Package de.aristaflow.adept2.util
Class SecurityTools
java.lang.Object
de.aristaflow.adept2.util.SecurityTools
Tool class for creating
java.security related objects, ie.
objects which use the Provider service for creating security
algorithms.
Using the default like e.g. KeyFactory.getInstance(String) is not
recommended, since 3rd party jar files may set additional providers for
algorithms. Although they may promise to be compliant, they are not tested
and may lead to errors at various critical parts in our system. Example:
WildFly uses Bouncy Castle which does not like padding in RSA encrypted
passwords in our configuration.
-
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic SignatureReturns aSignatureinstance of the algorithm defined inSIGNATURE_ALGORITHM.static XMLSignatureFactorystatic KeyManagerFactorystatic Cipherstatic KeyFactorystatic KeyPairGeneratorstatic SecureRandomstatic MessageDigeststatic MessageDigeststatic MessageDigestGets a configuration that uses the corresponding Sun providers.static SSLContextstatic TrustManagerFactorystatic voidinitialise(Map<String, String> properties, boolean allowMultiInit) Initialises the providers and checks for whether secure randoms can be created with the corresponding provider The designated map can provide the following properties: security.keyfactory.rsa security.keyfactory security.signature security.digest security.cipher.rsa security.random security.trustmanager security.context.ssl security.xml.signature If a property is not set, the default provider will be used.static voidSignals the termination to the security tools.
-
Constructor Details
-
SecurityTools
public SecurityTools()
-
-
Method Details
-
getSunProviderConfiguration
Gets a configuration that uses the corresponding Sun providers.- Returns:
- A configuration that uses the corresponding Sun providers.
-
initialise
public static void initialise(Map<String, String> properties, boolean allowMultiInit) throws ExceptionInitialises the providers and checks for whether secure randoms can be created with the corresponding provider The designated map can provide the following properties:- security.keyfactory.rsa
- security.keyfactory
- security.signature
- security.digest
- security.cipher.rsa
- security.random
- security.trustmanager
- security.context.ssl
- security.xml.signature
This method will be called when bootstrapping and must only be called once. So only call this method in case you do not need to bootstrap the AristaFlow-platform.- Parameters:
properties- The map providing the necessary global properties. Boolean properties need to be set appropriately using the usual string representations.allowMultiInit- Whether multiple initialisations should not lead to aConfigurationException. If set, there will only be a warning in the log.- Throws:
Exception- If the security tools have already been initialised (this method has been called before) and no multi instances are allowed, aConfigurationExceptionwill be thrown.
-
terminate
public static void terminate()Signals the termination to the security tools. -
getRSAKeyFactoryInstance
- Throws:
NoSuchAlgorithmException
-
getKeyManagerFactoryInstance
- Throws:
NoSuchAlgorithmException
-
getCommonSignatureInstance
Returns aSignatureinstance of the algorithm defined inSIGNATURE_ALGORITHM.- Returns:
- Throws:
NoSuchAlgorithmException
-
getSHA1MessageDigest
- Throws:
NoSuchAlgorithmException
-
getSHA256MessageDigest
- Throws:
NoSuchAlgorithmException
-
getSHA512MessageDigest
- Throws:
NoSuchAlgorithmException
-
getRSAKeyPairGenerator
- Throws:
NoSuchAlgorithmException
-
getRsaCipher
-
getSecureRandom
-
getTrustManagerFactory
- Throws:
NoSuchAlgorithmException
-
getTLSContext
- Throws:
NoSuchAlgorithmException
-
getDOMXMLSignatureFactory
-