Class MultiCipherOutputStream

  • All Implemented Interfaces:
    java.io.Closeable, java.io.Flushable, java.lang.AutoCloseable

    public class MultiCipherOutputStream
    extends java.io.OutputStream
    Implements an output stream that encrypts the underlying output stream using one to many ciphers. Format:
        Length           HMAC'd           Description
        ----------------------------------------------
        04               no               "Sy" 0x02 0x05 (4 bytes)
        01               no               Version (1 byte)
        12               no               HMAC salt             
        01               yes (in header)  Cipher count (=n, 1 byte)
        
        for i := 0..n-1:
          01             yes (in header)  Cipher spec ID (1 byte)
          12             yes (in header)  Salt for cipher i (12 bytes)
          aa             yes (in header)  IV for cipher i (cipher specific length, 0..x)
          
        20               no               Header HMAC (20 bytes, for "HmacSHA1")
        bb               yes (in mode)    Ciphertext (HMAC'd by mode, e.g. GCM)
     
    It follows a few Do's and Don'ts: - http://blog.cryptographyengineering.com/2011/11/how-not-to-use-symmetric-encryption.html - http://security.stackexchange.com/questions/30170/after-how-much-data-encryption-aes-256-we-should-change-key Encryption and cipher rules - Don't encrypt with ECB mode (throws exception if ECB is used) - Don't re-use your IVs (IVs are never reused) - Don't encrypt your IVs (IVs are prepended) - Authenticate cipher configuration (algorithm, salts and IVs) - Only use authenticated ciphers
    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void close()  
      void write​(byte[] b)  
      void write​(byte[] b, int off, int len)  
      void write​(int b)  
      • Methods inherited from class java.io.OutputStream

        flush, nullOutputStream
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Method Detail

      • write

        public void write​(int b)
                   throws java.io.IOException
        Specified by:
        write in class java.io.OutputStream
        Throws:
        java.io.IOException
      • write

        public void write​(byte[] b)
                   throws java.io.IOException
        Overrides:
        write in class java.io.OutputStream
        Throws:
        java.io.IOException
      • write

        public void write​(byte[] b,
                          int off,
                          int len)
                   throws java.io.IOException
        Overrides:
        write in class java.io.OutputStream
        Throws:
        java.io.IOException
      • close

        public void close()
                   throws java.io.IOException
        Specified by:
        close in interface java.lang.AutoCloseable
        Specified by:
        close in interface java.io.Closeable
        Overrides:
        close in class java.io.OutputStream
        Throws:
        java.io.IOException