|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
@PublicAPI(stability=VOLATILE, mayInstantiate=false, mayExtend=false, mayInvoke=true) public interface CryptoManager
This interface defines the methods to call to access cryptographic services including encryption and hashing; in particular, when the ciphertext or HMAC is produced on one directory server instance and is to be consumed on another.
Method Summary | |
---|---|
int |
compress(byte[] src,
byte[] dst)
Attempts to compress the data in the provided source array into the given destination array. |
byte[] |
decrypt(byte[] data)
Decrypts the data in the provided byte array using cipher specified by the key identifier prologue to the data. |
byte[] |
digest(byte[] data)
Retrieves a byte array containing a message digest based on the provided data, using the preferred digest algorithm. |
byte[] |
digest(java.io.InputStream inputStream)
Retrieves a byte array containing a message digest based on the data read from the provided input stream, using the preferred digest algorithm. |
byte[] |
digest(java.lang.String digestAlgorithm,
byte[] data)
Retrieves a byte array containing a message digest based on the provided data, using the requested digest algorithm. |
byte[] |
digest(java.lang.String digestAlgorithm,
java.io.InputStream inputStream)
Retrieves a byte array containing a message digest based on the data read from the provided input stream, using the requested digest algorithm. |
byte[] |
encrypt(byte[] data)
Encrypts the data in the provided byte array using the preferred cipher transformation. |
byte[] |
encrypt(java.lang.String cipherTransformation,
int keyLengthBits,
byte[] data)
Encrypts the data in the provided byte array using the requested cipher algorithm. |
javax.crypto.CipherInputStream |
getCipherInputStream(java.io.InputStream inputStream)
Returns a CipherInputStream instantiated with a cipher corresponding to the key identifier prologue to the data. |
javax.crypto.CipherOutputStream |
getCipherOutputStream(java.io.OutputStream outputStream)
Writes encrypted data to the provided output stream using the preferred cipher transformation. |
javax.crypto.CipherOutputStream |
getCipherOutputStream(java.lang.String cipherTransformation,
int keyLengthBits,
java.io.OutputStream outputStream)
Writes encrypted data to the provided output stream using the requested cipher transformation. |
javax.crypto.Mac |
getMacEngine(java.lang.String keyEntryID)
For the specified key entry identifier, instantiate a MAC engine. |
java.lang.String |
getMacEngineKeyEntryID()
For the current preferred MAC algorithm and key length, return the identifier of the corresponding key entry. |
java.lang.String |
getMacEngineKeyEntryID(java.lang.String macAlgorithm,
int keyLengthBits)
For the specified MAC algorithm and key length, return the identifier of the corresponding key entry. |
java.security.MessageDigest |
getMessageDigest(java.lang.String digestAlgorithm)
Retrieves a MessageDigest object that may be used to
generate digests using the specified algorithm. |
java.security.MessageDigest |
getPreferredMessageDigest()
Retrieves a MessageDigest object that may be used to
generate digests using the preferred digest algorithm. |
java.lang.String |
getPreferredMessageDigestAlgorithm()
Retrieves the name of the preferred message digest algorithm. |
java.lang.String |
getSslCertNickname()
Get the name of the local certificate to use for SSL. |
java.util.SortedSet<java.lang.String> |
getSslCipherSuites()
Get the set of enabled SSL cipher suites. |
javax.net.ssl.SSLContext |
getSslContext(java.lang.String sslCertNickname)
Create an SSL context that may be used for communication to another ADS component. |
java.util.SortedSet<java.lang.String> |
getSslProtocols()
Get the set of enabled SSL protocols. |
boolean |
isSslEncryption()
Determine whether SSL encryption is enabled. |
int |
uncompress(byte[] src,
byte[] dst)
Attempts to uncompress the data in the provided source array into the given destination array. |
Method Detail |
---|
java.lang.String getPreferredMessageDigestAlgorithm()
java.security.MessageDigest getPreferredMessageDigest() throws java.security.NoSuchAlgorithmException
MessageDigest
object that may be used to
generate digests using the preferred digest algorithm.
MessageDigest
object that may be used to
generate digests using the preferred digest algorithm.
java.security.NoSuchAlgorithmException
- If the requested
algorithm is not supported or is unavailable.java.security.MessageDigest getMessageDigest(java.lang.String digestAlgorithm) throws java.security.NoSuchAlgorithmException
MessageDigest
object that may be used to
generate digests using the specified algorithm.
digestAlgorithm
- The algorithm to use to generate the
message digest.
MessageDigest
object that may be used to
generate digests using the specified algorithm.
java.security.NoSuchAlgorithmException
- If the requested
algorithm is not supported or is unavailable.byte[] digest(byte[] data) throws java.security.NoSuchAlgorithmException
data
- The data to be digested.
java.security.NoSuchAlgorithmException
- If the requested
algorithm is not supported or is unavailable.byte[] digest(java.lang.String digestAlgorithm, byte[] data) throws java.security.NoSuchAlgorithmException
digestAlgorithm
- The algorithm to use to generate the
message digest.data
- The data to be digested.
java.security.NoSuchAlgorithmException
- If the requested
algorithm is not supported or is unavailable.byte[] digest(java.io.InputStream inputStream) throws java.io.IOException, java.security.NoSuchAlgorithmException
inputStream
- The input stream from which the data is to
be read.
java.io.IOException
- If a problem occurs while reading
data from the provided stream.
java.security.NoSuchAlgorithmException
- If the requested
algorithm is not supported or is unavailable.byte[] digest(java.lang.String digestAlgorithm, java.io.InputStream inputStream) throws java.io.IOException, java.security.NoSuchAlgorithmException
digestAlgorithm
- The algorithm to use to generate the
message digest.inputStream
- The input stream from which the data is
to be read.
java.io.IOException
- If a problem occurs while reading
data from the provided stream.
java.security.NoSuchAlgorithmException
- If the requested
algorithm is not supported or is unavailable.java.lang.String getMacEngineKeyEntryID() throws CryptoManagerException
CryptoManagerException
- In case one or more of the key
parameters is invalid, or there is a problem instantiating the
key entry in case it does not already exist.java.lang.String getMacEngineKeyEntryID(java.lang.String macAlgorithm, int keyLengthBits) throws CryptoManagerException
macAlgorithm
- The algorithm to use for the MAC engine.keyLengthBits
- The key length in bits to use with the
specified algorithm.
CryptoManagerException
- In case one or more of the key
parameters is invalid, or there is a problem instantiating the
key entry in case it does not already exist.javax.crypto.Mac getMacEngine(java.lang.String keyEntryID) throws CryptoManagerException
keyEntryID
- The identifier of the key entry containing the
desired MAC algorithm name and key length.
CryptoManagerException
- In case the key entry identifier
is invalid or there is a problem instantiating the MAC engine
from the parameters in the referenced key entry.byte[] encrypt(byte[] data) throws java.security.GeneralSecurityException, CryptoManagerException
data
- The plain-text data to be encrypted.
java.security.GeneralSecurityException
- If a problem
occurs while encrypting the data.
CryptoManagerException
- If a problem occurs managing the
encryption key or producing the cipher.byte[] encrypt(java.lang.String cipherTransformation, int keyLengthBits, byte[] data) throws java.security.GeneralSecurityException, CryptoManagerException
cipherTransformation
- The algorithm/mode/padding to use
for the cipher.keyLengthBits
- The length in bits of the encryption key
this method is to use. Note the specified key length and
transformation must be compatible.data
- The plain-text data to be encrypted.
java.security.GeneralSecurityException
- If a problem
occurs while encrypting the data.
CryptoManagerException
- If a problem occurs managing the
encryption key or producing the cipher.javax.crypto.CipherOutputStream getCipherOutputStream(java.io.OutputStream outputStream) throws CryptoManagerException
outputStream
- The output stream to be wrapped by the
returned cipher output stream.
CryptoManagerException
- If a problem occurs managing the
encryption key or producing the cipher.javax.crypto.CipherOutputStream getCipherOutputStream(java.lang.String cipherTransformation, int keyLengthBits, java.io.OutputStream outputStream) throws CryptoManagerException
cipherTransformation
- The algorithm/mode/padding to use
for the cipher.keyLengthBits
- The length in bits of the encryption key
this method will generate. Note the specified key length
must be compatible with the transformation.outputStream
- The output stream to be wrapped by the
returned cipher output stream.
CryptoManagerException
- If a problem occurs managing the
encryption key or producing the cipher.byte[] decrypt(byte[] data) throws java.security.GeneralSecurityException, CryptoManagerException
data
- The cipher-text data to be decrypted.
java.security.GeneralSecurityException
- If a problem
occurs while encrypting the data.
CryptoManagerException
- If a problem occurs reading the
key identifier or initialization vector from the data
prologue, or using these values to initialize a Cipher.javax.crypto.CipherInputStream getCipherInputStream(java.io.InputStream inputStream) throws CryptoManagerException
inputStream
- The input stream be wrapped with the
CipherInputStream.
CryptoManagerException
- If there is a problem reading the
key ID or initialization vector from the input stream,
or using these values to inititalize a Cipher.int compress(byte[] src, byte[] dst)
src
- The array containing the raw data to compress.dst
- The array into which the compressed data should be
written.
int uncompress(byte[] src, byte[] dst) throws java.util.zip.DataFormatException
src
- The array containing the compressed data.dst
- The array into which the uncompressed data should be
written.
java.util.zip.DataFormatException
- If a problem occurs
while attempting to uncompress the data.javax.net.ssl.SSLContext getSslContext(java.lang.String sslCertNickname) throws ConfigException
sslCertNickname
- The name of the local certificate to use,
or null if none is specified.
ConfigException
- If the context
could not be created.java.lang.String getSslCertNickname()
boolean isSslEncryption()
java.util.SortedSet<java.lang.String> getSslProtocols()
java.util.SortedSet<java.lang.String> getSslCipherSuites()
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |