com.jn.langx.security.JCAEStandardName Maven / Gradle / Ivy
Show all versions of langx-java Show documentation
package com.jn.langx.security;
import com.jn.langx.annotation.NonNull;
import com.jn.langx.security.exception.SecurityException;
import com.jn.langx.util.Preconditions;
import com.jn.langx.util.collection.Arrs;
import com.jn.langx.util.collection.Collects;
import com.jn.langx.util.collection.Pipeline;
import com.jn.langx.util.function.Predicate;
import java.security.*;
import java.util.EnumSet;
import java.util.List;
/**
*
* 这个类是一个工具类,在使用JCA,JCE的API时可以使用到的。
* 使用JCA,JCE的API时,由于这部分的设计,在获取各种各样的的engine class的实例时,
* 例如MessageDigest.getInstance(String)。
* 因为名称比较固定,但容易出错,这个类就是方便名称的使用的。
* 使用时只需要:MessageDigest.getInstance(JCAEngineInstanceName.MD5.getName());
*
*
* Name目前有3种:Algorithm名称、Certificate名称、KeyStore名称、Service Attribute名称
* Algorithm:
* 加密算法可以分为3大类:单向加密算法(也就是摘要算法)、对称加密算法、非对称加密算法。
* 其中单向加密算法是不需要进行解密的,所以在使用单向加密算法时,不需要使用key等API。
* 对称加密算法和非对称加密算法都需要进行发送者加密、接收者解密的过程,所以会使用Key相关的API。
* 对称加密算法使用的是SecretKey,非对称加密则使用的是PublicKey、PrivateKey。
* 算法名称类型可以分为:MessageDigest、Key、 Signature、 Random ,可以参考注解@Algorithm 。
* MessageDigest算法、Key and Parameter算法的名称都比较简单,这里就不一一说明了。
* Signature算法的name的命名规则:
* 1) <digest>with<encryption>:这种形式是MessageDigest算法与keyPair算法的结合;
* 2) <digest>with<encryption>and<mgf> mgf 是mark generation function,即掩码生成函数。
*
* Signature算法相关的实例的名称,例如SHA1withDSA,其实就是keyPair算法+MessageDigest算法的结合。
* 这是因为Signature本来就是在PrivateKey的基础上对数据使用了MessageDigest算法,从而生成Signature。
*
*
Certificate:
* 著名的有X.509
*
* KeyStore:
* JKS、PKCS12
*
* Service Attribute:
* JKS、PKCS12
*
*
*
* JCE中的名称太多了,也没有什么规律,这里就不指明了。可以参考:JCE 实例名称说明
*
*
* https://docs.oracle.com/en/java/javase/14/security/oracle-providers.html#GUID-FE2D2E28-C991-4EF9-9DBE-2A4982726313
*
* @author [email protected]
*/
public enum JCAEStandardName {
/********************Perso Random Number Generate *******/
@Algorithm(name = "NativePRNG", apply = SecureRandom.class)
NativePRNG,
@Algorithm(name = "NativePRNGBlocking", apply = SecureRandom.class)
NativePRNGBlocking,
@Algorithm(name = "NativePRNGNonBlocking", apply = SecureRandom.class)
NativePRNGNonBlocking,
@Algorithm(name = "PKCS11", apply = SecureRandom.class)
PKCS11PRNG,
@Algorithm(name = "DRBG", apply = SecureRandom.class)
DRBG,
@Algorithm(name = "SHA1PRNG", apply = SecureRandom.class)
SHA1PRNG,
@Algorithm(name = "Windows-PRNG", apply = SecureRandom.class)
Windows_PRNG,
/*********************MessageDigest**********************/
@Algorithm(name = "SHA-1", apply = MessageDigest.class)
SHA_1,
@Algorithm(name = "SHA-256", apply = MessageDigest.class)
SHA_256,
@Algorithm(name = "SHA-384", apply = MessageDigest.class)
SHA_384,
@Algorithm(name = "SHA-512", apply = MessageDigest.class)
SHA_512,
@Algorithm(name = "MD2", apply = MessageDigest.class)
MD2,
@Algorithm(name = "MD5", apply = MessageDigest.class)
MD5,
/*********************KeyPair, Key Parameter*************/
@Algorithm(name = "DSA", apply = {KeyPairGenerator.class, AlgorithmParameterGenerator.class})
DSA,
@Algorithm(name = "RSA", apply = KeyPairGenerator.class)
RSA,
/********************Digital Signature***************************/
@Algorithm(name = "NONEwithRSA", apply = Signature.class)
NONE_RSA,
@Algorithm(name = "MD2withRSA", apply = Signature.class)
MD2_RSA,
@Algorithm(name = "MD5withRSA", apply = Signature.class)
MD5_RSA,
@Algorithm(name = "SHA1withRSA", apply = Signature.class)
SHA1_RSA,
@Algorithm(name = "SHA224withRSA", apply = Signature.class)
SHA224_RSA,
@Algorithm(name = "SHA256withRSA", apply = Signature.class)
SHA256_RSA,
@Algorithm(name = "SHA384withRSA", apply = Signature.class)
SHA384_RSA,
@Algorithm(name = "SHA512withRSA", apply = Signature.class)
SHA512_RSA,
@Algorithm(name = "SHA512/224withRSA", apply = Signature.class)
SHA512_224_RSA,
@Algorithm(name = "SHA512/256withRSA", apply = Signature.class)
SHA512_256_RSA,
@Algorithm(name = "SHA3-224withRSA", apply = Signature.class)
SHA3_224_RSA,
@Algorithm(name = "SHA3-256withRSA", apply = Signature.class)
SHA3_256_RSA,
@Algorithm(name = "SHA3-384withRSA", apply = Signature.class)
SHA3_384_RSA,
@Algorithm(name = "SHA3-512withRSA", apply = Signature.class)
SHA3_512_RSA,
@Algorithm(name = "SHA1withDSA", apply = Signature.class)
SHA1_DSA,
ECDSA,
/************************Certificate*****************************/
X509("X.509"),
/********************KeyStore types***************************/
// https://docs.oracle.com/javase/8/docs/technotes/guides/security/crypto/CryptoSpec.html#Key
JCEKS,
JKS,
DKS,
PKCS11,
PKCS12;
JCAEStandardName() {
Algorithm algorithm = null;
try {
algorithm = JCAEStandardName.class.getDeclaredField(name()).getAnnotation(Algorithm.class);
} catch (NoSuchFieldException e) {
} catch (SecurityException e) {
}
if (algorithm != null) {
this.name = algorithm.name();
this.isAlgorithm = true;
this.scenarios = algorithm.apply();
} else {
this.name = name();
}
}
JCAEStandardName(String name) {
this.name = name;
}
// Override the Enum#name
private String name;
private boolean isAlgorithm = false;
private Class[] scenarios;
public String getName() {
return this.name;
}
@Override
public String toString() {
return this.name;
}
public boolean isAlgorithm() {
return this.isAlgorithm;
}
public Class[] getScenarios() {
return Arrs.copy(this.scenarios);
}
public static List findAlgorithms(@NonNull final Class scenario) {
Preconditions.checkNotNull(scenario);
return Pipeline.of(EnumSet.allOf(JCAEStandardName.class))
.filter(new Predicate() {
@Override
public boolean test(JCAEStandardName sn) {
return sn.isAlgorithm() && Collects.contains(sn.scenarios, scenario);
}
})
.asList();
}
}