public class EncryptedKeyResolver extends KeyResolverSpi
EncryptedKeyResolver
is not a generic resolver. It can
only be for specific instantiations, as the key being unwrapped will
always be of a particular type and will always have been wrapped by
another key which needs to be recursively resolved.
The EncryptedKeyResolver
can therefore only be instantiated
with an algorithm. It can also be instantiated with a key (the KEK) or
will search the static KeyResolvers to find the appropriate key.globalResolver, properties, secureValidation
Constructor and Description |
---|
EncryptedKeyResolver(java.lang.String algorithm)
Constructor for use when a KEK needs to be derived from a KeyInfo
list
|
EncryptedKeyResolver(java.lang.String algorithm,
java.security.Key kek)
Constructor used for when a KEK has been set
|
Modifier and Type | Method and Description |
---|---|
java.security.PublicKey |
engineLookupAndResolvePublicKey(org.w3c.dom.Element element,
java.lang.String BaseURI,
StorageResolver storage)
Method engineLookupAndResolvePublicKey
|
javax.crypto.SecretKey |
engineLookupAndResolveSecretKey(org.w3c.dom.Element element,
java.lang.String BaseURI,
StorageResolver storage)
Method engineLookupAndResolveSecretKey
|
java.security.cert.X509Certificate |
engineLookupResolveX509Certificate(org.w3c.dom.Element element,
java.lang.String BaseURI,
StorageResolver storage)
Method engineLookupResolveX509Certificate
|
void |
registerInternalKeyResolver(KeyResolverSpi realKeyResolver)
This method is used to add a custom
KeyResolverSpi to help
resolve the KEK. |
engineCanResolve, engineGetProperty, engineLookupAndResolvePrivateKey, engineResolvePublicKey, engineResolveSecretKey, engineResolveX509Certificate, engineSetProperty, setGlobalResolver, setSecureValidation, understandsProperty
public EncryptedKeyResolver(java.lang.String algorithm)
algorithm
- public EncryptedKeyResolver(java.lang.String algorithm, java.security.Key kek)
algorithm
- kek
- public void registerInternalKeyResolver(KeyResolverSpi realKeyResolver)
KeyResolverSpi
to help
resolve the KEK.realKeyResolver
- public java.security.PublicKey engineLookupAndResolvePublicKey(org.w3c.dom.Element element, java.lang.String BaseURI, StorageResolver storage)
KeyResolverSpi
engineLookupAndResolvePublicKey
in class KeyResolverSpi
public java.security.cert.X509Certificate engineLookupResolveX509Certificate(org.w3c.dom.Element element, java.lang.String BaseURI, StorageResolver storage)
KeyResolverSpi
engineLookupResolveX509Certificate
in class KeyResolverSpi
public javax.crypto.SecretKey engineLookupAndResolveSecretKey(org.w3c.dom.Element element, java.lang.String BaseURI, StorageResolver storage)
KeyResolverSpi
engineLookupAndResolveSecretKey
in class KeyResolverSpi