All Classes and Interfaces
Class
Description
Value object that mirrors one entry returned by
/api/key-management/supported-algorithms.Lifecycle status as defined by the platform.
AnkaSecureSdkUnchecked wrapper for any error returned by the Anka Secure SDK.
High-level encryption / decryption / re-encryption contract.
Bundles the plaintext bytes and the metadata returned by the decrypt API.
Thread-safe concrete implementation of
CryptoService.DecryptFileResultValue object returned by
.
invalid reference
co.ankatech.ankasecure.sdk.AnkaSecureSdk#encryptFile()ExampleMenu is the CLI entry point that provides an interactive menu of example scenarios.
Scenario 1 Example
Scenario 10 – Bulk Encrypt/Decrypt with an
ML-KEM-1024
keyScenario 11 – Bulk Sign / Verify with an
ML-DSA-87 keyScenario 12 – Streaming Re-sign (RSA-2048 → FALCON-1024)
Scenario 13 – Legacy RSA → PQC ML-KEM Migration
Scenario 14 – Key Lifecycle (ML-KEM-768)
Scenario 15 - Streamed Sign / Verify (ML-DSA-87)
Scenario 16 - Utility-Stream Public-Key Encryption
(ML-KEM-1024)
Generate an
ML-KEM-1024 key (kid).
Export the key metadata and extract the Base64 publicKey.
Encrypt via encryptFileUtilityStream (public-key only).
Decrypt with decryptFileStream (private key behind
kid).
Validate decrypted plaintext equals the original.
Scenario 17 – Rapid-Revocation Lifecycle (non-streaming)
Scenario 18 – Dynamic Key-Limit Upsize (Business-Centric)
Scenario 19 – “Capability Discovery” smoke-test
Scenario 2 – Streamed Sign / Verify with RSA-2048
Scenario 3 – Streaming Encrypt / Decrypt with AES-256
Scenario 4 – Streamed Re-encryption (RSA-2048 → ML-KEM-1024)
Scenario 5 - ML-KEM-512 Bulk Encrypt/Decrypt (Non-Streaming
Helpers)
Scenario 6 – ML-DSA-87 non-streaming sign / verify demo.
Scenario 7 – AES-256 bulk encrypt / decrypt (Compact JWE).
Scenario 8 – Bulk re-encryption EC-521 → ML-KEM-768 (Compact
JWE).
Scenario 9 – Bulk re-sign RSA-2048 ➜ ML-DSA-65 (Compact
JWS).
Example PQC Handshake Scenario:
General helper utilities for example scenarios:
Configuration loading
Authentication
JSON serialization (with Java Time support)
Cryptographic helpers
Error handling
ExportedKeySpec is a streamlined model representing an exported
cryptographic key.GenerateKeySpec is a streamlined model for clients to request
generation of a new cryptographic key, without exposing all fields of
internal classes.ImportKeySpec is a streamlined DTO used by integrators to import an
existing cryptographic key (public, private or both) into Anka
Secure without exposing the full OpenAPI class.It purposefully mirrors just the subset of attributes that callers typically control:
kid, kty, alg, publicKey, privateKey,
keyOps, exportable, expiry metadata and usage limits.Holder for the two extracted parts.
Pure key-lifecycle abstraction (generate, import, export, rotate, …).
Thread-safe implementation of
KeyManagementService.Placeholder for license look-ups / usage stats.
Wraps the REST endpoints under the Migration invalid input: '&' Interoperability tag.
Specification for updating mutable key attributes via JSON Merge-Patch.
DTO used to import a private key (and its certificate chain) packed in a
PKCS#12 / .p12 container that is supplied as a Base64 string.
PqcClientCryptoUtil
A record containing both raw key objects (public, private) and their
Base64-encoded forms.
Immutable value object returned by PQC hybrid handshake endpoints.
Immutable response model returned by
.
invalid reference
co.ankatech.ankasecure.sdk.AnkaSecureSdk#reencryptFile(java.nio.file.Path, String, String)Immutable response returned by
.
invalid reference
co.ankatech.ankasecure.sdk.AnkaSecureSdk#resignFile(java.nio.file.Path, String, String)Pure signature-layer abstraction (no encryption tasks).
Thread-safe implementation of
SignatureService.Immutable value object returned by
.
invalid reference
co.ankatech.ankasecure.sdk.AnkaSecureSdk#signFile(java.nio.file.Path, String)Small aggregation helpers shared by impl classes.
VerifySignatureResult