Package rs.baselib.crypto
Class EncryptionUtils
java.lang.Object
rs.baselib.crypto.EncryptionUtils
Basic function for helping in encryption.
- Author:
- ralph
-
Field Summary
Modifier and TypeFieldDescriptionstatic final int
The default number of iterations to be executed when creating the encrypting algorithm.static final String
Default algorithm for the random seedstatic final String
The default secret key type to be generated from a password.static final String
The default number of iterations to be executed when creating the encrypting algorithm. -
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionstatic byte[]
createMD5
(byte[] b) Creates an MD5 hash from the byte array.static byte[]
Creates an MD5 hash from the string.static byte[]
Transforms all bytes from the input array with a crypt alorithm and returns the transformed bytes.static byte[]
Transforms all bytes from the input array with a crypt alorithm and returns the transformed bytes.static byte[]
Decodes a BASE64 string into bytes.static PrivateKey
Decodes a private DSA key from the BASE64 representation.static PrivateKey
decodeBase64PrivateKey
(String s, String algorithm) Decodes a private key from the BASE64 representation.static PublicKey
Decodes a public key (DSA) from the BASE64 representation.static PublicKey
decodeBase64PublicKey
(String s, String algorithm) Decodes a public key from the BASE64 representation.static String
Decodes a BASE64 string and generates the original string from the result.static String
decodeBase64ToString
(String s, Charset charset) Decodes a BASE64 string and generates the original string from the result.static String
encodeBase64
(byte[] b) Encodes a byte array into its BASE64 representation.static String
Encodes a string into its BASE64 representation.static String
encodeBase64
(String s, Charset charset) Encodes a string into its BASE64 representation.static String
encodeBase64
(Key key) Encodes the key into BASE64 representation.static String
Encodes the private key into BASE64 PKCS8 representation.static String
Encodes the public key into BASE64 X.509 representation.static KeyPair
Deprecated.static KeyPair
generateKey
(byte[] seed) Deprecated.static KeyPair
generateKey
(int keySize) Deprecated.static KeyPair
generateKey
(String seed) Deprecated.static KeyPair
generateKey
(String algorithm, int keySize) Deprecated.static KeyPair
generateKey
(String seed, Charset charset) Deprecated.static PBEParameterSpec
Creates a PBE Parameter specification randomly.static PBEParameterSpec
generateParamSpec
(byte[] salt, int iterationCount) Creates a PBE Parameter Spec for encryption algorithm.static String
Creates a random password.static String
generatePassword
(int length) Creates a random password.static String
generatePassword
(String allowedChars) Creates a random password.static String
generatePassword
(String allowedChars, long randomInit, int length) Creates a random password.static byte[]
generateRandomBytes
(long randomInit, int size) Generate a random array of bytesstatic byte[]
Creates a random salt array.static byte[]
generateSalt
(long randomInit) Creates a random salt array.static SecureRandom
Generate a secure random using the default algorithm.static SecureRandom
generateSecureRandom
(byte[] seed) Generate a secure random using the default algorithm.static SecureRandom
generateSecureRandom
(String algorithm) Generate a secure random using the given algorithm.static SecureRandom
generateSecureRandom
(String algorithm, byte[] seed) Generate a secure random using the given algorithm and seed.static KeySpec
getKeySpec
(Key key) Creates a key specification.static KeyStore
getKeyStore
(InputStream in, char[] password) Load the default keystore type.static KeyStore
getKeyStore
(String filename, char[] password) Load the default keystore type.static KeyStore
getKeyStore
(String type, InputStream in, char[] password) Load the given keystore.static KeyStore
getKeyStore
(String type, String filename, char[] password) Load the default keystore type.static SecretKey
getSecretKey
(int iterationCount, String passPhrase, byte[] salt) Deprecated.static String
getThumbprint
(Key key) Get a fingerprint of the given key.static PrivateKey
loadPrivateKey
(File file, String algorithm) Instantiates aPrivateKey
from given file.static PrivateKey
loadPrivateKey
(InputStream in, String algorithm) Instantiates aPrivateKey
from given stream.static PrivateKey
loadPrivateKey
(Reader in, String algorithm) Instantiates aPrivateKey
from given reader.static PrivateKey
loadPrivateKey
(String filename, String algorithm) Instantiates aPrivateKey
from given file.static PrivateKey
loadPrivateKey
(URL url, String algorithm) Instantiates aPrivateKey
from given URL.static PublicKey
loadPublicKey
(File file, String algorithm) Instantiates aPublicKey
from given file.static PublicKey
loadPublicKey
(InputStream in, String algorithm) Instantiates aPublicKey
from given stream.static PublicKey
loadPublicKey
(Reader in, String algorithm) Instantiates aPublicKey
from given reader.static PublicKey
loadPublicKey
(String filename, String algorithm) Instantiates aPublicKey
from given file.static PublicKey
loadPublicKey
(URL url, String algorithm) Instantiates aPublicKey
from given URL.static void
save
(File file, PrivateKey key) Saves aPrivateKey
into given file.static void
Saves aPublicKey
into given file.static void
save
(OutputStream out, PrivateKey key) Saves aPrivateKey
into given stream.static void
save
(OutputStream out, PublicKey key) Saves aPublicKey
into given stream.static void
save
(PrintWriter out, PrivateKey key) Saves aPrivateKey
into given writer.static void
save
(PrintWriter out, PublicKey key) Saves aPublicKey
into given writer.static void
save
(String filename, PrivateKey key) Saves aPrivateKey
into given file.static void
Saves aPublicKey
into given file.
-
Field Details
-
DEFAULT_SECRET_KEY_TYPE
The default secret key type to be generated from a password.- See Also:
-
DEFAULT_RANDOM_ALGORITHM
Default algorithm for the random seed- See Also:
-
DEFAULT_ITERATIONS
public static final int DEFAULT_ITERATIONSThe default number of iterations to be executed when creating the encrypting algorithm.- See Also:
-
PASSWORD_CHARS
The default number of iterations to be executed when creating the encrypting algorithm.- See Also:
-
-
Constructor Details
-
EncryptionUtils
public EncryptionUtils()
-
-
Method Details
-
getKeySpec
Creates a key specification.- Parameters:
key
- the key- Returns:
- the PBE param spec
- Throws:
InvalidKeySpecException
- when the key spec is invalidNoSuchAlgorithmException
- when the algorithm is invalid
-
generateParamSpec
Creates a PBE Parameter specification randomly.- Returns:
- the PBE param spec
- See Also:
-
generateParamSpec
Creates a PBE Parameter Spec for encryption algorithm.- Parameters:
salt
- salt to be used (if NULL, a random one will be generated)iterationCount
- number of iterations for encryption (if 0 then default number will be used)- Returns:
- the generated PBE random spec
- See Also:
-
generateSalt
public static byte[] generateSalt()Creates a random salt array.- Returns:
- the random salt
-
generateSalt
public static byte[] generateSalt(long randomInit) Creates a random salt array.- Parameters:
randomInit
- initializer- Returns:
- the random salt
-
generateRandomBytes
public static byte[] generateRandomBytes(long randomInit, int size) Generate a random array of bytes- Parameters:
randomInit
- initializersize
- size of returned array- Returns:
- random byte array
-
generatePassword
Creates a random password.- Returns:
- the random password
-
generatePassword
Creates a random password.- Parameters:
length
- length of password- Returns:
- the random password
-
generatePassword
Creates a random password.- Parameters:
allowedChars
- all characters allowed- Returns:
- the random password
-
generatePassword
Creates a random password.- Parameters:
allowedChars
- allowedCharactersrandomInit
- initializerlength
- length of password- Returns:
- the random password
-
getSecretKey
@Deprecated public static SecretKey getSecretKey(int iterationCount, String passPhrase, byte[] salt) throws NoSuchAlgorithmException, InvalidKeySpecException Deprecated.Generates a secret key (PBE) based on the given parameters.- Parameters:
iterationCount
- the cumber of iterations (if less than 1 thenDEFAULT_ITERATIONS
will be used)passPhrase
- the passphrase (required)salt
- the slat (can be null)- Returns:
- a secret key based on parameters
- Throws:
NoSuchAlgorithmException
- when the algorithm does not existInvalidKeySpecException
- when the key spec is invalid
-
generateKey
@Deprecated public static KeyPair generateKey(String seed) throws NoSuchProviderException, NoSuchAlgorithmException Deprecated.Generates a public/private key pair.- Parameters:
seed
- seed to be used.- Returns:
- key pair
- Throws:
NoSuchProviderException
- when the algorithm provider does not existNoSuchAlgorithmException
- when the algorithm does not exist
-
generateKey
@Deprecated public static KeyPair generateKey(String seed, Charset charset) throws NoSuchProviderException, NoSuchAlgorithmException Deprecated.Generates a public/private key pair.- Parameters:
seed
- seed to be used.charset
- the charset to be used for string encoding (null
fordefault charset
)- Returns:
- key pair
- Throws:
NoSuchProviderException
- when the algorithm provider does not existNoSuchAlgorithmException
- when the algorithm does not exist
-
generateKey
@Deprecated public static KeyPair generateKey(byte[] seed) throws NoSuchProviderException, NoSuchAlgorithmException Deprecated.Generates a public/private key pair.- Parameters:
seed
- seed to be used.- Returns:
- key pair
- Throws:
NoSuchProviderException
- when the algorithm provider does not existNoSuchAlgorithmException
- when the algorithm does not exist
-
generateKey
Deprecated.Generates a 512 byte RSA key pair.- Returns:
- the key pair
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
generateKey
Deprecated.Generates a RSA key pair of given size- Parameters:
keySize
- the key size- Returns:
- the key pair
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
generateKey
@Deprecated public static KeyPair generateKey(String algorithm, int keySize) throws NoSuchAlgorithmException Deprecated.Generates a key pair.- Parameters:
algorithm
- algorithm, e.g. "RSA"keySize
- the key size- Returns:
- the key pair
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
encodeBase64X509
Encodes the public key into BASE64 X.509 representation.- Parameters:
key
- public key- Returns:
- BASE64 X.509 representation of key
-
encodeBase64
Encodes the key into BASE64 representation.- Parameters:
key
- the key key- Returns:
- BASE64 representation of key
-
encodeBase64Pkcs8
Encodes the private key into BASE64 PKCS8 representation.- Parameters:
key
- private key- Returns:
- BASE64 PKCS8 representation of key
-
decodeBase64PublicKey
public static PublicKey decodeBase64PublicKey(String s) throws InvalidKeySpecException, NoSuchAlgorithmException Decodes a public key (DSA) from the BASE64 representation.- Parameters:
s
- BASE64 representation- Returns:
- public DSA key
- Throws:
InvalidKeySpecException
- - when the key spec is invalidNoSuchAlgorithmException
- - when the algorithm is invalid
-
decodeBase64PublicKey
public static PublicKey decodeBase64PublicKey(String s, String algorithm) throws InvalidKeySpecException, NoSuchAlgorithmException Decodes a public key from the BASE64 representation.- Parameters:
s
- BASE64 representationalgorithm
- name of algorithm- Returns:
- public key
- Throws:
InvalidKeySpecException
- - when the key spec is invalidNoSuchAlgorithmException
- - when the algorithm is invalid
-
decodeBase64PrivateKey
public static PrivateKey decodeBase64PrivateKey(String s) throws InvalidKeySpecException, NoSuchAlgorithmException Decodes a private DSA key from the BASE64 representation.- Parameters:
s
- BASE64 representation- Returns:
- public key
- Throws:
InvalidKeySpecException
- - when the key spec is invalidNoSuchAlgorithmException
- - when the algorithm is invalid
-
decodeBase64PrivateKey
public static PrivateKey decodeBase64PrivateKey(String s, String algorithm) throws InvalidKeySpecException, NoSuchAlgorithmException Decodes a private key from the BASE64 representation.- Parameters:
s
- BASE64 representationalgorithm
- name of algorithm- Returns:
- public key
- Throws:
InvalidKeySpecException
- - when the key spec is invalidNoSuchAlgorithmException
- - when the algorithm is invalid
-
decodeBase64ToString
Decodes a BASE64 string and generates the original string from the result.- Parameters:
s
- BASE64 encoded string- Returns:
- original string
- See Also:
-
decodeBase64ToString
Decodes a BASE64 string and generates the original string from the result.- Parameters:
s
- BASE64 encoded stringcharset
- the character set to be used for constructing the string (can benull
for default charset)- Returns:
- original string
- Since:
- 1.2.5
- See Also:
-
decodeBase64
Decodes a BASE64 string into bytes.- Parameters:
s
- BASE64 encoded string- Returns:
- bytes that were encoded.
-
encodeBase64
Encodes a string into its BASE64 representation. The string is actually split into its bytes and then BASE64 encoded.- Parameters:
s
- string to encode- Returns:
- BASE64 representation
-
encodeBase64
Encodes a string into its BASE64 representation. The string is actually split into its bytes and then BASE64 encoded.- Parameters:
s
- string to encodecharset
- the charset to be used for string encoding (null
fordefault charset
)- Returns:
- BASE64 representation
- Since:
- 1.2.5
-
encodeBase64
Encodes a byte array into its BASE64 representation.- Parameters:
b
- bytes to encode- Returns:
- BASE64 representation
-
generateSecureRandom
Generate a secure random using the default algorithm.- Returns:
- the random instance
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
generateSecureRandom
Generate a secure random using the default algorithm.- Parameters:
seed
- a given seed to be used- Returns:
- the random instance
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
generateSecureRandom
Generate a secure random using the given algorithm.- Parameters:
algorithm
- the algorithm to be used- Returns:
- the random instance
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
generateSecureRandom
public static SecureRandom generateSecureRandom(String algorithm, byte[] seed) throws NoSuchAlgorithmException Generate a secure random using the given algorithm and seed.- Parameters:
algorithm
- the algorithm to be usedseed
- the seed to be used- Returns:
- the random instance
- Throws:
NoSuchAlgorithmException
- when the algorithm does not exist
-
getThumbprint
Get a fingerprint of the given key.- Parameters:
key
- the key to fingerprint- Returns:
- the fingerprint
- Throws:
NoSuchAlgorithmException
- when the hashing algorithm SHA-1 is not available
-
getKeyStore
Load the default keystore type.- Parameters:
filename
- filenamepassword
- password- Returns:
- the key store loaded
- Throws:
IOException
- when the key store cannot be opened
-
getKeyStore
public static KeyStore getKeyStore(String type, String filename, char[] password) throws IOException Load the default keystore type.- Parameters:
type
- type of key storefilename
- filenamepassword
- password- Returns:
- the key store loaded
- Throws:
IOException
- when the key store cannot be opened
-
getKeyStore
Load the default keystore type.- Parameters:
in
- input streampassword
- password- Returns:
- the key store loaded
- Throws:
IOException
- when the key store cannot be opened
-
getKeyStore
Load the given keystore.- Parameters:
type
- of keystorein
- input streampassword
- password- Returns:
- the key store loaded
- Throws:
IOException
- when the key store cannot be opened
-
crypt
public static byte[] crypt(byte[] bytes, Cipher cipher) throws IOException, GeneralSecurityException Transforms all bytes from the input array with a crypt alorithm and returns the transformed bytes.- Parameters:
bytes
- bytes to cryptcipher
- crypt alorithm used- Returns:
- crypted bytes
- Throws:
IOException
- when crypting cannot be performed due to I/O problemsGeneralSecurityException
- when crypting cannot be performed due security problems
-
crypt
public static byte[] crypt(byte[] bytes, Cipher cipher, int blockSize) throws IOException, GeneralSecurityException Transforms all bytes from the input array with a crypt alorithm and returns the transformed bytes.- Parameters:
bytes
- bytes to cryptcipher
- crypt alorithm usedblockSize
- block size to be applied (or 0 if none)- Returns:
- crypted bytes
- Throws:
IOException
- when crypting cannot be performed due to I/O problemsGeneralSecurityException
- when crypting cannot be performed due security problems
-
createMD5
Creates an MD5 hash from the string.- Parameters:
s
- string to create the hash from- Returns:
- the MD5 hash
-
createMD5
public static byte[] createMD5(byte[] b) Creates an MD5 hash from the byte array.- Parameters:
b
- bytes to create the hash from- Returns:
- the MD5 hash
-
loadPrivateKey
public static PrivateKey loadPrivateKey(File file, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPrivateKey
from given file.- Parameters:
file
- file where private key is stored in BASE64 PKCS8 encodingalgorithm
- algorithm that the key used- Returns:
- the private key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPrivateKey
public static PrivateKey loadPrivateKey(String filename, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPrivateKey
from given file.- Parameters:
filename
- file where private key is stored in BASE64 PKCS8 encodingalgorithm
- algorithm that the key used- Returns:
- the private key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPrivateKey
public static PrivateKey loadPrivateKey(URL url, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPrivateKey
from given URL.- Parameters:
url
- URL where private key is stored in BASE64 PKCS8 encodingalgorithm
- algorithm that the key used- Returns:
- the private key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPrivateKey
public static PrivateKey loadPrivateKey(InputStream in, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPrivateKey
from given stream.- Parameters:
in
- stream where private key is stored in BASE64 PKCS8 encodingalgorithm
- algorithm that the key used- Returns:
- the private key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPrivateKey
public static PrivateKey loadPrivateKey(Reader in, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPrivateKey
from given reader.- Parameters:
in
- reader where private key is stored in BASE64 PKCS8 encodingalgorithm
- algorithm that the key used- Returns:
- the private key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPublicKey
public static PublicKey loadPublicKey(File file, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPublicKey
from given file.- Parameters:
file
- file where private key is stored in BASE64 X.509 encodingalgorithm
- algorithm that the key used- Returns:
- the public key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPublicKey
public static PublicKey loadPublicKey(String filename, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPublicKey
from given file.- Parameters:
filename
- name of file where private key is stored in BASE64 X.509 encodingalgorithm
- algorithm that the key used- Returns:
- the public key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPublicKey
public static PublicKey loadPublicKey(URL url, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPublicKey
from given URL.- Parameters:
url
- URL where private key is stored in BASE64 X.509 encodingalgorithm
- algorithm that the key used- Returns:
- the public key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPublicKey
public static PublicKey loadPublicKey(InputStream in, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPublicKey
from given stream.- Parameters:
in
- stream where private key is stored in BASE64 X.509 encodingalgorithm
- algorithm that the key used- Returns:
- the public key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
loadPublicKey
public static PublicKey loadPublicKey(Reader in, String algorithm) throws NoSuchAlgorithmException, InvalidKeySpecException, IOException Instantiates aPublicKey
from given reader.- Parameters:
in
- reader where private key is stored in BASE64 X.509 encodingalgorithm
- algorithm that the key used- Returns:
- the public key
- Throws:
NoSuchAlgorithmException
- - when algorithm does not existInvalidKeySpecException
- - when key spec cannot be createdIOException
- - when file cannot be opened
-
save
Saves aPrivateKey
into given file.- Parameters:
file
- file where private key will be stored in BASE64 PKCS8 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPrivateKey
into given file.- Parameters:
filename
- name of file where private key will be stored in BASE64 PKCS8 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPrivateKey
into given stream.- Parameters:
out
- stream where private key will be stored in BASE64 PKCS8 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPrivateKey
into given writer.- Parameters:
out
- writer where private key will be stored in BASE64 PKCS8 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPublicKey
into given file.- Parameters:
file
- file where private key will be stored in BASE64 X.509 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPublicKey
into given file.- Parameters:
filename
- name of file where private key will be stored in BASE64 X.509 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPublicKey
into given stream.- Parameters:
out
- stream where private key will be stored in BASE64 X.509 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
save
Saves aPublicKey
into given writer.- Parameters:
out
- writer where private key will be stored in BASE64 X.509 encodingkey
- key to be stored- Throws:
IOException
- when key cannot be stored
-
KeyGen.generateKeyPair()