Package de.aristaflow.adept2.util
Class SecurityTools
- java.lang.Object
-
- de.aristaflow.adept2.util.SecurityTools
-
public final class SecurityTools extends Object
Tool class for creatingjava.securityrelated objects, ie. objects which use theProviderservice for creating security algorithms.Using the default like e.g.
KeyFactory.getInstance(String)is not recommended, since 3rd party jar files may set additional providers for algorithms. Although they may promise to be compliant, they are not tested and may lead to errors at various critical parts in our system. Example: WildFly uses Bouncy Castle which does not like padding in RSA encrypted passwords in our configuration.
-
-
Field Summary
Fields Modifier and Type Field Description static StringUSE_SECURITY_PRE_300The key for the initialisation map whether to use the security settings from before 3.0.0.
-
Constructor Summary
Constructors Constructor Description SecurityTools()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static SignaturegetCommonSignatureInstance()Returns aSignatureinstance of the algorithm defined inSIGNATURE_ALGORITHM.static XMLSignatureFactorygetDOMXMLSignatureFactory()static KeyManagerFactorygetKeyManagerFactoryInstance()static CiphergetRsaCipher()static KeyFactorygetRSAKeyFactoryInstance()static KeyPairGeneratorgetRSAKeyPairGenerator()static SecureRandomgetSecureRandom()static MessageDigestgetSHA1MessageDigest()static MessageDigestgetSHA256MessageDigest()static MessageDigestgetSHA512MessageDigest()static Map<String,String>getSunProviderConfiguration()Gets a configuration that uses the corresponding Sun providers.static SSLContextgetTLSContext()static TrustManagerFactorygetTrustManagerFactory()static voidinitialise(Map<String,String> properties, boolean allowMultiInit)Initialises the providers and checks for whether secure randoms can be created with the corresponding provider The designated map can provide the following properties: security.pre300 security.keyfactory.rsa security.keyfactory security.signature security.digest security.cipher.rsa security.random security.trustmanager security.context.ssl security.xml.signature If a property is not set, the default provider will be used.static voidterminate()Signals the termination to the security tools.
-
-
-
Field Detail
-
USE_SECURITY_PRE_300
public static final String USE_SECURITY_PRE_300
The key for the initialisation map whether to use the security settings from before 3.0.0.- See Also:
- Constant Field Values
-
-
Method Detail
-
getSunProviderConfiguration
public static Map<String,String> getSunProviderConfiguration()
Gets a configuration that uses the corresponding Sun providers.- Returns:
- A configuration that uses the corresponding Sun providers.
-
initialise
public static void initialise(Map<String,String> properties, boolean allowMultiInit) throws Exception
Initialises the providers and checks for whether secure randoms can be created with the corresponding provider The designated map can provide the following properties:- security.pre300
- security.keyfactory.rsa
- security.keyfactory
- security.signature
- security.digest
- security.cipher.rsa
- security.random
- security.trustmanager
- security.context.ssl
- security.xml.signature
This method will be called when bootstrapping and must only be called once. So only call this method in case you do not need to bootstrap the AristaFlow-platform.- Parameters:
properties- The map providing the necessary global properties. Boolean properties need to be set appropriately using the usual string representations.allowMultiInit- Whether multiple initialisations should not lead to aConfigurationException. If set, there will only be a warning in the log.- Throws:
Exception- If the security tools have already been initialised (this method has been called before) and no multi instances are allowed, aConfigurationExceptionwill be thrown.
-
terminate
public static void terminate()
Signals the termination to the security tools.
-
getRSAKeyFactoryInstance
public static KeyFactory getRSAKeyFactoryInstance() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getKeyManagerFactoryInstance
public static KeyManagerFactory getKeyManagerFactoryInstance() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getCommonSignatureInstance
public static Signature getCommonSignatureInstance() throws NoSuchAlgorithmException
Returns aSignatureinstance of the algorithm defined inSIGNATURE_ALGORITHM.- Returns:
- Throws:
NoSuchAlgorithmException
-
getSHA1MessageDigest
public static MessageDigest getSHA1MessageDigest() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getSHA256MessageDigest
public static MessageDigest getSHA256MessageDigest() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getSHA512MessageDigest
public static MessageDigest getSHA512MessageDigest() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getRSAKeyPairGenerator
public static KeyPairGenerator getRSAKeyPairGenerator() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getRsaCipher
public static Cipher getRsaCipher() throws NoSuchAlgorithmException, NoSuchPaddingException
-
getSecureRandom
public static SecureRandom getSecureRandom()
-
getTrustManagerFactory
public static TrustManagerFactory getTrustManagerFactory() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getTLSContext
public static SSLContext getTLSContext() throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
getDOMXMLSignatureFactory
public static XMLSignatureFactory getDOMXMLSignatureFactory()
-
-