Class CryptoSpec

java.lang.Object
de.xima.fc.certificate.mgmt.CryptoSpec
All Implemented Interfaces:
Serializable
public class CryptoSpec extends Object implements Serializable
This class represents the specifications for various key algorithms used in the XIMA formcycle certificate module. It provides information about secure key sizes, default key sizes, and supported signature algorithms for RSA, DSA and ECDSA algorithms.
See Also:

  • Constructor Details

    • CryptoSpec

      public CryptoSpec(String bsiTechnicalGuideline, Set<EKeyAlgorithm> supportedKeyAlgorithms, EKeyAlgorithm defaultKeyAlgorithm, List<Integer> supportedKeySizesRSA, int defaultKeySizeRSA, List<ESignatureType> supportedSignatureAlgorithmsRSA, ESignatureType defaultSignatureAlgorithmRSA, List<Integer> supportedKeySizesDSA, int defaultKeySizeDSA, List<ESignatureType> supportedSignatureAlgorithmsDSA, ESignatureType defaultSignatureAlgorithmDSA, List<Integer> supportedKeySizesEC, int defaultKeySizeEC, List<String> ecCurves, List<ESignatureType> supportedSignatureAlgorithmsEC, ESignatureType defaultSignatureAlgorithmEC, String defaultEcCurve, int nearExpirationDays, Duration defaultValidityPeriod, Duration maxValidityPeriod, ECertificateFileType defaultCertificateExportFileType, boolean failCertificateUpdateOnSubjectMissmatch, boolean failCertificateUpdateOnCertificateUsageMissmatch)
      Creates a new CryptoSpec instance.
      Parameters:
      bsiTechnicalGuideline - The name of the BSI technical guideline that defines the cryptographic standards followed by this specification.
      supportedKeyAlgorithms - A set of supported key algorithms for the certificate module.
      defaultKeyAlgorithm - The default key algorithm for the certificate module.
      supportedKeySizesRSA - A list of supported key sizes for RSA algorithm.
      defaultKeySizeRSA - The default key size for RSA algorithm.
      supportedSignatureAlgorithmsRSA - A list of supported signature algorithms for RSA algorithm.
      defaultSignatureAlgorithmRSA - The default signature algorithm for RSA algorithm.
      supportedKeySizesDSA - A list of supported key sizes for DSA algorithm.
      defaultKeySizeDSA - The default key size for DSA algorithm.
      supportedSignatureAlgorithmsDSA - A list of supported signature algorithms for DSA algorithm.
      defaultSignatureAlgorithmDSA - The default signature algorithm for DSA algorithm.
      supportedKeySizesEC - A list of secure key sizes for EC algorithm.
      defaultKeySizeEC - The default key size for EC algorithm.
      ecCurves - A list of supported elliptic curves for EC algorithm.
      supportedSignatureAlgorithmsEC - A list of supported signature algorithms for EC algorithm.
      defaultSignatureAlgorithmEC - The default signature algorithm for EC algorithm.
      defaultEcCurve - The default Elliptic curve (EC) for EC algorithm.
      nearExpirationDays - The number of days before expiration to consider a certificate as "near expiration".
      defaultValidityPeriod - The default validity period for certificates.
      maxValidityPeriod - The maximum validity period for certificates.
      defaultCertificateExportFileType - The default export file type for certificates.
      failCertificateUpdateOnSubjectMissmatch - If true, the import will fail if the subject of the imported certificate does not match.
      failCertificateUpdateOnCertificateUsageMissmatch - If true, the import will fail if the usage of the imported certificate does not match.

  • Method Details

    • getDefaultKeySize

      public int getDefaultKeySize(EKeyAlgorithm keyAlgorithm)
      The default key size for the specified key algorithm.
      Parameters:
      keyAlgorithm - the key algorithm
      Returns:
      the default key size for the specified key algorithm

    • getDefaultSignatureType

      public ESignatureType getDefaultSignatureType(EKeyAlgorithm keyAlgorithm)
      The default signature algorithm for the specified key algorithm.
      Parameters:
      keyAlgorithm - the key algorithm
      Returns:
      the default signature algorithm for the specified key algorithm

    • getMinKeySizeForAlgorithm

      public Integer getMinKeySizeForAlgorithm(String strKeyAlgo)
      Returns the minimum key size for the given key algorithm.
      Parameters:
      strKeyAlgo - The key algorithm as a string.
      Returns:
      The minimum key size for the given key algorithm, or null if the algorithm is not supported or does not have a defined minimum key size.

    • getSupportedSignatureAlgorithms

      public List<ESignatureType> getSupportedSignatureAlgorithms(EKeyAlgorithm keyAlgorithm)
      A list of supported key sizes for the specified key algorithm.
      Parameters:
      keyAlgorithm - the key algorithm
      Returns:
      a list of supported key sizes for the specified key algorithm

    • isSecureKeyAlgorithm

      public boolean isSecureKeyAlgorithm(String strKeyAlgorithm)
      Checks if the given key algorithm is considered secure according to the specifications.
      Parameters:
      strKeyAlgorithm - the key algorithm as a string
      Returns:
      true if the key algorithm is secure, false otherwise

    • isSecureKeySize

      public boolean isSecureKeySize(String strKeyAlgorithm, int keySize)
      Checks if the given key size is considered secure for the specified key algorithm according to the specifications.
      Parameters:
      strKeyAlgorithm - the key algorithm as a string
      keySize - the key size to check
      Returns:
      true if the key size is secure for the specified key algorithm, false otherwise

    • getBsiTechnicalGuideline

      public String getBsiTechnicalGuideline()
      The name of the BSI technical guideline that defines the cryptographic standards followed by this specification.

    • getSupportedKeyAlgorithms

      public Set<EKeyAlgorithm> getSupportedKeyAlgorithms()
      A set of supported key algorithms for the certificate module.

    • getDefaultKeyAlgorithm

      public EKeyAlgorithm getDefaultKeyAlgorithm()
      The default key algorithm for the certificate module.

    • getSupportedKeySizesRSA

      public List<Integer> getSupportedKeySizesRSA()
      A list of supported key sizes for RSA algorithm.

    • getDefaultKeySizeRSA

      public int getDefaultKeySizeRSA()
      The default key size for RSA algorithm.

    • getSupportedSignatureAlgorithmsRSA

      public List<ESignatureType> getSupportedSignatureAlgorithmsRSA()
      A list of supported signature algorithms for RSA algorithm.

    • getDefaultSignatureAlgorithmRSA

      public ESignatureType getDefaultSignatureAlgorithmRSA()
      The default signature algorithm for RSA algorithm.

    • getSupportedKeySizesDSA

      public List<Integer> getSupportedKeySizesDSA()
      A list of supported key sizes for DSA algorithm.

    • getDefaultKeySizeDSA

      public int getDefaultKeySizeDSA()
      The default key size for DSA algorithm.

    • getSupportedSignatureAlgorithmsDSA

      public List<ESignatureType> getSupportedSignatureAlgorithmsDSA()
      A list of supported signature algorithms for DSA algorithm.

    • getDefaultSignatureAlgorithmDSA

      public ESignatureType getDefaultSignatureAlgorithmDSA()
      The default signature algorithm for DSA algorithm.

    • getSupportedKeySizesEC

      public List<Integer> getSupportedKeySizesEC()
      A list of secure key sizes for EC algorithm.

    • getDefaultKeySizeEC

      public int getDefaultKeySizeEC()
      The default key size for EC algorithm.

    • getEcCurves

      public List<String> getEcCurves()
      A list of supported elliptic curves for EC algorithm.

    • getSupportedSignatureAlgorithmsEC

      public List<ESignatureType> getSupportedSignatureAlgorithmsEC()
      A list of supported signature algorithms for EC algorithm.

    • getDefaultSignatureAlgorithmEC

      public ESignatureType getDefaultSignatureAlgorithmEC()
      The default signature algorithm for EC algorithm.

    • getDefaultEcCurve

      public String getDefaultEcCurve()
      The default Elliptic curve (EC) for EC algorithm.

    • getNearExpirationDays

      public int getNearExpirationDays()
      The number of days before expiration to consider a certificate as "near expiration".

    • getDefaultValidityPeriod

      public Duration getDefaultValidityPeriod()
      The default validity period for certificates.

    • getMaxValidityPeriod

      public Duration getMaxValidityPeriod()
      The maximum validity period for certificates.

    • getDefaultCertificateExportFileType

      public ECertificateFileType getDefaultCertificateExportFileType()
      The default export file type for certificates.

    • isFailCertificateUpdateOnSubjectMissmatch

      public boolean isFailCertificateUpdateOnSubjectMissmatch()
      If true, the import will fail if the subject of the imported certificate does not match.

    • isFailCertificateUpdateOnCertificateUsageMissmatch

      public boolean isFailCertificateUpdateOnCertificateUsageMissmatch()
      If true, the import will fail if the usage of the imported certificate does not match.

    • equals

      public boolean equals(Object o)
      Overrides:
      equals in class Object

    • canEqual

      protected boolean canEqual(Object other)

    • hashCode

      public int hashCode()
      Overrides:
      hashCode in class Object

    • toString

      public String toString()
      Overrides:
      toString in class Object