java.lang.Object
- io.axoniq.dataprotection.cryptoengine.JavaKeyStoreCryptoEngine

All Implemented Interfaces:

CryptoEngine

Direct Known Subclasses:

PKCS11CryptoEngine
```
public class JavaKeyStoreCryptoEngine
extends Object
implements CryptoEngine
```
Implementation of CryptoEngine that uses a JCE KeyStore implementation to store its keys. It will examine the given KeyStore for its Provider, and then obtain a KeyGenerator and Cipher object from this provider as well. Please note the default Java KeyStore implementation used for instance to store certificates for a web server, is totally unsuitable for this particular application. The main reason why this class exists is as a stepping stone to implement the PKCS#11 implementation PKCS11CryptoEngine.
Please note that the implementation will not call KeyStore.store(KeyStore.LoadStoreParameter) or KeyStore.store(OutputStream, char[]) after a call to getOrCreateKey(String). It assumes that a KeyStore type is used that will save keys immediately, which is true of PKCS#11 key stores, but not of a standard file-based key store.

Constructor Summary

Constructors
Constructor Description

JavaKeyStoreCryptoEngine(KeyStore keyStore)
Constructs a new JavaKeyStoreCryptoEngine

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method	Description
`Cipher`	`createCipher()`	Creates an uninitialized `Cipher` instance for the correct transformation (AES, CBC, PKCS#5) and provider.
`Cipher`	`createDigestCipher()`	Creates an uninitialized `Cipher` instance for calculating the encrypted digest.
`void`	`deleteKey(String id)`	Deletes the key for a given id.
`SecretKey`	`getKey(String id)`	Retrieves the key for a given id.
`KeyType`	`getKeyType()`	Retrieves the currently used `KeyType` for new keys
`SecretKey`	`getOrCreateKey(String id)`	Retrieves the key for a given id.
`void`	`setKeyType(KeyType keyType)`	Sets the `KeyType` to use, which determines the length of newly generated keys.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - JavaKeyStoreCryptoEngine
```
public JavaKeyStoreCryptoEngine(KeyStore keyStore)
```
    Constructs a new JavaKeyStoreCryptoEngine
    
    Parameters:
    
    keyStore - the KeyStore to use
- Method Detail
  - getOrCreateKey
```
public SecretKey getOrCreateKey(String id)
```
    Retrieves the key for a given id. If no such key is registered, generates a new random key and stores it under the alias before returning it. Please see the class description for a caveat on key saving.
    
    Specified by:
    
    getOrCreateKey in interface CryptoEngine
    
    Parameters:
    
    id - the id of the SecretKey
    
    Returns:
    
    the potentially new SecretKey associated with the id
  - getKey
```
public SecretKey getKey(String id)
```
    Description copied from interface: CryptoEngine
    
    Retrieves the key for a given id.
    
    Specified by:
    
    getKey in interface CryptoEngine
    
    Parameters:
    
    id - the id of the SecretKey
    
    Returns:
    
    the existing SecretKey associated with the id, or null if no such key exists
  - deleteKey
```
public void deleteKey(String id)
```
    Description copied from interface: CryptoEngine
    
    Deletes the key for a given id. Does nothing if the key doesn't exist.
    
    Specified by:
    
    deleteKey in interface CryptoEngine
    
    Parameters:
    
    id - the id of the SecretKey
  - createCipher
```
public Cipher createCipher()
```
    Description copied from interface: CryptoEngine
    
    Creates an uninitialized Cipher instance for the correct transformation (AES, CBC, PKCS#5) and provider. Clients should still call the Cipher.init(int, java.security.Key, AlgorithmParameterSpec) to specify operation mode (encryption or decryption), key and initialization vector.
    
    Specified by:
    
    createCipher in interface CryptoEngine
    
    Returns:
    
    the Cipher
  - createDigestCipher
```
public Cipher createDigestCipher()
```
    Description copied from interface: CryptoEngine
    
    Creates an uninitialized Cipher instance for calculating the encrypted digest. For this specific purpose, it should use AES, EBC and no padding, and the same provider as for the other operations. Clients should still call the Cipher.init(int, java.security.Key) to specify operation mode (always encryption) and key.
    
    Specified by:
    
    createDigestCipher in interface CryptoEngine
    
    Returns:
    
    the Cipher
  - setKeyType
```
public void setKeyType(KeyType keyType)
```
    Description copied from interface: CryptoEngine
    
    Sets the KeyType to use, which determines the length of newly generated keys. Defaults to KeyType.AES_256 if not set.
    
    Specified by:
    
    setKeyType in interface CryptoEngine
    
    Parameters:
    
    keyType - the new KeyType
  - getKeyType
```
public KeyType getKeyType()
```
    Description copied from interface: CryptoEngine
    
    Retrieves the currently used KeyType for new keys
    
    Specified by:
    
    getKeyType in interface CryptoEngine
    
    Returns:
    
    the current value

Class JavaKeyStoreCryptoEngine

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

JavaKeyStoreCryptoEngine

Method Detail

getOrCreateKey

getKey

deleteKey

createCipher

createDigestCipher

setKeyType

getKeyType