Is there any interest in providing general crypto packages in addition to the current authentication and authorization packages?
1. I've wrapped the various factories and generators in java.security.* and javax.crypto.* with Spring FactoryBeans. That makes it trivial to configure and inject into code. These classes are trivial to implement. 2. I'm working on a Spring-based database crypto package, based loosely on 'cryptography in the database' that was published a while back. The client-facing interface is two LobHandlers. One handler allows small blobs to be stored as hex/base64-encoded strings. This permits small encrypted objects to be stored in regular database fields. The other handler performs transparent encryption/decryption given the encryption key id, typically a column in each row. This eliminates a lot of problems with the 'crypto for dummies' packages (e.g. rekeying issues), but makes authorization to access that column a critical issue. These classes are straightforward to implement once you have the general concept. 3. Key management is always the most difficult and critical element, and I'm using the 'key vault' concept in the book mentioned earlier. The general idea is that the 'working keys' (behind those 'encryption key ids') are encrypted symmetrical keys stored in a database table. The vault exposes the appropriate Cipher, never a naked key, and even a database compromise will only expose PKCS8 encrypted keys. The working keys are all encrypted by a single master key, often stored in multple pieces (e.g., a random salt and a passphrase). These classes are moderately difficult to implement since they require a good knowledge of java cryptography classes. In addition the design needs to flexible enough to allow the key vault to be run in a separate JVM or even a separate machine. I'm still trying to work through the last item. The book always performed encryption/decryption in the vaults (and assumed a secure communications channel between the application code and vault), but I think it's cleaner to use Ciphers if the vault is in the same JVM. Unfortunately Ciphers are not serializable so that approach can't be used when the vaults are in separate JVMs or machines. A potential problem is import/export restrictions on code that uses (not provides) encryption. This is rare, but the second and third items may need to be distributed in a separate jar file. ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
