oracle.security.crypto.util
Class CryptoUtils

java.lang.Object
oracle.security.crypto.util.CryptoUtils

public class CryptoUtils

extends java.lang.Object

A set of utility functions for convenient access to certain cryptographic operations.

Constructor Summary

CryptoUtils()

Method Summary

static boolean	checkKeyParity(SymmetricKey key, int parity) Check the least significant bit of each key byte for the parity indicated -- 1 for odd parity or 0 for even parity.
static byte[]	generateKeyID(PublicKey key) Generate public key identifier bytes to use, for example, in a SubjectKeyIDExtension or AuthorityKeyIDExtension.
static byte[]	getIV(AlgorithmIdentifier algID)
static KeyPair	inputKeyPair(java.io.InputStream is) Reads a key pair from the given input stream.
static PrivateKey	inputPrivateKey(java.io.File f) Reads a private key from the given file.
static PrivateKey	inputPrivateKey(java.io.InputStream is) Reads a private key from the given input stream.
static PublicKey	inputSPKI(ASN1Sequence s) Constructs a PublicKey from a SubjectPublicKeyInfo structure.
static PublicKey	inputSPKI(byte[] data) Constructs a PublicKey from the bytes of a DER-encoded SubjectPublicKeyInfo structure.
static PublicKey	inputSPKI(java.io.InputStream is) Constructs a PublicKey from the bytes of a DER-encoded SubjectPublicKeyInfo structure in the given input stream.
static boolean	isDesPossiblyWeakKey(SymmetricKey key) Determines whether or not a given DES key is considered "possibly weak".
static boolean	isDesSemiWeakKey(SymmetricKey key) Determines whether or not a given DES key is considered "semi-weak".
static boolean	isDesWeakKey(SymmetricKey key) Determines whether or not a given DES key is considered "weak".
static ASN1Sequence	makeAlgID(ASN1ObjectID id) Wraps an OID in an algorithm identifier with null parameters.
static Signature	makeSignature(PrivateKey signingKey)
static Signature	makeSignature(PublicKey verificationKey)
static ASN1Sequence	privateKeyInfo(PrivateKey pk) Wraps a raw private key in a PrivateKeyInfo structure.
static void	setKeyParity(SymmetricKey key, int parity) Set the least significant bit of each key byte so that it has the parity indicated -- 1 for odd parity or 0 for even parity.
static byte[]	sign(byte[] data, PrivateKey key) Signs the given data.
static byte[]	sign(byte[] data, PrivateKey key, RandomBitsSource rbs) Signs the given data.
static ASN1Sequence	signASN1(ASN1Object o, PrivateKey key)
static ASN1Sequence	signASN1(ASN1Object o, PrivateKey privateKey, RandomBitsSource rbs) Deprecated. Use the version of signASN1 which does not take a RandomBitsSource argument.
static ASN1Sequence	signatureAlgID(PrivateKey key) Deprecated.
static ASN1Sequence	subjectPublicKeyInfo(PublicKey pk) Wraps a raw public key in a SubjectPublicKeyInfo structure.
static boolean	verifySignature(PublicKey key, byte[] docBytes, byte[] sigBytes) Verifies a given signature for a document, given the public key.
static boolean	verifySignedASN1(ASN1Sequence s, PublicKey key)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CryptoUtils

public CryptoUtils()

Method Detail

inputSPKI

public static PublicKey inputSPKI(byte[] data)
                           throws java.io.IOException

Constructs a PublicKey from the bytes of a DER-encoded SubjectPublicKeyInfo structure.

Throws:

java.io.IOException

inputSPKI

public static PublicKey inputSPKI(java.io.InputStream is)
                           throws java.io.IOException

Constructs a PublicKey from the bytes of a DER-encoded SubjectPublicKeyInfo structure in the given input stream.

Throws:

java.io.IOException

inputSPKI

public static PublicKey inputSPKI(ASN1Sequence s)
                           throws java.io.IOException

Constructs a PublicKey from a SubjectPublicKeyInfo structure.

Throws:

java.io.IOException

inputPrivateKey

public static PrivateKey inputPrivateKey(java.io.File f)
                                  throws java.io.IOException

Reads a private key from the given file.

A oracle.security.crypto.core.PrivateKey is returned, after any necessary key format transformations have been appled (e.g., from CDSA or PKCS#1 format).

Parameters:

f - The file containing the encoded private key.

Returns:

The private key.

Throws:

java.io.IOException

inputPrivateKey

public static PrivateKey inputPrivateKey(java.io.InputStream is)
                                  throws java.io.IOException

Reads a private key from the given input stream.

A oracle.security.crypto.core.PrivateKey is returned, after any necessary key format transformations have been applied (e.g., from CDSA or PKCS#1 format).

Parameters:

is - the input stream

Returns:

the private key

Throws:

java.io.IOException

inputKeyPair

public static KeyPair inputKeyPair(java.io.InputStream is)
                            throws java.io.IOException

Reads a key pair from the given input stream. The key pair must be represented in PKCS#1 RSA private key format or the OpenSSL-CDSA DSA key pair format.

Throws:

java.io.IOException

generateKeyID

public static byte[] generateKeyID(PublicKey key)

Generate public key identifier bytes to use, for example, in a SubjectKeyIDExtension or AuthorityKeyIDExtension.

setKeyParity

public static void setKeyParity(SymmetricKey key,
                                int parity)

Set the least significant bit of each key byte so that it has the parity indicated -- 1 for odd parity or 0 for even parity. This applies primarily to DES and DES-EDE keys.

Parameters:

key - The key for which parity is to be set.

parity - 1 for odd parity or 0 for even parity.

checkKeyParity

public static boolean checkKeyParity(SymmetricKey key,
                                     int parity)

Check the least significant bit of each key byte for the parity indicated -- 1 for odd parity or 0 for even parity. This applies primarily to DES and DES-EDE keys.

Parameters:

key - The key for which parity is to be set.

parity - 1 for odd parity or 0 for even parity.

Returns:

true if each byte has the specified parity, otherwise false

isDesWeakKey

public static boolean isDesWeakKey(SymmetricKey key)

Determines whether or not a given DES key is considered "weak".

isDesSemiWeakKey

public static boolean isDesSemiWeakKey(SymmetricKey key)

Determines whether or not a given DES key is considered "semi-weak".

isDesPossiblyWeakKey

public static boolean isDesPossiblyWeakKey(SymmetricKey key)

Determines whether or not a given DES key is considered "possibly weak".

subjectPublicKeyInfo

public static ASN1Sequence subjectPublicKeyInfo(PublicKey pk)

Wraps a raw public key in a SubjectPublicKeyInfo structure.

privateKeyInfo

public static ASN1Sequence privateKeyInfo(PrivateKey pk)

Wraps a raw private key in a PrivateKeyInfo structure.

makeAlgID

public static ASN1Sequence makeAlgID(ASN1ObjectID id)

Wraps an OID in an algorithm identifier with null parameters.

signatureAlgID

public static ASN1Sequence signatureAlgID(PrivateKey key)
                                   throws java.io.IOException

Deprecated.

Throws:

java.io.IOException

makeSignature

public static Signature makeSignature(PrivateKey signingKey)
                               throws SignatureException

Throws:

SignatureException

makeSignature

public static Signature makeSignature(PublicKey verificationKey)
                               throws AuthenticationException

Throws:

AuthenticationException

sign

public static byte[] sign(byte[] data,
                          PrivateKey key)
                   throws SignatureException

Signs the given data. The choice of signature algorithm is based on the private key. Uses the default random bits source.

Returns:

the signature bytes

Throws:

SignatureException

sign

public static byte[] sign(byte[] data,
                          PrivateKey key,
                          RandomBitsSource rbs)
                   throws SignatureException

Signs the given data. The choice of signature algorithm is based on the private key.

Returns:

the signature bytes

Throws:

SignatureException

signASN1

public static ASN1Sequence signASN1(ASN1Object o,
                                    PrivateKey key)
                             throws SignatureException

Throws:

SignatureException

signASN1

public static ASN1Sequence signASN1(ASN1Object o,
                                    PrivateKey privateKey,
                                    RandomBitsSource rbs)
                             throws SignatureException

Deprecated. Use the version of signASN1 which does not take a RandomBitsSource argument.

Throws:

SignatureException

verifySignature

public static boolean verifySignature(PublicKey key,
                                      byte[] docBytes,
                                      byte[] sigBytes)
                               throws AuthenticationException

Verifies a given signature for a document, given the public key.

Parameters:

key - the public key of the signer

docBytes - the bytes of the document

sigBytes - the bytes of the signature

Throws:

AuthenticationException - if signature verification could not be performed, e.g., if the public key uses an unsupported algorithm

verifySignedASN1

public static boolean verifySignedASN1(ASN1Sequence s,
                                       PublicKey key)

getIV

public static byte[] getIV(AlgorithmIdentifier algID)
                    throws AlgorithmIdentifierException

Throws:

AlgorithmIdentifierException