Module org.apache.santuario.xmlsec
Package org.apache.xml.security.encryption

Class XMLCipherUtil

  • public final class XMLCipherUtil
extends Object

    • Constructor Detail

      • XMLCipherUtil

        public XMLCipherUtil()

    • Method Detail

      • constructBlockCipherParameters

        public static AlgorithmParameterSpec constructBlockCipherParameters​(String algorithm,
                                                                    byte[] iv)
        Build an AlgorithmParameterSpec instance used to initialize a Cipher instance for block cipher encryption and decryption.
        Parameters:
        algorithm - the XML encryption algorithm URI
        iv - the initialization vector
        Returns:
        the newly constructed AlgorithmParameterSpec instance, appropriate for the specified algorithm

      • constructBlockCipherParameters

        public static AlgorithmParameterSpec constructBlockCipherParameters​(boolean gcmAlgorithm,
                                                                    byte[] iv)

      • constructOAEPParameters

        public static OAEPParameterSpec constructOAEPParameters​(String encryptionAlgorithmURI,
                                                        String digestAlgorithmURI,
                                                        String mgfAlgorithmURI,
                                                        byte[] oaepParams)
        Method buildOAEPParameters from given parameters and returns OAEPParameterSpec. If encryptionAlgorithmURI is not RSA_OAEP or RSA_OAEP_11, null is returned.
        Parameters:
        encryptionAlgorithmURI - the encryption algorithm URI (RSA_OAEP or RSA_OAEP_11)
        digestAlgorithmURI - the digest algorithm URI
        mgfAlgorithmURI - the MGF algorithm URI if encryptionAlgorithmURI is RSA_OAEP_11, otherwise parameter is ignored
        oaepParams - the OAEP parameters bytes
        Returns:
        OAEPParameterSpec or null if encryptionAlgorithmURI is not RSA_OAEP or RSA_OAEP_11

      • constructMGF1Parameter

        public static MGF1ParameterSpec constructMGF1Parameter​(String mgh1AlgorithmURI)
        Create MGF1ParameterSpec for the given algorithm URI
        Parameters:
        mgh1AlgorithmURI - the algorithm URI. If null or empty, SHA-1 is used as default MGF1 digest algorithm.
        Returns:
        the MGF1ParameterSpec for the given algorithm URI

      • getMgf1URIForParameter

        public static String getMgf1URIForParameter​(MGF1ParameterSpec parameterSpec)
        Get the MGF1 algorithm URI for the given MGF1ParameterSpec
        Parameters:
        parameterSpec - the MGF1ParameterSpec
        Returns:
        the MGF1 algorithm URI for the given MGF1ParameterSpec

      • constructRecipientKeyAgreementParameters

        public static KeyAgreementParameters constructRecipientKeyAgreementParameters​(String keyWrapAlgoURI,
                                                                              AgreementMethod agreementMethod,
                                                                              PrivateKey keyAgreementPrivateKey)
                                                                       throws XMLSecurityException
        Construct an KeyAgreementParameterSpec object from the given parameters
        Parameters:
        keyWrapAlgoURI - key wrap algorithm
        agreementMethod - agreement method
        keyAgreementPrivateKey - private key to derive the shared secret in case of Diffie-Hellman key agreements
        Throws:
        XMLSecurityException

      • constructAgreementParameters

        public static KeyAgreementParameters constructAgreementParameters​(String agreementAlgorithmURI,
                                                                  KeyAgreementParameters.ActorType actorType,
                                                                  KeyDerivationParameters keyDerivationParameter,
                                                                  PrivateKey keyAgreementPrivateKey,
                                                                  PublicKey keyAgreementPublicKey)
        Construct an KeyAgreementParameterSpec object from the given parameters
        Parameters:
        agreementAlgorithmURI - agreement algorithm URI
        actorType - the actor type (originator or recipient)
        keyDerivationParameter - key derivation parameters (e.g. ConcatKDFParams for ConcatKDF key derivation)
        keyAgreementPrivateKey - private key to derive the shared secret in case of Diffie-Hellman key agreements
        keyAgreementPublicKey - public key to derive the shared secret in case of Diffie-Hellman key agreements

      • constructKeyDerivationParameter

        public static KeyDerivationParameters constructKeyDerivationParameter​(KeyDerivationMethod keyDerivationMethod,
                                                                      int keyBitLength)
                                                               throws XMLEncryptionException
        Construct a KeyDerivationParameter object from the given keyDerivationMethod data and keyBitLength.
        Parameters:
        keyDerivationMethod - element with the key derivation method data
        keyBitLength - expected derived key length in bits
        Returns:
        KeyDerivationParameters data
        Throws:
        XMLEncryptionException - if KDFParams cannot be created or the KDF URI is not supported or the key derivation parameters are invalid

      • hexStringToByteArray

        public static byte[] hexStringToByteArray​(String hexString)
        Method hexStringToByteArray converts hex string to byte array.
        Parameters:
        hexString - the hex string to convert
        Returns:
        the byte array of the input param, empty array if the hex string is empty, or null if input param is null