| Interface | Description |
|---|---|
| DigestAlgorithm |
Interface for injecting custom digest implementation bypassing JCA.
|
| Class | Description |
|---|---|
| CompositeKey |
A tree data structure that enables the representation of composite public keys, which are used to represent
the signing requirements for multi-signature scenarios such as RAFT notary services. A composite key is a list
of leaf keys and their contributing weight, and each leaf can be a conventional single key or a composite key.
Keys contribute their weight to the total if they are matched by the signature.
|
| CompositeKeyFactory |
Factory for generating composite keys from ASN.1 format key specifications. This is used by
class CordaSecurityProvider. |
| CompositeSignature |
Dedicated class for storing a set of signatures that comprise
class CompositeKey. |
| CompositeSignaturesWithKeys |
Custom class for holding signature data. This exists for later extension work to provide a standardised cross-platform
serialization format.
|
| CordaObjectIdentifier | |
| CordaSecurityProvider | |
| Crypto |
This object controls and provides the available and supported signature schemes for Corda.
Any implemented
class SignatureScheme should be strictly defined here.
However, only the schemes returned by {@link #listSupportedSignatureSchemes()} are supported.
Note that Corda currently supports the following signature schemes by their code names: |
| CryptoUtils | |
| DigestService |
The DigestService class is a service that offers the main crypto methods for calculating transaction hashes and
building Merkle trees. The
default instance is passed by default to instances of classes like TransactionBuilder
and as a parameter to MerkleTree.getMerkleTree(...) method. In future the default instance can be parametrized
to initialize with the network default hash algorithm or just a more secure algorithm (e.g. SHA3_256). While the
SHA2_256 is vulnerable to pre-image attacks, the computeNonce and componentHash methods behaviour is defined by
the hashTwiceNonce and hashTwiceComponent; with SHA2_256 they both must be set to true to ensure pre-image attack
won't work (and for backward compatibility), but for other algorithms like SHA3_256 that are not affected, they
can and should be set to false as hashing twice would not improve security but affect performance. |
| DigestServiceKt | |
| DigitalSignature |
A wrapper around a digital signature.
|
| DummySecureRandom | |
| MerkleTree |
Creation and verification of a Merkle tree for a WireTransaction.
|
| NullKeys | |
| PartialMerkleTree |
Building and verification of Partial Merkle Tree.
Partial Merkle Tree is a minimal tree needed to check that a given set of leaves belongs to a full Merkle Tree.
|
| SecureHash |
Container for a cryptographically secure hash value.
Provides utilities for generating a cryptographic hash using different algorithms (currently only SHA-256 supported).
|
| SecureHashKt | |
| SignableData |
A
class SignableData object is the packet actually signed.
It works as a wrapper over transaction id and signature metadata.
Note that when multi-transaction signing (signing a block of transactions) is used, the root of the Merkle tree
(having transaction IDs as leaves) is actually signed and thus txId refers to this root and not a specific transaction. |
| SignatureMetadata |
SignatureMeta is required to add extra meta-data to a transaction's signature.
It currently supports platformVersion only, but it can be extended to support a universal digital
signature model enabling partial signatures and attaching extra information, such as a user's timestamp or other
application-specific fields.
|
| SignatureScheme |
This class is used to define a digital signature scheme.
|
| SignedData<T> |
A serialized piece of data and its signature. Enforces signature validity in order to deserialize the data
contained within.
|
| TransactionSignature |
A wrapper over the signature output accompanied by signer's public key and signature metadata.
This is similar to
class DigitalSignature.WithKey, but targeted to DLT transaction (or block of transactions) signatures. |
| Exception | Description |
|---|---|
| MerkleTreeException |