org.mozilla.jss.crypto

Class SecretDecoderRing

public class SecretDecoderRing extends Object

This is a proprietary NSS interface. It is used for encrypting data with a secret key stored in the NSS key database (which is in turn protected with a password). It thus provides a quick, convenient way to encrypt stuff your application wants to keep around for its own use: for example, the list of web passwords stored in the web browser.

A dedicated key is used to encrypt all SecretDecoderRing data. The same key is used for all SDR data, and not for any other data. This key will be generated the first time it is needed.

The cipher used is DES3-EDE (Triple-DES) in CBC mode. The ciphertext is DER-encoded in the following ASN.1 data structure:

    SEQUENCE {
      keyid       OCTET STRING,
      alg         AlgorithmIdentifier,
      ciphertext  OCTET STRING }
 

You must set the password on the Internal Key Storage Token (aka software token, key3.db) before you use the SecretDecoderRing.

Field Summary
static StringencodingFormat
Method Summary
byte[]decrypt(byte[] ciphertext)
Decrypts the given ciphertext with the Secret Decoder Ring key stored in the NSS key database.
StringdecryptToString(byte[] ciphertext)
Decrypts the given ciphertext with the Secret Decoder Ring key stored in the NSS key database, returning the original plaintext string.
byte[]encrypt(byte[] plaintext)
Encrypts the given plaintext with the Secret Decoder Ring key stored in the NSS key database.
byte[]encrypt(String plaintext)
Encrypts the given plaintext string with the Secret Decoder Ring key stored in the NSS key database.

Field Detail

encodingFormat

public static final String encodingFormat

Method Detail

decrypt

public byte[] decrypt(byte[] ciphertext)
Decrypts the given ciphertext with the Secret Decoder Ring key stored in the NSS key database.

decryptToString

public String decryptToString(byte[] ciphertext)
Decrypts the given ciphertext with the Secret Decoder Ring key stored in the NSS key database, returning the original plaintext string.

encrypt

public byte[] encrypt(byte[] plaintext)
Encrypts the given plaintext with the Secret Decoder Ring key stored in the NSS key database.

encrypt

public byte[] encrypt(String plaintext)
Encrypts the given plaintext string with the Secret Decoder Ring key stored in the NSS key database.