1 RSA
Class Ax.crypt.RSA
RSA (Rivest?Shamir?Adleman) is one of the first public-key cryptosystems and is widely used for secure data transmission.
RSA can only encrypt messages that are several bytes shorter than the modulus of the key pair.
The extra bytes are for padding, and the exact number depends on the padding scheme you are using.
RSA is for key transport, not data encryption. If you have a long message, encrypt it with AES,
using a random key. Then encrypt the AES key with RSA, using the public key of the message recipient.
You should be using the Cipher class's wrap() and unwrap() methods.
This is how PGP, S/MIME, TLS (roughly), and any other correctly designed RSA encryption schemes work.
Constructor Summary
Method Summary
Modifier and Type
Method
Description
byte[]
decrypt(Ax.text.String encrypted)
Decrypts the given message.
byte[]
decrypt(byte[] encrypted)
Decrypts the given message.
byte[]
encrypt(Ax.text.String message)
Encrypts the give nmessage.
byte[]
encrypt(byte[] message)
Encrypts the give nmessage.
Ax.text.String
toBase64(byte[] message)
Encodes the message to base 64.
Ax.text.String
Returns the private key.
Ax.text.String
Returns the public key.
Ax.text.String
toString(byte[] message)
Allows to convert a decrypted byte[] to a string
Constructor Detail
Ax.crypt.RSA.JSRSA
-
Ax.crypt.RSA.JSRSA( object kp )
- Parameters:
- kp -
Ax.crypt.RSA.JSRSA
-
Ax.crypt.RSA.JSRSA( object kp )
- Info:
-
Creates a new RSA instance with the specified key pair (public and private keys). - Parameters:
- kp - key pair with the public and private keys
Method Detail
Ax.crypt.RSA.decrypt
-
byte[] Ax.crypt.RSA.decrypt( string encrypted )
- Info:
-
Decrypts the given message. - Parameters:
- encrypted - a base64 encoded encrypted message
- Returns:
- byte[]
Ax.crypt.RSA.decrypt
-
byte[] Ax.crypt.RSA.decrypt( byte[] encrypted )
- Info:
-
Decrypts the given message. - Parameters:
- encrypted - a base64 encoded encrypted message
- Returns:
- byte[]
Ax.crypt.RSA.encrypt
-
byte[] Ax.crypt.RSA.encrypt( string message )
- Info:
-
Encrypts the give nmessage. - Parameters:
- message - the message to encrypt
- Returns:
- byte[]
Ax.crypt.RSA.encrypt
-
byte[] Ax.crypt.RSA.encrypt( byte[] message )
- Info:
-
Encrypts the give nmessage. - Parameters:
- message - the message to encrypt
- Returns:
- byte[]
Ax.crypt.RSA.toBase64
-
string Ax.crypt.RSA.toBase64( byte[] message )
- Info:
-
Encodes the message to base 64. - Parameters:
- message - the message to encode
- Returns:
- string
Ax.crypt.RSA.toPrivateKey
-
string Ax.crypt.RSA.toPrivateKey()
- Info:
-
Returns the private key. - Returns:
- string
Ax.crypt.RSA.toPublicKey
-
string Ax.crypt.RSA.toPublicKey()
- Info:
-
Returns the public key. - Returns:
- string
Ax.crypt.RSA.toString
-
string Ax.crypt.RSA.toString( byte[] message )
- Info:
-
Allows to convert a decrypted byte[] to a string - Parameters:
- message - message to convert
- Returns:
- string
2 DES
Class Ax.crypt.DES
The Data Encryption Standard (DES) is a symmetric-key algorithm for the encryption of electronic data.
Constructor Summary
Method Summary
Constructor Detail
Ax.crypt.DES.JSDES
-
Ax.crypt.DES.JSDES()
- Info:
-
Creates a DES instance.
Method Detail
Ax.crypt.DES.decrypt
-
string Ax.crypt.DES.decrypt( string password, byte[] message )
- Info:
-
Decrypts the encrypted message using the given password. - Parameters:
- password - the password used to decrypt the message
- message - the encrypted message to decrypt
- Returns:
- string
Example
Copy
var des = new Ax.crypt.DES();
var password = "mypassword";
var base64_secret = "nhhOrwBInbGBVr5XvCHKng==";
var message_secret = des.decrypt(password, Ax.util.Base64.decode(base64_secret));
console.log(" secret ", message_secret)
Ax.crypt.DES.encrypt
-
byte[] Ax.crypt.DES.encrypt( string password, string message )
- Info:
-
Encrypts the message using the given password. DES Key only allows passwords 8 characters long. If you try to use a password longer than 8 chars, only first 8 bytes will be considered. If password is less than 8 bytes, password is filled automatically. - Parameters:
- password - the password used to decrypt the message
- message - the content to encrypt
- Returns:
- byte[]
Example
Copy
var des = new Ax.crypt.DES();
var password = "mypassword";
var message_source = "Secret Message";
var message_secret_bytes = des.encrypt(password, message_source);
console.log(" secret message (base64)", Ax.util.Base64.encode(message_secret_bytes))
Class Ax.crypt.TripleDES
The Data Encryption Standard (3DES) is a symmetric-key algorithm for the encryption of electronic data.
Constructor Summary
Method Summary
Modifier and Type
Method
Description
Ax.text.String
decrypt(Ax.text.String password, byte[] message)
Decrypts the encrypted message using the given password.
Ax.text.String
decrypt(Ax.text.String password,byte[] message,byte[] initial_vector)
Decrypts the encrypted message using the given password.
byte[]
encrypt(Ax.text.String password, Ax.text.String message)
Encrypts the message using the given password.
byte[]
encrypt(Ax.text.String password,Ax.text.String message,byte[] initial_vector)
Constructor Detail
Ax.crypt.TripleDES.JS3DES
-
Ax.crypt.TripleDES.JS3DES()
- Info:
-
Creates a DES instance. By default uses DESede/ECB/PKCS5Padding algorithm
Ax.crypt.TripleDES.JS3DES
-
Ax.crypt.TripleDES.JS3DES( string algorithm )
- Info:
-
Build a cipher with a custom algorithm - Parameters:
- algorithm -
Method Detail
Ax.crypt.TripleDES.decrypt
-
string Ax.crypt.TripleDES.decrypt( string password, byte[] message )
- Info:
-
Decrypts the encrypted message using the given password. - Parameters:
- password - the password used to decrypt the message
- message - the encrypted message to decrypt
- Returns:
- string
Example
Copy
var des = new Ax.crypt.TripleDES();
var password = "mypassword";
var base64_secret = "yoPTzoj1UimiEEcadS6MNQ==";
var message_secret = des.decrypt(password, Ax.util.Base64.decode(base64_secret));
console.log(" secret ", message_secret)
Ax.crypt.TripleDES.decrypt
-
string Ax.crypt.TripleDES.decrypt( string password, byte[] message, byte[] initial_vector )
- Info:
-
Decrypts the encrypted message using the given password. - Parameters:
- password - the password used to decrypt the message
- message - the encrypted message to decrypt
- initial_vector -
- Returns:
- string
Example
Copy
var des = new Ax.crypt.TripleDES();
var password = "mypassword";
var base64_secret = "yoPTzoj1UimiEEcadS6MNQ==";
var message_secret = des.decrypt(password, Ax.util.Base64.decode(base64_secret));
console.log(" secret ", message_secret)
Ax.crypt.TripleDES.encrypt
-
byte[] Ax.crypt.TripleDES.encrypt( string password, string message )
- Info:
-
Encrypts the message using the given password. DES Key only allows passwords 8 characters long. If you try to use a password longer than 8 chars, only first 8 bytes will be considered. If password is less than 8 bytes, password is filled automatically. - Parameters:
- password - the password used to decrypt the message
- message - the content to encrypt
- Returns:
- byte[]
Example
Copy
var des = new Ax.crypt.TripleDES();
var password = "mypassword";
var message_source = "Secret Message";
var message_secret_bytes = des.encrypt(password, message_source);
console.log(" secret message (base64)", Ax.util.Base64.encode(message_secret_bytes))
Ax.crypt.TripleDES.encrypt
-
byte[] Ax.crypt.TripleDES.encrypt( string password, string message, byte[] initial_vector )
- Parameters:
- password -
- message -
- initial_vector -
- Returns:
- byte[]
Example
Copy
var des = new Ax.crypt.TripleDES();
var password = "mypassword";
var message_source = "Secret Message";
var message_secret_bytes = des.encrypt(password, message_source);
console.log(" secret message (base64)", Ax.util.Base64.encode(message_secret_bytes))
3 AES
Class Ax.crypt.AES
Class that implements the Advanced Encryption Standard
Using Java to decrypt openssl aes-256-cbc using provided key and iv
Notice that provided keys when strings are interpreted as hex numbers.
If you plan to send non hex key password and nit vector, send
values as byte[] constructors.
openssl enc -aes-256-cbc -P
salt=2855243412E30BD7
key=E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
iv=629E2E1500B6BA687A385D410D5B08E3
Encrypt
openssl enc -aes-256-cbc -K
E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5 -iv
629E2E1500B6BA687A385D410D5B08E3 -e -in text -out text_ENCRYPTED
Decrypt
openssl enc -aes-256-cbc -K
E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5 -iv
629E2E1500B6BA687A385D410D5B08E3 -d -in text_ENCRYPTED -out text_DECRYPTED
The cryptographic keys used for AES are usually fixed-length (for example, 128 or 256bit keys).
Because humans cannot easily remember long random strings, key stretching is performed to
create a long, fixed-length key from a short, variable length password.
Key stretching uses a key-derivation function.
Command line OpenSSL uses a rather simplistic method for computing the cryptographic key
from a password, which we will need to mimic using the Java API.
OpenSSL uses a hash of the password and a random 64bit salt.
Only a single iteration is performed.
UnlimitedJCEPolicy
To use an AES password using an SHA256 (64 bytes key), the UnlimitedJCEPolicy
or will get Exception "invalid aes key length 64 bytes"
Constructor Summary
Method Summary
Modifier and Type
Method
Description
Ax.text.String
decrypt(Ax.text.String password, Ax.text.String secretbase64)
Decrypts the secret using the password.
byte[]
Decrypts the data with AES algorithm, using the given password and initialization vector.
byte[]
Decrypts the data with AES algorithm, using the given password and initialization vector.
byte[]
Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
Decrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
decrypt(PrivateKey key,byte[] data)
Decrypts the data with AES algorithm, using the given secret key.
Ax.text.String
encrypt(int keyLength, Ax.text.String password, Ax.text.String secret)
Encrypts the secret using the password and using the specified keylength.
byte[]
encrypt(Ax.text.String password,Ax.text.String initVector,Ax.text.String data)
Encrypts the data with AES algorithm, using the given password and initialization vector.
byte[]
encrypt(Ax.text.String password, Ax.text.String initVector, byte[] data)
Encrypts the data with AES algorithm, using the given password and initialization vector.
byte[]
encrypt(byte[] password,byte[] initVector,byte[] data)
Encrypts the data with AES algorithm, using the given password and initialization vector.
byte[]
encrypt(Ax.text.String key, Ax.text.String salt, Ax.text.String initVector, Ax.text.String data)
Encrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
encrypt(Ax.text.String key,Ax.text.String salt,Ax.text.String initVector,int keyLength,Ax.text.String data)
Encrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
encrypt(Ax.text.String key, Ax.text.String salt, byte[] initVector, Ax.text.String data)
Encrypts the data with AES algorithm, using the given secret key and initialization vector.
byte[]
encrypt(Ax.text.String key,Ax.text.String salt,byte[] initVector,int keyLength,Ax.text.String data)
Encrypts the data with AES algorithm, using the given secret key and initialization vector.
Constructor Detail
Ax.crypt.AES.JSAES
-
Ax.crypt.AES.JSAES()
- Info:
-
Creates a new AES instance using "AES/CBC/PKCS7Padding" as the default cypher
Ax.crypt.AES.JSAES
-
Ax.crypt.AES.JSAES( string cypher )
- Info:
-
Creates a new AES instance with the given cypher. - Parameters:
- cypher - cypher to use
Method Detail
Ax.crypt.AES.decrypt
-
string Ax.crypt.AES.decrypt( string password, string secretbase64 )
- Info:
-
Decrypts the secret using the password. It is used for Password salt encryption. The following method does the same as JSPassword.decrypt. - Parameters:
- password - password that will be used to decrypt the secret message
- secretbase64 - secret message to decrypt in base 64 format
- Returns:
- string
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( string password, string initVector, object data )
- Info:
-
Decrypts the data with AES algorithm, using the given password and initialization vector. - Parameters:
- password - password for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- initVector - initialization vector specified in encryption, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( byte[] password, byte[] initVector, object data )
- Info:
-
Decrypts the data with AES algorithm, using the given password and initialization vector. - Parameters:
- password - password for decryption specified in encryption
- initVector - initialization vector specified in encryption
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( string key, string salt, string initVector, object data )
- Info:
-
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector specified in encryption, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( string key, string salt, string initVector, smallint keyLength, object data )
- Info:
-
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector specified in encryption, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- keyLength - secret key length in bits (128, 192 o 256)
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( string key, string salt, byte[] initVector, object data )
- Info:
-
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector specified in encryption
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( string key, string salt, byte[] initVector, smallint keyLength, object data )
- Info:
-
Decrypts the data with AES algorithm, using the given secret key and initialization vector. Decrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption specified in encryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector specified in encryption
- keyLength - secret key length in bits (128, 192 o 256)
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.decrypt
-
byte[] Ax.crypt.AES.decrypt( object key, byte[] data )
- Info:
-
Decrypts the data with AES algorithm, using the given secret key. - Parameters:
- key - secret key for decryption specified in encryption
- data - encrypted data
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
string Ax.crypt.AES.encrypt( smallint keyLength, string password, string secret )
- Info:
-
Encrypts the secret using the password and using the specified keylength. It is used for Password salt encryption. The following method does the same as JSPassword.encrypt. - Parameters:
- keyLength - secret key length in bits (128, 192 o 256)
- password - password that will be used to decrypt the secret message
- secret - secret message to encrypt
- Returns:
- string
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( string password, string initVector, string data )
- Info:
-
Encrypts the data with AES algorithm, using the given password and initialization vector. - Parameters:
- password - password for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- data - data to encrypt
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( string password, string initVector, byte[] data )
- Info:
-
Encrypts the data with AES algorithm, using the given password and initialization vector. - Parameters:
- password - password for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- data - data to encrypt
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( byte[] password, byte[] initVector, byte[] data )
- Info:
-
Encrypts the data with AES algorithm, using the given password and initialization vector. - Parameters:
- password - password for decryption
- initVector - initialization vector
- data - data to encrypt
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( string key, string salt, string initVector, string data )
- Info:
-
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- data - data to encrypt
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( string key, string salt, string initVector, smallint keyLength, string data )
- Info:
-
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector, assuming it has the form of a hex number like: f0af2f441d222f8a7df4b468d0784edb
- keyLength - secret key length in bits (128, 192 o 256)
- data - data to encrypt
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( string key, string salt, byte[] initVector, string data )
- Info:
-
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector
- data - data to encrypt
- Returns:
- byte[]
Ax.crypt.AES.encrypt
-
byte[] Ax.crypt.AES.encrypt( string key, string salt, byte[] initVector, smallint keyLength, string data )
- Info:
-
Encrypts the data with AES algorithm, using the given secret key and initialization vector. Encrypt method with "salt". Not using AESCipherPlusSalt. The salt parameter is included in the SecretKey. - Parameters:
- key - secret key for decryption, assuming it has the form of a hex number like: E4A38479A2349177EAE6038A018483318350E7F5430BDC8F82F1974715CB54E5
- salt - salt for encryption
- initVector - initialization vector
- keyLength - secret key length in bits (128, 192 o 256)
- data - data to encrypt
- Returns:
- byte[]
4 Digest
Class Ax.crypt.Digest
MessageDigest wrapper (MD5, SHA1 ...), a class that provides applications the functionality
of a message digest algorithm, such as SHA-1 or SHA-256. Message digests are secure
one-way hash functions that take arbitrary-sized data and output a fixed-length hash value.
Constructor Summary
Method
Description
JSDigest(Ax.text.String algorithm)
Creates a new digest instance with the specified algorithm.
Method Summary
Modifier and Type
Method
Description
Ax.text.String
digest()
Completes the hash computation and resets the digest.
Ax.crypt.Digest
reset()
Resets the digest for further use.
Ax.crypt.Digest
update(Ax.text.String data)
Processes the given data and updates the digest.
Ax.crypt.Digest
Processes the given data and updates the digest.
Ax.crypt.Digest
Updates the digest given a ResultSet.
Constructor Detail
Ax.crypt.Digest.JSDigest
-
Ax.crypt.Digest.JSDigest( string algorithm )
- Info:
-
Creates a new digest instance with the specified algorithm. - Parameters:
- algorithm -
Method Detail
Ax.crypt.Digest.digest
-
string Ax.crypt.Digest.digest()
- Info:
-
Completes the hash computation and resets the digest. - Returns:
- string
Ax.crypt.Digest.reset
-
object Ax.crypt.Digest.reset()
- Info:
-
Resets the digest for further use. - Returns:
- object
Ax.crypt.Digest.update
-
object Ax.crypt.Digest.update( string data )
- Info:
-
Processes the given data and updates the digest. - Parameters:
- data - the data to be processed
- Returns:
- object
Ax.crypt.Digest.update
-
object Ax.crypt.Digest.update( object data )
- Info:
-
Processes the given data and updates the digest. - Parameters:
- data - the data to be processed
- Returns:
- object
Ax.crypt.Digest.update
-
object Ax.crypt.Digest.update( object irs )
- Info:
-
Updates the digest given a ResultSet. It's useful to have a hash on ResulSet data used in junit tests. - Parameters:
- irs -
- Returns:
- object
5 Obfuscate
Class Ax.crypt.Obfuscate
Constructor Summary
Method Summary
Modifier and Type
Method
Description
Ax.text.String
encode(Ax.text.String data)
Encode a password/text using the 'obfuscate' algorithm (reversible encryption).
Constructor Detail
Ax.crypt.Obfuscate.JSObfuscate
-
Ax.crypt.Obfuscate.JSObfuscate()
Method Detail
Ax.crypt.Obfuscate.encode
-
string Ax.crypt.Obfuscate.encode( string data )
- Info:
-
Encode a password/text using the 'obfuscate' algorithm (reversible encryption). Example: let password = new Ax.crypt.Obfuscate().encode('Hello world!'); WARNING: reverse method (tag) should not be implemented to avoid users with "dbstudio" or shell permission decrypting other users passwords!!!! - Parameters:
- data - the data to be processed
- Returns:
- string
6 Hmac
Class Ax.crypt.Hmac
This class provides the functionality of a "Message Authentication Code" (MAC) algorithm.
A MAC provides a way to check the integrity of information transmitted over or stored in an unreliable medium, based on a secret key.
Typically, message authentication codes are used between two parties that share a secret key in order to validate information
transmitted between these parties
Constructor Summary
Method Summary
Modifier and Type
Method
Description
byte[]
calculateHMAC(Ax.text.String key, Ax.text.String data)
Calculate Hmac signature using key
byte[]
calculateHMAC(byte[] key,Ax.text.String data)
Calculate Hmac signature using key
byte[]
calculateHMAC(Ax.text.String key, byte[] data)
Calculate Hmac signature using key
byte[]
calculateHMAC(byte[] key,byte[] data)
Calculate Hmac signature using key
Constructor Detail
Ax.crypt.Hmac.JSHmac
-
Ax.crypt.Hmac.JSHmac()
- Info:
-
Returns a Mac object that implements the HmacSHA512 algorithm.
Ax.crypt.Hmac.JSHmac
-
Ax.crypt.Hmac.JSHmac( string algorithm )
- Info:
-
Returns a Mac object that implements the specified MAC algorithm. - Parameters:
- algorithm - The standard name of the requested MAC algorithm. See the Mac section in the <a href='https://docs.oracle.com/javase/9/docs/specs/security/standard-names.html'> Java Security Standard Algorithm Names Specification </a> for information about standard algorithm names
Example
Copy
https://docs.oracle.com/javase/9/docs/specs/security/standard-names.htmlJava Security Standard Algorithm Names Specification
Method Detail
Ax.crypt.Hmac.calculateHMAC
-
byte[] Ax.crypt.Hmac.calculateHMAC( string key, string data )
- Info:
-
Calculate Hmac signature using key - Parameters:
- key -
- data -
- Returns:
- byte[]
Ax.crypt.Hmac.calculateHMAC
-
byte[] Ax.crypt.Hmac.calculateHMAC( byte[] key, string data )
- Info:
-
Calculate Hmac signature using key - Parameters:
- key -
- data -
- Returns:
- byte[]
Ax.crypt.Hmac.calculateHMAC
-
byte[] Ax.crypt.Hmac.calculateHMAC( string key, byte[] data )
- Info:
-
Calculate Hmac signature using key - Parameters:
- key -
- data -
- Returns:
- byte[]
Ax.crypt.Hmac.calculateHMAC
-
byte[] Ax.crypt.Hmac.calculateHMAC( byte[] key, byte[] data )
- Info:
-
Calculate Hmac signature using key - Parameters:
- key -
- data -
- Returns:
- byte[]
7 SMime
Class Ax.crypt.SMime
S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data.
S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFC 3369, 3370, 3850 and 3851.
It was originally developed by RSA Data Security and the original specification used the IETF MIME specification
with the de facto industry standard PKCS#7 secure message format.
Constructor Summary
Method Summary
Modifier and Type
Method
Description
byte[]
Decrypts the encryptedData using the given privateKey.
byte[]
decrypt(PrivateKey privateKey,byte[] encryptedData)
Decrypts the encryptedData using the given privateKey.
byte[]
Encrypts the data using the specified certificate.
Constructor Detail
Ax.crypt.SMime.JSSMime
-
Ax.crypt.SMime.JSSMime()
- Info:
-
Creates a new SMime instance.
Ax.crypt.SMime.JSSMime
-
Ax.crypt.SMime.JSSMime( string mime )
- Info:
-
Creates a new SMime instance with the specified mime type. For example, application/pkcs7-mime. - Parameters:
- mime - mime type for encryption / signing
Method Detail
Ax.crypt.SMime.decrypt
-
byte[] Ax.crypt.SMime.decrypt( object privateKey, object encryptedData )
- Info:
-
Decrypts the encryptedData using the given privateKey. - Parameters:
- privateKey - private key used for decryption
- encryptedData - the encrypted data to decrypt
- Returns:
- byte[]
Ax.crypt.SMime.decrypt
-
byte[] Ax.crypt.SMime.decrypt( object privateKey, byte[] encryptedData )
- Info:
-
Decrypts the encryptedData using the given privateKey. - Parameters:
- privateKey - private key used for decryption
- encryptedData - the encrypted data to decrypt
- Returns:
- byte[]
Ax.crypt.SMime.encrypt
-
byte[] Ax.crypt.SMime.encrypt( object certificate, object encryptedData )
- Info:
-
Encrypts the data using the specified certificate. - Parameters:
- certificate - certificate for encryption
- encryptedData - data to encrypt
- Returns:
- byte[]
8 PKCS7
Class Ax.crypt.PKCS7
The PKCS7 package introduces digital signatures, digital certificates
and the relationship between digital signatures and PKCS #7: Cryptographic Message Syntax Standard(CMS).
The list of possible algorithms is in
Constructor Summary
Method Summary
Modifier and Type
Method
Description
byte[]
Decrypts the encryptedData with the given private key.
byte[]
Encrypts the rawData with the given certificate.
byte[]
Encrypts the rawData with the given certificate.
byte[]
byte[]
encrypt(X509Certificate certificate, org.bouncycastle.asn1.ASN1ObjectIdentifier algorithm, Object rawData)
Encrypts the rawData with the given certificate.
byte[]
Returns the given Object data as a byte array.
byte[]
Signs the encrypted rawData using the specified certificate and the private key.
byte[]
Signs the rawData (encrypted or not) using the specified certificate and the private key.
boolean
Verifies the signed data to ensure it is safe.
Constructor Detail
Ax.crypt.PKCS7.JSPKCS7
-
Ax.crypt.PKCS7.JSPKCS7()
- Info:
-
Creates a new PKCS7 instance.
Method Detail
Ax.crypt.PKCS7.decrypt
-
byte[] Ax.crypt.PKCS7.decrypt( object privateKey, object encryptedData )
- Info:
-
Decrypts the encryptedData with the given private key. - Parameters:
- privateKey - private key used for the decryption
- encryptedData - data to decrypt
- Returns:
- byte[]
Ax.crypt.PKCS7.encrypt
-
byte[] Ax.crypt.PKCS7.encrypt( string certificateText, object rawData )
- Info:
-
Encrypts the rawData with the given certificate. - Parameters:
- certificateText - certificate for encryption
- rawData - data to encrypt
- Returns:
- byte[]
Ax.crypt.PKCS7.encrypt
-
byte[] Ax.crypt.PKCS7.encrypt( string certificateText, object algorithm, object rawData )
- Info:
-
Encrypts the rawData with the given certificate. - Parameters:
- certificateText - certificate for encryption
- algorithm - algorithm used for encryption
- rawData - data to encrypt
- Returns:
- byte[]
Ax.crypt.PKCS7.encrypt
-
byte[] Ax.crypt.PKCS7.encrypt( string certificateText, string algorithmID, object rawData )
- Parameters:
- certificateText -
- algorithmID -
- rawData -
- Returns:
- byte[]
Ax.crypt.PKCS7.encrypt
-
byte[] Ax.crypt.PKCS7.encrypt( object certificate, object algorithm, object rawData )
- Info:
-
Encrypts the rawData with the given certificate. - Parameters:
- certificate - certificate for encryption
- algorithm - algorithm used for encryption
- rawData - data to encrypt
- Returns:
- byte[]
Ax.crypt.PKCS7.getData
-
byte[] Ax.crypt.PKCS7.getData( object rawData )
- Info:
-
Returns the given Object data as a byte array. - Parameters:
- rawData - Object to convert to byte array
- Returns:
- byte[]
Ax.crypt.PKCS7.sign
-
byte[] Ax.crypt.PKCS7.sign( string certificateText, object privateKey, object rawData )
- Info:
-
Signs the encrypted rawData using the specified certificate and the private key. - Parameters:
- certificateText - certificate to sign
- privateKey - private key used to sign
- rawData - encrypted data to sign
- Returns:
- byte[]
Ax.crypt.PKCS7.sign
-
byte[] Ax.crypt.PKCS7.sign( object certificate, object privateKey, object rawData )
- Info:
-
Signs the rawData (encrypted or not) using the specified certificate and the private key. - Parameters:
- certificate - certificate to sign
- privateKey - private key used to sign
- rawData - encrypted data to sign
- Returns:
- byte[]
Ax.crypt.PKCS7.verify
-
boolean Ax.crypt.PKCS7.verify( object signedData )
- Info:
-
Verifies the signed data to ensure it is safe. - Parameters:
- signedData - encrypted signed data
- Returns:
- boolean
9 PKCS8
Class Ax.crypt.PKCS8
PKCS #8 is the Private-Key Information Syntax Standard, a standard syntax for storing private key information,
created by RSA Laboratories.
Constructor Summary
Method
Description
JSPKCS8(Ax.text.String algorithm)
Creates a new instance of PKCS8, with the specified algorithm
Method Summary
Modifier and Type
Method
Description
byte[]
decode(Ax.text.String text)
Ax.text.String
encode(byte[] data)
Encodes the provided data.
byte[]
Signs the message with the specified algorithm and private key.
byte[]
Signs the message with the specified private key.
boolean
Verifies the signed data to ensure it is safe.
boolean
Verifies the signed data to ensure it is safe.
boolean
Verifies the signed data to ensure it is safe.
Constructor Detail
Ax.crypt.PKCS8.JSPKCS8
-
Ax.crypt.PKCS8.JSPKCS8( string algorithm )
- Info:
-
Creates a new instance of PKCS8, with the specified algorithm - Parameters:
- algorithm - encoding algorithm to use
Method Detail
Ax.crypt.PKCS8.decode
-
byte[] Ax.crypt.PKCS8.decode( string text )
- Parameters:
- text -
- Returns:
- byte[]
Ax.crypt.PKCS8.encode
-
string Ax.crypt.PKCS8.encode( byte[] data )
- Info:
-
Encodes the provided data. - Parameters:
- data - data to encode
- Returns:
- string
Ax.crypt.PKCS8.sign
-
byte[] Ax.crypt.PKCS8.sign( string privateKey, string algorithm, object message )
- Info:
-
Signs the message with the specified algorithm and private key. - Parameters:
- privateKey - private key used to sign
- algorithm - algorithm used to sign
- message - message to sign
- Returns:
- byte[]
Ax.crypt.PKCS8.sign
-
byte[] Ax.crypt.PKCS8.sign( object privateKey, object message )
- Info:
-
Signs the message with the specified private key. - Parameters:
- privateKey - private key used to sign
- message - message to sign
- Returns:
- byte[]
Ax.crypt.PKCS8.verify
-
boolean Ax.crypt.PKCS8.verify( string key, string algorithm, object message, string signature )
- Info:
-
Verifies the signed data to ensure it is safe. - Parameters:
- key - public key used for verification
- algorithm - decoding algorithm
- message - signed message to verify
- signature - signature to verify
- Returns:
- boolean
Ax.crypt.PKCS8.verify
-
boolean Ax.crypt.PKCS8.verify( object key, object message, string signature )
- Info:
-
Verifies the signed data to ensure it is safe. - Parameters:
- key - public key used for verification
- message - signed message to verify
- signature - signature to verify
- Returns:
- boolean
Ax.crypt.PKCS8.verify
-
boolean Ax.crypt.PKCS8.verify( object key, object message, byte[] signature )
- Info:
-
Verifies the signed data to ensure it is safe. - Parameters:
- key - public key used for verification
- message - signed message to verify
- signature - signature to verify
- Returns:
- boolean
10 KeyPair
Class Ax.crypt.KeyPair
Wrapper around KeyPair
Constructor Summary
Method
Description
JSKeyPair(Ax.text.String algorithm, int size)
Creates a key pair with the specified algorithm and size.
Method Summary
Modifier and Type
Method
Description
byte[]
Returns the private key component of this key pair as a byte array.
Ax.text.String
Returns the private key component of this key pair in PEM format as a string.
byte[]
Returns the public key component of this key pair as a byte array.
Ax.text.String
Returns the public key component of this key pair in PEM format as a string.
Returns the private key component of this key pair.
Constructor Detail
Ax.crypt.KeyPair.JSKeyPair
-
Ax.crypt.KeyPair.JSKeyPair( string algorithm, smallint size )
- Info:
-
Creates a key pair with the specified algorithm and size. - Parameters:
- algorithm - algorithm for key generation
- size - size of the key
Example
Copy
new Ax.crypt.KeyPair("RSA", 2048);
Method Detail
Ax.crypt.KeyPair.getPrivateKey
-
byte[] Ax.crypt.KeyPair.getPrivateKey()
- Info:
-
Returns the private key component of this key pair as a byte array. - Returns:
- byte[]
Ax.crypt.KeyPair.getPrivateKeyAsPEM
-
string Ax.crypt.KeyPair.getPrivateKeyAsPEM()
- Info:
-
Returns the private key component of this key pair in PEM format as a string. - Returns:
- string
Ax.crypt.KeyPair.getPublicKey
-
byte[] Ax.crypt.KeyPair.getPublicKey()
- Info:
-
Returns the public key component of this key pair as a byte array. - Returns:
- byte[]
Ax.crypt.KeyPair.getPublicKeyAsPEM
-
string Ax.crypt.KeyPair.getPublicKeyAsPEM()
- Info:
-
Returns the public key component of this key pair in PEM format as a string. - Returns:
- string
Ax.crypt.KeyPair.getRawPrivateKey
-
object Ax.crypt.KeyPair.getRawPrivateKey()
- Info:
-
Returns the private key component of this key pair. - Returns:
- object
11 PGPKeyGen
Class Ax.crypt.PGPKeyGen
Key generator class for using PGP. Pretty Good Privacy (PGP) is an encryption program that provides
cryptographic privacy and authentication for data communication.
Constructor Summary
Method
Description
JSPGPKeyGen(Ax.text.String identity, Ax.text.String password)
Creates a new key generator, with the given identity and password.
JSPGPKeyGen(Ax.text.String identity, Ax.text.String password, int secondsToExpire)
Creates a new key generator, with the given identity, password and seconds to expire.
Method Summary
Modifier and Type
Method
Description
Ax.text.String
Returns the private key created by the generator.
Ax.text.String
Returns the public key created by the generator.
Constructor Detail
Ax.crypt.PGPKeyGen.JSPGPKeyGen
-
Ax.crypt.PGPKeyGen.JSPGPKeyGen( string identity, string password )
- Info:
-
Creates a new key generator, with the given identity and password. - Parameters:
- identity - identity associated with the keys
- password - password associated with the keys
Ax.crypt.PGPKeyGen.JSPGPKeyGen
-
Ax.crypt.PGPKeyGen.JSPGPKeyGen( string identity, string password, smallint secondsToExpire )
- Info:
-
Creates a new key generator, with the given identity, password and seconds to expire. - Parameters:
- identity - identity associated with the keys
- password - password associated with the keys
- secondsToExpire - seconds until the keys are invalid
Method Detail
Ax.crypt.PGPKeyGen.getPrivateKey
-
string Ax.crypt.PGPKeyGen.getPrivateKey()
- Info:
-
Returns the private key created by the generator. - Returns:
- string
Ax.crypt.PGPKeyGen.getPublicKey
-
string Ax.crypt.PGPKeyGen.getPublicKey()
- Info:
-
Returns the public key created by the generator. - Returns:
- string
12 PGPEncode
Class Ax.crypt.PGPEncode
Encoder class for using PGP. Pretty Good Privacy (PGP) is an encryption program that provides
cryptographic privacy and authentication for data communication.
Constructor Summary
Method
Description
JSPGPEncode(Ax.text.String privateKey)
Creates a new PGP encoder, using the specified private key.
JSPGPEncode(Ax.text.String privateKey, Ax.text.String identity)
Creates a new PGP encoder, using the specified private key and the specified identity.
Method Summary
Modifier and Type
Method
Description
Ax.text.String
encode(Ax.text.String keyPassPhraseString, Ax.text.String message)
Encodes the message using the keyPassPhraseString as password.
Constructor Detail
Ax.crypt.PGPEncode.JSPGPEncode
-
Ax.crypt.PGPEncode.JSPGPEncode( string privateKey )
- Info:
-
Creates a new PGP encoder, using the specified private key. - Parameters:
- privateKey - the private key that the encoder will use
Ax.crypt.PGPEncode.JSPGPEncode
-
Ax.crypt.PGPEncode.JSPGPEncode( string privateKey, string identity )
- Info:
-
Creates a new PGP encoder, using the specified private key and the specified identity. - Parameters:
- privateKey - the private key that the encoder will use
- identity - the identity that the encoder will use
Method Detail
Ax.crypt.PGPEncode.encode
-
string Ax.crypt.PGPEncode.encode( string keyPassPhraseString, string message )
- Info:
-
Encodes the message using the keyPassPhraseString as password. - Parameters:
- keyPassPhraseString - passphrase used to encrypt the message
- message - mesage to encode
- Returns:
- string
13 PGPDecode
Class Ax.crypt.PGPDecode
Decoder class for using PGP. Pretty Good Privacy (PGP) is an encryption program that provides
cryptographic privacy and authentication for data communication.
Constructor Summary
Method
Description
JSPGPDecode(Ax.text.String publicKey)
Creates a new decoder with the specified public key.
Method Summary
Modifier and Type
Method
Description
byte[]
decode(Ax.text.String message)
Decodes the encoded message.
Constructor Detail
Ax.crypt.PGPDecode.JSPGPDecode
-
Ax.crypt.PGPDecode.JSPGPDecode( string publicKey )
- Info:
-
Creates a new decoder with the specified public key. - Parameters:
- publicKey - the public key that the decoder will use
Method Detail
Ax.crypt.PGPDecode.decode
-
byte[] Ax.crypt.PGPDecode.decode( string message )
- Info:
-
Decodes the encoded message. - Parameters:
- message - message to decode
- Returns:
- byte[]
14 Password
Class Ax.crypt.Password
Constructor Summary
Constructor Detail
Ax.crypt.Password.JSPassword
-
Ax.crypt.Password.JSPassword( string plain )
- Info:
-
The constructor. Will be called as: let pass = Ax.crypt.Password("my_secret_passw"); - Parameters:
- plain - The plain password string
15 Whirlpool
Class Ax.crypt.Whirlpool
In computer science and cryptography, Whirlpool (sometimes styled WHIRLPOOL) is a cryptographic hash function.
It was designed by Vincent Rijmen (co-creator of the Advanced Encryption Standard)
and Paulo S. L. M. Barreto, who first described it in 2000.
Constructor Summary
Method Summary
Constructor Detail
Ax.crypt.Whirlpool.JSWhirlpool
-
Ax.crypt.Whirlpool.JSWhirlpool()
- Info:
-
Creates a new Whirlpool instance
Method Detail
Ax.crypt.Whirlpool.add
-
object Ax.crypt.Whirlpool.add( string data )
- Info:
-
Adds the given data to the hash structure - Parameters:
- data - data to hash and encrypt
- Returns:
- object
Ax.crypt.Whirlpool.hash
-
string Ax.crypt.Whirlpool.hash()
- Info:
-
Processes the hashed data and returns the encrypted data. - Returns:
- string
16 XAdES
Class Ax.crypt.XAdES
XAdES (short for "XML Advanced Electronic Signatures") is a set of extensions to XML-DSig recommendation making it suitable
for advanced electronic signatures. W3C and ETSI maintain and update XAdES together.
Base de firma electronica de facturas
Constructor Summary
Method Summary
Modifier and Type
Method
Description
P
setDigestAlgorithm(Ax.text.String algorithm)
Sets the digest algorithm.
setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)
Sets the digest algorithm.
Ax.crypt.XAdES
setIgnoreMissingRevocationData(boolean flag)
Let users ignore an exception when checking the certificate for valid revocation data.
setSignatureLevel(Ax.text.String level)
Sets the signature level.
setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)
Sets the signature level.
setSignaturePackaging(Ax.text.String packaging)
Sets the signature packaging.
setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)
Sets the signature packaging.
setTspServer(Ax.text.String server)
Sets the TSP server
V
sign(Ax.ks.KeyStoreManager km, Ax.text.String keyPassword)
Required for JavaScript call providing a JSKeyStoreManager
and a plain password String.
V
sign(Ax.ks.KeyStoreManager km,Ax.crypt.Password managedKeyPassword)
Required for JavaScript call providing a JSKeyStoreManager
and a JSManagedPassword instance.
V
sign(Ax.ks.KeyStoreManager km, Ax.text.String alias, Ax.text.String keyPassword)
Signs the object with the keys specified in km, with the given alias
and plain password String.
V
sign(Ax.ks.KeyStoreManager km,Ax.text.String alias,Ax.crypt.Password managedKeyPassword)
Signs the object with the keys specified in km, with the given alias
and a JSManagedPassword instance.
void
verify()
Verifies the signed document to ensure it is safe.
void
verify(eu.europa.esig.dss.DSSDocument signedDocument)
Verifies the given signed document to ensure it is safe.
Constructor Detail
Ax.crypt.XAdES.JSXAdES
-
Ax.crypt.XAdES.JSXAdES( object xml )
- Info:
-
Creates a new XAdES instance given an xml object - Parameters:
- xml - xml document to sign
Ax.crypt.XAdES.JSXAdES
-
Ax.crypt.XAdES.JSXAdES( object xml )
- Info:
-
Creates a new XAdES instance given an xml object - Parameters:
- xml - xml doument to sign
Method Detail
Ax.crypt.XAdES.getSignatureParameters
-
object Ax.crypt.XAdES.getSignatureParameters()
- Returns:
- object
Ax.crypt.XAdES.setBLevelParams
-
object Ax.crypt.XAdES.setBLevelParams( object consumer )
- Parameters:
- consumer - of BLevelParameters
- Returns:
- object
Ax.crypt.XAdES.setDigestAlgorithm
-
object Ax.crypt.XAdES.setDigestAlgorithm( string algorithm )
- Info:
-
Sets the digest algorithm. - Parameters:
- algorithm - digest algorithm to set
- Returns:
- object
Ax.crypt.XAdES.setDigestAlgorithm
-
object Ax.crypt.XAdES.setDigestAlgorithm( object algorithm )
- Info:
-
Sets the digest algorithm. DigestAlgorithms are specified in DigestAlgorithm class. - Parameters:
- algorithm - digest algorithm to set
- Returns:
- object
Ax.crypt.XAdES.setIgnoreMissingRevocationData
-
object Ax.crypt.XAdES.setIgnoreMissingRevocationData( boolean flag )
- Info:
-
Let users ignore an exception when checking the certificate for valid revocation data. Defaults to "false". Should be used when generating a signature of level "XAdES_BASELINE_LT" to avoid an error. We do not know why (because used certificates have revocation data, CRL lists) !?!?!?!?!? - Parameters:
- flag -
- Returns:
- object
Ax.crypt.XAdES.setSignatureLevel
-
object Ax.crypt.XAdES.setSignatureLevel( string level )
- Info:
-
Sets the signature level. - Parameters:
- level - signature level to set
- Returns:
- object
Ax.crypt.XAdES.setSignatureLevel
-
object Ax.crypt.XAdES.setSignatureLevel( object level )
- Info:
-
Sets the signature level. SignatureLevels are specified in subclasses. - Parameters:
- level - signature level to set
- Returns:
- object
Ax.crypt.XAdES.setSignaturePackaging
-
object Ax.crypt.XAdES.setSignaturePackaging( string packaging )
- Info:
-
Sets the signature packaging. - Parameters:
- packaging - signature packaginf to set
- Returns:
- object
Ax.crypt.XAdES.setSignaturePackaging
-
object Ax.crypt.XAdES.setSignaturePackaging( object packaging )
- Info:
-
Sets the signature packaging. SignaturePackagings are specified in subclasses. - Parameters:
- packaging - signature packaginf to set
- Returns:
- object
Ax.crypt.XAdES.setTspServer
-
object Ax.crypt.XAdES.setTspServer( string server )
- Info:
-
Sets the TSP server - Parameters:
- server - TSP server to set
- Returns:
- object
Ax.crypt.XAdES.sign
-
object Ax.crypt.XAdES.sign( object km, string keyPassword )
- Info:
-
Required for JavaScript call providing a JSKeyStoreManager and a plain password String. - Parameters:
- km -
- keyPassword -
- Returns:
- object
Ax.crypt.XAdES.sign
-
object Ax.crypt.XAdES.sign( object km, object managedKeyPassword )
- Info:
-
Required for JavaScript call providing a JSKeyStoreManager and a JSManagedPassword instance. - Parameters:
- km -
- managedKeyPassword -
- Returns:
- object
Ax.crypt.XAdES.sign
-
object Ax.crypt.XAdES.sign( object km, string alias, string keyPassword )
- Info:
-
Signs the object with the keys specified in km, with the given alias and plain password String. - Parameters:
- km - JSKeyStoreManager that contains the necessary keys
- alias - alias for signing
- keyPassword - password for signing
- Returns:
- object
Ax.crypt.XAdES.sign
-
object Ax.crypt.XAdES.sign( object km, string alias, object managedKeyPassword )
- Info:
-
Signs the object with the keys specified in km, with the given alias and a JSManagedPassword instance. - Parameters:
- km - JSKeyStoreManager that contains the necessary keys
- alias - alias for signing
- managedKeyPassword - managed-password instance for signing
- Returns:
- object
Ax.crypt.XAdES.verify
-
null Ax.crypt.XAdES.verify()
- Info:
-
Verifies the signed document to ensure it is safe. - Returns:
- null
Ax.crypt.XAdES.verify
-
null Ax.crypt.XAdES.verify( object signedDocument )
- Info:
-
Verifies the given signed document to ensure it is safe. - Parameters:
- signedDocument - signed document to verify
- Returns:
- null
17 CAdES
Class Ax.crypt.CAdES
CAdES (CMS Advanced Electronic Signatures) is a set of extensions to Cryptographic Message Syntax (CMS)
signed data making it suitable for advanced electronic signatures.
Constructor Summary
Method Summary
Modifier and Type
Method
Description
P
setDigestAlgorithm(Ax.text.String algorithm)
Sets the digest algorithm.
setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)
Sets the digest algorithm.
setSignatureLevel(Ax.text.String level)
Sets the signature level.
setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)
Sets the signature level.
setSignaturePackaging(Ax.text.String packaging)
Sets the signature packaging.
setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)
Sets the signature packaging.
setTspServer(Ax.text.String server)
Sets the TSP server
V
sign(Ax.ks.KeyStoreManager km,Ax.text.String keyPassword)
Required for JavaScript call providing a JSKeyStoreManager
and a plain password String.
V
sign(Ax.ks.KeyStoreManager km, Ax.crypt.Password managedKeyPassword)
Required for JavaScript call providing a JSKeyStoreManager
and a JSManagedPassword instance.
V
sign(Ax.ks.KeyStoreManager km,Ax.text.String alias,Ax.text.String keyPassword)
Signs the object with the keys specified in km, with the given alias
and plain password String.
V
sign(Ax.ks.KeyStoreManager km, Ax.text.String alias, Ax.crypt.Password managedKeyPassword)
Signs the object with the keys specified in km, with the given alias
and a JSManagedPassword instance.
Constructor Detail
Ax.crypt.CAdES.JSCAdES
-
Ax.crypt.CAdES.JSCAdES( object object )
- Info:
-
Creates a CAdES instance with the given object, and using the default signature level and signature packaging. - Parameters:
- object - object to sign
Method Detail
Ax.crypt.CAdES.getSignatureParameters
-
object Ax.crypt.CAdES.getSignatureParameters()
- Returns:
- object
Ax.crypt.CAdES.setBLevelParams
-
object Ax.crypt.CAdES.setBLevelParams( object consumer )
- Parameters:
- consumer - of BLevelParameters
- Returns:
- object
Ax.crypt.CAdES.setDigestAlgorithm
-
object Ax.crypt.CAdES.setDigestAlgorithm( string algorithm )
- Info:
-
Sets the digest algorithm. - Parameters:
- algorithm - digest algorithm to set
- Returns:
- object
Ax.crypt.CAdES.setDigestAlgorithm
-
object Ax.crypt.CAdES.setDigestAlgorithm( object algorithm )
- Info:
-
Sets the digest algorithm. DigestAlgorithms are specified in DigestAlgorithm class. - Parameters:
- algorithm - digest algorithm to set
- Returns:
- object
Ax.crypt.CAdES.setSignatureLevel
-
object Ax.crypt.CAdES.setSignatureLevel( string level )
- Info:
-
Sets the signature level. - Parameters:
- level - signature level to set
- Returns:
- object
Ax.crypt.CAdES.setSignatureLevel
-
object Ax.crypt.CAdES.setSignatureLevel( object level )
- Info:
-
Sets the signature level. SignatureLevels are specified in subclasses. - Parameters:
- level - signature level to set
- Returns:
- object
Ax.crypt.CAdES.setSignaturePackaging
-
object Ax.crypt.CAdES.setSignaturePackaging( string packaging )
- Info:
-
Sets the signature packaging. - Parameters:
- packaging - signature packaginf to set
- Returns:
- object
Ax.crypt.CAdES.setSignaturePackaging
-
object Ax.crypt.CAdES.setSignaturePackaging( object packaging )
- Info:
-
Sets the signature packaging. SignaturePackagings are specified in subclasses. - Parameters:
- packaging - signature packaginf to set
- Returns:
- object
Ax.crypt.CAdES.setTspServer
-
object Ax.crypt.CAdES.setTspServer( string server )
- Info:
-
Sets the TSP server - Parameters:
- server - TSP server to set
- Returns:
- object
Ax.crypt.CAdES.sign
-
object Ax.crypt.CAdES.sign( object km, string keyPassword )
- Info:
-
Required for JavaScript call providing a JSKeyStoreManager and a plain password String. - Parameters:
- km -
- keyPassword -
- Returns:
- object
Ax.crypt.CAdES.sign
-
object Ax.crypt.CAdES.sign( object km, object managedKeyPassword )
- Info:
-
Required for JavaScript call providing a JSKeyStoreManager and a JSManagedPassword instance. - Parameters:
- km -
- managedKeyPassword -
- Returns:
- object
Ax.crypt.CAdES.sign
-
object Ax.crypt.CAdES.sign( object km, string alias, string keyPassword )
- Info:
-
Signs the object with the keys specified in km, with the given alias and plain password String. - Parameters:
- km - JSKeyStoreManager that contains the necessary keys
- alias - alias for signing
- keyPassword - password for signing
- Returns:
- object
Ax.crypt.CAdES.sign
-
object Ax.crypt.CAdES.sign( object km, string alias, object managedKeyPassword )
- Info:
-
Signs the object with the keys specified in km, with the given alias and a JSManagedPassword instance. - Parameters:
- km - JSKeyStoreManager that contains the necessary keys
- alias - alias for signing
- managedKeyPassword - managed-password instance for signing
- Returns:
- object
18 PAdES
Class Ax.crypt.PAdES
PAdES (PDF Advanced Electronic Signatures) is a set of restrictions and extensions to PDF and ISO 32000-1
making it suitable for Advanced Electronic Signature.
Constructor Summary
Method Summary
Modifier and Type
Method
Description
eu.europa.esig.dss.pades.PAdESSignatureParameters
P
Ax.crypt.PAdES
setContactInfo(Ax.text.String contactInfo)
Set signer contact info
setDigestAlgorithm(Ax.text.String algorithm)
Sets the digest algorithm.
setDigestAlgorithm(eu.europa.esig.dss.DigestAlgorithm algorithm)
Sets the digest algorithm.
Ax.crypt.PAdES
setReason(Ax.text.String reason)
Set signer reason.
Ax.crypt.PAdES
Sets the signature image parameters, the parameters for a visible signature creation.
setSignatureLevel(Ax.text.String level)
Sets the signature level.
setSignatureLevel(eu.europa.esig.dss.SignatureLevel level)
Sets the signature level.
Ax.crypt.PAdES
setSignatureName(Ax.text.String signatureName)
Set signature name.
setSignaturePackaging(Ax.text.String packaging)
Sets the signature packaging.
setSignaturePackaging(eu.europa.esig.dss.SignaturePackaging packaging)
Sets the signature packaging.
setTspServer(Ax.text.String server)
Sets the TSP server
V
sign(Ax.ks.KeyStoreManager km, Ax.text.String keyPassword)
Required for JavaScript call providing a JSKeyStoreManager
and a plain password String.
V
sign(Ax.ks.KeyStoreManager km,Ax.crypt.Password managedKeyPassword)
Required for JavaScript call providing a JSKeyStoreManager
and a JSManagedPassword instance.
V
sign(Ax.ks.KeyStoreManager km, Ax.text.String alias, Ax.text.String keyPassword)
Signs the object with the keys specified in km, with the given alias
and plain password String.
V
sign(Ax.ks.KeyStoreManager km,Ax.text.String alias,Ax.crypt.Password managedKeyPassword)
Signs the object with the keys specified in km, with the given alias
and a JSManagedPassword instance.
Constructor Detail
Ax.crypt.PAdES.JSPAdES
-
Ax.crypt.PAdES.JSPAdES( object object )
- Info:
-
Creates a new PAdES instance with the given object to encrypt. - Parameters:
- object -
Method Detail
Ax.crypt.PAdES.getSignatureParameters
-
object Ax.crypt.PAdES.getSignatureParameters()
- Returns:
- object
Ax.crypt.PAdES.getSignatureParameters
-
object Ax.crypt.PAdES.getSignatureParameters()
- Returns:
- object
Ax.crypt.PAdES.setBLevelParams
-
object Ax.crypt.PAdES.setBLevelParams( object consumer )
- Parameters:
- consumer - of BLevelParameters
- Returns:
- object
Ax.crypt.PAdES.setContactInfo
-
object Ax.crypt.PAdES.setContactInfo( string contactInfo )
- Info:
-
Set signer contact info - Parameters:
- contactInfo - contact info of signer
- Returns:
- object
Ax.crypt.PAdES.setDigestAlgorithm
-
object Ax.crypt.PAdES.setDigestAlgorithm( string algorithm )
- Info:
-
Sets the digest algorithm. - Parameters:
- algorithm - digest algorithm to set
- Returns:
- object
Ax.crypt.PAdES.setDigestAlgorithm
-
object Ax.crypt.PAdES.setDigestAlgorithm( object algorithm )
- Info:
-
Sets the digest algorithm. DigestAlgorithms are specified in DigestAlgorithm class. - Parameters:
- algorithm - digest algorithm to set
- Returns:
- object
Ax.crypt.PAdES.setReason
-
object Ax.crypt.PAdES.setReason( string reason )
- Info:
-
Set signer reason. - Parameters:
- reason - signer reason
- Returns:
- object
Ax.crypt.PAdES.setSignatureImageParameters
-
object Ax.crypt.PAdES.setSignatureImageParameters( object configurator )
- Info:
-
Sets the signature image parameters, the parameters for a visible signature creation. - Parameters:
- configurator - Consumer that sets the image parameters
- Returns:
- object
Ax.crypt.PAdES.setSignatureLevel
-
object Ax.crypt.PAdES.setSignatureLevel( string level )
- Info:
-
Sets the signature level. - Parameters:
- level - signature level to set
- Returns:
- object
Ax.crypt.PAdES.setSignatureLevel
-
object Ax.crypt.PAdES.setSignatureLevel( object level )
- Info:
-
Sets the signature level. SignatureLevels are specified in subclasses. - Parameters:
- level - signature level to set
- Returns:
- object
Ax.crypt.PAdES.setSignatureName
-
object Ax.crypt.PAdES.setSignatureName( string signatureName )
- Info:
-
Set signature name. - Parameters:
- signatureName - signature name
- Returns:
- object
Ax.crypt.PAdES.setSignaturePackaging
-
object Ax.crypt.PAdES.setSignaturePackaging( string packaging )
- Info:
-
Sets the signature packaging. - Parameters:
- packaging - signature packaginf to set
- Returns:
- object
Ax.crypt.PAdES.setSignaturePackaging
-
object Ax.crypt.PAdES.setSignaturePackaging( object packaging )
- Info:
-
Sets the signature packaging. SignaturePackagings are specified in subclasses. - Parameters:
- packaging - signature packaginf to set
- Returns:
- object
Ax.crypt.PAdES.setTspServer
-
object Ax.crypt.PAdES.setTspServer( string server )
- Info:
-
Sets the TSP server - Parameters:
- server - TSP server to set
- Returns:
- object
Ax.crypt.PAdES.sign
-
object Ax.crypt.PAdES.sign( object km, string keyPassword )
- Info:
-
Required for JavaScript call providing a JSKeyStoreManager and a plain password String. - Parameters:
- km -
- keyPassword -
- Returns:
- object
Ax.crypt.PAdES.sign
-
object Ax.crypt.PAdES.sign( object km, object managedKeyPassword )
- Info:
-
Required for JavaScript call providing a JSKeyStoreManager and a JSManagedPassword instance. - Parameters:
- km -
- managedKeyPassword -
- Returns:
- object
Ax.crypt.PAdES.sign
-
object Ax.crypt.PAdES.sign( object km, string alias, string keyPassword )
- Info:
-
Signs the object with the keys specified in km, with the given alias and plain password String. - Parameters:
- km - JSKeyStoreManager that contains the necessary keys
- alias - alias for signing
- keyPassword - password for signing
- Returns:
- object
Ax.crypt.PAdES.sign
-
object Ax.crypt.PAdES.sign( object km, string alias, object managedKeyPassword )
- Info:
-
Signs the object with the keys specified in km, with the given alias and a JSManagedPassword instance. - Parameters:
- km - JSKeyStoreManager that contains the necessary keys
- alias - alias for signing
- managedKeyPassword - managed-password instance for signing
- Returns:
- object
19 XMLDSig
Class Ax.crypt.XMLDSig
XML Signature Syntax and Processing
The XAdES standard is based on XMLDsig and extends it with structures for (TSA) timestamps (beside others).
SOAP example XMLDsig
https://gist.github.com/RevenueGitHubAdmin/2bc2f593040b6f97c0002b5718063fb5
SEE:
https://www.w3.org/TR/xmldsig-core1/
Detached signatures are over external network resources or local data objects that
reside within the same XML document as sibling elements; in this case, the signature
is neither enveloping (signature is parent) nor enveloped (signature is child).
enveloped: you are signing the root node
detached: you are signing a selected node (or external object)
Detached requires to specify a RefId (tag) and it's namespace to find the DOM Element
of the XML part to sign.
Constructor Summary
Method Summary
Modifier and Type
Method
Description
Ax.text.String
Returns the canonicalization method.
Ax.text.String
Returns the digest method used.
Ax.text.String
Returns the signature method currently set.
boolean
Returns if the xml document is enveloped, that is, the root node is signed.
void
setCanonicalizationMethod(Ax.text.String method)
Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS,
BASE64, XPATH, XPATH2.
Ax.crypt.XMLDSig
setDetachedNSElement(Ax.text.String detachedNS,Ax.text.String refId)
Selects the detached element to sign.
T
setDigestMethod(Ax.text.String method)
Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512.
Ax.crypt.XMLDSig
setNamespacePrefix(Ax.text.String prefix)
This method allows to define the name of namespace for signature tag generated by XMLDsig.
setSignatureMethod(Ax.text.String method)
Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512,
HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512,
SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1.
Ax.text.String
sign(Ax.ks.KeyStoreManager km,Ax.text.String keyPassword)
Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password.
Ax.text.String
sign(Ax.ks.KeyStoreManager km, Ax.text.String alias, Ax.text.String keyPassword)
Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password.
Ax.text.String
Signs the document, using the specified key and certificate in the KeyStore, alias and password.
Constructor Detail
Ax.crypt.XMLDSig.JSXMLDSig
-
Ax.crypt.XMLDSig.JSXMLDSig( object object )
- Info:
-
Creates an XMLDSig instance with the given xml document. - Parameters:
- object - xml document to sign
Ax.crypt.XMLDSig.JSXMLDSig
-
Ax.crypt.XMLDSig.JSXMLDSig( object object )
- Info:
-
Creates an XMLDSig instance with the given xml document. - Parameters:
- object - xml document to sign
Method Detail
Ax.crypt.XMLDSig.getCanonicalizationMethod
-
string Ax.crypt.XMLDSig.getCanonicalizationMethod()
- Info:
-
Returns the canonicalization method. - Returns:
- string
Ax.crypt.XMLDSig.getDigestMethod
-
string Ax.crypt.XMLDSig.getDigestMethod()
- Info:
-
Returns the digest method used. - Returns:
- string
Ax.crypt.XMLDSig.getSignatureMethod
-
string Ax.crypt.XMLDSig.getSignatureMethod()
- Info:
-
Returns the signature method currently set. - Returns:
- string
Ax.crypt.XMLDSig.isEnveloped
-
boolean Ax.crypt.XMLDSig.isEnveloped()
- Info:
-
Returns if the xml document is enveloped, that is, the root node is signed. If it s not enveloped it means it is detached, so a selected node is signed. - Returns:
- boolean
Ax.crypt.XMLDSig.setCanonicalizationMethod
-
null Ax.crypt.XMLDSig.setCanonicalizationMethod( string method )
- Info:
-
Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS, BASE64, XPATH, XPATH2. Default is ENVELOPED. - Parameters:
- method - the canonicalization method to set
- Returns:
- null
Ax.crypt.XMLDSig.setDetachedNSElement
-
object Ax.crypt.XMLDSig.setDetachedNSElement( string detachedNS, string refId )
- Info:
-
Selects the detached element to sign. - Parameters:
- detachedNS - namespace of the element to sign
- refId - tag of the element to sign.
- Returns:
- object
Ax.crypt.XMLDSig.setDigestMethod
-
object Ax.crypt.XMLDSig.setDigestMethod( string method )
- Info:
-
Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512. Default is SHA256. - Parameters:
- method - the digest method to use
- Returns:
- object
Ax.crypt.XMLDSig.setNamespacePrefix
-
object Ax.crypt.XMLDSig.setNamespacePrefix( string prefix )
- Info:
-
This method allows to define the name of namespace for signature tag generated by XMLDsig. - Parameters:
- prefix -
- Returns:
- object
Ax.crypt.XMLDSig.setSignatureMethod
-
object Ax.crypt.XMLDSig.setSignatureMethod( string method )
- Info:
-
Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512, SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1. Default is SHA256. - Parameters:
- method - the signature method to use
- Returns:
- object
Ax.crypt.XMLDSig.sign
-
string Ax.crypt.XMLDSig.sign( object km, string keyPassword )
- Info:
-
Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password. - Parameters:
- km - JSKeyStoreManager containing the encryption key and certificate
- keyPassword - password to get the key
- Returns:
- string
Ax.crypt.XMLDSig.sign
-
string Ax.crypt.XMLDSig.sign( object km, string alias, string keyPassword )
- Info:
-
Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password. - Parameters:
- km - JSKeyStoreManager containing the encryption key and certificate
- alias - alias to get the key and certificate
- keyPassword - password to get the key
- Returns:
- string
Ax.crypt.XMLDSig.sign
-
string Ax.crypt.XMLDSig.sign( object ks, string alias, string keyPassword )
- Info:
-
Signs the document, using the specified key and certificate in the KeyStore, alias and password. - Parameters:
- ks -
- alias - alias to get the key and certificate
- keyPassword - password to get the key
- Returns:
- string
20 WSSecurity
Class Ax.crypt.WSSecurity
WEB Service security
https://gist.github.com/RevenueGitHubAdmin/2bc2f593040b6f97c0002b5718063fb5
https://www.oracle.com/technical-resources/articles/javase/dig-signature-api.html
Sample signed SOAP message
The signature value depends on
1) Time when it was generated.
2) Request file
3) Certificate
Therefore, the envelope can be different from expected.
Constructor Summary
Method
Description
JSWSSecurity(Ax.xml.Document root)
Creates a new WSSSecurity instance with the given XML document.
JSWSSecurity(org.w3c.dom.Document root)
Creates a new WSSSecurity instance with the given XML document.
Method Summary
Modifier and Type
Method
Description
@org.eclipse.jdt.annotation.NonNull java.lang.String
Returns the canonicalization method.
@org.eclipse.jdt.annotation.Nullable java.lang.String
T
getDefaultNamespacePrefix(Ax.text.String prefix)
@org.eclipse.jdt.annotation.NonNull java.lang.String
Returns the digest method used.
@org.eclipse.jdt.annotation.NonNull java.lang.String
Returns the signature method currently set.
void
setCanonicalizationMethod(@org.eclipse.jdt.annotation.NonNull java.lang.String method)
Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS,
BASE64, XPATH, XPATH2.
T
setDigestMethod(@org.eclipse.jdt.annotation.NonNull java.lang.String method)
Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512.
Ax.crypt.WSSecurity
setExpires(Date t)
Sets the expiration date of the signature validity.
Ax.crypt.WSSecurity
setExpires(long seconds)
Sets the expiration time of the signature validity.
setSignatureMethod(@org.eclipse.jdt.annotation.NonNull java.lang.String method)
Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512,
HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512,
SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1.
Ax.text.String
sign(Ax.ks.KeyStoreManager km, Ax.text.String keyPassword)
Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password.
Ax.text.String
sign(Ax.ks.KeyStoreManager km,Ax.text.String alias,Ax.text.String keyPassword)
Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password.
Ax.text.String
Signs the document, using the specified key and certificate in the KeyStore, alias and password.
Constructor Detail
Ax.crypt.WSSecurity.JSWSSecurity
-
Ax.crypt.WSSecurity.JSWSSecurity( object root )
- Info:
-
Creates a new WSSSecurity instance with the given XML document. - Parameters:
- root - XML document to sign
Ax.crypt.WSSecurity.JSWSSecurity
-
Ax.crypt.WSSecurity.JSWSSecurity( object root )
- Info:
-
Creates a new WSSSecurity instance with the given XML document. - Parameters:
- root - XML document to sign
Method Detail
Ax.crypt.WSSecurity.getCanonicalizationMethod
-
object Ax.crypt.WSSecurity.getCanonicalizationMethod()
- Info:
-
Returns the canonicalization method. - Returns:
- object
Ax.crypt.WSSecurity.getDefaultNamespacePrefix
-
object Ax.crypt.WSSecurity.getDefaultNamespacePrefix()
- Returns:
- object
Ax.crypt.WSSecurity.getDefaultNamespacePrefix
-
object Ax.crypt.WSSecurity.getDefaultNamespacePrefix( string prefix )
- Parameters:
- prefix -
- Returns:
- object
Ax.crypt.WSSecurity.getDigestMethod
-
object Ax.crypt.WSSecurity.getDigestMethod()
- Info:
-
Returns the digest method used. - Returns:
- object
Ax.crypt.WSSecurity.getSignatureMethod
-
object Ax.crypt.WSSecurity.getSignatureMethod()
- Info:
-
Returns the signature method currently set. - Returns:
- object
Ax.crypt.WSSecurity.setCanonicalizationMethod
-
null Ax.crypt.WSSecurity.setCanonicalizationMethod( object method )
- Info:
-
Sets the canonicalization method: ENVELOPED, EXCLUSIVE, EXCLUSIVE_WITH_COMMENTS, INCLUSIVE, INCLUSIVE_WITH_COMMENTS, BASE64, XPATH, XPATH2. Default is ENVELOPED. - Parameters:
- method - the canonicalization method to set
- Returns:
- null
Ax.crypt.WSSecurity.setDigestMethod
-
object Ax.crypt.WSSecurity.setDigestMethod( object method )
- Info:
-
Set the digest method: SHA1, SHA224, SHA256, SHA384, SHA384, SHA512, RIPEMD160, SHA3_224, SHA3_256, SHA3_384, SHA3_512. Default is SHA256. - Parameters:
- method - the digest method to use
- Returns:
- object
Ax.crypt.WSSecurity.setExpires
-
object Ax.crypt.WSSecurity.setExpires( date t )
- Info:
-
Sets the expiration date of the signature validity. - Parameters:
- t - expiratnon date
- Returns:
- object
Ax.crypt.WSSecurity.setExpires
-
object Ax.crypt.WSSecurity.setExpires( long seconds )
- Info:
-
Sets the expiration time of the signature validity. - Parameters:
- seconds - the number of seconds to expire
- Returns:
- object
Ax.crypt.WSSecurity.setSignatureMethod
-
object Ax.crypt.WSSecurity.setSignatureMethod( object method )
- Info:
-
Set the digest method: DSA_SHA1, DSA_SHA256, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, HMAC_SHA1, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512, RSA_SHA1, RSA_SHA224, RSA_SHA256, RSA_SHA384, RSA_SHA512, SHA1_RSA_MGF1, SHA224_RSA_MGF1, SHA256_RSA_MGF1, SHA384_RSA_MGF1, SHA512_RSA_MGF1. Default is SHA256. - Parameters:
- method - the signature method to use
- Returns:
- object
Ax.crypt.WSSecurity.sign
-
string Ax.crypt.WSSecurity.sign( object km, string keyPassword )
- Info:
-
Signs the document, using the specified key and certificate in the JSKeyStoreManager, and password. - Parameters:
- km - JSKeyStoreManager containing the key and certificate
- keyPassword - password to get the key
- Returns:
- string
Ax.crypt.WSSecurity.sign
-
string Ax.crypt.WSSecurity.sign( object km, string alias, string keyPassword )
- Info:
-
Signs the document, using the specified key and certificate in the JSKeyStoreManager, alias and password. - Parameters:
- km - JSKeyStoreManager containing the key and certificate
- alias - alias to get the key and certificate
- keyPassword -
- Returns:
- string
Ax.crypt.WSSecurity.sign
-
string Ax.crypt.WSSecurity.sign( object ks, string alias, string keyPassword )
- Info:
-
Signs the document, using the specified key and certificate in the KeyStore, alias and password. - Parameters:
- ks - KeyStore containing the key and certificate
- alias - alias to get the key and certificate
- keyPassword - password to get the key
- Returns:
- string
21 JWT Builder
Class Ax.crypt.jwt.Builder
Constructor Summary
Method Summary
Modifier and Type
Method
Description
Ax.crypt.jwt.Builder
addClaim(Ax.text.String key, Ax.text.String value)
Add String claim
Ax.crypt.jwt.Builder
Add numeric claim
Ax.crypt.jwt.Builder
addClaim(Ax.text.String key, Ax.java.lang.Boolean value)
Add boolean claim
Ax.crypt.jwt.Builder
addUser(Ax.text.String user)
Ax.text.String
build()
build
Ax.crypt.jwt.Builder
setAudience(Ax.text.String aud)
Set audience
Ax.crypt.jwt.Builder
setExpiration(Object exp)
Set expiration.
Ax.crypt.jwt.Builder
setIssuedAt(Date iat)
Ax.crypt.jwt.Builder
setIssuer(Ax.text.String iss)
Set issues claim
Ax.crypt.jwt.Builder
setNotBefore(Date nbf)
Ax.crypt.jwt.Builder
setSubject(Ax.text.String sub)
Set subject claim
Ax.crypt.jwt.Builder
setUser(Ax.text.String user)
Set user claim
Ax.crypt.jwt.Builder
Sign with key
Ax.crypt.jwt.Builder
signWith(SignatureAlgorithm alg,byte[] secretKeyBytes)
Sign with scret key bytes
Ax.crypt.jwt.Builder
signWith(SignatureAlgorithm alg, Ax.text.String plainSecretKey)
Sign with plain secreat key
Constructor Detail
Ax.crypt.jwt.Builder.JSWebTokenBuilder
-
Ax.crypt.jwt.Builder.JSWebTokenBuilder()
Method Detail
Ax.crypt.jwt.Builder.addClaim
-
object Ax.crypt.jwt.Builder.addClaim( string key, string value )
- Info:
-
Add String claim - Parameters:
- key -
- value -
- Returns:
- object
Ax.crypt.jwt.Builder.addClaim
-
object Ax.crypt.jwt.Builder.addClaim( string key, object value )
- Info:
-
Add numeric claim - Parameters:
- key -
- value -
- Returns:
- object
Ax.crypt.jwt.Builder.addClaim
-
object Ax.crypt.jwt.Builder.addClaim( string key, object value )
- Info:
-
Add boolean claim - Parameters:
- key -
- value -
- Returns:
- object
Ax.crypt.jwt.Builder.addUser
-
object Ax.crypt.jwt.Builder.addUser( string user )
- Parameters:
- user -
- Returns:
- object
Ax.crypt.jwt.Builder.build
-
string Ax.crypt.jwt.Builder.build()
- Info:
-
build - Returns:
- string
Ax.crypt.jwt.Builder.setAudience
-
object Ax.crypt.jwt.Builder.setAudience( string aud )
- Info:
-
Set audience - Parameters:
- aud -
- Returns:
- object
Ax.crypt.jwt.Builder.setExpiration
-
object Ax.crypt.jwt.Builder.setExpiration( object exp )
- Info:
-
Set expiration. Must be convertible to a java.util.Date: That is: A JS native Date, A Ax.util.Date/ Ax.sql.Date A long representing millis since epoch - Parameters:
- exp -
- Returns:
- object
Ax.crypt.jwt.Builder.setIssuedAt
-
object Ax.crypt.jwt.Builder.setIssuedAt( date iat )
- Parameters:
- iat -
- Returns:
- object
Ax.crypt.jwt.Builder.setIssuer
-
object Ax.crypt.jwt.Builder.setIssuer( string iss )
- Info:
-
Set issues claim - Parameters:
- iss -
- Returns:
- object
Ax.crypt.jwt.Builder.setNotBefore
-
object Ax.crypt.jwt.Builder.setNotBefore( date nbf )
- Parameters:
- nbf -
- Returns:
- object
Ax.crypt.jwt.Builder.setSubject
-
object Ax.crypt.jwt.Builder.setSubject( string sub )
- Info:
-
Set subject claim - Parameters:
- sub -
- Returns:
- object
Ax.crypt.jwt.Builder.setUser
-
object Ax.crypt.jwt.Builder.setUser( string user )
- Info:
-
Set user claim - Parameters:
- user -
- Returns:
- object
Ax.crypt.jwt.Builder.signWith
-
object Ax.crypt.jwt.Builder.signWith( object alg, object key )
- Info:
-
Sign with key - Parameters:
- alg -
- key -
- Returns:
- object
Ax.crypt.jwt.Builder.signWith
-
object Ax.crypt.jwt.Builder.signWith( object alg, byte[] secretKeyBytes )
- Info:
-
Sign with scret key bytes - Parameters:
- alg -
- secretKeyBytes -
- Returns:
- object
Ax.crypt.jwt.Builder.signWith
-
object Ax.crypt.jwt.Builder.signWith( object alg, string plainSecretKey )
- Info:
-
Sign with plain secreat key - Parameters:
- alg -
- plainSecretKey -
- Returns:
- object
22 JWT Parser
Class Ax.crypt.jwt.Parser
Constructor Summary
Method Summary
Modifier and Type
Method
Description
parse(Ax.text.String jwt)
Ax.crypt.jwt.Parser
setSigningKey(byte[] key)
Ax.crypt.jwt.Parser
setSigningKey(Ax.text.String secretKey)
Ax.crypt.jwt.Parser
setSigningKey(Key key)
Constructor Detail
Ax.crypt.jwt.Parser.JSWebTokenParser
-
Ax.crypt.jwt.Parser.JSWebTokenParser()
Method Detail
Ax.crypt.jwt.Parser.parse
-
object Ax.crypt.jwt.Parser.parse( string jwt )
- Parameters:
- jwt -
- Returns:
- object
Ax.crypt.jwt.Parser.setSigningKey
-
object Ax.crypt.jwt.Parser.setSigningKey( byte[] key )
- Parameters:
- key -
- Returns:
- object
Ax.crypt.jwt.Parser.setSigningKey
-
object Ax.crypt.jwt.Parser.setSigningKey( string secretKey )
- Parameters:
- secretKey -
- Returns:
- object
Ax.crypt.jwt.Parser.setSigningKey
-
object Ax.crypt.jwt.Parser.setSigningKey( object key )
- Parameters:
- key -
- Returns:
- object