Class EncryptedKeyResolver


  • public class EncryptedKeyResolver
    extends KeyResolverSpi
    The EncryptedKeyResolver is not a generic resolver. It can only be for specific instantiations, as the key being unwrapped will always be of a particular type and will always have been wrapped by another key which needs to be recursively resolved. The EncryptedKeyResolver can therefore only be instantiated with an algorithm. It can also be instantiated with a key (the KEK) or will search the static KeyResolvers to find the appropriate key.
    • Field Detail

      • LOG

        private static final org.slf4j.Logger LOG
      • kek

        private java.security.Key kek
      • algorithm

        private java.lang.String algorithm
      • internalKeyResolvers

        private java.util.List<KeyResolverSpi> internalKeyResolvers
    • Constructor Detail

      • EncryptedKeyResolver

        public EncryptedKeyResolver​(java.lang.String algorithm)
        Constructor for use when a KEK needs to be derived from a KeyInfo list
        Parameters:
        algorithm -
      • EncryptedKeyResolver

        public EncryptedKeyResolver​(java.lang.String algorithm,
                                    java.security.Key kek)
        Constructor used for when a KEK has been set
        Parameters:
        algorithm -
        kek -
    • Method Detail

      • registerInternalKeyResolver

        public void registerInternalKeyResolver​(KeyResolverSpi realKeyResolver)
        This method is used to add a custom KeyResolverSpi to help resolve the KEK.
        Parameters:
        realKeyResolver -
      • engineLookupAndResolvePublicKey

        public java.security.PublicKey engineLookupAndResolvePublicKey​(org.w3c.dom.Element element,
                                                                       java.lang.String baseURI,
                                                                       StorageResolver storage)
        Method engineLookupAndResolvePublicKey
        Overrides:
        engineLookupAndResolvePublicKey in class KeyResolverSpi
        Returns:
        resolved public key from the registered from the element.
      • engineLookupResolveX509Certificate

        public java.security.cert.X509Certificate engineLookupResolveX509Certificate​(org.w3c.dom.Element element,
                                                                                     java.lang.String baseURI,
                                                                                     StorageResolver storage)
        Method engineLookupResolveX509Certificate
        Overrides:
        engineLookupResolveX509Certificate in class KeyResolverSpi
        Returns:
        resolved X509Certificate key from the registered from the elements
      • engineLookupAndResolveSecretKey

        public javax.crypto.SecretKey engineLookupAndResolveSecretKey​(org.w3c.dom.Element element,
                                                                      java.lang.String baseURI,
                                                                      StorageResolver storage)
        Method engineLookupAndResolveSecretKey
        Overrides:
        engineLookupAndResolveSecretKey in class KeyResolverSpi
        Returns:
        resolved SecretKey key from the registered from the elements