org.cryptacular.util

Class KeyPairUtil

java.lang.Object

org.cryptacular.util.KeyPairUtil

public final class KeyPairUtil
extends Object

Utility methods for public/private key pairs used for asymmetric encryption.

Author:

Middleware Services

Method Summary

Modifier and Type	Method and Description
static PrivateKey	decodePrivateKey(byte[] encodedKey) Decodes an encoded private key in either PKCS#8 or OpenSSL "traditional" format in either DER or PEM encoding.
static PrivateKey	decodePrivateKey(byte[] encryptedKey, char[] password) Decodes an encrypted private key.
static PublicKey	decodePublicKey(byte[] encoded) Decodes public keys formatted in an X.509 SubjectPublicKeyInfo structure in either PEM or DER encoding.
static boolean	isKeyPair(DSAPublicKey pubKey, DSAPrivateKey privKey) Determines whether the given DSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.
static boolean	isKeyPair(ECPublicKey pubKey, ECPrivateKey privKey) Determines whether the given EC public and private keys form a proper key pair by computing and verifying a digital signature with the keys.
static boolean	isKeyPair(PublicKey pubKey, PrivateKey privKey) Determines whether the given public and private keys form a proper key pair by computing and verifying a digital signature with the keys.
static boolean	isKeyPair(RSAPublicKey pubKey, RSAPrivateKey privKey) Determines whether the given RSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.
static int	length(PrivateKey privKey) Gets the length in bits of a private key where key size is dependent on the particulars of the algorithm.
static int	length(PublicKey pubKey) Gets the length in bits of a public key where key size is dependent on the particulars of the algorithm.
static PrivateKey	readPrivateKey(File file) Reads an encoded private key from a file.
static PrivateKey	readPrivateKey(File file, char[] password) Reads an encrypted private key from a file.
static PrivateKey	readPrivateKey(InputStream in) Reads an encoded private key from an input stream.
static PrivateKey	readPrivateKey(InputStream in, char[] password) Reads an encrypted private key from an input stream.
static PrivateKey	readPrivateKey(String path) Reads an encoded private key from a file at the given path.
static PrivateKey	readPrivateKey(String path, char[] password) Reads an encrypted private key from a file at the given path.
static PublicKey	readPublicKey(File file) Reads a DER or PEM-encoded public key from a file.
static PublicKey	readPublicKey(InputStream in) Reads a DER or PEM-encoded public key from data in the given stream.
static PublicKey	readPublicKey(String path) Reads a DER or PEM-encoded public key from a file.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

length

public static int length(PublicKey pubKey)

Gets the length in bits of a public key where key size is dependent on the particulars of the algorithm.

• DSA - length of p
• EC - length of p for prime fields, m for binary fields
• RSA - length of modulus

Parameters:

pubKey - Public key.

Returns:

Size of the key in bits.

length

public static int length(PrivateKey privKey)

Gets the length in bits of a private key where key size is dependent on the particulars of the algorithm.

• DSA - length of q in bits
• EC - length of p for prime fields, m for binary fields
• RSA - modulus length in bits

Parameters:

privKey - Private key.

Returns:

Size of the key in bits.

isKeyPair

public static boolean isKeyPair(PublicKey pubKey,
                                PrivateKey privKey)
                         throws CryptoException

Determines whether the given public and private keys form a proper key pair by computing and verifying a digital signature with the keys.

Parameters:

pubKey - DSA, RSA or EC public key.

privKey - DSA, RSA, or EC private key.

Returns:

True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.

Throws:

CryptoException - on key validation errors.

isKeyPair

public static boolean isKeyPair(DSAPublicKey pubKey,
                                DSAPrivateKey privKey)
                         throws CryptoException

Determines whether the given DSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.

Parameters:

pubKey - DSA public key.

privKey - DSA private key.

Returns:

True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.

Throws:

CryptoException - on key validation errors.

isKeyPair

public static boolean isKeyPair(RSAPublicKey pubKey,
                                RSAPrivateKey privKey)
                         throws CryptoException

Determines whether the given RSA public and private keys form a proper key pair by computing and verifying a digital signature with the keys.

Parameters:

pubKey - RSA public key.

privKey - RSA private key.

Returns:

True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.

Throws:

CryptoException - on key validation errors.

isKeyPair

public static boolean isKeyPair(ECPublicKey pubKey,
                                ECPrivateKey privKey)
                         throws CryptoException

Determines whether the given EC public and private keys form a proper key pair by computing and verifying a digital signature with the keys.

Parameters:

pubKey - EC public key.

privKey - EC private key.

Returns:

True if the keys form a functioning keypair, false otherwise. Errors during signature verification are treated as false.

Throws:

CryptoException - on key validation errors.

readPrivateKey

public static PrivateKey readPrivateKey(String path)
                                 throws EncodingException,
                                        StreamException

Reads an encoded private key from a file at the given path. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. See decodePrivateKey(byte[]) for supported asymmetric algorithms.

Parameters:

path - Path to private key file.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors reading data from file.

readPrivateKey

public static PrivateKey readPrivateKey(File file)
                                 throws EncodingException,
                                        StreamException

Reads an encoded private key from a file. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. See decodePrivateKey(byte[]) for supported asymmetric algorithms.

Parameters:

file - Private key file.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors reading data from file.

readPrivateKey

public static PrivateKey readPrivateKey(InputStream in)
                                 throws EncodingException,
                                        StreamException

Reads an encoded private key from an input stream. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. See decodePrivateKey(byte[]) for supported asymmetric algorithms. The InputStream parameter is closed by this method.

Parameters:

in - Input stream containing private key data.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors reading data from file.

readPrivateKey

public static PrivateKey readPrivateKey(String path,
                                        char[] password)
                                 throws EncodingException,
                                        StreamException

Reads an encrypted private key from a file at the given path. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. See decodePrivateKey(byte[]) for supported asymmetric algorithms.

Parameters:

path - Path to private key file.

password - Password used to encrypt private key.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors.

readPrivateKey

public static PrivateKey readPrivateKey(File file,
                                        char[] password)
                                 throws EncodingException,
                                        StreamException

Reads an encrypted private key from a file. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. See decodePrivateKey(byte[]) for supported asymmetric algorithms.

Parameters:

file - Private key file.

password - Password used to encrypt private key.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors.

readPrivateKey

public static PrivateKey readPrivateKey(InputStream in,
                                        char[] password)
                                 throws EncodingException,
                                        StreamException

Reads an encrypted private key from an input stream. Both PKCS#8 and OpenSSL "traditional" formats are supported in DER or PEM encoding. See decodePrivateKey(byte[]) for supported asymmetric algorithms. The InputStream parameter is closed by this method.

Parameters:

in - Input stream containing private key data.

password - Password used to encrypt private key.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors.

decodePrivateKey

public static PrivateKey decodePrivateKey(byte[] encodedKey)
                                   throws EncodingException

Decodes an encoded private key in either PKCS#8 or OpenSSL "traditional" format in either DER or PEM encoding. Keys from the following asymmetric algorithms are supported:

• DSA
• RSA
• Elliptic curve

Parameters:

encodedKey - Encoded private key data.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

decodePrivateKey

public static PrivateKey decodePrivateKey(byte[] encryptedKey,
                                          char[] password)
                                   throws EncodingException

Decodes an encrypted private key. The following formats are supported:

• DER or PEM encoded PKCS#8 format
• PEM encoded OpenSSL "traditional" format

Keys from the following asymmetric algorithms are supported:

• DSA
• RSA
• Elliptic curve

Parameters:

encryptedKey - Encrypted private key data.

password - Password used to encrypt private key.

Returns:

Private key.

Throws:

EncodingException - on key encoding errors.

readPublicKey

public static PublicKey readPublicKey(String path)
                               throws EncodingException,
                                      StreamException

Reads a DER or PEM-encoded public key from a file.

Parameters:

path - Path to DER or PEM-encoded public key file.

Returns:

Public key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors.

readPublicKey

public static PublicKey readPublicKey(File file)
                               throws EncodingException,
                                      StreamException

Reads a DER or PEM-encoded public key from a file.

Parameters:

file - DER or PEM-encoded public key file.

Returns:

Public key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors.

readPublicKey

public static PublicKey readPublicKey(InputStream in)
                               throws EncodingException,
                                      StreamException

Reads a DER or PEM-encoded public key from data in the given stream. The InputStream parameter is closed by this method.

Parameters:

in - Input stream containing an encoded key.

Returns:

Public key.

Throws:

EncodingException - on key encoding errors.

StreamException - on IO errors.

decodePublicKey

public static PublicKey decodePublicKey(byte[] encoded)
                                 throws EncodingException

Decodes public keys formatted in an X.509 SubjectPublicKeyInfo structure in either PEM or DER encoding.

Parameters:

encoded - Encoded public key bytes.

Returns:

Public key.

Throws:

EncodingException - on key encoding errors.