Free
Class AuthKey
java.lang.Object
|
+--Free.AuthKey
- public class AuthKey
- extends java.lang.Object
AuthKey calculates and communicates the FREE authorisation key which
helps to secure the system against attacks through reverse engineering the
client program. It also is used to improve the reliability so that we can
reduce the number of users who lose the chance to vote through crashes on
their computers.
Encryption is done with a symmetric cipher provided by The
Cryptix Foundation.
- Since:
- 1.4
- Version:
- 0.3 7 February 2001
- Author:
- Jason Kitcat
Method Summary |
protected static java.lang.String |
build(java.lang.String name,
java.lang.String code,
java.lang.String pword,
int whichKey)
Builds an AuthKey from the user data provided. |
protected static java.lang.String |
decrypt(java.lang.String akey,
int whichKey)
Decrypts a key - but note doesn't reveal full origins as the decrypted key is merely the MAC
and not plain text. |
protected static java.lang.String |
encrypt(java.lang.String akey,
int whichKey)
Encrypts a key - for use when exporting the keys |
protected static void |
init()
Initialises crypto etc |
Methods inherited from class java.lang.Object |
,
clone,
equals,
finalize,
getClass,
hashCode,
notify,
notifyAll,
toString,
wait,
wait,
wait |
AuthKey
public AuthKey()
init
protected static void init()
- Initialises crypto etc
build
protected static java.lang.String build(java.lang.String name,
java.lang.String code,
java.lang.String pword,
int whichKey)
throws java.lang.Exception
- Builds an
AuthKey
from the user data provided. The following
process is used to build a FREE AuthKey:
A message digest of the Roll
entry (i.e. the three String parameters to
this method) and the MACpass
is created.
Then a message digest of the first digest concatenated with the MACpass
password is created.
The result is then encrypted with one of two secret keys as specified by key
.
Note the we minimise our reliance on the Cryptix tools - all possible security is done with
standard Sun algorithms. This is in case export restrictions make Cryptix removal necessary.
- Parameters:
name
- The user's name as from the Roll
database tablecode
- A unique pin code for the user, also from the databasepword
- A password for the user, also from the databasewhichKey
- Indicates whether to use secret key 1 or 2
decrypt
protected static java.lang.String decrypt(java.lang.String akey,
int whichKey)
throws java.lang.Exception
- Decrypts a key - but note doesn't reveal full origins as the decrypted key is merely the MAC
and not plain text.
- Parameters:
akey
- The key to decryptwhichKey
- Indicates whether to use secret key 1 or 2
encrypt
protected static java.lang.String encrypt(java.lang.String akey,
int whichKey)
throws java.lang.Exception
- Encrypts a key - for use when exporting the keys
- Parameters:
akey
- The key to encryptwhichKey
- Indicates whether to use secret key 1 or 2