Package io.smallrye.jwt.util
Class KeyUtils
- java.lang.Object
-
- io.smallrye.jwt.util.KeyUtils
-
public final class KeyUtils extends Object
Utility methods for dealing with decoding public and private keys resources
-
-
Field Summary
Fields Modifier and Type Field Description protected static EnumMap<KeyEncryptionAlgorithm,Integer>KEY_ENCRYPTION_BITSprotected static EnumMap<SignatureAlgorithm,Integer>SIGNATURE_ALGORITHM_BITS
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static SecretKeycreateSecretKeyFromEncodedSecret(String secret)static SecretKeycreateSecretKeyFromSecret(String secret)static PublicKeydecodeCertificate(String pemEncoded)Decode a PEM encoded certificate string to an RSA PublicKeystatic PrivateKeydecodeDecryptionPrivateKey(String pemEncoded)Decode a decryption PEM private keystatic PrivateKeydecodeDecryptionPrivateKey(String pemEncoded, KeyEncryptionAlgorithm algo)Decode a decryption PEM private keystatic PublicKeydecodeEncryptionPublicKey(String pemEncoded, KeyEncryptionAlgorithm algo)static PrivateKeydecodePrivateKey(String pemEncoded)Decode a PEM RSA private keystatic PrivateKeydecodePrivateKey(String pemEncoded, SignatureAlgorithm algo)Decode a PEM private keystatic PublicKeydecodePublicKey(String pemEncoded)Decode a PEM encoded public key string to an RSA PublicKeystatic PublicKeydecodePublicKey(String pemEncoded, SignatureAlgorithm algo)Decode a PEM encoded public key string to an RSA or EllipticCurve PublicKeystatic KeyPairgenerateKeyPair(int keySize)static KeyPairgenerateKeyPair(int keySize, SignatureAlgorithm algo)static SecretKeygenerateSecretKey(KeyEncryptionAlgorithm algo)Generates a SecretKey.static SecretKeygenerateSecretKey(SignatureAlgorithm algo)Generates a SecretKey.static X509CertificategetCertificate(String pemEncoded)Decode a PEM encoded certificate string to X509Certificatestatic org.jose4j.jwk.JsonWebKeygetJwkKeyFromJwkSet(String kid, String keyContent)static KeygetPrivateOrSecretSigningKey(org.jose4j.jwk.JsonWebKey currentJwk, SignatureAlgorithm alg)static KeygetPublicOrSecretEncryptingKey(org.jose4j.jwk.JsonWebKey currentJwk, KeyEncryptionAlgorithm alg)static booleanisSupportedKey(Key key, String keyInterfaceName)static List<org.jose4j.jwk.JsonWebKey>loadJsonWebKeys(String content)static KeyStoreloadKeyStore(String keyStorePath, String keyStorePassword, Optional<String> keyStoreType, Optional<String> keyStoreProvider)static PrivateKeyreadDecryptionPrivateKey(String pemResName)static PrivateKeyreadDecryptionPrivateKey(String pemResName, KeyEncryptionAlgorithm algo)static KeyreadEncryptionKey(String location, String kid)static KeyreadEncryptionKey(String location, String kid, KeyEncryptionAlgorithm alg)static PublicKeyreadEncryptionPublicKey(String pemResName)static PublicKeyreadEncryptionPublicKey(String pemResName, KeyEncryptionAlgorithm algo)static StringreadKeyContent(String keyLocation)static PrivateKeyreadPrivateKey(String pemResName)static PrivateKeyreadPrivateKey(String pemResName, SignatureAlgorithm algo)static PublicKeyreadPublicKey(String pemResName)static PublicKeyreadPublicKey(String pemResName, SignatureAlgorithm algo)static KeyreadSigningKey(String location, String kid)static KeyreadSigningKey(String location, String kid, SignatureAlgorithm alg)static StringremovePemKeyBeginEnd(String pem)Strip any -----BEGIN*KEY...static PublicKeytryAsPemEncryptionPublicKey(String content, KeyEncryptionAlgorithm alg)static PrivateKeytryAsPemSigningPrivateKey(String content, SignatureAlgorithm alg)
-
-
-
Field Detail
-
KEY_ENCRYPTION_BITS
protected static final EnumMap<KeyEncryptionAlgorithm,Integer> KEY_ENCRYPTION_BITS
-
SIGNATURE_ALGORITHM_BITS
protected static final EnumMap<SignatureAlgorithm,Integer> SIGNATURE_ALGORITHM_BITS
-
-
Method Detail
-
readPrivateKey
public static PrivateKey readPrivateKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readPrivateKey
public static PrivateKey readPrivateKey(String pemResName, SignatureAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readDecryptionPrivateKey
public static PrivateKey readDecryptionPrivateKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readDecryptionPrivateKey
public static PrivateKey readDecryptionPrivateKey(String pemResName, KeyEncryptionAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readPublicKey
public static PublicKey readPublicKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readPublicKey
public static PublicKey readPublicKey(String pemResName, SignatureAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readEncryptionPublicKey
public static PublicKey readEncryptionPublicKey(String pemResName) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
readEncryptionPublicKey
public static PublicKey readEncryptionPublicKey(String pemResName, KeyEncryptionAlgorithm algo) throws IOException, GeneralSecurityException
- Throws:
IOExceptionGeneralSecurityException
-
generateKeyPair
public static KeyPair generateKeyPair(int keySize) throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
generateKeyPair
public static KeyPair generateKeyPair(int keySize, SignatureAlgorithm algo) throws NoSuchAlgorithmException
- Throws:
NoSuchAlgorithmException
-
decodePrivateKey
public static PrivateKey decodePrivateKey(String pemEncoded) throws GeneralSecurityException
Decode a PEM RSA private key- Parameters:
pemEncoded- - pem string for key- Returns:
- RSA private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodePrivateKey
public static PrivateKey decodePrivateKey(String pemEncoded, SignatureAlgorithm algo) throws GeneralSecurityException
Decode a PEM private key- Parameters:
pemEncoded- - pem string for keyalgo- - signature algorithm- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodeDecryptionPrivateKey
public static PrivateKey decodeDecryptionPrivateKey(String pemEncoded) throws GeneralSecurityException
Decode a decryption PEM private key- Parameters:
pemEncoded- - pem string for key- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodeDecryptionPrivateKey
public static PrivateKey decodeDecryptionPrivateKey(String pemEncoded, KeyEncryptionAlgorithm algo) throws GeneralSecurityException
Decode a decryption PEM private key- Parameters:
pemEncoded- - pem string for keyalgo- - key encryption algorithm- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodePublicKey
public static PublicKey decodePublicKey(String pemEncoded) throws GeneralSecurityException
Decode a PEM encoded public key string to an RSA PublicKey- Parameters:
pemEncoded- - PEM string for public key- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
createSecretKeyFromEncodedSecret
public static SecretKey createSecretKeyFromEncodedSecret(String secret)
-
generateSecretKey
public static SecretKey generateSecretKey(KeyEncryptionAlgorithm algo) throws InvalidAlgorithmParameterException
Generates a SecretKey.- Parameters:
algo- key encryption algorithm.- Returns:
- SecretKey.
- Throws:
InvalidAlgorithmParameterException- algorithm not found.
-
generateSecretKey
public static SecretKey generateSecretKey(SignatureAlgorithm algo) throws InvalidAlgorithmParameterException
Generates a SecretKey.- Parameters:
algo- signature algorithm.- Returns:
- SecretKey.
- Throws:
InvalidAlgorithmParameterException- algorithm not found.
-
decodePublicKey
public static PublicKey decodePublicKey(String pemEncoded, SignatureAlgorithm algo) throws GeneralSecurityException
Decode a PEM encoded public key string to an RSA or EllipticCurve PublicKey- Parameters:
pemEncoded- - PEM string for public keyalgo- signature algorithm- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
loadKeyStore
public static KeyStore loadKeyStore(String keyStorePath, String keyStorePassword, Optional<String> keyStoreType, Optional<String> keyStoreProvider) throws Exception
- Throws:
Exception
-
decodeEncryptionPublicKey
public static PublicKey decodeEncryptionPublicKey(String pemEncoded, KeyEncryptionAlgorithm algo) throws GeneralSecurityException
- Throws:
GeneralSecurityException
-
decodeCertificate
public static PublicKey decodeCertificate(String pemEncoded) throws GeneralSecurityException
Decode a PEM encoded certificate string to an RSA PublicKey- Parameters:
pemEncoded- - PEM string for certificate- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
getCertificate
public static X509Certificate getCertificate(String pemEncoded) throws GeneralSecurityException
Decode a PEM encoded certificate string to X509Certificate- Parameters:
pemEncoded- - PEM string for certificate- Returns:
- X509Certificate
- Throws:
GeneralSecurityException- on decode failure
-
removePemKeyBeginEnd
public static String removePemKeyBeginEnd(String pem)
Strip any -----BEGIN*KEY... header and -----END*KEY... footer and newlines- Parameters:
pem- encoded string with option header/footer- Returns:
- a single base64 encoded pem string
-
readKeyContent
public static String readKeyContent(String keyLocation) throws IOException
- Throws:
IOException
-
tryAsPemSigningPrivateKey
public static PrivateKey tryAsPemSigningPrivateKey(String content, SignatureAlgorithm alg)
-
tryAsPemEncryptionPublicKey
public static PublicKey tryAsPemEncryptionPublicKey(String content, KeyEncryptionAlgorithm alg)
-
readEncryptionKey
public static Key readEncryptionKey(String location, String kid) throws IOException
- Throws:
IOException
-
readEncryptionKey
public static Key readEncryptionKey(String location, String kid, KeyEncryptionAlgorithm alg) throws IOException
- Throws:
IOException
-
getPublicOrSecretEncryptingKey
public static Key getPublicOrSecretEncryptingKey(org.jose4j.jwk.JsonWebKey currentJwk, KeyEncryptionAlgorithm alg)
-
readSigningKey
public static Key readSigningKey(String location, String kid) throws IOException
- Throws:
IOException
-
readSigningKey
public static Key readSigningKey(String location, String kid, SignatureAlgorithm alg) throws IOException
- Throws:
IOException
-
getJwkKeyFromJwkSet
public static org.jose4j.jwk.JsonWebKey getJwkKeyFromJwkSet(String kid, String keyContent)
-
getPrivateOrSecretSigningKey
public static Key getPrivateOrSecretSigningKey(org.jose4j.jwk.JsonWebKey currentJwk, SignatureAlgorithm alg)
-
-