with 128bit key length.

Functionality

This library exposes the following functionality

  • password factory to create safer passwords
  • creation of decrypting input streams
  • creation of enrypting output streams

Password Creation

Why someone need a password factory to create safer password?! People tend to use weak password vulnerable to dictionary attacks. To improve the situation you have a base password which you convert into the real password using the PasswordFactory. For the password generation the base password is salted and repeatedly hashed to generate a UUID string (which you can still manually enter on the keyboard). Furthermore the password generation allows you to hide the "real" password in the case that you need to store your password directly in your code or configuration.

Base Text Password Computed Text Password
fulcrum-yaafi 727a-98b9-93be-4537c
mysecret 62cc-bf14-1814-672da

Decrypting InputStreams

A decrypting input stream allows to apply transparent decryption of an input stream. Transparently also means that the implementation is able to look at the content to decide if it is encrypted at all - this is a so-called "SmartDecryptingInputStream".

Encrypting OutputStreams

A encrypting output stream allows to apply transparent encryption of an output stream.

Cryptography Support

JDK Support

JDK 1.3.x For JDK 1.3.x the Java Cryptography Extension (JCE) 1.2.2 needs to be installed. Furthermore you need to add the jce1_2_2.jar to your Maven repository and project.xml
JDK 1.4.x The current JDK's have the JCA built-in therefore no extra configuration is required.
JDK 1.5.x The current JDK's have the JCA built-in therefore no extra configuration is required.
JDK 1.6.x The current JDK's have the JCA built-in therefore no extra configuration is required. Java Cryptography Architecture Sun Providers Documentation for JavaTM Platform Standard Edition 6
JDK 1.7.x Java Cryptography Architecture Oracle Providers Documentation for Java Platform Standard Edition 7
JDK 1.8.x Java Cryptography Architecture Oracle Providers Documentation for JDK 8
JDK 14 Java Cryptography Architecture Oracle Providers Documentation for JDK 14

Availabe Cipher Algorithms (Algorithm Modes)

Provider Version Algorithms
SunJCE 1.22 PBEWithMD5AndDES
SunJCE 1.42 PBEWithMD5AndDES
SunJCE (Java 8) PBEWithHmacSHA256AndAES_256
SunJCE (Java 8) AES_128/GCM/NoPadding