General Concepts
Some general concepts apply to all functionalities in Bruce.
Algorithms
Algorithms supported by the default JCA provider are listed here.
Algorithms supported by the Bouncy Castle JCA provider are listed here.
Method Overloading
Most methods allow choosing the most appropriate version through overloading.
Static Imports
Static imports are assumed through all examples. Instead of:
the examples assume:
You are of course free not to use static imports. I personally like them as the code looks a bit tidier.
Passwords
Passwords in the API are typed as a char
array. There is a good reason for this: depending on implementation specifics, String
instances might be stored in a permanent memory area.
One might argue that accessing this memory area is not easy task for an attacker, but there's plenty of reasons why this is not always the case.
So, Bruce only accepts passwords as char
arrays. If you are working with passwords that are already arriving to you in a String
instance, just call .toCharArray()
on it to perform the conversion where necessary.
Encoding
Raw byte arrays
At the most basic level, computers work with bits. In Java, you can work at the bit level, but the most basic form of storage for encrypted data is the byte. At low level, Java cryptography usually works on arrays of bytes, such as:
The MESSAGE_SHA1
and hash
byte arrays are identical. You can easily see however how this is not always a very practical representation format. You cannot directly use this value in a text file, an email message or a JSON payload.
Encodings
For these reasons all methods that work with raw byte arrays also have an overloaded version that supports different encodings.
The hash String is going to look like this, as it gets base64 encoded: "b5ua881ui4pzws3O03/p9ZIm4n0="
.
Supported encodings are Base64, Url, Mime, Hex.
Base64, email and 7 bits
SMTP, the protocol the Internet uses for sending emails, - in its original form - was designed to transport 7-bit ASCII characters only. Base64 works around this limitation by using characters that fit in a 7-bit space.
Providers
All methods allow specifying an optional JCA provider.
For instance, to use the Bouncy Castle provider with a digester:
I won't provide documentation for all overloaded methods that allow specifying a custom provider, otherwise the documentation would become even more verbose than it already is. Just know that the methods are there if you need them.
Do not forget to add the appropriate provider jar to the classpath for this to work.
Error Handling
There is a single exception in Bruce that wraps all kinds of errors: the BruceException
. As it is a RuntimeException
, you are not forced to catch it.
Initialization and configuration errors are raised as soon as possible.
Wherever possible, the originating exception is wrapped and can be accessed through the getCause()
method.
Last updated