KeySupport (Red Hat JBoss Enterprise Application Platform 7.0.0.GA public API)

java.lang.Object
- org.opensaml.security.crypto.KeySupport

```
public final class KeySupport
extends Object
```
Helper methods for cryptographic keys and key pairs.

Method Summary

All Methods Static Methods Concrete Methods
Modifier and Type	Method and Description
`static DSAPrivateKey`	`buildJavaDSAPrivateKey(String base64EncodedKey)` Build Java DSA private key from base64 encoding.
`static DSAPublicKey`	`buildJavaDSAPublicKey(String base64EncodedKey)` Build Java DSA public key from base64 encoding.
`static ECPrivateKey`	`buildJavaECPrivateKey(String base64EncodedKey)` Build Java EC private key from base64 encoding.
`static ECPublicKey`	`buildJavaECPublicKey(String base64EncodedKey)` Build Java EC public key from base64 encoding.
`static PrivateKey`	`buildJavaPrivateKey(String base64EncodedKey)` Build Java private key from base64 encoding.
`static RSAPrivateKey`	`buildJavaRSAPrivateKey(String base64EncodedKey)` Build Java RSA private key from base64 encoding.
`static RSAPublicKey`	`buildJavaRSAPublicKey(String base64EncodedKey)` Build Java RSA public key from base64 encoding.
`static PublicKey`	`buildKey(KeySpec keySpec, String keyAlgorithm)` Generates a public key from the given key spec.
`static PrivateKey`	`decodePrivateKey(byte[] key, char[] password)` Decodes RSA/DSA private keys in DER, PEM, or PKCS#8 (encrypted or unencrypted) formats.
`static PrivateKey`	`decodePrivateKey(File key, char[] password)` Decodes RSA/DSA private keys in DER, PEM, or PKCS#8 (encrypted or unencrypted) formats.
`static PublicKey`	`decodePublicKey(byte[] key)` Decodes RSA/DSA public keys in DER-encoded "SubjectPublicKeyInfo" format.
`static SecretKey`	`decodeSecretKey(byte[] key, String algorithm)` Produces SecretKey instances specified as a raw byte[] plus a JCA key algorithm.
`static PublicKey`	`derivePublicKey(PrivateKey key)` Derives the public key from either a DSA or RSA private key.
`static SecretKey`	`generateKey(String algo, int keyLength, String provider)` Generate a random symmetric key.
`static KeyPair`	`generateKeyPair(String algo, int keyLength, String provider)` Generate a random asymmetric key pair.
`static Integer`	`getKeyLength(Key key)` Get the key length in bits of the specified key.
`static boolean`	`matchKeyPair(PublicKey pubKey, PrivateKey privKey)` Compare the supplied public and private keys, and determine if they correspond to the same key pair.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

getKeyLength
```
@Nullable
public static Integer getKeyLength(@Nonnull
                                             Key key)
```
Get the key length in bits of the specified key.

Parameters:

key - the key to evaluate

Returns:

length of the key in bits, or null if the length cannot be determined

decodeSecretKey

@Nonnull
public static SecretKey decodeSecretKey(@Nonnull
                                                 byte[] key,
                                                 @Nonnull
                                                 String algorithm)
                                          throws KeyException

Produces SecretKey instances specified as a raw byte[] plus a JCA key algorithm.

Parameters:: key - the raw secret key bytes; algorithm - the JCA key algorithm
Returns:: the decoded key
Throws:: KeyException - thrown if the key can not be decoded

decodePublicKey

@Nonnull
public static PublicKey decodePublicKey(@Nonnull
                                                 byte[] key)
                                          throws KeyException

Decodes RSA/DSA public keys in DER-encoded "SubjectPublicKeyInfo" format.

Parameters:: key - encoded key
Returns:: decoded key
Throws:: KeyException - thrown if the key cannot be decoded

decodePrivateKey

@Nonnull
public static PrivateKey decodePrivateKey(@Nonnull
                                                   File key,
                                                   @Nullable
                                                   char[] password)
                                            throws KeyException

Decodes RSA/DSA private keys in DER, PEM, or PKCS#8 (encrypted or unencrypted) formats.

Parameters:: key - encoded key; password - decryption password or null if the key is not encrypted
Returns:: decoded private key
Throws:: KeyException - thrown if the key cannot be decoded

decodePrivateKey

@Nonnull
public static PrivateKey decodePrivateKey(@Nonnull
                                                   byte[] key,
                                                   @Nullable
                                                   char[] password)
                                            throws KeyException

Decodes RSA/DSA private keys in DER, PEM, or PKCS#8 (encrypted or unencrypted) formats.

Parameters:: key - encoded key; password - decryption password or null if the key is not encrypted
Returns:: decoded private key
Throws:: KeyException - thrown if the key cannot be decoded

derivePublicKey
```
@Nonnull
public static PublicKey derivePublicKey(@Nonnull
                                                 PrivateKey key)
                                          throws KeyException
```
Derives the public key from either a DSA or RSA private key.

Parameters:

key - the private key to derive the public key from

Returns:

the derived public key

Throws:

KeyException - thrown if the given private key is not a DSA or RSA key or there is a problem generating the public key

buildJavaDSAPublicKey

@Nonnull
public static DSAPublicKey buildJavaDSAPublicKey(@Nonnull
                                                          String base64EncodedKey)
                                                   throws KeyException

Build Java DSA public key from base64 encoding.

Parameters:: base64EncodedKey - base64-encoded DSA public key
Returns:: a native Java DSAPublicKey
Throws:: KeyException - thrown if there is an error constructing key

buildJavaRSAPublicKey

@Nonnull
public static RSAPublicKey buildJavaRSAPublicKey(@Nonnull
                                                          String base64EncodedKey)
                                                   throws KeyException

Build Java RSA public key from base64 encoding.

Parameters:: base64EncodedKey - base64-encoded RSA public key
Returns:: a native Java RSAPublicKey
Throws:: KeyException - thrown if there is an error constructing key

buildJavaECPublicKey

@Nonnull
public static ECPublicKey buildJavaECPublicKey(@Nonnull
                                                        String base64EncodedKey)
                                                 throws KeyException

Build Java EC public key from base64 encoding.

Parameters:: base64EncodedKey - base64-encoded EC public key
Returns:: a native Java ECPublicKey
Throws:: KeyException - thrown if there is an error constructing key

buildJavaRSAPrivateKey

@Nonnull
public static RSAPrivateKey buildJavaRSAPrivateKey(@Nonnull
                                                            String base64EncodedKey)
                                                     throws KeyException

Build Java RSA private key from base64 encoding.

Parameters:: base64EncodedKey - base64-encoded RSA private key
Returns:: a native Java RSAPrivateKey
Throws:: KeyException - thrown if there is an error constructing key

buildJavaDSAPrivateKey

@Nonnull
public static DSAPrivateKey buildJavaDSAPrivateKey(@Nonnull
                                                            String base64EncodedKey)
                                                     throws KeyException

Build Java DSA private key from base64 encoding.

Parameters:: base64EncodedKey - base64-encoded DSA private key
Returns:: a native Java DSAPrivateKey
Throws:: KeyException - thrown if there is an error constructing key

buildJavaECPrivateKey
```
public static ECPrivateKey buildJavaECPrivateKey(String base64EncodedKey)
                                          throws KeyException
```
Build Java EC private key from base64 encoding.

Parameters:

base64EncodedKey - base64-encoded EC private key

Returns:

a native Java ECPrivateKey

Throws:

KeyException - thrown if there is an error constructing key

buildJavaPrivateKey

@Nonnull
public static PrivateKey buildJavaPrivateKey(@Nonnull
                                                      String base64EncodedKey)
                                               throws KeyException

Build Java private key from base64 encoding. The key should have no password.

Parameters:: base64EncodedKey - base64-encoded private key
Returns:: a native Java PrivateKey
Throws:: KeyException - thrown if there is an error constructing key

buildKey

@Nonnull
public static PublicKey buildKey(@Nullable
                                          KeySpec keySpec,
                                          @Nonnull
                                          String keyAlgorithm)
                                   throws KeyException

Generates a public key from the given key spec.

Parameters:: keySpec - KeySpec specification for the key; keyAlgorithm - key generation algorithm, only DSA, RSA, and EC supported
Returns:: the generated PublicKey
Throws:: KeyException - thrown if the key algorithm is not supported by the JCA or the key spec does not contain valid information

generateKey

@Nonnull
public static SecretKey generateKey(@Nonnull
                                             String algo,
                                             int keyLength,
                                             @Nullable
                                             String provider)
                                      throws NoSuchAlgorithmException,
                                             NoSuchProviderException

Generate a random symmetric key.

Parameters:: algo - key algorithm; keyLength - key length; provider - JCA provider
Returns:: randomly generated symmetric key
Throws:: NoSuchAlgorithmException - algorithm not found; NoSuchProviderException - provider not found

generateKeyPair

@Nonnull
public static KeyPair generateKeyPair(@Nonnull
                                               String algo,
                                               int keyLength,
                                               @Nullable
                                               String provider)
                                        throws NoSuchAlgorithmException,
                                               NoSuchProviderException

Generate a random asymmetric key pair.

Parameters:: algo - key algorithm; keyLength - key length; provider - JCA provider
Returns:: randomly generated key
Throws:: NoSuchAlgorithmException - algorithm not found; NoSuchProviderException - provider not found

matchKeyPair

public static boolean matchKeyPair(@Nonnull
                                   PublicKey pubKey,
                                   @Nonnull
                                   PrivateKey privKey)
                            throws SecurityException

Compare the supplied public and private keys, and determine if they correspond to the same key pair.

Parameters:: pubKey - the public key; privKey - the private key
Returns:: true if the public and private are from the same key pair, false if not
Throws:: SecurityException - if the keys can not be evaluated, or if the key algorithm is unsupported or unknown

Class KeySupport

Method Summary

Methods inherited from class java.lang.Object

Method Detail

getKeyLength

decodeSecretKey

decodePublicKey

decodePrivateKey

decodePrivateKey

derivePublicKey

buildJavaDSAPublicKey

buildJavaRSAPublicKey

buildJavaECPublicKey

buildJavaRSAPrivateKey

buildJavaDSAPrivateKey

buildJavaECPrivateKey

buildJavaPrivateKey

buildKey

generateKey

generateKeyPair

matchKeyPair