public interface ISsfData
Modifier and Type | Field and Description |
---|---|
static String |
ALG_AES128_CBC
Name of symmetric encryption algorithm AES (128 bit) in CBC mode.
|
static String |
ALG_AES192_CBC
Name of symmetric encryption algorithm AES (192 bit) in CBC mode.
|
static String |
ALG_AES256_CBC
Name of symmetric encryption algorithm AES (256 bit) in CBC mode.
|
static String |
ALG_DES_EDE3_CBC
Name of symmetric encryption algorithm triple DES in CBC mode.
|
static String |
ALG_MD5
Name of message digest algorithm MD5 (not recommended).
|
static String |
ALG_RC2_40_CBC
Name of symmetric encryption algorithm RC2 (40 bit) in CBC mode.
|
static String |
ALG_RC2_CBC
Name of symmetric encryption algorithm RC2 (128 bit) in CBC mode.
|
static String |
ALG_SHA
Name of message digest algorithm SHA-1.
|
static String |
ALG_SHA256
Name of message digest algorithm SHA-256.
|
static String |
ALG_SHA512
Name of message digest algorithm SHA-512.
|
static int |
INC_CERT_CHAIN
Include certificate chain without root
when creating a digital signature (default).
|
static int |
INC_CERT_CHAIN_ROOT
Include certificate chain with root
when creating a digital signature.
|
static int |
INC_CERT_NONE
Do not include any certificates
when creating a digital signature.
|
static int |
INC_CERT_OWN
Include own certificate
when creating a digital signature.
|
static String |
PS_OAEP
Name of padding scheme (OAEP)
|
static String |
PS_OAEPWithSHA256AndMGF1Padding
Name of padding scheme (OAEPWithSHA256AndMGF1Padding)
|
Modifier and Type | Method and Description |
---|---|
boolean |
decrypt(ISsfProfile profile)
Decrypts the given data.
|
boolean |
encrypt(SsfSigRcpList rcpList,
ISsfPab pab)
Encrypts the given data.
|
boolean |
encrypt(SsfSigRcpList rcpList,
ISsfPab pab,
String symAlg)
Encrypts the given data.
|
boolean |
sign(ISsfProfile profile)
Creates a digital siganture of the given data.
|
boolean |
sign(ISsfProfile profile,
String mdAlg,
int incCerts,
boolean detached)
Creates a digital siganture of the given data.
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList)
Verifies a digital signature of the given data.
|
boolean |
verify(ISsfPab pab,
SsfSigRcpList sigList,
ISsfData input,
X509Certificate cert)
Verifies a digital signature of the given data.
|
boolean |
writeTo(OutputStream out)
Writes the changed data to an output stream
|
static final String ALG_SHA
static final String ALG_SHA256
static final String ALG_SHA512
static final String ALG_MD5
static final String ALG_AES128_CBC
static final String ALG_AES192_CBC
static final String ALG_AES256_CBC
static final String ALG_DES_EDE3_CBC
static final String ALG_RC2_40_CBC
static final String ALG_RC2_CBC
static final String PS_OAEP
static final String PS_OAEPWithSHA256AndMGF1Padding
static final int INC_CERT_NONE
static final int INC_CERT_OWN
static final int INC_CERT_CHAIN
static final int INC_CERT_CHAIN_ROOT
boolean sign(ISsfProfile profile) throws SsfInvalidKeyException
profile
- containing the secret key of the signersign(profile, ALG_SHA, INC_CERT_CHAIN, false)
SsfInvalidKeyException
- if invalid key is usedboolean sign(ISsfProfile profile, String mdAlg, int incCerts, boolean detached) throws SsfInvalidKeyException, SsfInvalidAlgException
profile
- containing the secret key of the signermdAlg
- message digest algorithm used to hash the dataincCerts
- determine if certificates should be includeddetached
- if true
do not include data into signaturetrue
if signature could be createdSsfInvalidKeyException
- if invalid key is usedSsfInvalidAlgException
- if invalid algorithm is usedboolean verify(ISsfPab pab, SsfSigRcpList sigList) throws SsfInvalidDataException
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationverify(pab, null, signer)
SsfInvalidDataException
- if given data is not digitally signedboolean verify(ISsfPab pab, SsfSigRcpList sigList, ISsfData input, X509Certificate cert) throws SsfInvalidDataException
pab
- personal address book containing trusted certificates (if
null
, all certificates are considered as trusted, i.e.
the signer certificates must be validated by the caller)sigList
- list of signer informationinput
- unsigned data (provide only in case of detached signature,
in case of attached signature pass null
)cert
- certificate to be used for verification (if null
,
use certificate included in signed data)true
if (at least one) signature could be verifiedSsfInvalidDataException
- if given data is not digitally signedboolean encrypt(SsfSigRcpList rcpList, ISsfPab pab) throws SsfInvalidKeyException
rcpList
- list of recipients of encrypted datapab
- personal address book containing trusted certificatesencrypt(rcp, pab, ALG_AES128_CBC)
SsfInvalidKeyException
- if invalid key is usedboolean encrypt(SsfSigRcpList rcpList, ISsfPab pab, String symAlg) throws SsfInvalidKeyException, SsfInvalidAlgException
rcpList
- list of recipients of encrypted datapab
- personal address book containing the certificate of the recipient
(if null
, all certificates are considered as trusted)symAlg
- name of symmetric encryption algorithmtrue
if data could be encrypted for all recipientsSsfInvalidKeyException
- if invalid key is usedSsfInvalidAlgException
- if invalid algorithm is usedboolean decrypt(ISsfProfile profile) throws SsfInvalidKeyException, SsfInvalidDataException
profile
- containing the secret key of the recipienttrue
if encrypted data could be decryptedSsfInvalidKeyException
- if invalid key is usedSsfInvalidDataException
- if given data is not encryptedboolean writeTo(OutputStream out) throws IOException
out
- output streamtrue
if data could be writtenIOException
- if an I/O error occursAccess Rights |
---|
SC | DC | Public Part | ACH |
---|---|---|---|
[sap.com] CORE-TOOLS
|
[sap.com]
|
default
|
BC-JAS
|
[sap.com] ENGFACADE
|
[sap.com] tc/bl/security/lib
|
api
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
-
|
BC-JAS-SEC
|
[sap.com] ENGINEAPI
|
[sap.com]
|
default
|
BC-JAS-SEC
|
Copyright 2018 SAP AG Complete Copyright Notice