Package org.cryptacular.util
Class KeyPairUtil
java.lang.Object
org.cryptacular.util.KeyPairUtil
Utility methods for public/private key pairs used for asymmetric encryption.
- Author:
- Middleware Services
-
Method Summary
Modifier and TypeMethodDescriptionstatic PrivateKey
decodePrivateKey
(byte[] encodedKey) Decodes an encoded private key in either PKCS#8 or OpenSSL "traditional" format in either DER or PEM encoding.static PrivateKey
decodePrivateKey
(byte[] encryptedKey, char[] password) Decodes an encrypted private key.static PublicKey
decodePublicKey
(byte[] encoded) Decodes public keys formatted in an X.509 SubjectPublicKeyInfo structure in either PEM or DER encoding.static boolean
isKeyPair
(DSAPublicKey pubKey, DSAPrivateKey privKey) Determines whether the given DSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.static boolean
isKeyPair
(ECPublicKey pubKey, ECPrivateKey privKey) Determines whether the given EC public and private keys form a proper key pair by computing and verifying a digital signature with the keys.static boolean
isKeyPair
(RSAPublicKey pubKey, RSAPrivateKey privKey) Determines whether the given RSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.static boolean
isKeyPair
(PublicKey pubKey, PrivateKey privKey) Determines whether the given public and private keys form a proper key pair by computing and verifying a digital signature with the keys.static int
length
(PrivateKey privKey) Gets the length in bits of a private key where key size is dependent on the particulars of the algorithm.static int
Gets the length in bits of a public key where key size is dependent on the particulars of the algorithm.static PrivateKey
readPrivateKey
(File file) Reads an encoded private key from a file.static PrivateKey
readPrivateKey
(File file, char[] password) Reads an encrypted private key from a file.static PrivateKey
Reads an encoded private key from an input stream.static PrivateKey
readPrivateKey
(InputStream in, char[] password) Reads an encrypted private key from an input stream.static PrivateKey
readPrivateKey
(String path) Reads an encoded private key from a file at the given path.static PrivateKey
readPrivateKey
(String path, char[] password) Reads an encrypted private key from a file at the given path.static PublicKey
readPublicKey
(File file) Reads a DER or PEM-encoded public key from a file.static PublicKey
Reads a DER or PEM-encoded public key from data in the given stream.static PublicKey
readPublicKey
(String path) Reads a DER or PEM-encoded public key from a file.
-
Method Details
-
length
Gets the length in bits of a public key where key size is dependent on the particulars of the algorithm.- DSA - length of p
- EC - length of p for prime fields, m for binary fields
- RSA - length of modulus
- Parameters:
pubKey
- Public key.- Returns:
- Size of the key in bits.
-
length
Gets the length in bits of a private key where key size is dependent on the particulars of the algorithm.- DSA - length of q in bits
- EC - length of p for prime fields, m for binary fields
- RSA - modulus length in bits
- Parameters:
privKey
- Private key.- Returns:
- Size of the key in bits.
-
isKeyPair
Determines whether the given public and private keys form a proper key pair by computing and verifying a digital signature with the keys.- Parameters:
pubKey
- DSA, RSA or EC public key.privKey
- DSA, RSA, or EC private key.- Returns:
- True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.
- Throws:
CryptoException
- on key validation errors.
-
isKeyPair
Determines whether the given DSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.- Parameters:
pubKey
- DSA public key.privKey
- DSA private key.- Returns:
- True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.
- Throws:
CryptoException
- on key validation errors.
-
isKeyPair
Determines whether the given RSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.- Parameters:
pubKey
- RSA public key.privKey
- RSA private key.- Returns:
- True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.
- Throws:
CryptoException
- on key validation errors.
-
isKeyPair
Determines whether the given EC public and private keys form a proper key pair by computing and verifying a digital signature with the keys.- Parameters:
pubKey
- EC public key.privKey
- EC private key.- Returns:
- True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.
- Throws:
CryptoException
- on key validation errors.
-
readPrivateKey
Reads an encoded private key from a file at the given path. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. SeedecodePrivateKey(byte[])
for supported asymmetric algorithms.- Parameters:
path
- Path to private key file.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors reading data from file.
-
readPrivateKey
Reads an encoded private key from a file. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. SeedecodePrivateKey(byte[])
for supported asymmetric algorithms.- Parameters:
file
- Private key file.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors reading data from file.
-
readPrivateKey
Reads an encoded private key from an input stream. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. SeedecodePrivateKey(byte[])
for supported asymmetric algorithms. TheInputStream
parameter is closed by this method.- Parameters:
in
- Input stream containing private key data.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors reading data from file.
-
readPrivateKey
public static PrivateKey readPrivateKey(String path, char[] password) throws EncodingException, StreamException Reads an encrypted private key from a file at the given path. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. SeedecodePrivateKey(byte[])
for supported asymmetric algorithms.- Parameters:
path
- Path to private key file.password
- Password used to encrypt private key.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors.
-
readPrivateKey
public static PrivateKey readPrivateKey(File file, char[] password) throws EncodingException, StreamException Reads an encrypted private key from a file. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. SeedecodePrivateKey(byte[])
for supported asymmetric algorithms.- Parameters:
file
- Private key file.password
- Password used to encrypt private key.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors.
-
readPrivateKey
public static PrivateKey readPrivateKey(InputStream in, char[] password) throws EncodingException, StreamException Reads an encrypted private key from an input stream. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. SeedecodePrivateKey(byte[])
for supported asymmetric algorithms. TheInputStream
parameter is closed by this method.- Parameters:
in
- Input stream containing private key data.password
- Password used to encrypt private key.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors.
-
decodePrivateKey
Decodes an encoded private key in either PKCS#8 or OpenSSL "traditional" format in either DER or PEM encoding. Keys from the following asymmetric algorithms are supported:- DSA
- RSA
- Elliptic curve
- Parameters:
encodedKey
- Encoded private key data.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.
-
decodePrivateKey
public static PrivateKey decodePrivateKey(byte[] encryptedKey, char[] password) throws EncodingException Decodes an encrypted private key. The following formats are supported:- DER or PEM encoded PKCS#8 format
- PEM encoded OpenSSL "traditional" format
Keys from the following asymmetric algorithms are supported:
- DSA
- RSA
- Elliptic curve
- Parameters:
encryptedKey
- Encrypted private key data.password
- Password used to encrypt private key.- Returns:
- Private key.
- Throws:
EncodingException
- on key encoding errors.
-
readPublicKey
Reads a DER or PEM-encoded public key from a file.- Parameters:
path
- Path to DER or PEM-encoded public key file.- Returns:
- Public key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors.
-
readPublicKey
Reads a DER or PEM-encoded public key from a file.- Parameters:
file
- DER or PEM-encoded public key file.- Returns:
- Public key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors.
-
readPublicKey
Reads a DER or PEM-encoded public key from data in the given stream. TheInputStream
parameter is closed by this method.- Parameters:
in
- Input stream containing an encoded key.- Returns:
- Public key.
- Throws:
EncodingException
- on key encoding errors.StreamException
- on IO errors.
-
decodePublicKey
Decodes public keys formatted in an X.509 SubjectPublicKeyInfo structure in either PEM or DER encoding.- Parameters:
encoded
- Encoded public key bytes.- Returns:
- Public key.
- Throws:
EncodingException
- on key encoding errors.
-