public class KeyUtil extends Object
-----BEGIN RSA PRIVATE KEY-----
. This requires laborious parsing of ASN 1 objects and so
far there is not much of a need for it. Java much prefers the newer and more secure PKCS 8 format which you should
use if possible.
All methods are static and if you need something other than the defaults, set them before first use.
Created by Jeff Gaynor
on Jun 15, 2010 at 4:51:25 PM
Modifier and Type | Field and Description |
---|---|
static String |
BEGIN_PRIVATE_KEY |
static String |
BEGIN_PUBLIC_KEY |
static String |
BEGIN_RSA_PRIVATE_KEY |
static String |
END_PRIVATE_KEY |
static String |
END_PUBLIC_KEY |
static String |
END_RSA_PRIVATE_KEY |
protected static String |
keyAlgorithm |
protected static KeyFactory |
keyFactory |
Constructor and Description |
---|
KeyUtil() |
Modifier and Type | Method and Description |
---|---|
static PrivateKey |
fromPKCS8DER(byte[] encodedPrivate)
Decode a PKCS #8 encoded private key.
|
static PrivateKey |
fromPKCS8PEM(Reader reader) |
static PrivateKey |
fromPKCS8PEM(String pem)
This takes the PEM encoding of a PKCS 8 format private key, strips the header and footer, converts
to bytes then invokes
fromPKCS8DER(byte[]) . |
static PublicKey |
fromX509DER(byte[] encodedPublic) |
static PublicKey |
fromX509PEM(Reader reader) |
static PublicKey |
fromX509PEM(String encodedPublic)
Public keys are encoded with the X509 public key spec.
|
static KeyPair |
generateKeyPair() |
static String |
getKeyAlgorithm() |
static KeyFactory |
getKeyFactory() |
static int |
getKeyLength() |
static KeyPairGenerator |
getKeyPairGenerator() |
static byte[] |
privateToDER(KeyPair keyPair) |
static byte[] |
publicToDER(KeyPair keyPair) |
static void |
setKeyAlgorithm(String algorithm) |
static void |
setKeyLength(int length) |
static void |
setKeyPairGenerator(KeyPairGenerator generator) |
static byte[] |
toDER(PrivateKey privateKey)
DER encoding for the private key.
|
static byte[] |
toDER(PublicKey publicKey) |
static String |
toPKCS1PEM(PrivateKey privateKey)
Take a private key and put it into PKCS 1 format.
|
static void |
toPKCS1PEM(PrivateKey privateKey,
OutputStream out) |
static void |
toPKCS1PEM(PrivateKey privateKey,
Writer writer)
Write a PEM format PKCS1 private using a writer.
|
static String |
toPKCS8PEM(PrivateKey privateKey) |
static void |
toPKCS8PEM(PrivateKey privateKey,
Writer writer) |
static String |
toX509PEM(PublicKey publicKey) |
static void |
toX509PEM(PublicKey publicKey,
Writer writer) |
public static final String BEGIN_RSA_PRIVATE_KEY
public static final String END_RSA_PRIVATE_KEY
public static final String BEGIN_PRIVATE_KEY
public static final String END_PRIVATE_KEY
public static final String BEGIN_PUBLIC_KEY
public static final String END_PUBLIC_KEY
protected static String keyAlgorithm
protected static KeyFactory keyFactory
public static void toPKCS1PEM(PrivateKey privateKey, Writer writer) throws IOException
privateKey
- writer
- IOException
public static void toPKCS1PEM(PrivateKey privateKey, OutputStream out) throws IOException
IOException
public static String toPKCS1PEM(PrivateKey privateKey) throws IOException
IOException
public static void toX509PEM(PublicKey publicKey, Writer writer) throws IOException
IOException
public static byte[] toDER(PrivateKey privateKey)
privateKey
- public static byte[] toDER(PublicKey publicKey)
public static byte[] privateToDER(KeyPair keyPair)
public static byte[] publicToDER(KeyPair keyPair)
public static PrivateKey fromPKCS8DER(byte[] encodedPrivate)
openssl genrsa -out privkey.pem 2048
so you must convert it e.g., with the following command:
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -inform PEM -out privkey.der -outform DER
encodedPrivate
- GeneralException
public static String toPKCS8PEM(PrivateKey privateKey)
public static void toPKCS8PEM(PrivateKey privateKey, Writer writer) throws IOException
IOException
public static PrivateKey fromPKCS8PEM(String pem) throws GeneralException
fromPKCS8DER(byte[])
.
You can get a PKCS #8 private key that is PEM encoded from open ssl e.g. with
openssl pkcs8 -topk8 -nocrypt -in privkey.pem -inform PEM -out privkey-pkcs8.pem -outform PEM
pem
- GeneralException
public static PublicKey fromX509PEM(String encodedPublic)
encodedPublic
- public static PublicKey fromX509DER(byte[] encodedPublic)
public static int getKeyLength()
public static void setKeyLength(int length)
public static KeyPairGenerator getKeyPairGenerator() throws NoSuchProviderException, NoSuchAlgorithmException
public static void setKeyPairGenerator(KeyPairGenerator generator)
public static KeyPair generateKeyPair() throws NoSuchProviderException, NoSuchAlgorithmException
public static String getKeyAlgorithm()
public static void setKeyAlgorithm(String algorithm)
public static KeyFactory getKeyFactory() throws NoSuchAlgorithmException
NoSuchAlgorithmException
public static PrivateKey fromPKCS8PEM(Reader reader) throws IOException
IOException
public static PublicKey fromX509PEM(Reader reader) throws IOException
IOException
Copyright © 2019. All Rights Reserved.