|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object com.isti.util.IstiEncryptionUtils
Class IstiEncryptionUtils contains a collection of static utility fields and methods for encryption.
com.isti.util.test.IstiEncryptionUtilsTest
Field Summary | |
static java.lang.String |
DEFAULT_CHARACTER_ENCODING
The default character encoding. |
static int |
DEFAULT_KEYSIZE
The default key size. |
static java.lang.String |
DSA_ALGORITHM
The DSA algorithm. |
static java.lang.String |
RSA_ALGORITHM
The RSA algorithm. |
static java.lang.String |
SHA_ALGORITHM
The SHA algorithm. |
static java.lang.String |
SHA1_WITH_RSA
The SHA1 with RSA algorithm. |
Method Summary | |
static byte[] |
decodeBuffer(java.io.InputStream inStream)
Decodes the specified input stream. |
static byte[] |
decodeBuffer(java.lang.String buffer)
Decodes the specified buffer. |
static java.lang.String |
encode(byte[] byteArray)
Encodes the specified bytes. |
static java.lang.String |
encrypt(java.lang.String original,
java.security.MessageDigest md)
Encrypts the specified text. |
static java.lang.String |
encrypt(java.lang.String original,
java.lang.String algorithm)
Encrypts the specified text. |
static java.security.KeyPair |
generateKeyPair(java.security.KeyPairGenerator kpg)
Generates a key pair. |
static java.security.KeyPairGenerator |
generateKeyPairGenerator(java.lang.String algorithm)
Generates a KeyPairGenerator object that implements the specified digest algorithm. |
static java.security.MessageDigest |
generateMessageDigest(java.lang.String algorithm)
Generates a MessageDigest object that implements the specified digest algorithm. |
static java.security.PrivateKey |
generatePrivateKey(byte[] data)
Generates a private key and initializes it with the specified data. |
static java.security.PrivateKey |
generatePrivateKey(java.io.File privFile)
Generates a private key and initializes it with the data read from the file. |
static java.security.PrivateKey |
generatePrivateKey(java.io.InputStream inStream)
Generates a private key and initializes it with the data read from the input stream inStream . |
static java.security.PrivateKey |
generatePrivateKey(java.lang.String privFile)
Generates a private key and initializes it with the data read from the file. |
static java.security.PublicKey |
generatePublicKey(byte[] data)
Generates a public key and initializes it with the specified data. |
static java.security.PublicKey |
generatePublicKey(java.io.File pubFile)
Generates a public key and initializes it with the data read from the file. |
static java.security.PublicKey |
generatePublicKey(java.io.InputStream inStream)
Generates a public key and initializes it with the data read from the input stream inStream . |
static java.security.PublicKey |
generatePublicKey(java.lang.String pubFile)
Generates a public key and initializes it with the data read from the file. |
static java.security.Signature |
generateSignature(java.lang.String algorithm)
Generates a Signature object that implements the specified digest algorithm. |
static java.lang.String |
generateSignatureText(java.lang.String msgText,
java.security.KeyPair kp)
Generates the signature text for the specified message text and key pair. |
static java.lang.String |
generateSignatureText(java.lang.String msgText,
java.security.PrivateKey priv)
Generates the signature text for the specified message text and private key. |
static java.security.cert.X509Certificate |
generateX509Certificate(byte[] data)
Generates a X.509 certificate object and initializes it with the specified data. |
static java.security.cert.X509Certificate |
generateX509Certificate(java.io.File certificateFile)
Generates a X.509 certificate object and initializes it with the data read from the file. |
static java.security.cert.X509Certificate |
generateX509Certificate(java.io.InputStream inStream)
Generates a X.509 certificate object and initializes it with the data read from the input stream inStream . |
static java.security.cert.X509Certificate |
generateX509Certificate(java.lang.String certificateFile)
Generates a X.509 certificate object and initializes it with the data read from the file. |
static java.security.cert.X509CRL |
generateX509CRL(byte[] data)
Generates a X.509 certificate revocation list (CRL) object and initializes it with the specified data. |
static java.security.cert.X509CRL |
generateX509CRL(java.io.File crlFile)
Generates a X.509 certificate revocation list (CRL) object and initializes it with the data read from the file. |
static java.security.cert.X509CRL |
generateX509CRL(java.io.InputStream inStream)
Generates a X.509 certificate revocation list (CRL) object and initializes it with the data read from the input stream inStream . |
static java.security.cert.X509CRL |
generateX509CRL(java.lang.String crlFile)
Generates a X.509 certificate revocation list (CRL) object and initializes it with the data read from the file. |
static java.security.cert.X509CRLEntry |
getRevokedCertificate(java.security.cert.X509CRL crl,
java.math.BigInteger serialNumber)
Gets the CRL entry, if any, with the given certificate serialNumber. |
static java.security.cert.X509CRLEntry |
getRevokedCertificate(java.security.cert.X509CRL crl,
java.security.cert.X509Certificate cert)
Gets the CRL entry, if any, with the given certificate serialNumber. |
static boolean |
isValidSignatureText(java.lang.String msgText,
java.lang.String sigText,
java.security.KeyPair kp)
Validates the signature text. |
static boolean |
isValidSignatureText(java.lang.String msgText,
java.lang.String sigText,
java.security.PublicKey pub)
Validates the signature text. |
static boolean |
isValidSignatureText(java.lang.String msgText,
java.lang.String sigText,
java.security.Signature sig)
Validates the signature text. |
static boolean |
isValidSignatureText(java.lang.String msgText,
java.lang.String sigText,
java.security.cert.X509Certificate cert)
Validates the signature text. |
static boolean |
isValidX509Certificate(java.security.cert.X509Certificate cert)
Checks that the X.509 certificate is currently valid. |
static boolean |
isValidX509CRL(java.security.cert.X509CRL crl)
Checks that the X.509 CRL is currently valid. |
static boolean |
verifyX509Certificate(java.security.cert.X509Certificate cert,
java.security.PublicKey key)
Verifies that the X.509 certificate is valid and was signed using the private key that corresponds to the given public key. |
static boolean |
verifyX509CRL(java.security.cert.X509CRL crl,
java.security.PublicKey key)
Verifies that the X.509 certificate revocation list (CRL) is valid and was signed using the private key that corresponds to the given public key. |
static boolean |
verifyX509Information(java.lang.String certificateFile,
java.lang.String certificateOfAuthorityFile,
java.lang.String crlFile)
Verifies the X.509 information. |
static boolean |
verifyX509Information(java.security.cert.X509Certificate certificate,
java.security.cert.X509Certificate certificateOfAuthority,
java.security.cert.X509CRL crl)
Verifies the X.509 information. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static final java.lang.String DEFAULT_CHARACTER_ENCODING
String.getBytes()
,
Constant Field Valuespublic static final int DEFAULT_KEYSIZE
public static final java.lang.String DSA_ALGORITHM
generateKeyPairGenerator, generateSignatureText, isValidSignatureText
,
Constant Field Valuespublic static final java.lang.String RSA_ALGORITHM
If this is used with the 'generateSignatureText' or 'isValidSignatureText'
methods it is automatically replaced with 'SHA1_WITH_RSA'.
,
generateSignatureText, isValidSignatureText
,
Constant Field Valuespublic static final java.lang.String SHA_ALGORITHM
generateMessageDigest, encrypt
,
Constant Field Valuespublic static final java.lang.String SHA1_WITH_RSA
generateSignatureText, isValidSignatureText
,
Constant Field ValuesMethod Detail |
public static byte[] decodeBuffer(java.io.InputStream inStream) throws java.io.IOException
inStream
- the input stream.
java.io.IOException
- if error.public static byte[] decodeBuffer(java.lang.String buffer) throws java.io.IOException
buffer
- the buffer.
java.io.IOException
- if error.public static java.lang.String encode(byte[] byteArray)
byteArray
- the array of bytes.
public static java.lang.String encrypt(java.lang.String original, java.security.MessageDigest md)
original
- the text to encrypt.md
- the message digest.
public static java.lang.String encrypt(java.lang.String original, java.lang.String algorithm)
original
- the text to encrypt.algorithm
- the name of the algorithm requested.
public static java.security.KeyPair generateKeyPair(java.security.KeyPairGenerator kpg)
kpg
- the key pair generator.
If this KeyPairGenerator has not been initialized explicitly, provider-specific defaults will be used for the size and other (algorithm-specific) values of the generated keys.
This will generate a new key pair every time it is called.
This method is functionally equivalent to
genKeyPair
.
public static java.security.KeyPairGenerator generateKeyPairGenerator(java.lang.String algorithm)
algorithm
- the standard string name of the algorithm.
See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard algorithm names.
public static java.security.MessageDigest generateMessageDigest(java.lang.String algorithm)
algorithm
- the name of the algorithm requested.
See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard algorithm names.
public static java.security.PrivateKey generatePrivateKey(byte[] data)
data
- the private key data.
generatePrivateKey(InputStream)
public static java.security.PrivateKey generatePrivateKey(java.io.File privFile)
privFile
- a file with the private key.
generatePrivateKey(InputStream)
public static java.security.PrivateKey generatePrivateKey(java.io.InputStream inStream)
inStream
.
The private key provided in the data must be in PKCS8 format either binary DER-encoded or in printable (Base64) encoding. If the private key is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN PRIVATE KEY-----, and must be bounded at the end by -----END PRIVATE KEY-----.
inStream
- an input stream with the private key.
public static java.security.PrivateKey generatePrivateKey(java.lang.String privFile)
privFile
- a file with the private key.
public static java.security.PublicKey generatePublicKey(byte[] data)
data
- the private key data.
public static java.security.PublicKey generatePublicKey(java.io.File pubFile)
pubFile
- a file with the public key.
public static java.security.PublicKey generatePublicKey(java.io.InputStream inStream)
inStream
.
inStream
- an input stream with the public key.
public static java.security.PublicKey generatePublicKey(java.lang.String pubFile)
pubFile
- a file with the public key.
public static java.security.Signature generateSignature(java.lang.String algorithm)
algorithm
- the standard name of the algorithm requested.
See Appendix A in the
Java Cryptography Architecture API Specification & Reference
for information about standard algorithm names.
java.security.NoSuchAlgorithmException
- if the algorithm is
not available in the environment.public static java.lang.String generateSignatureText(java.lang.String msgText, java.security.KeyPair kp)
msgText
- the message text.kp
- the key pair.
public static java.lang.String generateSignatureText(java.lang.String msgText, java.security.PrivateKey priv)
msgText
- the message text.priv
- the private key.
public static java.security.cert.X509Certificate generateX509Certificate(byte[] data)
The given data must contain a single certificate.
The X.509 certificate provided in the data must be DER-encoded and may be supplied in binary or printable (Base64) encoding. If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at the end by -----END CERTIFICATE-----.
Note that if the given input stream does not support
mark
and
reset
, this method will
consume the entire input stream.
data
- the certificate data.
java.security.cert.CertificateException
- on parsing errors.public static java.security.cert.X509Certificate generateX509Certificate(java.io.File certificateFile)
The given file must contain a single certificate.
The X.509 certificate provided in the file must be DER-encoded and may be supplied in binary or printable (Base64) encoding. If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at the end by -----END CERTIFICATE-----.
Note that if the given input stream does not support
mark
and
reset
, this method will
consume the entire input stream.
certificateFile
- the certificate file.
java.security.cert.CertificateException
- on parsing errors.public static java.security.cert.X509Certificate generateX509Certificate(java.io.InputStream inStream)
inStream
.
The given input stream inStream
must contain a single
certificate.
The X.509 certificate provided in inStream
must be
DER-encoded and may be supplied in binary or printable (Base64) encoding.
If the certificate is provided in Base64 encoding, it must be bounded at
the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at
the end by -----END CERTIFICATE-----.
Note that if the given input stream does not support
mark
and
reset
, this method will
consume the entire input stream.
inStream
- an input stream with the certificate data.
java.security.cert.CertificateException
- on parsing errors.public static java.security.cert.X509Certificate generateX509Certificate(java.lang.String certificateFile)
The given file must contain a single certificate.
The X.509 certificate provided in the file must be DER-encoded and may be supplied in binary or printable (Base64) encoding. If the certificate is provided in Base64 encoding, it must be bounded at the beginning by -----BEGIN CERTIFICATE-----, and must be bounded at the end by -----END CERTIFICATE-----.
Note that if the given input stream does not support
mark
and
reset
, this method will
consume the entire input stream.
certificateFile
- the certificate file.
java.security.cert.CertificateException
- on parsing errors.public static java.security.cert.X509CRL generateX509CRL(byte[] data)
data
- the CRL data.
java.security.cert.CRLException
- on parsing errors.public static java.security.cert.X509CRL generateX509CRL(java.io.File crlFile)
In order to take advantage of the specialized CRL format
supported by this certificate factory,
the returned CRL object can be typecast to the corresponding
CRL class. For example, if this certificate
factory implements X.509 CRLs, the returned CRL object
can be typecast to the X509CRL
class.
crlFile
- the CRL file.
java.security.cert.CRLException
- on parsing errors.public static java.security.cert.X509CRL generateX509CRL(java.io.InputStream inStream)
inStream
.
Note that if the given input stream does not support
mark
and
reset
, this method will
consume the entire input stream.
inStream
- an input stream with the CRL data.
java.security.cert.CRLException
- on parsing errors.public static java.security.cert.X509CRL generateX509CRL(java.lang.String crlFile)
crlFile
- the CRL file.
java.security.cert.CRLException
- on parsing errors.public static java.security.cert.X509CRLEntry getRevokedCertificate(java.security.cert.X509CRL crl, java.math.BigInteger serialNumber)
crl
- the certificate revocation listserialNumber
- the serial number of the certificate for which a CRL
entry is to be looked up
X509CRLEntry
public static java.security.cert.X509CRLEntry getRevokedCertificate(java.security.cert.X509CRL crl, java.security.cert.X509Certificate cert)
crl
- the certificate revocation listcert
- the certificate for which a CRL entry is to be looked up
X509CRLEntry
public static boolean isValidSignatureText(java.lang.String msgText, java.lang.String sigText, java.security.KeyPair kp)
msgText
- the message text.sigText
- the signature text.kp
- tke key pair.
public static boolean isValidSignatureText(java.lang.String msgText, java.lang.String sigText, java.security.PublicKey pub)
msgText
- the message text.sigText
- the signature text.pub
- tke public key.
public static boolean isValidSignatureText(java.lang.String msgText, java.lang.String sigText, java.security.Signature sig)
msgText
- the message text.sigText
- the signature text.sig
- tke signature.
public static boolean isValidSignatureText(java.lang.String msgText, java.lang.String sigText, java.security.cert.X509Certificate cert)
msgText
- the message text.sigText
- the signature text.cert
- tke certificate.
public static boolean isValidX509Certificate(java.security.cert.X509Certificate cert)
The validity period consists of two date/time values: the first and last dates (and times) on which the certificate is valid. It is defined in ASN.1 as:
validity ValidityValidity ::= SEQUENCE { notBefore CertificateValidityDate, notAfter CertificateValidityDate }
CertificateValidityDate ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime }
cert
- tke certificate.public static boolean isValidX509CRL(java.security.cert.X509CRL crl)
crl
- the certificate revocation listpublic static boolean verifyX509Certificate(java.security.cert.X509Certificate cert, java.security.PublicKey key)
cert
- tke certificate.key
- the PublicKey used to carry out the verification.
public static boolean verifyX509CRL(java.security.cert.X509CRL crl, java.security.PublicKey key)
crl
- the certificate revocation listkey
- the PublicKey used to carry out the verification.
public static boolean verifyX509Information(java.lang.String certificateFile, java.lang.String certificateOfAuthorityFile, java.lang.String crlFile)
certificateFile
- the certificate file.certificateOfAuthorityFile
- the certificate of authority file.crlFile
- the CRL file.
public static boolean verifyX509Information(java.security.cert.X509Certificate certificate, java.security.cert.X509Certificate certificateOfAuthority, java.security.cert.X509CRL crl)
certificate
- the certificate.certificateOfAuthority
- the certificate of authority.crl
- the CRL.
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |