Project for Handling Credit Card Data using PKI

The demo class can be seen here: <a href="/glenn/servlet/com.scripps.pki.demo.Demo?msg=Your Credit Card Info Here"> demo</a>

This is one of my first contemporary attempts at creating an infrstructure for security at scripps.  Past attempts have not succeeded. See AppSec.

It is interesting to note that the demo is a 'complete round trip' in that for every request it is generating a simple digital signing keypair, a more complex encryption keypair.  Wrapping the complex keypair into individually ascii armoured documents, writing said docs to disk, then turning around and reading the public key, using it to encrypt the message, writing that to disk, then reading the private key and message from disk in order to perform the decryption.  The demo is using IBM's JDK2-13 and tomcat4 under linux on a 400 mhz pentium 2 and is very responsive.

The code breaks down into a couple classes:

com.scripps.pki.keystore

	* `PGPKeyBundle` createKey( String `algorythm`, int size, String name, String email, String passphrase ) 
<table><tr><td>throws</td>
 <td>InvalidAlgorythmException,</td></tr>
<tr><td></td><td> InvalidKeySizeException, </td></tr>
<tr><td></td><td>InvalidPrincipalNameException, </td></tr>
<tr><td></td><td>InvalidEmailAddressException,</td></tr> 
<tr><td></td><td>InvalidPassPhraseException ;</td></tr>
</table>

	* `KeyBundleID` saveKey( `PGPKeyBundle` ) throws IOException, InvalidPGPKeyBundleException ;

	* `KeyBundleID` `findKeyBundleID`( String name ) throws NoKeyBundleFoundException ;


com.scripps.encryptor

	* String encrypt( `KeyBundleID` kbid, String message ) throws `InvalidKeyBundleIDException`, InvalidMessageException;


com.scripps.decryptor

	* String decrypt( `KeyBundleID` kbid, String passphrase, String ciphertext ) throws `InvalidKeyBundleIDException`,IncorrectPassPhraseException ;



CcPkiTimeLine
For more info contact BrianBruce


02/25/2002
<pre>
public interface com.scripps.crypto.EncryptorInterface
	{
	public String encrypt( String key, String message ) ;
	}
public interface com.scripps.crypto.DecryptorInterface
	{
	public String decrypt( String key, String ciphertext ) ;
	}

public com.scripps.crypto.XorEncryptor implements 
com.scripps.crypto.EncryptorInterface
	{
	public static String encrypt( String Key, String Message )
		{
					 char buffer[] = Message.toCharArray() ;
					 char key[] = Key.toCharArray() ;
					 int bi = 0 ;
					 int ki = 0 ;
					 while( bi < buffer.length ) 
						 {
						 buffer[bi] ^= key[ki] ;
						 bi ++ ;
						 if( ++ ki > key.length )
							 {
							 ki = 0 ;
							 }
						 }
					 return new String(buffer);
					 }
		  
		  public static String decrypt(String Key, String Ciphertext ) 
			  {
			  char buffer[] = Ciphertext.toCharArray() ;
			  char key[] = Key.toCharArray() ;
			  int bi = 0 ;
			  int ki = 0 ;
			  while( bi < buffer.length ) 
				  {
				  buffer[bi] ^= key[ki] ;
				  bi ++ ;
				  if( ++ ki > key.length )
					  {
					  ki = 0 ;
					  }
				  }
			  return new String(buffer);
			  }
		  }
</pre>