ERServer
Class AuthKey

java.lang.Object
  |
  +--ERServer.AuthKey

public class AuthKey
extends java.lang.Object

AuthKey calculates and communicates the FREE authorisation key which helps to secure the system against attacks through reverse engineering the client program. It also is used to improve the reliability so that we can reduce the number of users who lose the chance to vote through crashes on their computers. Encryption is done with a symmetric cipher provided by The Cryptix Foundation.

Since:
1.4
Version:
0.3 7 February 2001
Author:
Jason Kitcat

Constructor Summary
AuthKey()
           
 
Method Summary
protected static java.lang.String build(java.lang.String name, java.lang.String code, java.lang.String pword, int whichKey)
          Builds an AuthKey from the user data provided.
protected static java.lang.String decrypt(java.lang.String akey, int whichKey)
          Decrypts a key - but note doesn't reveal full origins as the decrypted key is merely the MAC and not plain text.
protected static java.lang.String encrypt(java.lang.String akey, int whichKey)
          Encrypts a key - for use when exporting the keys
protected static void init()
          Initialises crypto etc
 
Methods inherited from class java.lang.Object
, clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

AuthKey

public AuthKey()
Method Detail

init

protected static void init()
Initialises crypto etc

build

protected static java.lang.String build(java.lang.String name,
                                        java.lang.String code,
                                        java.lang.String pword,
                                        int whichKey)
                                 throws java.lang.Exception
Builds an AuthKey from the user data provided. The following process is used to build a FREE AuthKey: A message digest of the Roll entry (i.e. the three String parameters to this method) and the MACpass is created. Then a message digest of the first digest concatenated with the MACpass password is created. The result is then encrypted with one of two secret keys as specified by key. Note the we minimise our reliance on the Cryptix tools - all possible security is done with standard Sun algorithms. This is in case export restrictions make Cryptix removal necessary.
Parameters:
name - The user's name as from the Roll database table
code - A unique pin code for the user, also from the database
pword - A password for the user, also from the database
whichKey - Indicates whether to use secret key 1 or 2

decrypt

protected static java.lang.String decrypt(java.lang.String akey,
                                          int whichKey)
                                   throws java.lang.Exception
Decrypts a key - but note doesn't reveal full origins as the decrypted key is merely the MAC and not plain text.
Parameters:
akey - The key to decrypt
whichKey - Indicates whether to use secret key 1 or 2

encrypt

protected static java.lang.String encrypt(java.lang.String akey,
                                          int whichKey)
                                   throws java.lang.Exception
Encrypts a key - for use when exporting the keys
Parameters:
akey - The key to encrypt
whichKey - Indicates whether to use secret key 1 or 2