Package com.helger.phase4.crypto

Class AS4CryptParams

java.lang.Object
com.helger.phase4.crypto.AS4CryptParams
All Implemented Interfaces:
com.helger.base.clone.ICloneable<AS4CryptParams>
@NotThreadSafe public class AS4CryptParams extends Object implements com.helger.base.clone.ICloneable<AS4CryptParams>
AS4 encrypt/decrypt parameters
Since:
0.9.0
Author:
Philip Helger, Gregor Scholtysik

  • Field Details

  • Constructor Details

  • Method Details

    • isCryptEnabled

      public boolean isCryptEnabled(@Nullable Consumer<String> aWarningConsumer)

    • getKeyIdentifierType

      public final @NonNull ECryptoKeyIdentifierType getKeyIdentifierType()
      Returns:
      The key identifier type. May not be null.
      Since:
      0.11.0

    • setKeyIdentifierType

      public final @NonNull AS4CryptParams setKeyIdentifierType(@NonNull ECryptoKeyIdentifierType eKeyIdentifierType)
      Set the key identifier type to use. That defines how the information about the signing certificate is transmitted.
      Parameters:
      eKeyIdentifierType - The key identifier type to use. May not be null.
      Returns:
      this for chaining
      Since:
      0.11.0

    • getAlgorithmCrypt

      public final @Nullable ECryptoAlgorithmCrypt getAlgorithmCrypt()
      Returns:
      The encryption algorithm to use. May be null.

    • setAlgorithmCrypt

      public final @NonNull AS4CryptParams setAlgorithmCrypt(@Nullable ECryptoAlgorithmCrypt eAlgorithmCrypt)
      A encryption algorithm can be set.
      MANDATORY if you want to use encryption.
      Parameters:
      eAlgorithmCrypt - the encryption algorithm that should be set
      Returns:
      this for chaining

    • getKeyEncAlgorithm

      public final @NonNull ECryptoKeyEncryptionAlgorithm getKeyEncAlgorithm()

    • setKeyEncAlgorithm

      public final @NonNull AS4CryptParams setKeyEncAlgorithm(@NonNull ECryptoKeyEncryptionAlgorithm eKeyEncAlgorithm)

    • getMGFAlgorithm

      @Nonempty public final @NonNull @Nonempty String getMGFAlgorithm()
      Returns:
      The mask generation function (MGF) algorithm to use with the RSA-OAEP key transport algorithm. The default is DEFAULT_MGF_ALGORITHM

    • setMGFAlgorithm

      public final @NonNull AS4CryptParams setMGFAlgorithm(@Nonempty @NonNull @Nonempty String sMGFAlgorithm)
      Set the mask generation function (MGF) algorithm to use with the RSA-OAEP key transport algorithm.
      Parameters:
      sMGFAlgorithm - The MFG algorithm to use. May neither be null nor empty.
      Returns:
      this for chaining

    • getDigestAlgorithm

      @Nonempty public final @NonNull @Nonempty String getDigestAlgorithm()
      Returns:
      The digest algorithm to use with the RSA-OAEP key transport algorithm. The default is DEFAULT_DIGEST_ALGORITHM

    • setDigestAlgorithm

      public final @NonNull AS4CryptParams setDigestAlgorithm(@Nonempty @NonNull @Nonempty String sDigestAlgorithm)
      Set the digest algorithm to use with the RSA-OAEP key transport algorithm.
      Parameters:
      sDigestAlgorithm - The digest algorithm to use. May neither be null nor empty.
      Returns:
      this for chaining

    • getKeyAgreementMethod

      public final @Nullable ECryptoKeyAgreementMethod getKeyAgreementMethod()
      Returns:
      The key agreement method to use. May be null, in which case key transport (e.g. RSA-OAEP) is used instead of key agreement.
      Since:
      4.4.0

    • hasKeyAgreementMethod

      public final boolean hasKeyAgreementMethod()
      Returns:
      true if a key agreement method is set, false if not.
      Since:
      4.4.0

    • setKeyAgreementMethod

      public final @NonNull AS4CryptParams setKeyAgreementMethod(@Nullable ECryptoKeyAgreementMethod eKeyAgreementMethod)
      Set the key agreement method to use. When set, the encryption will use key agreement (e.g. ECDH-ES, X25519) instead of key transport (e.g. RSA-OAEP). If set to null, key transport is used.
      Parameters:
      eKeyAgreementMethod - The key agreement method. May be null.
      Returns:
      this for chaining
      Since:
      4.4.0

    • getKeyDerivationMethod

      public final @Nullable ECryptoKeyDerivationMethod getKeyDerivationMethod()
      Returns:
      The key derivation function to use with key agreement. May be null.
      Since:
      4.4.0

    • setKeyDerivationMethod

      public final @NonNull AS4CryptParams setKeyDerivationMethod(@Nullable ECryptoKeyDerivationMethod eKeyDerivationMethod)
      Set the key derivation function to use with key agreement (e.g. HKDF, ConcatKDF).
      Parameters:
      eKeyDerivationMethod - The key derivation method. May be null.
      Returns:
      this for chaining
      Since:
      4.4.0

    • getKeyWrapAlgorithm

      public final @Nullable ECryptoKeyWrapAlgorithm getKeyWrapAlgorithm()
      Returns:
      The key wrap algorithm to use with key agreement. May be null.
      Since:
      4.4.0

    • setKeyWrapAlgorithm

      public final @NonNull AS4CryptParams setKeyWrapAlgorithm(@Nullable ECryptoKeyWrapAlgorithm eKeyWrapAlgorithm)
      Set the key wrap algorithm to use with key agreement (e.g. AES-128 KeyWrap).
      Parameters:
      eKeyWrapAlgorithm - The key wrap algorithm. May be null.
      Returns:
      this for chaining
      Since:
      4.4.0

    • setEDelivery2KeyAgreementX25519

      public final @NonNull AS4CryptParams setEDelivery2KeyAgreementX25519()
      Convenience method to set all parameters required for eDelivery AS4 2.0 EdDSA/X25519 key agreement: X25519 key agreement, HKDF key derivation, AES-128 key wrap.
      Returns:
      this for chaining
      Since:
      4.4.0

    • setEDelivery2KeyAgreementECDHES

      public final @NonNull AS4CryptParams setEDelivery2KeyAgreementECDHES()
      Convenience method to set all parameters required for eDelivery AS4 2.0 ECDSA/ECDH-ES key agreement: ECDH-ES key agreement, HKDF key derivation, AES-128 key wrap.
      Returns:
      this for chaining
      Since:
      4.4.0

    • getCertificate

      public final @Nullable X509Certificate getCertificate()
      Returns:
      The currently set X509 certificate. May be null.

    • hasCertificate

      public final boolean hasCertificate()
      Returns:
      true if an X509 certificate is present, false if not.

    • setCertificate

      public final @NonNull AS4CryptParams setCertificate(@Nullable X509Certificate aCert)
      Set the X509 certificate be used. The provided certificate is not checked for validity. If it is expired only a warning is logged but the certificate will still be used.
      Parameters:
      aCert - The certificate to be used. May be null.
      Returns:
      this for chaining

    • getAlias

      public final @Nullable String getAlias()

    • hasAlias

      public final boolean hasAlias()

    • setAlias

      public final @NonNull AS4CryptParams setAlias(@Nullable String sAlias)

    • getSessionKeyProvider

      public final @NonNull ICryptoSessionKeyProvider getSessionKeyProvider()
      Returns:
      The session key provider to be used. Never null.
      Since:
      2.1.2

    • setSessionKeyProvider

      public final @NonNull AS4CryptParams setSessionKeyProvider(@NonNull ICryptoSessionKeyProvider aSessionKeyProvider)
      Set the session key provider to be used for encryption. The provided provider must never return a null key.
      Parameters:
      aSessionKeyProvider - The session key provider to be used. May not be null.
      Returns:
      this for chaining
      Since:
      2.1.2

    • getSecurityProviderEncrypt

      public final @Nullable Provider getSecurityProviderEncrypt()
      Note: this is currently not used by WSS4J
      Returns:
      The security provider to be used for encryption (not for decryption). May be null.
      Since:
      2.4.0

    • setSecurityProviderEncrypt

      public final @NonNull AS4CryptParams setSecurityProviderEncrypt(@Nullable Provider aSecurityProviderEncrypt)
      Set the security provider to be used for encryption (not for decryption).
      Note: this is currently not used by WSS4J
      Parameters:
      aSecurityProviderEncrypt - The security provider to be used. May be null.
      Returns:
      this for chaining
      Since:
      2.4.0

    • getSecurityProviderDecrypt

      public final @Nullable Provider getSecurityProviderDecrypt()
      Note: this is currently not used by WSS4J
      Returns:
      The security provider to be used for decryption (not for encryption). May be null.
      Since:
      2.4.0

    • setSecurityProviderDecrypt

      public final @NonNull AS4CryptParams setSecurityProviderDecrypt(@Nullable Provider aSecurityProviderDecrypt)
      Set the security provider to be used for decryption (not for encryption).
      Note: this is currently not used by WSS4J
      Parameters:
      aSecurityProviderDecrypt - The security provider to be used. May be null.
      Returns:
      this for chaining
      Since:
      2.4.0

    • setSecurityProvider

      public final @NonNull AS4CryptParams setSecurityProvider(@Nullable Provider aSecurityProvider)
      Set the security provider to be used for encryption and decryption.
      Parameters:
      aSecurityProvider - The security provider to be used. May be null.
      Returns:
      this for chaining
      Since:
      2.1.4

    • isEncryptSymmetricSessionKey

      public final boolean isEncryptSymmetricSessionKey()
      Returns:
      true if the symmetric session key should be part of the transmission or false if not. Default is DEFAULT_ENCRYPT_SYMMETRIC_SESSION_KEY
      Since:
      2.1.4

    • setEncryptSymmetricSessionKey

      public final @NonNull AS4CryptParams setEncryptSymmetricSessionKey(boolean b)
      Enable or disable the inclusion of the symmetric session key into the transmission or not.
      Parameters:
      b - true to enabled, false to disable it.
      Returns:
      this for chaining
      Since:
      2.1.4

    • getWSSecEncryptCustomizer

      public final @Nullable IWSSecEncryptCustomizer getWSSecEncryptCustomizer()

    • hasWSSecEncryptCustomizer

      public final boolean hasWSSecEncryptCustomizer()

    • setWSSecEncryptCustomizer

      public final @NonNull AS4CryptParams setWSSecEncryptCustomizer(@Nullable IWSSecEncryptCustomizer a)

    • setFromPMode

      public final @NonNull AS4CryptParams setFromPMode(@Nullable PModeLegSecurity aSecurity)
      This method calls setAlgorithmCrypt(ECryptoAlgorithmCrypt) based on the PMode parameters. If the PMode parameter is null the value will be set to null.
      Parameters:
      aSecurity - The PMode security stuff to use. May be null.
      Returns:
      this for chaining
      See Also:

    • cloneTo

      @OverridingMethodsMustInvokeSuper public void cloneTo(@NonNull AS4CryptParams aTarget)

    • getClone

      @ReturnsMutableCopy public @NonNull AS4CryptParams getClone()
      Specified by:
      getClone in interface com.helger.base.clone.ICloneable<AS4CryptParams>

    • toString

      public String toString()
      Overrides:
      toString in class Object

    • createDefault

      @ReturnsMutableObject public static @NonNull AS4CryptParams createDefault()
      Returns:
      A non-null default instance.
      See Also: