Package io.smallrye.jwt.util
Class KeyUtils
java.lang.Object
io.smallrye.jwt.util.KeyUtils
Utility methods for dealing with decoding public and private keys resources
-
Field Summary
FieldsModifier and TypeFieldDescriptionprotected static final EnumMap<KeyEncryptionAlgorithm, Integer> protected static final EnumMap<SignatureAlgorithm, Integer> -
Method Summary
Modifier and TypeMethodDescriptionstatic SecretKeystatic SecretKeycreateSecretKeyFromSecret(String secret) static PublicKeydecodeCertificate(String pemEncoded) Decode a PEM encoded certificate string to an RSA PublicKeystatic PrivateKeydecodeDecryptionPrivateKey(String pemEncoded) Decode a decryption PEM private keystatic PrivateKeydecodeDecryptionPrivateKey(String pemEncoded, KeyEncryptionAlgorithm algo) Decode a decryption PEM private keystatic PublicKeydecodeEncryptionPublicKey(String pemEncoded, KeyEncryptionAlgorithm algo) static PrivateKeydecodePrivateKey(String pemEncoded) Decode a PEM RSA private keystatic PrivateKeydecodePrivateKey(String pemEncoded, SignatureAlgorithm algo) Decode a PEM private keystatic PublicKeydecodePublicKey(String pemEncoded) Decode a PEM encoded public key string to an RSA PublicKeystatic PublicKeydecodePublicKey(String pemEncoded, SignatureAlgorithm algo) Decode a PEM encoded public key string to an RSA or EllipticCurve PublicKeystatic KeyPairgenerateKeyPair(int keySize) static KeyPairgenerateKeyPair(int keySize, SignatureAlgorithm algo) static SecretKeyGenerates a SecretKey.static SecretKeyGenerates a SecretKey.static X509CertificategetCertificate(String pemEncoded) Decode a PEM encoded certificate string to X509Certificatestatic org.jose4j.jwk.JsonWebKeygetJwkKeyFromJwkSet(String kid, String keyContent) static KeygetPrivateOrSecretSigningKey(org.jose4j.jwk.JsonWebKey currentJwk, SignatureAlgorithm alg) static KeygetPublicOrSecretEncryptingKey(org.jose4j.jwk.JsonWebKey currentJwk, KeyEncryptionAlgorithm alg) static booleanisSupportedKey(Key key, String keyInterfaceName) static List<org.jose4j.jwk.JsonWebKey> loadJsonWebKeys(String content) static KeyStoreloadKeyStore(String keyStorePath, String keyStorePassword, Optional<String> keyStoreType, Optional<String> keyStoreProvider) static PrivateKeyreadDecryptionPrivateKey(String pemResName) static PrivateKeyreadDecryptionPrivateKey(String pemResName, KeyEncryptionAlgorithm algo) static KeyreadEncryptionKey(String location, String kid) static KeyreadEncryptionKey(String location, String kid, KeyEncryptionAlgorithm alg) static PublicKeyreadEncryptionPublicKey(String pemResName) static PublicKeyreadEncryptionPublicKey(String pemResName, KeyEncryptionAlgorithm algo) static StringreadKeyContent(String keyLocation) static PrivateKeyreadPrivateKey(String pemResName) static PrivateKeyreadPrivateKey(String pemResName, SignatureAlgorithm algo) static PublicKeyreadPublicKey(String pemResName) static PublicKeyreadPublicKey(String pemResName, SignatureAlgorithm algo) static KeyreadSigningKey(String location, String kid) static KeyreadSigningKey(String location, String kid, SignatureAlgorithm alg) static StringStrip any -----BEGIN*KEY... header and -----END*KEY... footer and newlinesstatic PublicKeytryAsPemEncryptionPublicKey(String content, KeyEncryptionAlgorithm alg) static PrivateKeytryAsPemSigningPrivateKey(String content, SignatureAlgorithm alg)
-
Field Details
-
KEY_ENCRYPTION_BITS
-
SIGNATURE_ALGORITHM_BITS
-
-
Method Details
-
readPrivateKey
public static PrivateKey readPrivateKey(String pemResName) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readPrivateKey
public static PrivateKey readPrivateKey(String pemResName, SignatureAlgorithm algo) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readDecryptionPrivateKey
public static PrivateKey readDecryptionPrivateKey(String pemResName) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readDecryptionPrivateKey
public static PrivateKey readDecryptionPrivateKey(String pemResName, KeyEncryptionAlgorithm algo) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readPublicKey
public static PublicKey readPublicKey(String pemResName) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readPublicKey
public static PublicKey readPublicKey(String pemResName, SignatureAlgorithm algo) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readEncryptionPublicKey
public static PublicKey readEncryptionPublicKey(String pemResName) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
readEncryptionPublicKey
public static PublicKey readEncryptionPublicKey(String pemResName, KeyEncryptionAlgorithm algo) throws IOException, GeneralSecurityException - Throws:
IOExceptionGeneralSecurityException
-
generateKeyPair
- Throws:
NoSuchAlgorithmException
-
generateKeyPair
public static KeyPair generateKeyPair(int keySize, SignatureAlgorithm algo) throws NoSuchAlgorithmException - Throws:
NoSuchAlgorithmException
-
decodePrivateKey
Decode a PEM RSA private key- Parameters:
pemEncoded- - pem string for key- Returns:
- RSA private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodePrivateKey
public static PrivateKey decodePrivateKey(String pemEncoded, SignatureAlgorithm algo) throws GeneralSecurityException Decode a PEM private key- Parameters:
pemEncoded- - pem string for keyalgo- - signature algorithm- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodeDecryptionPrivateKey
public static PrivateKey decodeDecryptionPrivateKey(String pemEncoded) throws GeneralSecurityException Decode a decryption PEM private key- Parameters:
pemEncoded- - pem string for key- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodeDecryptionPrivateKey
public static PrivateKey decodeDecryptionPrivateKey(String pemEncoded, KeyEncryptionAlgorithm algo) throws GeneralSecurityException Decode a decryption PEM private key- Parameters:
pemEncoded- - pem string for keyalgo- - key encryption algorithm- Returns:
- Private key instance
- Throws:
GeneralSecurityException- - on failure to decode and create key
-
decodePublicKey
Decode a PEM encoded public key string to an RSA PublicKey- Parameters:
pemEncoded- - PEM string for public key- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
createSecretKeyFromSecret
-
createSecretKeyFromEncodedSecret
-
generateSecretKey
public static SecretKey generateSecretKey(KeyEncryptionAlgorithm algo) throws InvalidAlgorithmParameterException Generates a SecretKey.- Parameters:
algo- key encryption algorithm.- Returns:
- SecretKey.
- Throws:
InvalidAlgorithmParameterException- algorithm not found.
-
generateSecretKey
public static SecretKey generateSecretKey(SignatureAlgorithm algo) throws InvalidAlgorithmParameterException Generates a SecretKey.- Parameters:
algo- signature algorithm.- Returns:
- SecretKey.
- Throws:
InvalidAlgorithmParameterException- algorithm not found.
-
decodePublicKey
public static PublicKey decodePublicKey(String pemEncoded, SignatureAlgorithm algo) throws GeneralSecurityException Decode a PEM encoded public key string to an RSA or EllipticCurve PublicKey- Parameters:
pemEncoded- - PEM string for public keyalgo- signature algorithm- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
loadKeyStore
public static KeyStore loadKeyStore(String keyStorePath, String keyStorePassword, Optional<String> keyStoreType, Optional<String> keyStoreProvider) throws Exception - Throws:
Exception
-
decodeEncryptionPublicKey
public static PublicKey decodeEncryptionPublicKey(String pemEncoded, KeyEncryptionAlgorithm algo) throws GeneralSecurityException - Throws:
GeneralSecurityException
-
decodeCertificate
Decode a PEM encoded certificate string to an RSA PublicKey- Parameters:
pemEncoded- - PEM string for certificate- Returns:
- PublicKey
- Throws:
GeneralSecurityException- on decode failure
-
getCertificate
Decode a PEM encoded certificate string to X509Certificate- Parameters:
pemEncoded- - PEM string for certificate- Returns:
- X509Certificate
- Throws:
GeneralSecurityException- on decode failure
-
removePemKeyBeginEnd
Strip any -----BEGIN*KEY... header and -----END*KEY... footer and newlines- Parameters:
pem- encoded string with option header/footer- Returns:
- a single base64 encoded pem string
-
readKeyContent
- Throws:
IOException
-
tryAsPemSigningPrivateKey
-
tryAsPemEncryptionPublicKey
-
loadJsonWebKeys
-
readEncryptionKey
- Throws:
IOException
-
readEncryptionKey
public static Key readEncryptionKey(String location, String kid, KeyEncryptionAlgorithm alg) throws IOException - Throws:
IOException
-
getPublicOrSecretEncryptingKey
public static Key getPublicOrSecretEncryptingKey(org.jose4j.jwk.JsonWebKey currentJwk, KeyEncryptionAlgorithm alg) -
readSigningKey
- Throws:
IOException
-
readSigningKey
public static Key readSigningKey(String location, String kid, SignatureAlgorithm alg) throws IOException - Throws:
IOException
-
getJwkKeyFromJwkSet
-
getPrivateOrSecretSigningKey
public static Key getPrivateOrSecretSigningKey(org.jose4j.jwk.JsonWebKey currentJwk, SignatureAlgorithm alg) -
isSupportedKey
-