Package io.smallrye.jwt.util
Class KeyUtils
- java.lang.Object
-
- io.smallrye.jwt.util.KeyUtils
-
public final class KeyUtils extends Object
Utility methods for dealing with decoding public and private keys resources
-
-
Field Summary
Fields Modifier and Type Field Description protected static EnumMap<KeyEncryptionAlgorithm,Integer>KEY_ENCRYPTION_BITSprotected static EnumMap<SignatureAlgorithm,Integer>SIGNATURE_ALGORITHM_BITS
-
Method Summary
-
-
-
Field Detail
-
KEY_ENCRYPTION_BITS
protected static final EnumMap<KeyEncryptionAlgorithm,Integer> KEY_ENCRYPTION_BITS
-
SIGNATURE_ALGORITHM_BITS
protected static final EnumMap<SignatureAlgorithm,Integer> SIGNATURE_ALGORITHM_BITS
-
-
Method Detail
-
readPrivateKey
public static PrivateKey readPrivateKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readPrivateKey
public static PrivateKey readPrivateKey(String pemResName, SignatureAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readDecryptionPrivateKey
public static PrivateKey readDecryptionPrivateKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readDecryptionPrivateKey
public static PrivateKey readDecryptionPrivateKey(String pemResName, KeyEncryptionAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readPublicKey
public static PublicKey readPublicKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readPublicKey
public static PublicKey readPublicKey(String pemResName, SignatureAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readEncryptionPublicKey
public static PublicKey readEncryptionPublicKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readEncryptionPublicKey
public static PublicKey readEncryptionPublicKey(String pemResName, KeyEncryptionAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
generateKeyPair
public static KeyPair generateKeyPair(int keySize) throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
generateKeyPair
public static KeyPair generateKeyPair(int keySize, SignatureAlgorithm algo) throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
decodePrivateKey
public static PrivateKey decodePrivateKey(String pemEncoded) throws GeneralSecurityException
Decode a PEM RSA private key- Parameters:
pemEncoded- - pem string for key- Returns:
- RSA private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodePrivateKey
public static PrivateKey decodePrivateKey(String pemEncoded, SignatureAlgorithm algo) throws GeneralSecurityException
Decode a PEM private key- Parameters:
pemEncoded- - pem string for keyalgo- - signature algorithm- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodeDecryptionPrivateKey
public static PrivateKey decodeDecryptionPrivateKey(String pemEncoded) throws GeneralSecurityException
Decode a decryption PEM private key- Parameters:
pemEncoded- - pem string for key- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodeDecryptionPrivateKey
public static PrivateKey decodeDecryptionPrivateKey(String pemEncoded, KeyEncryptionAlgorithm algo) throws GeneralSecurityException
Decode a decryption PEM private key- Parameters:
pemEncoded- - pem string for keyalgo- - key encryption algorithm- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodePublicKey
public static PublicKey decodePublicKey(String pemEncoded) throws GeneralSecurityException
Decode a PEM encoded public key string to an RSA PublicKey- Parameters:
pemEncoded- - PEM string for public key- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
createSecretKeyFromEncodedSecret
public static SecretKey createSecretKeyFromEncodedSecret(String secret)
-
generateSecretKey
public static SecretKey generateSecretKey(KeyEncryptionAlgorithm algo) throws InvalidAlgorithmParameterException
Generates a SecretKey.- Parameters:
algo- key encryption algorithm.- Returns:
- SecretKey.
- Throws:
InvalidAlgorithmParameterException- algorithm not found.
-
generateSecretKey
public static SecretKey generateSecretKey(SignatureAlgorithm algo) throws InvalidAlgorithmParameterException
Generates a SecretKey.- Parameters:
algo- signature algorithm.- Returns:
- SecretKey.
- Throws:
InvalidAlgorithmParameterException- algorithm not found.
-
decodePublicKey
public static PublicKey decodePublicKey(String pemEncoded, SignatureAlgorithm algo) throws GeneralSecurityException
Decode a PEM encoded public key string to an RSA or EllipticCurve PublicKey- Parameters:
pemEncoded- - PEM string for public keyalgo- signature algorithm- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
loadKeyStore
public static KeyStore loadKeyStore(String keyStorePath, String keyStorePassword, Optional<String> keyStoreType, Optional<String> keyStoreProvider) throws Exception
- Throws:
Exception
-
decodeEncryptionPublicKey
public static PublicKey decodeEncryptionPublicKey(String pemEncoded, KeyEncryptionAlgorithm algo) throws GeneralSecurityException
- Throws:
GeneralSecurityException
-
decodeCertificate
public static PublicKey decodeCertificate(String pemEncoded) throws GeneralSecurityException
Decode a PEM encoded certificate string to an RSA PublicKey- Parameters:
pemEncoded- - PEM string for certificate- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
getCertificate
public static X509Certificate getCertificate(String pemEncoded) throws GeneralSecurityException
Decode a PEM encoded certificate string to X509Certificate- Parameters:
pemEncoded- - PEM string for certificate- Returns:
- X509Certificate
- Throws:
GeneralSecurityException- on decode failure
-
removePemKeyBeginEnd
public static String removePemKeyBeginEnd(String pem)
Strip any -----BEGIN*KEY... header and -----END*KEY... footer and newlines- Parameters:
pem- encoded string with option header/footer- Returns:
- a single base64 encoded pem string
-
readKeyContent
public static String readKeyContent(String keyLocation) throws IOException
- Throws:
IOException
-
tryAsPemSigningPrivateKey
public static PrivateKey tryAsPemSigningPrivateKey(String content, SignatureAlgorithm alg)
-
tryAsPemEncryptionPublicKey
public static PublicKey tryAsPemEncryptionPublicKey(String content, KeyEncryptionAlgorithm alg)
-
readEncryptionKey
public static Key readEncryptionKey(String location, String kid) throws IOException
- Throws:
IOException
-
readEncryptionKey
public static Key readEncryptionKey(String location, String kid, KeyEncryptionAlgorithm alg) throws IOException
- Throws:
IOException
-
getPublicOrSecretEncryptingKey
public static Key getPublicOrSecretEncryptingKey(org.jose4j.jwk.JsonWebKey currentJwk, KeyEncryptionAlgorithm alg)
-
readSigningKey
public static Key readSigningKey(String location, String kid) throws IOException
- Throws:
IOException
-
readSigningKey
public static Key readSigningKey(String location, String kid, SignatureAlgorithm alg) throws IOException
- Throws:
IOException
-
getJwkKeyFromJwkSet
public static org.jose4j.jwk.JsonWebKey getJwkKeyFromJwkSet(String kid, String keyContent)
-
getPrivateOrSecretSigningKey
public static Key getPrivateOrSecretSigningKey(org.jose4j.jwk.JsonWebKey currentJwk, SignatureAlgorithm alg)
-
-