All Classes and Interfaces
Class
Description
Immutable value object representing a supported algorithm profile.
Category of the algorithm: classical vs. post-quantum.
Lifecycle status as defined by the platform.
AnkaSecureSdkA uniform, localization-ready exception thrown by all public AnkaSecure SDK APIs.
Immutable representation of the
Crypto-Policy-Info response header.Fluent builder that mirrors the legacy API, preserving existing unit
tests and client code.
Decodes the Base64URL-encoded value of the
Crypto-Policy-Info
response header into a CryptoPolicyInfo.High-level encryption / decryption / re-encryption contract.
Bundles the plaintext bytes and the metadata returned by the decrypt API.
Thread-safe concrete implementation of
CryptoService.Value object returned by one of the following SDK operations:
decrypt(String ciphertext)
Decrypts an in-memory Compact JWE and returns both the plaintext bytes
and full server metadata.DecryptResultMetadataValue object returned by one of the following SDK operations:
encrypt(String keyId, byte[] plaintext)
encryptFile(String keyId, Path source, Path target)
encryptFileStream(String keyId, Path source, Path target)
encryptFileUtilityStream(String keyId, String param1, String param2, Path source, Path target)
Console entry-point that lets you run any of the sample scenarios packaged
with the AnkaSecure SDK.
Scenario 1 – End-to-end ML-KEM-512 Life-cycle (Streaming)
Scenario 10 – ML-KEM-1024 Bulk Helpers (Compact JWE)
Scenario 11 – ML-DSA-87 Bulk Helpers (Compact JWS)
Scenario 12 – RSA-2048 → FALCON-1024 Streaming Re-sign
(Detached JWS)
Scenario 13 – Legacy RSA-2048 ➜ ML-KEM-768 Migration
(Server-Side Re-encryption)
Scenario 14 – ML-KEM-768 Key-Lifecycle Demonstration
Scenario 15 – Streamed Sign / Verify (ML-DSA-87)
Scenario 16 – Utility-Stream Encryption (ML-KEM-1024)
Scenario 17 – Rapid Revocation Lifecycle (Compact JWS)
Scenario 18 – Dynamic Key-Limit Upsize
Scenario 19 – Runtime Discovery of PQC Algorithms
Scenario 2 – RSA-2048 Streaming Sign / Verify
Scenario 20 – In-Memory Post-Quantum Crypto (Compact JWE/JWS)
Scenario 21 – Compact-Token Rotation (RSA-2048 ➜ ML-KEM-1024)
End-to-end, file-oriented demonstration of streaming *detached JWS*
verification with an XMSS key.
Immediate key rotation from RSA-2048 to ML-KEM-768 and transparent
successor usage during encryption.
Scenario 3 – AES-256 Streaming Encrypt / Decrypt
Scenario 4 – Streaming Re-encrypt (RSA-2048 → ML-KEM-1024)
Scenario 5 – ML-KEM-512 Bulk Helpers (Compact JWE)
Scenario 6 – ML-DSA-87 Bulk Helpers (Compact JWS)
Scenario 7 – AES-256 Compact JWE Helpers
Scenario 8 – EC-521 → ML-KEM-768 Bulk Re-encryption (Compact JWE)
Scenario 9 – RSA-2048 → ML-DSA-65 Bulk Re-sign (Compact JWS)
Example PQC Handshake Scenario:
Utility class providing shared support for all ANKASecure SDK example scenarios.
Utility class for translating any checked or runtime exception (including OpenAPI
ApiException)
into a uniform AnkaSecureSdkException, enriched with:
HTTP status code (if available)
Raw response body (if available)
Human-readable message, optionally localized
SDK-specific error code classification
Arbitrary context data for diagnostics
ExportedKeySpec is a streamlined model representing an exported
cryptographic key.Centralised UTF-8 file I/O utility for the ANKASecure SDK.
GenerateKeySpec is a streamlined model for clients to request
generation of a new cryptographic key, without exposing all fields of
internal classes.Utility class that converts the
Crypto-Policy-Info response header
emitted by all streaming endpoints into the immutable SDK metadata objects
required by client code.ImportKeySpec is a streamlined DTO used by integrators to import an
existing cryptographic key (public, private or both) into Anka
Secure without exposing the full OpenAPI class.It purposefully mirrors just the subset of attributes that callers typically control:
kid, kty, alg, publicKey, privateKey,
keyOps, exportable, expiry metadata and usage limits.Thread-safe JSON helper with a single, shared
ObjectMapper.Multipart splitter for streaming JWET files
Holder for the two extracted parts.
Pure key-lifecycle abstraction (generate, import, export, rotate, …).
Thread-safe implementation of
KeyManagementService.Placeholder for license look-ups / usage stats.
Wraps the REST endpoints under the Migration and Interoperability tag.
Specification for updating mutable key attributes via JSON Merge-Patch.
Fluent builder for assembling a
PatchKeySpec.
DTO used to import a private key (and its certificate chain) packed in a
PKCS#12 / .p12 container that is supplied as a Base64 string.
PqcClientCryptoUtil
A record containing both raw key objects (public, private) and their
Base64-encoded forms.
Immutable value object returned by PQC hybrid handshake endpoints.
Immutable response model returned by
AnkaSecureSdk.reencrypt(String, String).Immutable response returned by one of the following SDK operations:
resign(String keyId, String data)
resignFile(String keyId, Path source, Path target)
resignFileStream(String keyId, Path source, Path signature, Path target)
Represents a job in the key rotation process, including its state, key identifiers, and timestamps.
Enumerates the finite set of job states.
Utility wrapper that executes a lambda calling the OpenAPI client and
uniformly maps any
ApiException (or runtime failure) to
AnkaSecureSdkException via ExceptionTranslator.High-level, protocol-agnostic error categories recognised by the SDK.
Pure signature-layer abstraction (no encryption tasks).
Thread-safe implementation of
SignatureService.Small aggregation helpers shared by impl classes.
VerifySignatureResult