com.unboundid.ldap.sdk.unboundidds

Class AES256EncodedPasswordSecretKey

java.lang.Object

com.unboundid.ldap.sdk.unboundidds.AES256EncodedPasswordSecretKey

All Implemented Interfaces:

java.io.Serializable

@NotMutable
 @ThreadSafety(level=COMPLETELY_THREADSAFE)
public final class AES256EncodedPasswordSecretKey
extends java.lang.Object
implements java.io.Serializable

This class provides a data structure that may be used to hold a reusable secret key for use in conjunction with AES256EncodedPassword objects. Reusing a secret key avoids the (potentially significant) cost of generating it for each encryption and decryption operation.

NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.

See Also:

Serialized Form

Method Summary

Modifier and Type	Method and Description
void	destroy() Destroys this secret key.
static AES256EncodedPasswordSecretKey	generate(byte[] encryptionSettingsDefinitionID, char[] encryptionSettingsDefinitionPassphrase) Generates an AES256 secret key from the provided information.
static AES256EncodedPasswordSecretKey	generate(byte[] encryptionSettingsDefinitionID, char[] encryptionSettingsDefinitionPassphrase, byte[] keyFactorySalt) Generates an AES256 secret key from the provided information.
static AES256EncodedPasswordSecretKey	generate(java.lang.String encryptionSettingsDefinitionID, java.lang.String encryptionSettingsDefinitionPassphrase) Generates an AES256 secret key from the provided information.
byte[]	getEncryptionSettingsDefinitionID() Retrieves the bytes that comprise the raw identifier for the encryption settings definition whose passphrase was used to generate the secret key.
byte[]	getKeyFactorySalt() Retrieves the salt used to generate the secret key from the encryption settings definition passphrase.
javax.crypto.SecretKey	getSecretKey() Retrieves the secret key that was generated.
java.lang.String	toString() Retrieves a string representation of this AES256 encoded password secret key.
void	toString(java.lang.StringBuilder buffer) Appends a string representation of this AES256 encoded password secret key to the provided buffer.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Method Detail

generate

@NotNull
public static AES256EncodedPasswordSecretKey generate(@NotNull
                                                               java.lang.String encryptionSettingsDefinitionID,
                                                               @NotNull
                                                               java.lang.String encryptionSettingsDefinitionPassphrase)
                                                        throws java.security.GeneralSecurityException,
                                                               java.text.ParseException

Generates an AES256 secret key from the provided information.

Parameters:

encryptionSettingsDefinitionID - A string with the hexadecimal representation of the encryption settings definition whose passphrase was used to generate the encoded password. It must not be null or empty, and it must represent a valid hexadecimal string whose length is an even number less than or equal to 510 bytes.

encryptionSettingsDefinitionPassphrase - The passphrase associated with the specified encryption settings definition. It must not be null or empty.

Returns:

The AES256 secret key that was generated.

Throws:

java.security.GeneralSecurityException - If a problem occurs while trying to generate the secret key.

java.text.ParseException - If the provided encryption settings ID cannot be parsed as a hexadecimal string.

generate

@NotNull
public static AES256EncodedPasswordSecretKey generate(@NotNull
                                                               byte[] encryptionSettingsDefinitionID,
                                                               @NotNull
                                                               char[] encryptionSettingsDefinitionPassphrase)
                                                        throws java.security.GeneralSecurityException

Generates an AES256 secret key from the provided information.

Parameters:

encryptionSettingsDefinitionID - The bytes that comprise the raw encryption settings definition ID whose passphrase was used to generate the encoded password. It must not be null or empty, and its length must be less than or equal to 255 bytes.

encryptionSettingsDefinitionPassphrase - The passphrase associated with the specified encryption settings definition. It must not be null or empty.

Returns:

The AES256 secret key that was generated.

Throws:

java.security.GeneralSecurityException - If a problem occurs while trying to generate the secret key.

generate

@NotNull
public static AES256EncodedPasswordSecretKey generate(@NotNull
                                                               byte[] encryptionSettingsDefinitionID,
                                                               @NotNull
                                                               char[] encryptionSettingsDefinitionPassphrase,
                                                               @NotNull
                                                               byte[] keyFactorySalt)
                                                        throws java.security.GeneralSecurityException

Generates an AES256 secret key from the provided information.

Parameters:

encryptionSettingsDefinitionID - The bytes that comprise the raw encryption settings definition ID whose passphrase was used to generate the encoded password. It must not be null or empty, and its length must be less than or equal to 255 bytes.

encryptionSettingsDefinitionPassphrase - The passphrase associated with the specified encryption settings definition. It must not be null or empty.

keyFactorySalt - The salt used to generate the encryption key from the encryption settings definition passphrase. It must not be null and it must have a length of exactly 16 bytes.

Returns:

The AES256 secret key that was generated.

Throws:

java.security.GeneralSecurityException - If a problem occurs while trying to generate the secret key.

getEncryptionSettingsDefinitionID

@NotNull
public byte[] getEncryptionSettingsDefinitionID()

Retrieves the bytes that comprise the raw identifier for the encryption settings definition whose passphrase was used to generate the secret key.

Returns:

A bytes that comprise the raw identifier for the encryption settings definition whose passphrase was used to generate the secret key.

getKeyFactorySalt

@NotNull
public byte[] getKeyFactorySalt()

Retrieves the salt used to generate the secret key from the encryption settings definition passphrase.

Returns:

The salt used to generate the secret key from the encryption settings definition passphrase.

getSecretKey

@NotNull
public javax.crypto.SecretKey getSecretKey()

Retrieves the secret key that was generated. This method must not be called after the destroy() method has been called.

Returns:

The secret key that was generated.

destroy

public void destroy()

Destroys this secret key. The key must not be used after it has been destroyed.

toString

@NotNull
public java.lang.String toString()

Retrieves a string representation of this AES256 encoded password secret key.

Overrides:

toString in class java.lang.Object

Returns:

A string representation of this AES256 encoded password secret key.

toString

public void toString(@NotNull
                     java.lang.StringBuilder buffer)

Appends a string representation of this AES256 encoded password secret key to the provided buffer.

Parameters:

buffer - The buffer to which the information should be appended.