- java.lang.Object
-
- org.apache.xml.security.utils.KeyUtils
-
public class KeyUtils extends Object
A set of utility methods to handle keys.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classKeyUtils.KeyAlgorithmTypeEnumeration of Supported key algorithm types.static classKeyUtils.KeyTypeEnumeration of specific key types.
-
Constructor Summary
Constructors Constructor Description KeyUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static SecretKeyaesWrapKeyWithDHGeneratedKey(KeyAgreementParameters parameterSpec)Method generates a secret key for given KeyAgreementParameterSpec.static KeyPairGeneratorcreateKeyPairGenerator(String algorithm, Provider provider)Create a KeyPairGenerator for the given algorithm and provider.static byte[]deriveKeyEncryptionKey(byte[] sharedSecret, KeyDerivationParameters keyDerivationParameter)Derive a key encryption key from a shared secret and keyDerivationParameter.static KeyPairgenerateEphemeralDHKeyPair(PublicKey recipientPublicKey, Provider provider)Method generates DH keypair which match the type of given public key type.static intgetAESKeyBitSizeForWrapAlgorithm(String keyWrapAlg)Defines the key size for the encrypting algorithm.
-
-
-
Method Detail
-
generateEphemeralDHKeyPair
public static KeyPair generateEphemeralDHKeyPair(PublicKey recipientPublicKey, Provider provider) throws XMLEncryptionException
Method generates DH keypair which match the type of given public key type.- Parameters:
recipientPublicKey- public key of recipientprovider- provider to use for key generation- Returns:
- generated keypair
- Throws:
XMLEncryptionException- if the keys cannot be generated
-
createKeyPairGenerator
public static KeyPairGenerator createKeyPairGenerator(String algorithm, Provider provider) throws NoSuchAlgorithmException
Create a KeyPairGenerator for the given algorithm and provider.- Parameters:
algorithm- the key JCE algorithm nameprovider- the provider to use or null if default JCE provider should be used- Returns:
- the KeyPairGenerator
- Throws:
NoSuchAlgorithmException- if the algorithm is not supported
-
aesWrapKeyWithDHGeneratedKey
public static SecretKey aesWrapKeyWithDHGeneratedKey(KeyAgreementParameters parameterSpec) throws XMLEncryptionException
Method generates a secret key for given KeyAgreementParameterSpec.- Parameters:
parameterSpec- KeyAgreementParameterSpec which defines algorithm to derive key- Returns:
- generated secret key
- Throws:
XMLEncryptionException- if the secret key cannot be generated as: Key agreement is not supported, wrong key types, etc.
-
getAESKeyBitSizeForWrapAlgorithm
public static int getAESKeyBitSizeForWrapAlgorithm(String keyWrapAlg) throws XMLEncryptionException
Defines the key size for the encrypting algorithm.- Parameters:
keyWrapAlg- the key wrap algorithm URI- Returns:
- the key size in bits
- Throws:
XMLEncryptionException- if the key wrap algorithm is not supported
-
deriveKeyEncryptionKey
public static byte[] deriveKeyEncryptionKey(byte[] sharedSecret, KeyDerivationParameters keyDerivationParameter) throws XMLSecurityExceptionDerive a key encryption key from a shared secret and keyDerivationParameter. Currently only the ConcatKDF is supported.- Parameters:
sharedSecret- the shared secretkeyDerivationParameter- the key derivation parameters- Returns:
- the derived key encryption key
- Throws:
XMLSecurityException- if the key derivation algorithm is not supported
-
-