Enum CertificateBuilder.Algorithm
- java.lang.Object
-
- java.lang.Enum<CertificateBuilder.Algorithm>
-
- io.netty.pkitesting.CertificateBuilder.Algorithm
-
- All Implemented Interfaces:
java.io.Serializable
,java.lang.Comparable<CertificateBuilder.Algorithm>
- Enclosing class:
- CertificateBuilder
public static enum CertificateBuilder.Algorithm extends java.lang.Enum<CertificateBuilder.Algorithm>
TheCertificateBuilder.Algorithm
enum encapsulates both the key type, key generation parameters, and the signature algorithm to use.
-
-
Enum Constant Summary
Enum Constants Enum Constant Description ecp256
The NIST P-256 elliptic curve algorithm, offer fast key generation, signing, and verification, with small keys and signatures, at 128-bits of security strength.ecp384
The NIST P-384 elliptic curve algorithm, offer fast key generation, signing, and verification, with small keys and signatures, at 192-bits of security strength.ed25519
The Ed25519 algorithm offer fast key generation, signing, and verification, with very small keys and signatures, at 128-bits of security strength.ed448
The Ed448 algorithm offer fast key generation, signing, and verification, with small keys and signatures, at 224-bits of security strength.mlDsa44
The ML-DSA-44 algorithm is the NIST FIPS 204 version of the post-quantum Dilithium algorithm.mlDsa65
The ML-DSA-65 algorithm is the NIST FIPS 204 version of the post-quantum Dilithium algorithm.mlDsa87
The ML-DSA-87 algorithm is the NIST FIPS 204 version of the post-quantum Dilithium algorithm.rsa2048
The 2048-bit RSA algorithm offer roughly 112-bits of security strength, at the cost of large keys and slightly expensive key generation.rsa3072
The 3072-bit RSA algorithm offer roughly 128-bits of security strength, at the cost of large keys and fairly expensive key generation.rsa4096
The 4096-bit RSA algorithm offer roughly greater than 128-bits of security strength, at the cost of large keys and very expensive key generation.rsa8192
The 8192-bit RSA algorithm offer roughly greater than 192-bits of security strength, at the cost of very large keys and extremely expensive key generation.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.security.KeyPair
generateKeyPair(java.security.SecureRandom secureRandom)
Generate a newKeyPair
using this algorithm, and the givenSecureRandom
generator.boolean
isSupported()
Tell whether this algorithm is supported in the current JVM.static CertificateBuilder.Algorithm
valueOf(java.lang.String name)
Returns the enum constant of this type with the specified name.static CertificateBuilder.Algorithm[]
values()
Returns an array containing the constants of this enum type, in the order they are declared.
-
-
-
Enum Constant Detail
-
ecp256
public static final CertificateBuilder.Algorithm ecp256
The NIST P-256 elliptic curve algorithm, offer fast key generation, signing, and verification, with small keys and signatures, at 128-bits of security strength.This algorithm is older than the Edwards curves, and are more widely supported.
-
ecp384
public static final CertificateBuilder.Algorithm ecp384
The NIST P-384 elliptic curve algorithm, offer fast key generation, signing, and verification, with small keys and signatures, at 192-bits of security strength.This algorithm is older than the Edwards curves, and are more widely supported.
-
rsa2048
public static final CertificateBuilder.Algorithm rsa2048
The 2048-bit RSA algorithm offer roughly 112-bits of security strength, at the cost of large keys and slightly expensive key generation.This algorithm enjoy the widest support and compatibility, though.
-
rsa3072
public static final CertificateBuilder.Algorithm rsa3072
The 3072-bit RSA algorithm offer roughly 128-bits of security strength, at the cost of large keys and fairly expensive key generation.RSA enjoy pretty wide compatibility, though not all systems support keys this large.
-
rsa4096
public static final CertificateBuilder.Algorithm rsa4096
The 4096-bit RSA algorithm offer roughly greater than 128-bits of security strength, at the cost of large keys and very expensive key generation.RSA enjoy pretty wide compatibility, though not all systems support keys this large.
-
rsa8192
public static final CertificateBuilder.Algorithm rsa8192
The 8192-bit RSA algorithm offer roughly greater than 192-bits of security strength, at the cost of very large keys and extremely expensive key generation.RSA enjoy pretty wide compatibility, though not all systems support keys this large.
-
ed25519
public static final CertificateBuilder.Algorithm ed25519
The Ed25519 algorithm offer fast key generation, signing, and verification, with very small keys and signatures, at 128-bits of security strength.This algorithm was added in Java 15, and may not be supported everywhere.
-
ed448
public static final CertificateBuilder.Algorithm ed448
The Ed448 algorithm offer fast key generation, signing, and verification, with small keys and signatures, at 224-bits of security strength.This algorithm was added in Java 15, and may not be supported everywhere.
-
mlDsa44
public static final CertificateBuilder.Algorithm mlDsa44
The ML-DSA-44 algorithm is the NIST FIPS 204 version of the post-quantum Dilithium algorithm. It has 128-bits of classical security strength, and is claimed to meet NIST Level 2 quantum security strength (equivalent to finding a SHA-256 collision).This algorithm was added in Java 24, and may not be supported everywhere.
-
mlDsa65
public static final CertificateBuilder.Algorithm mlDsa65
The ML-DSA-65 algorithm is the NIST FIPS 204 version of the post-quantum Dilithium algorithm. It has 192-bits of classical security strength, and is claimed to meet NIST Level 3 quantum security strength (equivalent to finding the key for an AES-192 block).This algorithm was added in Java 24, and may not be supported everywhere.
-
mlDsa87
public static final CertificateBuilder.Algorithm mlDsa87
The ML-DSA-87 algorithm is the NIST FIPS 204 version of the post-quantum Dilithium algorithm. It has 256-bits of classical security strength, and is claimed to meet NIST Level 5 quantum security strength (equivalent to finding the key for an AES-256 block).This algorithm was added in Java 24, and may not be supported everywhere.
-
-
Method Detail
-
values
public static CertificateBuilder.Algorithm[] values()
Returns an array containing the constants of this enum type, in the order they are declared. This method may be used to iterate over the constants as follows:for (CertificateBuilder.Algorithm c : CertificateBuilder.Algorithm.values()) System.out.println(c);
- Returns:
- an array containing the constants of this enum type, in the order they are declared
-
valueOf
public static CertificateBuilder.Algorithm valueOf(java.lang.String name)
Returns the enum constant of this type with the specified name. The string must match exactly an identifier used to declare an enum constant in this type. (Extraneous whitespace characters are not permitted.)- Parameters:
name
- the name of the enum constant to be returned.- Returns:
- the enum constant with the specified name
- Throws:
java.lang.IllegalArgumentException
- if this enum type has no constant with the specified namejava.lang.NullPointerException
- if the argument is null
-
generateKeyPair
public java.security.KeyPair generateKeyPair(java.security.SecureRandom secureRandom) throws java.security.GeneralSecurityException
Generate a newKeyPair
using this algorithm, and the givenSecureRandom
generator.- Parameters:
secureRandom
- TheSecureRandom
generator to use, notnull
.- Returns:
- The generated
KeyPair
. - Throws:
java.security.GeneralSecurityException
- if the key pair cannot be generated using this algorithm for some reason.java.lang.UnsupportedOperationException
- if this algorithm is not support in the current JVM.
-
isSupported
public boolean isSupported()
Tell whether this algorithm is supported in the current JVM.- Returns:
true
if this algorithm is supported.
-
-