1 RSA

Class Ax.crypt.RSA


RSA (Rivest?Shamir?Adleman) is one of the first public-key cryptosystems and is widely used for secure data transmission. RSA can only encrypt messages that are several bytes shorter than the modulus of the key pair. The extra bytes are for padding, and the exact number depends on the padding scheme you are using. RSA is for key transport, not data encryption. If you have a long message, encrypt it with AES, using a random key. Then encrypt the AES key with RSA, using the public key of the message recipient. You should be using the Cipher class's wrap() and unwrap() methods. This is how PGP, S/MIME, TLS (roughly), and any other correctly designed RSA encryption schemes work.

Constructor Summary

MethodDescription
JSRSA(JSKeyPair kp)
JSRSA(KeyPair kp)Creates a new RSA instance with the specified key pair (public and private keys).

Method Summary

Modifier and TypeMethodDescription
byte[] decrypt(String encrypted)Decrypts the given message.
byte[] decrypt(byte[] encrypted)Decrypts the given message.
byte[] encrypt(String message)Encrypts the give nmessage.
byte[] encrypt(byte[] message)Encrypts the give nmessage.
String toBase64(byte[] message)Encodes the message to base 64.
String toPrivateKey()Returns the private key.
String toPublicKey()Returns the public key.
String toString(byte[] message)Allows to convert a decrypted byte[] to a string

Method Detail

JSRSA

 JSRSA(JSKeyPair kp)
Parameters:
kp - 

JSRSA

 JSRSA(KeyPair kp)
Info:
Creates a new RSA instance with the specified key pair (public and private keys).
Parameters:
kp - key pair with the public and private keys

decrypt

byte[] decrypt(String encrypted)
Info:
Decrypts the given message.
Parameters:
encrypted - a base64 encoded encrypted message
Returns:
the decrypted message

decrypt

byte[] decrypt(byte[] encrypted)
Info:
Decrypts the given message.
Parameters:
encrypted - a base64 encoded encrypted message
Returns:
the decrypted message

encrypt

byte[] encrypt(String message)
Info:
Encrypts the give nmessage.
Parameters:
message - the message to encrypt
Returns:
a base64 encoded crypted message

encrypt

byte[] encrypt(byte[] message)
Info:
Encrypts the give nmessage.
Parameters:
message - the message to encrypt
Returns:
a base64 encoded crypted message

toBase64

                        String toBase64(byte[] message)
Info:
Encodes the message to base 64.
Parameters:
message - the message to encode
Returns:
a base64 encoded crypted message

toPrivateKey

                        String toPrivateKey()
Info:
Returns the private key.
Returns:
the private key

toPublicKey

                        String toPublicKey()
Info:
Returns the public key.
Returns:
the public key

toString

                        String toString(byte[] message)
Info:
Allows to convert a decrypted byte[] to a string
Parameters:
message - message to convert
Returns:
message as string

2 DES

Class Ax.crypt.DES


The Data Encryption Standard (DES) is a symmetric-key algorithm for the encryption of electronic data.

Constructor Summary

MethodDescription
JSDES()Creates a DES instance.

Method Summary

Modifier and TypeMethodDescription
String decrypt(String password, String message)Decrypts the encrypted message using the given password.
String encrypt(String password, String message)Encrypts the message using the given password.

Method Detail

JSDES

 JSDES()
Info:
Creates a DES instance.

decrypt

                        String decrypt(String password, String message)
Info:
Decrypts the encrypted message using the given password.
Parameters:
password - the password used to decrypt the message
message - the encrypted message to decrypt
Returns:
the decrypted message

encrypt

                        String encrypt(String password, String message)
Info:
Encrypts the message using the given password. DES Key only allows passwords 8 characters long. If you try to use a password longer than 8 chars, only first 8 bytes will be considered. If password is less than 8 bytes, password is filled automatically.
Parameters:
password - the password used to decrypt the message
message - the content to encrypt
Returns:
the encrypted message

3 AES

Class Ax.crypt.AES


Class that implements the Advanced Encryption Standard Using Java to decrypt openssl aes-256-cbc using provided key and iv Notice that provided keys when strings are interpreted as hex numbers. If you plan to send non hex key password and nit vector, send values as byte[] constructors. openssl enc -aes-256-cbc -P salt=2855243412E30BD7 key=E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5 iv=629E2E1500B6BA687A385D410D5B08E3 Encrypt openssl enc -aes-256-cbc -K E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5 -iv 629E2E1500B6BA687A385D410D5B08E3 -e -in text -out text_ENCRYPTED Decrypt openssl enc -aes-256-cbc -K E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5 -iv 629E2E1500B6BA687A385D410D5B08E3 -d -in text_ENCRYPTED -out text_DECRYPTED The cryptographic keys used for AES are usually fixed-length (for example, 128 or 256bit keys). Because humans cannot easily remember long random strings, key stretching is performed to create a long, fixed-length key from a short, variable length password. Key stretching uses a key-derivation function. Command line OpenSSL uses a rather simplistic method for computing the cryptographic key from a password, which we will need to mimic using the Java API. OpenSSL uses a hash of the password and a random 64bit salt. Only a single iteration is performed. UnlimitedJCEPolicy To use an AES password using an SHA256 (64 bytes key), the UnlimitedJCEPolicy or will get Exception "invalid aes key length 64 bytes"

Constructor Summary

MethodDescription
JSAES()Creates a new AES instance using "AES/CBC/PKCS7Padding" as the default cypher
JSAES(String cypher)Creates a new AES instance with the given cypher.

Method Summary

Modifier and TypeMethodDescription
String decrypt(String password, String secretbase64)Decrypts the secret using the password.
byte[] decrypt(String password, String initVector, Object data)Decrypts the data with AES algorithm, using the given password and initialization vector.
byte[] decrypt(byte[] password, byte[] initVector, Object data)Decrypts the data with AES algorithm, using the given password and initialization vector.
byte[] decrypt(String key, String salt, String initVector, Object data)Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] decrypt(String key, String salt, String initVector, int keyLength, Object data)Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] decrypt(String key, String salt, byte[] initVector, Object data)Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] decrypt(String key, String salt, byte[] initVector, int keyLength, Object data)Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] decrypt(PrivateKey key, byte[] data)Decrypts the data with AES algorithm, using the given secret key.
String encrypt(int keyLength, String password, String secret)Encrypts the secret using the password and using the specified keylength.
byte[] encrypt(String password, String initVector, String data)Encrypts the data with AES algorithm, using the given password and initialization vector.
byte[] encrypt(String password, String initVector, byte[] data)Encrypts the data with AES algorithm, using the given password and initialization vector.
byte[] encrypt(byte[] password, byte[] initVector, byte[] data)Encrypts the data with AES algorithm, using the given password and initialization vector.
byte[] encrypt(String key, String salt, String initVector, String data)Encrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] encrypt(String key, String salt, String initVector, int keyLength, String data)Encrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] encrypt(String key, String salt, byte[] initVector, String data)Encrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[] encrypt(String key, String salt, byte[] initVector, int keyLength, String data)Encrypts the data with AES algorithm, using the given secret key and initialization vector.

Method Detail

JSAES

 JSAES()
Info:
Creates a new AES instance using "AES/CBC/PKCS7Padding" as the default cypher

JSAES

 JSAES(String cypher)
Info:
Creates a new AES instance with the given cypher.
Parameters:
cypher - cypher to use

decrypt

                        String decrypt(String password, String secretbase64)
Info:
Decrypts the secret using the password. It is used for Password salt encryption. The following method does the same as JSPassword.decrypt.
Parameters:
password - password that will be used to decrypt the secret message
secretbase64 - secret message to decrypt in base 64 format
Returns:
string containing the decrypted message

decrypt

byte[] decrypt(String password, String initVector, Object data)
Info:
Decrypts the data with AES algorithm, using the given password and initialization vector.
Parameters:
password - password for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
initVector - initialization vector specified in encryption, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
data - encrypted data
Returns:
the decrypted data as a byte array

decrypt

byte[] decrypt(byte[] password, byte[] initVector, Object data)
Info:
Decrypts the data with AES algorithm, using the given password and initialization vector.
Parameters:
password - password for decryption specified in encryption
initVector - initialization vector specified in encryption
data - encrypted data
Returns:
the decrypted data as a byte array

decrypt

byte[] decrypt(String key, String salt, String initVector, Object data)
Info:
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector specified in encryption, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
data - encrypted data
Returns:
the decrypted data as a byte array

decrypt

byte[] decrypt(String key, String salt, String initVector, int keyLength, Object data)
Info:
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector specified in encryption, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
keyLength - secret key length in bits (128, 192 o 256)
data - encrypted data
Returns:
the decrypted data as a byte array

decrypt

byte[] decrypt(String key, String salt, byte[] initVector, Object data)
Info:
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector specified in encryption
data - encrypted data
Returns:
the decrypted data as a byte array

decrypt

byte[] decrypt(String key, String salt, byte[] initVector, int keyLength, Object data)
Info:
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector specified in encryption
keyLength - secret key length in bits (128, 192 o 256)
data - encrypted data
Returns:
the decrypted data as a byte array

decrypt

byte[] decrypt(PrivateKey key, byte[] data)
Info:
Decrypts the data with AES algorithm, using the given secret key.
Parameters:
key - secret key for decryption specified in encryption
data - encrypted data
Returns:
the decrypted data as a byte array

encrypt

                        String encrypt(int keyLength, String password, String secret)
Info:
Encrypts the secret using the password and using the specified keylength. It is used for Password salt encryption. The following method does the same as JSPassword.encrypt.
Parameters:
keyLength - secret key length in bits (128, 192 o 256)
password - password that will be used to decrypt the secret message
secret - secret message to encrypt
Returns:

encrypt

byte[] encrypt(String password, String initVector, String data)
Info:
Encrypts the data with AES algorithm, using the given password and initialization vector.
Parameters:
password - password for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
data - data to encrypt
Returns:
the ecnrypted data as a byte array

encrypt

byte[] encrypt(String password, String initVector, byte[] data)
Info:
Encrypts the data with AES algorithm, using the given password and initialization vector.
Parameters:
password - password for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
data - data to encrypt
Returns:
the ecnrypted data as a byte array

encrypt

byte[] encrypt(byte[] password, byte[] initVector, byte[] data)
Info:
Encrypts the data with AES algorithm, using the given password and initialization vector.
Parameters:
password - password for decryption
initVector - initialization vector
data - data to encrypt
Returns:
the ecnrypted data as a byte array

encrypt

byte[] encrypt(String key, String salt, String initVector, String data)
Info:
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
data - data to encrypt
Returns:
the ecnrypted data as a byte array

encrypt

byte[] encrypt(String key, String salt, String initVector, int keyLength, String data)
Info:
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
keyLength - secret key length in bits (128, 192 o 256)
data - data to encrypt
Returns:
the ecnrypted data as a byte array

encrypt

byte[] encrypt(String key, String salt, byte[] initVector, String data)
Info:
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector
data - data to encrypt
Returns:
the ecnrypted data as a byte array

encrypt

byte[] encrypt(String key, String salt, byte[] initVector, int keyLength, String data)
Info:
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey.
Parameters:
key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
salt - salt for encryption
initVector - initialization vector
keyLength - secret key length in bits (128, 192 o 256)
data - data to encrypt
Returns:
the ecnrypted data as a byte array

4 Digest

Class Ax.crypt.Digest


MessageDigest wrapper (MD5, SHA1 ...), a class that provides applications the functionality of a message digest algorithm, such as SHA-1 or SHA-256. Message digests are secure one-way hash functions that take arbitrary-sized data and output a fixed-length hash value.

Constructor Summary

MethodDescription
JSDigest(String algorithm)Creates a new digest instance with the specified algorithm.

Method Summary

Modifier and TypeMethodDescription
String digest()Completes the hash computation and resets the digest.
JSDigest reset()Resets the digest for further use.
JSDigest update(String data)Processes the given data and updates the digest.
JSDigest update(Object data)Processes the given data and updates the digest.
JSDigest update(IResultSetConvertible irs)Updates the digest given a ResultSet.

Method Detail

JSDigest

 JSDigest(String algorithm)
Info:
Creates a new digest instance with the specified algorithm.
Parameters:
algorithm - 

digest

                        String digest()
Info:
Completes the hash computation and resets the digest.
Returns:
string with the computed content

reset

                        JSDigest reset()
Info:
Resets the digest for further use.
Returns:
the object reset

update

                        JSDigest update(String data)
Info:
Processes the given data and updates the digest.
Parameters:
data - the data to be processed
Returns:
the object updated

update

                        JSDigest update(Object data)
Info:
Processes the given data and updates the digest.
Parameters:
data - the data to be processed
Returns:
the object updated

update

                        JSDigest update(IResultSetConvertible irs)
Info:
Updates the digest given a ResultSet. It's useful to have a hash on ResulSet data used in junit tests.
Parameters:
irs - 
Returns:

5 SMime

Class Ax.crypt.SMime


S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 3369, 3370, 3850 and 3851. It was originally developed by RSA Data Security and the original specification used the IETF MIME specification with the de facto industry standard PKCS#7 secure message format.

Constructor Summary

MethodDescription
JSSMime()Creates a new SMime instance.
JSSMime(String mime)Creates a new SMime instance with the specified mime type.

Method Summary

Modifier and TypeMethodDescription
byte[] decrypt(PrivateKey privateKey, Object encryptedData)Decrypts the encryptedData using the given privateKey.
byte[] decrypt(PrivateKey privateKey, byte[] encryptedData)Decrypts the encryptedData using the given privateKey.
byte[] encrypt(X509Certificate certificate, Object encryptedData)Encrypts the data using the specified certificate.

Method Detail

JSSMime

 JSSMime()
Info:
Creates a new SMime instance.

JSSMime

 JSSMime(String mime)
Info:
Creates a new SMime instance with the specified mime type. For example, application/pkcs7-mime.
Parameters:
mime - mime type for encryption / signing

decrypt

byte[] decrypt(PrivateKey privateKey, Object encryptedData)
Info:
Decrypts the encryptedData using the given privateKey.
Parameters:
privateKey - private key used for decryption
encryptedData - the encrypted data to decrypt
Returns:
the decrypted data

decrypt

byte[] decrypt(PrivateKey privateKey, byte[] encryptedData)
Info:
Decrypts the encryptedData using the given privateKey.
Parameters:
privateKey - private key used for decryption
encryptedData - the encrypted data to decrypt
Returns:
the decrypted data

encrypt

byte[] encrypt(X509Certificate certificate, Object encryptedData)
Info:
Encrypts the data using the specified certificate.
Parameters:
certificate - certificate for encryption
encryptedData - data to encrypt
Returns:

6 PKCS7

Class Ax.crypt.PKCS7


The PKCS7 package introduces digital signatures, digital certificates and the relationship between digital signatures and PKCS #7: Cryptographic Message Syntax Standard(CMS). The list of possible algorithms is in

Constructor Summary

MethodDescription
JSPKCS7()Creates a new PKCS7 instance.

Method Summary

Modifier and TypeMethodDescription
byte[] decrypt(PrivateKey privateKey, Object encryptedData)Decrypts the encryptedData with the given private key.
byte[] encrypt(String certificateText, Object rawData)Encrypts the rawData with the given certificate.
byte[] encrypt(String certificateText, org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, Object rawData)Encrypts the rawData with the given certificate.
byte[] encrypt(String certificateText, String algorithmID, Object rawData)
byte[] encrypt(X509Certificate certificate, org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, Object rawData)Encrypts the rawData with the given certificate.
byte[] getData(Object rawData)Returns the given Object data as a byte array.
byte[] sign(String certificateText, PrivateKey privateKey, Object rawData)Signs the encrypted rawData using the specified certificate and the private key.
byte[] sign(X509Certificate certificate, PrivateKey privateKey, Object rawData)Signs the rawData (encrypted or not) using the specified certificate and the private key.
boolean verify(Object signedData)Verifies the signed data to ensure it is safe.

Method Detail

JSPKCS7

 JSPKCS7()
Info:
Creates a new PKCS7 instance.

decrypt

byte[] decrypt(PrivateKey privateKey, Object encryptedData)
Info:
Decrypts the encryptedData with the given private key.
Parameters:
privateKey - private key used for the decryption
encryptedData - data to decrypt
Returns:
the decrypted data

encrypt

byte[] encrypt(String certificateText, Object rawData)
Info:
Encrypts the rawData with the given certificate.
Parameters:
certificateText - certificate for encryption
rawData - data to encrypt
Returns:
the encrypted data

encrypt

byte[] encrypt(String certificateText, org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, Object rawData)
Info:
Encrypts the rawData with the given certificate.
Parameters:
certificateText - certificate for encryption
algorithm - algorithm used for encryption
rawData - data to encrypt
Returns:
the encrypted data

encrypt

byte[] encrypt(String certificateText, String algorithmID, Object rawData)
Parameters:
certificateText - 
algorithmID - 
rawData - 
Returns:

encrypt

byte[] encrypt(X509Certificate certificate, org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, Object rawData)
Info:
Encrypts the rawData with the given certificate.
Parameters:
certificate - certificate for encryption
algorithm - algorithm used for encryption
rawData - data to encrypt
Returns:
the encrypted data

getData

byte[] getData(Object rawData)
Info:
Returns the given Object data as a byte array.
Parameters:
rawData - Object to convert to byte array
Returns:
the rawData as a byte array

sign

byte[] sign(String certificateText, PrivateKey privateKey, Object rawData)
Info:
Signs the encrypted rawData using the specified certificate and the private key.
Parameters:
certificateText - certificate to sign
privateKey - private key used to sign
rawData - encrypted data to sign
Returns:
the signed encrypted data

sign

byte[] sign(X509Certificate certificate, PrivateKey privateKey, Object rawData)
Info:
Signs the rawData (encrypted or not) using the specified certificate and the private key.
Parameters:
certificate - certificate to sign
privateKey - private key used to sign
rawData - encrypted data to sign
Returns:
the signed encrypted data

verify

boolean verify(Object signedData)
Info:
Verifies the signed data to ensure it is safe.
Parameters:
signedData - encrypted signed data
Returns:
true if data is safely signed, false otherwise

7 PKCS8

Class Ax.crypt.PKCS8


PKCS #8 is the Private-Key Information Syntax Standard, a standard syntax for storing private key information, created by RSA Laboratories

Constructor Summary

MethodDescription
JSPKCS8(String algorithm)Creates a new instance of PKCS8, with the specified algorithm

Method Summary

Modifier and TypeMethodDescription
byte[] decode(String text)
String encode(byte[] data)Encodes the provided data.
byte[] sign(String privateKey, String algorithm, Object message)Signs the message with the specified algorithm and private key.
byte[] sign(PrivateKey privateKey, Object message)Signs the message with the specified private key.
boolean verify(String key, String algorithm, Object message, String signature)Verifies the signed data to ensure it is safe.
boolean verify(PublicKey key, Object message, String signature)Verifies the signed data to ensure it is safe.
boolean verify(PublicKey key, Object message, byte[] signature)Verifies the signed data to ensure it is safe.

Method Detail

JSPKCS8

 JSPKCS8(String algorithm)
Info:
Creates a new instance of PKCS8, with the specified algorithm
Parameters:
algorithm - encoding algorithm to use

decode

byte[] decode(String text)
Parameters:
text - 
Returns:

encode

                        String encode(byte[] data)
Info:
Encodes the provided data.
Parameters:
data - data to encode
Returns:

sign

byte[] sign(String privateKey, String algorithm, Object message)
Info:
Signs the message with the specified algorithm and private key.
Parameters:
privateKey - private key used to sign
algorithm - algorithm used to sign
message - message to sign
Returns:
the signed encrypted data

sign

byte[] sign(PrivateKey privateKey, Object message)
Info:
Signs the message with the specified private key.
Parameters:
privateKey - private key used to sign
message - message to sign
Returns:
the signed encrypted data

verify

boolean verify(String key, String algorithm, Object message, String signature)
Info:
Verifies the signed data to ensure it is safe.
Parameters:
key - public key used for verification
algorithm - decoding algorithm
message - signed message to verify
signature - signature to verify
Returns:
True if the message is correctly signed, false otherwise

verify

boolean verify(PublicKey key, Object message, String signature)
Info:
Verifies the signed data to ensure it is safe.
Parameters:
key - public key used for verification
message - signed message to verify
signature - signature to verify
Returns:
True if the message is correctly signed, false otherwise

verify

boolean verify(PublicKey key, Object message, byte[] signature)
Info:
Verifies the signed data to ensure it is safe.
Parameters:
key - public key used for verification
message - signed message to verify
signature - signature to verify
Returns:
True if the message is correctly signed, false otherwise

8 KeyPair

Class Ax.crypt.KeyPair


Wrapper around KeyPair

Constructor Summary

MethodDescription
JSKeyPair(String algorithm, int size)Creates a key pair with the specified algorithm and size.

Method Summary

Modifier and TypeMethodDescription
byte[] getPrivateKey()Returns the private key component of this key pair as a byte array.
String getPrivateKeyAsPEM()Returns the private key component of this key pair in PEM format as a string.
byte[] getPublicKey()Returns the public key component of this key pair as a byte array.
String getPublicKeyAsPEM()Returns the public key component of this key pair in PEM format as a string.

Method Detail

JSKeyPair

 JSKeyPair(String algorithm, int size)
Info:
Creates a key pair with the specified algorithm and size.
Parameters:
algorithm - algorithm for key generation
size - size of the key

Example
Copy
new Ax.crypt.KeyPair("RSA", 2048);

getPrivateKey

byte[] getPrivateKey()
Info:
Returns the private key component of this key pair as a byte array.
Returns:
the private key component

getPrivateKeyAsPEM

                        String getPrivateKeyAsPEM()
Info:
Returns the private key component of this key pair in PEM format as a string.
Returns:
the private key component in PEM format

getPublicKey

byte[] getPublicKey()
Info:
Returns the public key component of this key pair as a byte array.
Returns:
the public key component

getPublicKeyAsPEM

                        String getPublicKeyAsPEM()
Info:
Returns the public key component of this key pair in PEM format as a string.
Returns:
the public key component in PEM format

9 PGPKeyGen

Class Ax.crypt.PGPKeyGen


Key generator class for using PGP. Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication.

Constructor Summary

MethodDescription
JSPGPKeyGen(String identity, String password)Creates a new key generator, with the given identity and password.
JSPGPKeyGen(String identity, String password, int secondsToExpire)Creates a new key generator, with the given identity, password and seconds to expire.

Method Summary

Modifier and TypeMethodDescription
String getPrivateKey()Returns the private key created by the generator.
String getPublicKey()Returns the public key created by the generator.

Method Detail

JSPGPKeyGen

 JSPGPKeyGen(String identity, String password)
Info:
Creates a new key generator, with the given identity and password.
Parameters:
identity - identity associated with the keys
password - password associated with the keys

JSPGPKeyGen

 JSPGPKeyGen(String identity, String password, int secondsToExpire)
Info:
Creates a new key generator, with the given identity, password and seconds to expire.
Parameters:
identity - identity associated with the keys
password - password associated with the keys
secondsToExpire - seconds until the keys are invalid

getPrivateKey

                        String getPrivateKey()
Info:
Returns the private key created by the generator.
Returns:
the private key

getPublicKey

                        String getPublicKey()
Info:
Returns the public key created by the generator.
Returns:
the public key

10 PGPEncode

Class Ax.crypt.PGPEncode


Encoder class for using PGP. Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication.

Constructor Summary

MethodDescription
JSPGPEncode(String privateKey)Creates a new PGP encoder, using the specified private key.
JSPGPEncode(String privateKey, String identity)Creates a new PGP encoder, using the specified private key and the specified identity.

Method Summary

Modifier and TypeMethodDescription
String encode(String keyPassPhraseString, String message)Encodes the message using the keyPassPhraseString as password.

Method Detail

JSPGPEncode

 JSPGPEncode(String privateKey)
Info:
Creates a new PGP encoder, using the specified private key.
Parameters:
privateKey - the private key that the encoder will use

JSPGPEncode

 JSPGPEncode(String privateKey, String identity)
Info:
Creates a new PGP encoder, using the specified private key and the specified identity.
Parameters:
privateKey - the private key that the encoder will use
identity - the identity that the encoder will use

encode

                        String encode(String keyPassPhraseString, String message)
Info:
Encodes the message using the keyPassPhraseString as password.
Parameters:
keyPassPhraseString - passphrase used to encrypt the message
message - mesage to encode
Returns:
the encoded message

11 PGPDecode

Class Ax.crypt.PGPDecode


Decoder class for using PGP. Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication.

Constructor Summary

MethodDescription
JSPGPDecode(String publicKey)Creates a new decoder with the specified public key.

Method Summary

Modifier and TypeMethodDescription
byte[] decode(String message)Decodes the encoded message.

Method Detail

JSPGPDecode

 JSPGPDecode(String publicKey)
Info:
Creates a new decoder with the specified public key.
Parameters:
publicKey - the public key that the decoder will use

decode

byte[] decode(String message)
Info:
Decodes the encoded message.
Parameters:
message - message to decode
Returns:
the decoded message

12 Password

Class Ax.crypt.Password


Class that uses AESCipherPlusSalt libaray for salt encryption.

Constructor Summary

MethodDescription
JSPassword(int keyLength)Creates a new Password instance with the specified keylength.

Method Summary

Modifier and TypeMethodDescription
String decrypt(String password, String secretbase64)Derypts the message using the password.
String encrypt(String password, String secret)Encrypts the secret message using the given password.

Method Detail

JSPassword

 JSPassword(int keyLength)
Info:
Creates a new Password instance with the specified keylength.
Parameters:
keyLength - secret key length in bits (128, 192 o 256)

decrypt

                        String decrypt(String password, String secretbase64)
Info:
Derypts the message using the password.
Parameters:
password - password that will be used to decrypt the secret message
secretbase64 - secret message to decrypt in base 64 format
Returns:
the decrypted data as a string

encrypt

                        String encrypt(String password, String secret)
Info:
Encrypts the secret message using the given password.
Parameters:
password - password that will be used to decrypt the secret message
secret - content to encrypt
Returns:
the encrypted data as a string

13 Whirlpool

Class Ax.crypt.Whirlpool


In computer science and cryptography, Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function. It was designed by Vincent Rijmen (co-creator of the Advanced Encryption Standard) and Paulo S. L. M. Barreto, who first described it in 2000.

Constructor Summary

MethodDescription
JSWhirlpool()Creates a new Whirlpool instance

Method Summary

Modifier and TypeMethodDescription
JSWhirlpool add(String data)Adds the given data to the hash structure
String hash()Processes the hashed data and returns the encrypted data.

Method Detail

JSWhirlpool

 JSWhirlpool()
Info:
Creates a new Whirlpool instance

add

                        JSWhirlpool add(String data)
Info:
Adds the given data to the hash structure
Parameters:
data - data to hash and encrypt
Returns:
the object with the data hashed

hash

                        String hash()
Info:
Processes the hashed data and returns the encrypted data.
Returns:
the encrypted data

14 XAdES

Class Ax.crypt.XAdES


XAdES (short for "XML Advanced Electronic Signatures") is a set of extensions to XML-DSig recommendation making it suitable for advanced electronic signatures. W3C and ETSI maintain and update XAdES together. Base de firma electronica de facturas

Constructor Summary

MethodDescription
JSXAdES(JSXMLDocument xml)Creates a new XAdES instance given an xml object
JSXAdES(org.w3c.dom.Document xml)Creates a new XAdES instance given an xml object

Method Summary

Modifier and TypeMethodDescription
BaseAdES setDigestAlgorithm(String algorithm)Sets the digest algorithm.
BaseAdES setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)Sets the digest algorithm.
BaseAdES setSignatureLevel(String level)Sets the signature level.
BaseAdES setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)Sets the signature level.
BaseAdES setSignaturePackaging(String packaging)Sets the signature packaging.
BaseAdES setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)Sets the signature packaging.
BaseAdES setTspServer(String server)Sets the TSP server
sign(JSKeyStoreManager km, String keyPassword)Required for JavaScript call providing a JSKeyStoreManager.
sign(JSKeyStoreManager km, String alias, String keyPassword)Signs the object with the keys specified in km, with the given alias and password.
void verify()Verifies the signed document to ensure it is safe.
void verify(eu.europa.esig.dss.DSSDocument signedDocument)Verifies the given signed document to ensure it is safe.

Method Detail

JSXAdES

 JSXAdES(JSXMLDocument xml)
Info:
Creates a new XAdES instance given an xml object
Parameters:
xml - xml document to sign

JSXAdES

 JSXAdES(org.w3c.dom.Document xml)
Info:
Creates a new XAdES instance given an xml object
Parameters:
xml - xml doument to sign

setDigestAlgorithm

                        BaseAdES setDigestAlgorithm(String algorithm)
Info:
Sets the digest algorithm.
Parameters:
algorithm - digest algorithm to set
Returns:
the object with the digest algorithm set

setDigestAlgorithm

                        BaseAdES setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)
Info:
Sets the digest algorithm. DigestAlgorithms are specified in DigestAlgorithm class.
Parameters:
algorithm - digest algorithm to set
Returns:
the object with the digest algorithm set

setSignatureLevel

                        BaseAdES setSignatureLevel(String level)
Info:
Sets the signature level.
Parameters:
level - signature level to set
Returns:
the object with the signature level set

setSignatureLevel

                        BaseAdES setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)
Info:
Sets the signature level. SignatureLevels are specified in subclasses.
Parameters:
level - signature level to set
Returns:
the object with the signature level set

setSignaturePackaging

                        BaseAdES setSignaturePackaging(String packaging)
Info:
Sets the signature packaging.
Parameters:
packaging - signature packaginf to set
Returns:
the object with the signature packaging set

setSignaturePackaging

                        BaseAdES setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)
Info:
Sets the signature packaging. SignaturePackagings are specified in subclasses.
Parameters:
packaging - signature packaginf to set
Returns:
the object with the signature packaging set

setTspServer

                        BaseAdES setTspServer(String server)
Info:
Sets the TSP server
Parameters:
server - TSP server to set
Returns:
the object with the TSP server set

sign

V sign(JSKeyStoreManager km, String keyPassword)
Info:
Required for JavaScript call providing a JSKeyStoreManager.
Parameters:
km - 
keyPassword - 
Returns:

sign

V sign(JSKeyStoreManager km, String alias, String keyPassword)
Info:
Signs the object with the keys specified in km, with the given alias and password.
Parameters:
km - JSKeyStoreManager that contains the necessary keys
alias - alias for signing
keyPassword - 
Returns:
the object specififed on instance creation, signed and encoded

verify

void verify()
Info:
Verifies the signed document to ensure it is safe.

verify

void verify(eu.europa.esig.dss.DSSDocument signedDocument)
Info:
Verifies the given signed document to ensure it is safe.
Parameters:
signedDocument - signed document to verify

15 CAdES

Class Ax.crypt.CAdES


CAdES (CMS Advanced Electronic Signatures) is a set of extensions to Cryptographic Message Syntax (CMS) signed data making it suitable for advanced electronic signatures.

Constructor Summary

MethodDescription
JSCAdES(Object object)Creates a CAdES instance with the given object, and using the default signature level and signature packaging.

Method Summary

Modifier and TypeMethodDescription
BaseAdES setDigestAlgorithm(String algorithm)Sets the digest algorithm.
BaseAdES setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)Sets the digest algorithm.
BaseAdES setSignatureLevel(String level)Sets the signature level.
BaseAdES setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)Sets the signature level.
BaseAdES setSignaturePackaging(String packaging)Sets the signature packaging.
BaseAdES setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)Sets the signature packaging.
BaseAdES setTspServer(String server)Sets the TSP server
sign(JSKeyStoreManager km, String keyPassword)Required for JavaScript call providing a JSKeyStoreManager.
sign(JSKeyStoreManager km, String alias, String keyPassword)Signs the object with the keys specified in km, with the given alias and password.

Method Detail

JSCAdES

 JSCAdES(Object object)
Info:
Creates a CAdES instance with the given object, and using the default signature level and signature packaging.
Parameters:
object - object to sign

setDigestAlgorithm

                        BaseAdES setDigestAlgorithm(String algorithm)
Info:
Sets the digest algorithm.
Parameters:
algorithm - digest algorithm to set
Returns:
the object with the digest algorithm set

setDigestAlgorithm

                        BaseAdES setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)
Info:
Sets the digest algorithm. DigestAlgorithms are specified in DigestAlgorithm class.
Parameters:
algorithm - digest algorithm to set
Returns:
the object with the digest algorithm set

setSignatureLevel

                        BaseAdES setSignatureLevel(String level)
Info:
Sets the signature level.
Parameters:
level - signature level to set
Returns:
the object with the signature level set

setSignatureLevel

                        BaseAdES setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)
Info:
Sets the signature level. SignatureLevels are specified in subclasses.
Parameters:
level - signature level to set
Returns:
the object with the signature level set

setSignaturePackaging

                        BaseAdES setSignaturePackaging(String packaging)
Info:
Sets the signature packaging.
Parameters:
packaging - signature packaginf to set
Returns:
the object with the signature packaging set

setSignaturePackaging

                        BaseAdES setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)
Info:
Sets the signature packaging. SignaturePackagings are specified in subclasses.
Parameters:
packaging - signature packaginf to set
Returns:
the object with the signature packaging set

setTspServer

                        BaseAdES setTspServer(String server)
Info:
Sets the TSP server
Parameters:
server - TSP server to set
Returns:
the object with the TSP server set

sign

V sign(JSKeyStoreManager km, String keyPassword)
Info:
Required for JavaScript call providing a JSKeyStoreManager.
Parameters:
km - 
keyPassword - 
Returns:

sign

V sign(JSKeyStoreManager km, String alias, String keyPassword)
Info:
Signs the object with the keys specified in km, with the given alias and password.
Parameters:
km - JSKeyStoreManager that contains the necessary keys
alias - alias for signing
keyPassword - 
Returns:
the object specififed on instance creation, signed and encoded

16 PAdES

Class Ax.crypt.PAdES


PAdES (PDF Advanced Electronic Signatures) is a set of restrictions and extensions to PDF and ISO 32000-1 making it suitable for Advanced Electronic Signature.

Constructor Summary

MethodDescription
JSPAdES(Object object)Creates a new PAdES instance with the given object to encrypt.

Method Summary

Modifier and TypeMethodDescription
JSPAdES setContactInfo(String contactInfo)Set signer contact info
BaseAdES setDigestAlgorithm(String algorithm)Sets the digest algorithm.
BaseAdES setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)Sets the digest algorithm.
JSPAdES setReason(String reason)Set signer reason.
JSPAdES setSignatureImageParameters(Consumer<JSSignatureImageParameters> configurator)Sets the signature image parameters, the parameters for a visible signature creation.
BaseAdES setSignatureLevel(String level)Sets the signature level.
BaseAdES setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)Sets the signature level.
JSPAdES setSignatureName(String signatureName)Set signature name.
BaseAdES setSignaturePackaging(String packaging)Sets the signature packaging.
BaseAdES setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)Sets the signature packaging.
BaseAdES setTspServer(String server)Sets the TSP server
sign(JSKeyStoreManager km, String keyPassword)Required for JavaScript call providing a JSKeyStoreManager.
sign(JSKeyStoreManager km, String alias, String keyPassword)Signs the object with the keys specified in km, with the given alias and password.

Method Detail

JSPAdES

 JSPAdES(Object object)
Info:
Creates a new PAdES instance with the given object to encrypt.
Parameters:
object - 

setContactInfo

                        JSPAdES setContactInfo(String contactInfo)
Info:
Set signer contact info
Parameters:
contactInfo - contact info of signer
Returns:
the object with the contact info updated

setDigestAlgorithm

                        BaseAdES setDigestAlgorithm(String algorithm)
Info:
Sets the digest algorithm.
Parameters:
algorithm - digest algorithm to set
Returns:
the object with the digest algorithm set

setDigestAlgorithm

                        BaseAdES setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)
Info:
Sets the digest algorithm. DigestAlgorithms are specified in DigestAlgorithm class.
Parameters:
algorithm - digest algorithm to set
Returns:
the object with the digest algorithm set

setReason

                        JSPAdES setReason(String reason)
Info:
Set signer reason.
Parameters:
reason - signer reason
Returns:
the object with the signer reason updated

setSignatureImageParameters

                        JSPAdES setSignatureImageParameters(Consumer<JSSignatureImageParameters> configurator)
Info:
Sets the signature image parameters, the parameters for a visible signature creation.
Parameters:
configurator - Consumer that sets the image parameters
Returns:
the object with the signature image parameters set

setSignatureLevel

                        BaseAdES setSignatureLevel(String level)
Info:
Sets the signature level.
Parameters:
level - signature level to set
Returns:
the object with the signature level set

setSignatureLevel

                        BaseAdES setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)
Info:
Sets the signature level. SignatureLevels are specified in subclasses.
Parameters:
level - signature level to set
Returns:
the object with the signature level set

setSignatureName

                        JSPAdES setSignatureName(String signatureName)
Info:
Set signature name.
Parameters:
signatureName - signature name
Returns:
the object with the signature name updated

setSignaturePackaging

                        BaseAdES setSignaturePackaging(String packaging)
Info:
Sets the signature packaging.
Parameters:
packaging - signature packaginf to set
Returns:
the object with the signature packaging set

setSignaturePackaging

                        BaseAdES setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)
Info:
Sets the signature packaging. SignaturePackagings are specified in subclasses.
Parameters:
packaging - signature packaginf to set
Returns:
the object with the signature packaging set

setTspServer

                        BaseAdES setTspServer(String server)
Info:
Sets the TSP server
Parameters:
server - TSP server to set
Returns:
the object with the TSP server set

sign

V sign(JSKeyStoreManager km, String keyPassword)
Info:
Required for JavaScript call providing a JSKeyStoreManager.
Parameters:
km - 
keyPassword - 
Returns:

sign

V sign(JSKeyStoreManager km, String alias, String keyPassword)
Info:
Signs the object with the keys specified in km, with the given alias and password.
Parameters:
km - JSKeyStoreManager that contains the necessary keys
alias - alias for signing
keyPassword - 
Returns:
the object specififed on instance creation, signed and encoded

17 XMLDSig

Class Ax.crypt.XMLDSig


XML Signature Syntax and Processing The XAdES standard is based on XMLDsig and extends it with structures for (TSA) timestamps (beside others). SOAP example XMLDsig https://gist.github.com/RevenueGitHubAdmin/2bc2f593040b6f97c0002b5718063fb5 SEE: https://www.w3.org/TR/xmldsig-core1/ Detached signatures are over external network resources or local data objects that reside within the same XML document as sibling elements; in this case, the signature is neither enveloping (signature is parent) nor enveloped (signature is child). enveloped: you are signing the root node detached: you are signing a selected node (or external object) Detached requires to specify a RefId (tag) and it's namespace to find the DOM Element of the XML part to sign.

Constructor Summary

MethodDescription
JSXMLDSig(JSXMLDocument object)Creates an XMLDSig instance with the given xml document.
JSXMLDSig(org.w3c.dom.Document object)Creates an XMLDSig instance with the given xml document.

Method Summary

Modifier and TypeMethodDescription
String getCanonicalizationMethod()Returns the canonicalization method.
String getDigestMethod()Returns the digest method used.
String getSignatureMethod()Returns the signature method currently set.
boolean isEnveloped()Returns if the xml document is enveloped, that is, the root node is signed.
void setCanonicalizationMethod(String method)Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS, BASE64, XPATH, XPATH2.
JSXMLDSig setDetachedNSElement(String detachedNS, String refId)Selects the detached element to sign.
setDigestMethod(String method)Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512.
JSXMLDSig setNamespacePrefix(String prefix)This method allows to define the name of namespace for signature tag generated by XMLDsig.
JSXMLDSigBase setSignatureMethod(String method)Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512, SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1.
String sign(JSKeyStoreManager km, String keyPassword)Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password.
String sign(JSKeyStoreManager km, String alias, String keyPassword)Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password.
String sign(KeyStore ks, String alias, String keyPassword)Signs the document, using the specified key and certificate in the KeyStore, alias and password.

Method Detail

JSXMLDSig

 JSXMLDSig(JSXMLDocument object)
Info:
Creates an XMLDSig instance with the given xml document.
Parameters:
object - xml document to sign

JSXMLDSig

 JSXMLDSig(org.w3c.dom.Document object)
Info:
Creates an XMLDSig instance with the given xml document.
Parameters:
object - xml document to sign

getCanonicalizationMethod

                        String getCanonicalizationMethod()
Info:
Returns the canonicalization method.
Returns:
the canonicalization method

getDigestMethod

                        String getDigestMethod()
Info:
Returns the digest method used.
Returns:
th digest method used

getSignatureMethod

                        String getSignatureMethod()
Info:
Returns the signature method currently set.
Returns:
he signature method in use.

isEnveloped

boolean isEnveloped()
Info:
Returns if the xml document is enveloped, that is, the root node is signed. If it s not enveloped it means it is detached, so a selected node is signed.
Returns:
true if enveloped, false if detached

setCanonicalizationMethod

void setCanonicalizationMethod(String method)
Info:
Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS, BASE64, XPATH, XPATH2. Default is ENVELOPED.
Parameters:
method - the canonicalization method to set

setDetachedNSElement

                        JSXMLDSig setDetachedNSElement(String detachedNS, String refId)
Info:
Selects the detached element to sign.
Parameters:
detachedNS - namespace of the element to sign
refId - tag of the element to sign.
Returns:

setDigestMethod

T setDigestMethod(String method)
Info:
Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512. Default is SHA256.
Parameters:
method - the digest method to use
Returns:
the element as instance of class specified by the JSXMLDSigBase <T> subclass.

setNamespacePrefix

                        JSXMLDSig setNamespacePrefix(String prefix)
Info:
This method allows to define the name of namespace for signature tag generated by XMLDsig.
Parameters:
prefix - 
Returns:

setSignatureMethod

                        JSXMLDSigBase setSignatureMethod(String method)
Info:
Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512, SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1. Default is SHA256.
Parameters:
method - the signature method to use
Returns:
the object with the signature method set

sign

                        String sign(JSKeyStoreManager km, String keyPassword)
Info:
Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password.
Parameters:
km - JSKeyStoreManager containing the encryption key and certificate
keyPassword - password to get the key
Returns:
the signed document as a string

sign

                        String sign(JSKeyStoreManager km, String alias, String keyPassword)
Info:
Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password.
Parameters:
km - JSKeyStoreManager containing the encryption key and certificate
alias - alias to get the key and certificate
keyPassword - password to get the key
Returns:
the signed document as a string

sign

                        String sign(KeyStore ks, String alias, String keyPassword)
Info:
Signs the document, using the specified key and certificate in the KeyStore, alias and password.
Parameters:
ks - 
alias - alias to get the key and certificate
keyPassword - password to get the key
Returns:
the signed document as a string

18 WSSecurity

Class Ax.crypt.WSSecurity


WEB Service security https://gist.github.com/RevenueGitHubAdmin/2bc2f593040b6f97c0002b5718063fb5 https://www.oracle.com/technical-resources/articles/javase/dig-signature-api.html Sample signed SOAP message The signature value depends on 1) Time when it was generated. 2) Request file 3) Certificate Therefore, the envelope can be different from expected.

Constructor Summary

MethodDescription
JSWSSecurity(JSXMLDocument root)Creates a new WSSSecurity instance with the given XML document.
JSWSSecurity(org.w3c.dom.Document root)Creates a new WSSSecurity instance with the given XML document.

Method Summary

Modifier and TypeMethodDescription
String getCanonicalizationMethod()Returns the canonicalization method.
String getDigestMethod()Returns the digest method used.
String getSignatureMethod()Returns the signature method currently set.
void setCanonicalizationMethod(String method)Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS, BASE64, XPATH, XPATH2.
setDigestMethod(String method)Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512.
JSWSSecurity setExpires(Date t)Sets the expiration date of the signature validity.
JSWSSecurity setExpires(long seconds)Sets the expiration time of the signature validity.
JSXMLDSigBase setSignatureMethod(String method)Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512, SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1.
String sign(JSKeyStoreManager km, String keyPassword)Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password.
String sign(JSKeyStoreManager km, String alias, String keyPassword)Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password.
String sign(KeyStore ks, String alias, String keyPassword)Signs the document, using the specified key and certificate in the KeyStore, alias and password.

Method Detail

JSWSSecurity

 JSWSSecurity(JSXMLDocument root)
Info:
Creates a new WSSSecurity instance with the given XML document.
Parameters:
root - XML document to sign

JSWSSecurity

 JSWSSecurity(org.w3c.dom.Document root)
Info:
Creates a new WSSSecurity instance with the given XML document.
Parameters:
root - XML document to sign

getCanonicalizationMethod

                        String getCanonicalizationMethod()
Info:
Returns the canonicalization method.
Returns:
the canonicalization method

getDigestMethod

                        String getDigestMethod()
Info:
Returns the digest method used.
Returns:
th digest method used

getSignatureMethod

                        String getSignatureMethod()
Info:
Returns the signature method currently set.
Returns:
he signature method in use.

setCanonicalizationMethod

void setCanonicalizationMethod(String method)
Info:
Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS, BASE64, XPATH, XPATH2. Default is ENVELOPED.
Parameters:
method - the canonicalization method to set

setDigestMethod

T setDigestMethod(String method)
Info:
Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512. Default is SHA256.
Parameters:
method - the digest method to use
Returns:
the element as instance of class specified by the JSXMLDSigBase <T> subclass.

setExpires

                        JSWSSecurity setExpires(Date t)
Info:
Sets the expiration date of the signature validity.
Parameters:
t - expiratnon date
Returns:

setExpires

                        JSWSSecurity setExpires(long seconds)
Info:
Sets the expiration time of the signature validity.
Parameters:
seconds - the number of seconds to expire
Returns:

setSignatureMethod

                        JSXMLDSigBase setSignatureMethod(String method)
Info:
Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512, SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1. Default is SHA256.
Parameters:
method - the signature method to use
Returns:
the object with the signature method set

sign

                        String sign(JSKeyStoreManager km, String keyPassword)
Info:
Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password.
Parameters:
km - JSKeyStoreManager containing the key and certificate
keyPassword - password to get the key
Returns:
the signed document as a string

sign

                        String sign(JSKeyStoreManager km, String alias, String keyPassword)
Info:
Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password.
Parameters:
km - JSKeyStoreManager containing the key and certificate
alias - alias to get the key and certificate
keyPassword - 
Returns:
the signed document as a string

sign

                        String sign(KeyStore ks, String alias, String keyPassword)
Info:
Signs the document, using the specified key and certificate in the KeyStore, alias and password.
Parameters:
ks - KeyStore containing the key and certificate
alias - alias to get the key and certificate
keyPassword - password to get the key
Returns:
the signed document as a string