Module org.apache.santuario.xmlsec
Package org.apache.xml.security.encryption

Class XMLCipherUtil

  • public final class XMLCipherUtil
extends Object

    • Constructor Detail

      • XMLCipherUtil

        public XMLCipherUtil()

    • Method Detail

      • constructBlockCipherParameters

        public static AlgorithmParameterSpec constructBlockCipherParameters​(String algorithm,
                                                                    byte[] iv)
        Build an AlgorithmParameterSpec instance used to initialize a Cipher instance for block cipher encryption and decryption.
        Parameters:
        algorithm - the XML encryption algorithm URI
        iv - the initialization vector
        Returns:
        the newly constructed AlgorithmParameterSpec instance, appropriate for the specified algorithm

      • constructBlockCipherParameters

        public static AlgorithmParameterSpec constructBlockCipherParameters​(boolean gcmAlgorithm,
                                                                    byte[] iv)

      • constructOAEPParameters

        public static OAEPParameterSpec constructOAEPParameters​(String encryptionAlgorithmURI,
                                                        String digestAlgorithmURI,
                                                        String mgfAlgorithmURI,
                                                        byte[] oaepParams)
        Method buildOAEPParameters from given parameters and returns OAEPParameterSpec. If encryptionAlgorithmURI is not RSA_OAEP or RSA_OAEP_11, null is returned.
        Parameters:
        encryptionAlgorithmURI - the encryption algorithm URI (RSA_OAEP or RSA_OAEP_11)
        digestAlgorithmURI - the digest algorithm URI
        mgfAlgorithmURI - the MGF algorithm URI if encryptionAlgorithmURI is RSA_OAEP_11, otherwise parameter is ignored
        oaepParams - the OAEP parameters bytes
        Returns:
        OAEPParameterSpec or null if encryptionAlgorithmURI is not RSA_OAEP or RSA_OAEP_11

      • constructMGF1Parameter

        public static MGF1ParameterSpec constructMGF1Parameter​(String mgh1AlgorithmURI)
        Create MGF1ParameterSpec for the given algorithm URI
        Parameters:
        mgh1AlgorithmURI - the algorithm URI. If null or empty, SHA-1 is used as default MGF1 digest algorithm.
        Returns:
        the MGF1ParameterSpec for the given algorithm URI

      • getMgf1URIForParameter

        public static String getMgf1URIForParameter​(MGF1ParameterSpec parameterSpec)
        Get the MGF1 algorithm URI for the given MGF1ParameterSpec
        Parameters:
        parameterSpec - the MGF1ParameterSpec
        Returns:
        the MGF1 algorithm URI for the given MGF1ParameterSpec

      • constructRecipientKeyAgreementParameters

        public static KeyAgreementParameters constructRecipientKeyAgreementParameters​(String keyWrapAlgoURI,
                                                                              AgreementMethod agreementMethod,
                                                                              PrivateKey keyAgreementPrivateKey)
                                                                       throws XMLSecurityException
        Construct an KeyAgreementParameterSpec object from the given parameters
        Parameters:
        keyWrapAlgoURI - key wrap algorithm
        agreementMethod - agreement method
        keyAgreementPrivateKey - private key to derive the shared secret in case of Diffie-Hellman key agreements
        Throws:
        XMLSecurityException

      • constructAgreementParameters

        public static KeyAgreementParameters constructAgreementParameters​(String agreementAlgorithmURI,
                                                                  KeyAgreementParameters.ActorType actorType,
                                                                  KeyDerivationParameters keyDerivationParameter,
                                                                  PrivateKey keyAgreementPrivateKey,
                                                                  PublicKey keyAgreementPublicKey)
        Construct an KeyAgreementParameterSpec object from the given parameters
        Parameters:
        agreementAlgorithmURI - agreement algorithm
        keyDerivationParameter - key derivation parameters (e.g. ConcatKDFParams for ConcatKDF key derivation)
        keyAgreementPrivateKey - private key to derive the shared secret in case of Diffie-Hellman key agreements
        keyAgreementPublicKey - public key to derive the shared secret in case of Diffie-Hellman key agreements

      • constructKeyDerivationParameter

        public static KeyDerivationParameters constructKeyDerivationParameter​(KeyDerivationMethod keyDerivationMethod,
                                                                      int keyBitLength)
                                                               throws XMLSecurityException
        Construct a KeyDerivationParameter object from the given keyDerivationMethod and keyBitLength
        Parameters:
        keyDerivationMethod - element to parse
        keyBitLength - expected derived key length
        Returns:
        KeyDerivationParameter object
        Throws:
        XMLSecurityException - if the keyDerivationMethod is not supported

      • constructConcatKeyDerivationParameter

        public static ConcatKDFParams constructConcatKeyDerivationParameter​(int keyBitLength,
                                                                    String digestMethod)
        Construct a ConcatKeyDerivationParameter object from the key length and digest method.
        Parameters:
        keyBitLength - expected derived key length
        digestMethod - digest method
        Returns:
        ConcatKeyDerivationParameter object

      • constructConcatKeyDerivationParameter

        public static ConcatKDFParams constructConcatKeyDerivationParameter​(int keyBitLength,
                                                                    String digestMethod,
                                                                    String algorithmId,
                                                                    String partyUInfo,
                                                                    String partyVInfo,
                                                                    String suppPubInfo,
                                                                    String suppPrivInfo)
        Construct a ConcatKeyDerivationParameter object from the given parameters
        Parameters:
        keyBitLength - expected derived key length
        digestMethod - digest method
        algorithmId - algorithm id
        partyUInfo - partyUInfo
        partyVInfo - partyVInfo
        suppPubInfo - suppPubInfo
        suppPrivInfo - suppPrivInfo
        Returns:
        ConcatKeyDerivationParameter object