Class AES256EncodedPasswordSecretKey

  • All Implemented Interfaces:
    java.io.Serializable

    @NotMutable
    @ThreadSafety(level=COMPLETELY_THREADSAFE)
    public final class AES256EncodedPasswordSecretKey
    extends java.lang.Object
    implements java.io.Serializable
    This class provides a data structure that may be used to hold a reusable secret key for use in conjunction with AES256EncodedPassword objects. Reusing a secret key avoids the (potentially significant) cost of generating it for each encryption and decryption operation.
    NOTE: This class, and other classes within the com.unboundid.ldap.sdk.unboundidds package structure, are only supported for use against Ping Identity, UnboundID, and Nokia/Alcatel-Lucent 8661 server products. These classes provide support for proprietary functionality or for external specifications that are not considered stable or mature enough to be guaranteed to work in an interoperable way with other types of LDAP servers.
    See Also:
    Serialized Form
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void destroy()
      Destroys this secret key.
      static AES256EncodedPasswordSecretKey generate​(byte[] encryptionSettingsDefinitionID, char[] encryptionSettingsDefinitionPassphrase)
      Generates an AES256 secret key from the provided information.
      static AES256EncodedPasswordSecretKey generate​(byte[] encryptionSettingsDefinitionID, char[] encryptionSettingsDefinitionPassphrase, byte[] keyFactorySalt)
      Generates an AES256 secret key from the provided information.
      static AES256EncodedPasswordSecretKey generate​(java.lang.String encryptionSettingsDefinitionID, java.lang.String encryptionSettingsDefinitionPassphrase)
      Generates an AES256 secret key from the provided information.
      byte[] getEncryptionSettingsDefinitionID()
      Retrieves the bytes that comprise the raw identifier for the encryption settings definition whose passphrase was used to generate the secret key.
      byte[] getKeyFactorySalt()
      Retrieves the salt used to generate the secret key from the encryption settings definition passphrase.
      javax.crypto.SecretKey getSecretKey()
      Retrieves the secret key that was generated.
      java.lang.String toString()
      Retrieves a string representation of this AES256 encoded password secret key.
      void toString​(java.lang.StringBuilder buffer)
      Appends a string representation of this AES256 encoded password secret key to the provided buffer.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait
    • Method Detail

      • generate

        @NotNull
        public static AES256EncodedPasswordSecretKey generate​(@NotNull
                                                              java.lang.String encryptionSettingsDefinitionID,
                                                              @NotNull
                                                              java.lang.String encryptionSettingsDefinitionPassphrase)
                                                       throws java.security.GeneralSecurityException,
                                                              java.text.ParseException
        Generates an AES256 secret key from the provided information.
        Parameters:
        encryptionSettingsDefinitionID - A string with the hexadecimal representation of the encryption settings definition whose passphrase was used to generate the encoded password. It must not be null or empty, and it must represent a valid hexadecimal string whose length is an even number less than or equal to 510 bytes.
        encryptionSettingsDefinitionPassphrase - The passphrase associated with the specified encryption settings definition. It must not be null or empty.
        Returns:
        The AES256 secret key that was generated.
        Throws:
        java.security.GeneralSecurityException - If a problem occurs while trying to generate the secret key.
        java.text.ParseException - If the provided encryption settings ID cannot be parsed as a hexadecimal string.
      • generate

        @NotNull
        public static AES256EncodedPasswordSecretKey generate​(@NotNull
                                                              byte[] encryptionSettingsDefinitionID,
                                                              @NotNull
                                                              char[] encryptionSettingsDefinitionPassphrase)
                                                       throws java.security.GeneralSecurityException
        Generates an AES256 secret key from the provided information.
        Parameters:
        encryptionSettingsDefinitionID - The bytes that comprise the raw encryption settings definition ID whose passphrase was used to generate the encoded password. It must not be null or empty, and its length must be less than or equal to 255 bytes.
        encryptionSettingsDefinitionPassphrase - The passphrase associated with the specified encryption settings definition. It must not be null or empty.
        Returns:
        The AES256 secret key that was generated.
        Throws:
        java.security.GeneralSecurityException - If a problem occurs while trying to generate the secret key.
      • generate

        @NotNull
        public static AES256EncodedPasswordSecretKey generate​(@NotNull
                                                              byte[] encryptionSettingsDefinitionID,
                                                              @NotNull
                                                              char[] encryptionSettingsDefinitionPassphrase,
                                                              @NotNull
                                                              byte[] keyFactorySalt)
                                                       throws java.security.GeneralSecurityException
        Generates an AES256 secret key from the provided information.
        Parameters:
        encryptionSettingsDefinitionID - The bytes that comprise the raw encryption settings definition ID whose passphrase was used to generate the encoded password. It must not be null or empty, and its length must be less than or equal to 255 bytes.
        encryptionSettingsDefinitionPassphrase - The passphrase associated with the specified encryption settings definition. It must not be null or empty.
        keyFactorySalt - The salt used to generate the encryption key from the encryption settings definition passphrase. It must not be null and it must have a length of exactly 16 bytes.
        Returns:
        The AES256 secret key that was generated.
        Throws:
        java.security.GeneralSecurityException - If a problem occurs while trying to generate the secret key.
      • getEncryptionSettingsDefinitionID

        @NotNull
        public byte[] getEncryptionSettingsDefinitionID()
        Retrieves the bytes that comprise the raw identifier for the encryption settings definition whose passphrase was used to generate the secret key.
        Returns:
        A bytes that comprise the raw identifier for the encryption settings definition whose passphrase was used to generate the secret key.
      • getKeyFactorySalt

        @NotNull
        public byte[] getKeyFactorySalt()
        Retrieves the salt used to generate the secret key from the encryption settings definition passphrase.
        Returns:
        The salt used to generate the secret key from the encryption settings definition passphrase.
      • getSecretKey

        @NotNull
        public javax.crypto.SecretKey getSecretKey()
        Retrieves the secret key that was generated. This method must not be called after the destroy() method has been called.
        Returns:
        The secret key that was generated.
      • destroy

        public void destroy()
        Destroys this secret key. The key must not be used after it has been destroyed.
      • toString

        @NotNull
        public java.lang.String toString()
        Retrieves a string representation of this AES256 encoded password secret key.
        Overrides:
        toString in class java.lang.Object
        Returns:
        A string representation of this AES256 encoded password secret key.
      • toString

        public void toString​(@NotNull
                             java.lang.StringBuilder buffer)
        Appends a string representation of this AES256 encoded password secret key to the provided buffer.
        Parameters:
        buffer - The buffer to which the information should be appended.