public final class AlgorithmSupport extends Object
Modifier and Type | Method and Description |
---|---|
static boolean |
checkKeyAlgorithmAndLength(Key key,
AlgorithmDescriptor algorithm)
Check that the supplied key is consistent with the supplied algorithm's specified key algorithm and key length,
where applicable.
|
static boolean |
credentialSupportsAlgorithmForEncryption(Credential credential,
AlgorithmDescriptor algorithm)
Check whether the supplied credential may be used with the supplied algorithm for the purpose of
encryption.
|
static boolean |
credentialSupportsAlgorithmForSigning(Credential credential,
AlgorithmDescriptor algorithm)
Check whether the supplied credential may be used with the supplied algorithm for the purpose of
signing.
|
static KeyPair |
generateKeyPair(String algoURI,
int keyLength)
Randomly generates a Java JCE KeyPair object from the specified XML Encryption algorithm URI.
|
static Credential |
generateKeyPairAndCredential(String algorithmURI,
int keyLength,
boolean includePrivate)
Generate a random asymmetric key pair and return in a BasicCredential.
|
static SecretKey |
generateSymmetricKey(String algoURI)
Generates a random Java JCE symmetric Key object from the specified XML Encryption algorithm URI.
|
static Credential |
generateSymmetricKeyAndCredential(String algorithmURI)
Generate a random symmetric key and return in a BasicCredential.
|
static String |
getAlgorithmID(String algorithmURI)
Get the Java security JCA/JCE algorithm identifier associated with an algorithm URI.
|
static AlgorithmRegistry |
getGlobalAlgorithmRegistry()
Get the global
AlgorithmRegistry instance. |
static String |
getKeyAlgorithm(String algorithmURI)
Get the Java security JCA/JCE key algorithm specifier associated with an algorithm URI.
|
static Integer |
getKeyLength(String algorithmURI)
Get the length of the key indicated by the algorithm URI, if applicable and available.
|
static boolean |
isDataEncryptionAlgorithm(AlgorithmDescriptor algorithm)
Check whether the supplied descriptor represents an algorithm that my be used for
data encryption, i.e.
|
static boolean |
isHMAC(String signatureAlgorithm)
Check whether the signature method algorithm URI indicates HMAC.
|
static boolean |
isKeyEncryptionAlgorithm(AlgorithmDescriptor algorithm)
Check whether the supplied descriptor represents an algorithm that my be used for
key encryption, i.e.
|
static boolean |
isRSAOAEP(String keyTransportAlgorithm)
Check whether the key transport encryption algorithm URI indicates RSA-OAEP.
|
static boolean |
validateAlgorithmURI(String algorithmURI,
Collection<String> whitelistedAlgorithmURIs,
Collection<String> blacklistedAlgorithmURIs)
Validate the supplied algorithm URI against the specified whitelist and blacklist.
|
@Nullable public static AlgorithmRegistry getGlobalAlgorithmRegistry()
AlgorithmRegistry
instance.public static boolean isKeyEncryptionAlgorithm(@Nullable AlgorithmDescriptor algorithm)
algorithm
- the algorithm descriptor to evaluatepublic static boolean isDataEncryptionAlgorithm(@Nullable AlgorithmDescriptor algorithm)
algorithm
- the algorithm descriptor to evaluatepublic static boolean credentialSupportsAlgorithmForSigning(@Nullable Credential credential, @Nullable AlgorithmDescriptor algorithm)
This checks the consistency of the type of credential signing key and the algorithm type, as well as the key algorithm and length where applicable.
credential
- the candidate signing credential to evaluatealgorithm
- the candidate signing algorithm to evaluatepublic static boolean credentialSupportsAlgorithmForEncryption(@Nullable Credential credential, @Nullable AlgorithmDescriptor algorithm)
This checks the consistency of the extracted credential encryption key and the algorithm type, as well as the key algorithm and length where applicable.
credential
- the candidate encryption credential to evaluatealgorithm
- the candidate encryption algorithm to evaluatepublic static boolean checkKeyAlgorithmAndLength(@Nonnull Key key, @Nonnull AlgorithmDescriptor algorithm)
key
- the key to evaluatealgorithm
- the algorithm to evaluate@Nullable public static String getAlgorithmID(@Nonnull String algorithmURI)
algorithmURI
- the algorithm URI to evaluatepublic static boolean isRSAOAEP(@Nonnull String keyTransportAlgorithm)
keyTransportAlgorithm
- the key transport encryption algorithm URIpublic static boolean isHMAC(@Nonnull String signatureAlgorithm)
signatureAlgorithm
- the signature method algorithm URI@Nullable public static String getKeyAlgorithm(@Nonnull String algorithmURI)
algorithmURI
- the algorithm URI to evaluate@Nullable public static Integer getKeyLength(@Nonnull String algorithmURI)
algorithmURI
- the algorithm URI to evaluate@Nonnull public static SecretKey generateSymmetricKey(@Nonnull String algoURI) throws NoSuchAlgorithmException, KeyException
algoURI
- The XML Encryption algorithm URINoSuchAlgorithmException
- thrown if the specified algorithm is invalidKeyException
- thrown if the length of the key to generate could not be determined@Nonnull public static KeyPair generateKeyPair(@Nonnull String algoURI, int keyLength) throws NoSuchAlgorithmException, NoSuchProviderException
algoURI
- The XML Encryption algorithm URIkeyLength
- the length of key to generateNoSuchProviderException
- provider not foundNoSuchAlgorithmException
- algorithm not found@Nonnull public static Credential generateSymmetricKeyAndCredential(@Nonnull String algorithmURI) throws NoSuchAlgorithmException, KeyException
algorithmURI
- The XML Encryption algorithm URIKeyException
NoSuchAlgorithmException
- algorithm not found@Nonnull public static Credential generateKeyPairAndCredential(@Nonnull String algorithmURI, int keyLength, boolean includePrivate) throws NoSuchAlgorithmException, NoSuchProviderException
algorithmURI
- The XML Encryption algorithm URIkeyLength
- key lengthincludePrivate
- if true, the private key will be included as wellNoSuchAlgorithmException
- algorithm not foundNoSuchProviderException
- provider not foundpublic static boolean validateAlgorithmURI(@Nonnull String algorithmURI, @Nullable Collection<String> whitelistedAlgorithmURIs, @Nullable Collection<String> blacklistedAlgorithmURIs)
algorithmURI
- the algorithm URI to evaluatewhitelistedAlgorithmURIs
- the algorithm whitelistblacklistedAlgorithmURIs
- the algorithm blacklistCopyright © 2017. All rights reserved.