--- /dev/null
+/*\r
+\r
+ Derby - Class org.apache.derby.iapi.services.crypto.CipherProvider\r
+\r
+ Licensed to the Apache Software Foundation (ASF) under one or more\r
+ contributor license agreements. See the NOTICE file distributed with\r
+ this work for additional information regarding copyright ownership.\r
+ The ASF licenses this file to you under the Apache License, Version 2.0\r
+ (the "License"); you may not use this file except in compliance with\r
+ the License. You may obtain a copy of the License at\r
+\r
+ http://www.apache.org/licenses/LICENSE-2.0\r
+\r
+ Unless required by applicable law or agreed to in writing, software\r
+ distributed under the License is distributed on an "AS IS" BASIS,\r
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ See the License for the specific language governing permissions and\r
+ limitations under the License.\r
+\r
+ */\r
+\r
+package org.apache.derby.iapi.services.crypto;\r
+\r
+import java.security.Key;\r
+\r
+import org.apache.derby.iapi.error.StandardException;\r
+\r
+/**\r
+ A CipherProvider is a wrapper for a Cipher class in JCE.\r
+\r
+ This service is only available when run on JDK1.2 or beyond.\r
+ To use this service, either the SunJCE or an alternative clean room\r
+ implementation of the JCE must be installed.\r
+\r
+ To use a CipherProvider to encrypt or decrypt, it needs 3 things:\r
+ 1) A CipherProvider that is initialized to ENCRYPT or DECRYPT\r
+ 2) A secret Key for the encryption/decryption\r
+ 3) An Initialization Vector (IvParameterSpec) that is used to create some\r
+ randomness in the encryption\r
+\r
+ See $WS/docs/funcspec/mulan/configurableEncryption.html\r
+\r
+ See http://java.sun.com/products/JDK/1.1/docs/guide/security/CryptoSpec.html\r
+ See http://java.sun.com/products/JDK/1.2/docs/guide/security/CryptoSpec.html\r
+ See http://java.sun.com/products/jdk/1.2/jce/index.html\r
+ */\r
+\r
+public interface CipherProvider\r
+{\r
+\r
+ /**\r
+ Encrypt data - use only with Cipher that has been initialized with\r
+ CipherFactory.ENCRYPT.\r
+\r
+ @return The number of bytes stored in ciphertext.\r
+\r
+ @param cleartext the byte array containing the cleartext\r
+ @param offset encrypt from this byte offset in the cleartext\r
+ @param length encrypt this many bytes starting from offset\r
+ @param ciphertext the byte array to store the ciphertext\r
+ @param outputOffset the offset into the ciphertext array the output\r
+ should go\r
+\r
+ If cleartext and ciphertext are the same array, caller must be careful\r
+ to not overwrite the cleartext before it is scrambled.\r
+\r
+ @exception StandardException Standard Derby Error Policy\r
+ */\r
+ int encrypt(byte[] cleartext, int offset, int length,\r
+ byte[] ciphertext, int outputOffset)\r
+ throws StandardException;\r
+\r
+ /**\r
+ Decrypt data - use only with Cipher that has been initialized with\r
+ CipherFactory.DECRYPT.\r
+\r
+ @return The number of bytes stored in cleartext.\r
+\r
+ @param ciphertext the byte array containing the ciphertext\r
+ @param offset decrypt from this byte offset in the ciphertext\r
+ @param length decrypt this many bytes starting from offset\r
+ @param cleartext the byte array to store the cleartext\r
+ @param outputOffset the offset into the cleartext array the output\r
+ should go\r
+\r
+ If cleartext and ciphertext are the same array, caller must be careful\r
+ to not overwrite the ciphertext before it is un-scrambled.\r
+\r
+ @exception StandardException Standard Derby Error Policy\r
+ */\r
+ int decrypt(byte[] ciphertext, int offset, int length,\r
+ byte[] cleartext, int outputOffset)\r
+ throws StandardException;\r
+\r
+\r
+ /**\r
+ Returns the encryption block size used during creation of the encrypted database\r
+ */\r
+ public int getEncryptionBlockSize();\r
+}\r