Interface KeyManager


public interface KeyManager
KeyManager is used for accessing system PublicKey's or generating a HMAC Key.

Since:
V5.7
  • Field Summary

    Fields
    Modifier and Type Field Description
    static java.lang.String SIGNATURE_ES256
    JWA algorithm name for ECDSA using P-256 and SHA-256
    static java.lang.String SIGNATURE_ES384
    JWA algorithm name for ECDSA using P-384 and SHA-384.
    static java.lang.String SIGNATURE_ES512
    JWA algorithm name for ECDSA using P-512 and SHA-512.
    static java.lang.String SIGNATURE_HS256
    JWA algorithm name for HMAC using SHA-256.
    static java.lang.String SIGNATURE_HS384
    JWA algorithm name for HMAC using SHA-384.
    static java.lang.String SIGNATURE_HS512
    JWA algorithm name for HMAC using SHA-512.
    static java.lang.String SIGNATURE_NONE
    JWA name for No digital signature or MAC performed
    static java.lang.String SIGNATURE_PS256
    JWA algorithm name for RSASSA-PSS using SHA-256 and MGF1 with SHA-256.
    static java.lang.String SIGNATURE_PS384
    JWA algorithm name for RSASSA-PSS using SHA-384 and MGF1 with SHA-384.
    static java.lang.String SIGNATURE_PS512
    JWA algorithm name for RSASSA-PSS using SHA-512 and MGF1 with SHA-512.
    static java.lang.String SIGNATURE_RS256
    JWA algorithm name for RSASSA-PKCS-v1_5 using SHA-256
    static java.lang.String SIGNATURE_RS384
    JWA algorithm name for RSASSA-PKCS-v1_5 using SHA-384
    static java.lang.String SIGNATURE_RS512
    JWA algorithm name for RSASSA-PKCS-v1_5 using SHA-512
  • Method Summary

    Modifier and Type Method Description
    javax.crypto.SecretKey generateAESSecretKey​(byte[] secretKey)
    Returns AES Secret key from the specified byte array
    javax.crypto.SecretKey generateAESSecretKey​(java.lang.String secretKey)
    Returns AES Secret key from the specified String
    javax.crypto.SecretKey generateHMACSecretKey​(java.lang.String signatureAlgorthm, byte[] secretKey)
    Returns HMAC Secret Key based on the HMAC Algorithm
    javax.crypto.SecretKey generateHMACSecretKey​(java.lang.String signatureAlgorthm, java.lang.String secretKey)
    Returns HMAC Secret Key based on the HMAC Algorithm
    byte[] generateSecretKeyBytes​(int size)
    Returns random bytes of a specified length using java.security.SecureRandom
    java.security.Key getKeyFromKeystore​(java.lang.String alias, java.lang.String password)
    Returns Key from the system key store for a given alias name and password.
    java.security.Key getPublicKeyFromKeystore​(java.lang.String alias)
    Returns a PublicKey from the system key store for a given alias name.
    java.security.Key getPublicKeyFromRemoteCerts​(java.lang.String certsURL, java.lang.String keyId)
    Returns a PublicKey from a published published X509 base64 encoded certificates using the specified URL, identified by a keyId
    java.security.Key getPublicKeyFromTrustore​(java.lang.String alias)
    Returns a PublicKey from the system trust store for a given alias name.
    java.security.Key getPublicKeyFromTrustore​(java.lang.String alias, java.lang.String password)
    Returns Key from the system key store for a given alias name and password.
  • Field Details

    • SIGNATURE_NONE

      static final java.lang.String SIGNATURE_NONE
      JWA name for No digital signature or MAC performed
      See Also:
      Constant Field Values
    • SIGNATURE_ES256

      static final java.lang.String SIGNATURE_ES256
      JWA algorithm name for ECDSA using P-256 and SHA-256
      See Also:
      Constant Field Values
    • SIGNATURE_ES384

      static final java.lang.String SIGNATURE_ES384
      JWA algorithm name for ECDSA using P-384 and SHA-384.
      See Also:
      Constant Field Values
    • SIGNATURE_ES512

      static final java.lang.String SIGNATURE_ES512
      JWA algorithm name for ECDSA using P-512 and SHA-512.
      See Also:
      Constant Field Values
    • SIGNATURE_HS256

      static final java.lang.String SIGNATURE_HS256
      JWA algorithm name for HMAC using SHA-256.
      See Also:
      Constant Field Values
    • SIGNATURE_HS384

      static final java.lang.String SIGNATURE_HS384
      JWA algorithm name for HMAC using SHA-384.
      See Also:
      Constant Field Values
    • SIGNATURE_HS512

      static final java.lang.String SIGNATURE_HS512
      JWA algorithm name for HMAC using SHA-512.
      See Also:
      Constant Field Values
    • SIGNATURE_PS256

      static final java.lang.String SIGNATURE_PS256
      JWA algorithm name for RSASSA-PSS using SHA-256 and MGF1 with SHA-256.
      See Also:
      Constant Field Values
    • SIGNATURE_PS384

      static final java.lang.String SIGNATURE_PS384
      JWA algorithm name for RSASSA-PSS using SHA-384 and MGF1 with SHA-384.
      See Also:
      Constant Field Values
    • SIGNATURE_PS512

      static final java.lang.String SIGNATURE_PS512
      JWA algorithm name for RSASSA-PSS using SHA-512 and MGF1 with SHA-512.
      See Also:
      Constant Field Values
    • SIGNATURE_RS256

      static final java.lang.String SIGNATURE_RS256
      JWA algorithm name for RSASSA-PKCS-v1_5 using SHA-256
      See Also:
      Constant Field Values
    • SIGNATURE_RS384

      static final java.lang.String SIGNATURE_RS384
      JWA algorithm name for RSASSA-PKCS-v1_5 using SHA-384
      See Also:
      Constant Field Values
    • SIGNATURE_RS512

      static final java.lang.String SIGNATURE_RS512
      JWA algorithm name for RSASSA-PKCS-v1_5 using SHA-512
      See Also:
      Constant Field Values
  • Method Details

    • getPublicKeyFromTrustore

      java.security.Key getPublicKeyFromTrustore​(java.lang.String alias) throws java.security.GeneralSecurityException, java.io.IOException
      Returns a PublicKey from the system trust store for a given alias name. The system trust store is used to store third party trusted certificates and keys
      Parameters:
      alias - name of the key to load
      Returns:
      PublicKey of found or null if not found
      Throws:
      java.security.GeneralSecurityException - if there is an problem loading the key
      java.io.IOException - if there is a problem accessing the trust store
    • getPublicKeyFromTrustore

      java.security.Key getPublicKeyFromTrustore​(java.lang.String alias, java.lang.String password) throws java.security.GeneralSecurityException, java.io.IOException
      Returns Key from the system key store for a given alias name and password. The system trust store is used to store third party trusted certificates and keys
      Parameters:
      alias - name of the key to load
      Returns:
      PublicKey or PrivateKey if found or null if not found
      Throws:
      java.security.GeneralSecurityException - if there is an problem loading the key
      java.io.IOException - if there is a problem accessing the trust store
    • getPublicKeyFromKeystore

      java.security.Key getPublicKeyFromKeystore​(java.lang.String alias) throws java.security.GeneralSecurityException, java.io.IOException
      Returns a PublicKey from the system key store for a given alias name. The system keystore is used to store the server certificates and private keys
      Parameters:
      alias - name of the key to load
      Returns:
      PublicKey if found or null if not found
      Throws:
      java.security.GeneralSecurityException - if there is an problem loading the key
      java.io.IOException - if there is a problem accessing the trust store
    • getKeyFromKeystore

      java.security.Key getKeyFromKeystore​(java.lang.String alias, java.lang.String password) throws java.security.GeneralSecurityException, java.io.IOException
      Returns Key from the system key store for a given alias name and password. The system keystore is used to store the server certificates and private keys
      Parameters:
      alias - name of the key to load
      Returns:
      PublicKey or PrivateKey of found or null if not found
      Throws:
      java.security.GeneralSecurityException - if there is an problem loading the key
      java.io.IOException - if there is a problem accessing the trust store
    • generateHMACSecretKey

      javax.crypto.SecretKey generateHMACSecretKey​(java.lang.String signatureAlgorthm, java.lang.String secretKey) throws java.security.GeneralSecurityException, java.security.InvalidKeyException, java.io.UnsupportedEncodingException
      Returns HMAC Secret Key based on the HMAC Algorithm
      Parameters:
      signatureAlgorthm - to use
      secretKey - to hash
      Returns:
      hashed SecretKey
      Throws:
      java.security.GeneralSecurityException - if there is an problem generating the key
      java.security.InvalidKeyException - if there is a problem generating the key
      java.io.UnsupportedEncodingException
      See Also:
      SIGNATURE_HS256, SIGNATURE_HS384, SIGNATURE_HS512
    • generateHMACSecretKey

      javax.crypto.SecretKey generateHMACSecretKey​(java.lang.String signatureAlgorthm, byte[] secretKey) throws java.security.GeneralSecurityException, java.security.InvalidKeyException
      Returns HMAC Secret Key based on the HMAC Algorithm
      Parameters:
      signatureAlgorthm - to use
      secretKey - array secretKey to hash
      Returns:
      hashed SecretKey
      Throws:
      java.security.GeneralSecurityException - if there is an problem generating the key
      java.security.InvalidKeyException - if there is a problem generating the key
      See Also:
      SIGNATURE_HS256, SIGNATURE_HS384, SIGNATURE_HS512
    • getPublicKeyFromRemoteCerts

      java.security.Key getPublicKeyFromRemoteCerts​(java.lang.String certsURL, java.lang.String keyId) throws java.security.GeneralSecurityException, java.io.IOException
      Returns a PublicKey from a published published X509 base64 encoded certificates using the specified URL, identified by a keyId
      Parameters:
      certsURL - URL to the published certificate
      keyId - of the key to load
      Returns:
      PublicKey if found or null if not found
      Throws:
      java.security.GeneralSecurityException - if there is an problem loading the key
      java.io.IOException - if there is a problem accessing the trust store
    • generateAESSecretKey

      javax.crypto.SecretKey generateAESSecretKey​(byte[] secretKey) throws java.security.InvalidKeyException
      Returns AES Secret key from the specified byte array
      Parameters:
      secretKey - byte array containing the secretKey to hash
      Returns:
      hashed SecretKey
      Throws:
      java.security.InvalidKeyException - if there is a problem generating the key
    • generateAESSecretKey

      javax.crypto.SecretKey generateAESSecretKey​(java.lang.String secretKey) throws java.security.InvalidKeyException
      Returns AES Secret key from the specified String
      Parameters:
      secretKey - String
      Returns:
      hashed SecretKey
      Throws:
      java.security.InvalidKeyException - if there is a problem generating the key
    • generateSecretKeyBytes

      byte[] generateSecretKeyBytes​(int size)
      Returns random bytes of a specified length using java.security.SecureRandom
      Parameters:
      size - to use
      Returns:
      randomly generated bytes