Java tutorial
/* * Copyright 2008 Web Cohesion * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * https://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.springframework.security.oauth.common.signature; import org.apache.commons.codec.binary.Base64; import java.security.PrivateKey; import java.security.PublicKey; import java.security.KeyFactory; import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; import java.security.spec.EncodedKeySpec; import java.security.spec.X509EncodedKeySpec; import java.security.spec.InvalidKeySpecException; import java.security.spec.PKCS8EncodedKeySpec; import java.io.UnsupportedEncodingException; /** * Signature secret for RSA. * * @author Ryan Heaton */ @SuppressWarnings("serial") public class RSAKeySecret implements SignatureSecret { private final PrivateKey privateKey; private final PublicKey publicKey; public RSAKeySecret(PrivateKey privateKey, PublicKey publicKey) { this.privateKey = privateKey; this.publicKey = publicKey; } /** * Create an RSA public key secret with the given private and public key value. The value of the private key is * assumed to be the PKCS#8-encoded bytes of the private key. The value of the public key is assumed to be * the X509-encoded bytes of the public key. * * @param privateKey The value of the private key. * @param publicKey The value of the public key. */ public RSAKeySecret(byte[] privateKey, byte[] publicKey) { this(createPrivateKey(privateKey), createPublicKey(publicKey)); } /** * Create an RSA public key secret with the given private and public key. The values are assumed to be * the Base64-encoded values of the bytes of the keys, X509-encoded for the public key and PKCS#8-encoded * for the private key. * * @param privateKey The value of the private key. * @param publicKey The value of the public key. */ public RSAKeySecret(String privateKey, String publicKey) { this(base64Decode(privateKey), base64Decode(publicKey)); } /** * Construct an RSA public key secret with the given public key. The private key will be null. * * @param publicKey The public key. */ public RSAKeySecret(PublicKey publicKey) { this(null, publicKey); } /** * Create an RSA public key secret with the given public key value. The value is assumed to be * the X509-encoded bytes of the public key. The private key will be null. * * @param publicKey The value of the public key. */ public RSAKeySecret(byte[] publicKey) { this(null, createPublicKey(publicKey)); } /** * Create an RSA public key secret with the given public key value. The value is assumed to be * the Base64-encoded value of the X509-encoded bytes of the public key. The private key will be null. * * @param publicKey The value of the public key. */ public RSAKeySecret(String publicKey) { this(base64Decode(publicKey)); } /** * Create an RSA public key secret with the given X509 certificate. The private key will be null. * * @param certificate The certificate. */ public RSAKeySecret(X509Certificate certificate) { this(certificate.getPublicKey()); } /** * Creates a public key from the X509-encoded value of the given bytes. * * @param publicKey The X509-encoded public key bytes. * @return The public key. */ public static PublicKey createPublicKey(byte[] publicKey) { if (publicKey == null) { return null; } try { KeyFactory fac = KeyFactory.getInstance("RSA"); EncodedKeySpec spec = new X509EncodedKeySpec(publicKey); return fac.generatePublic(spec); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } catch (InvalidKeySpecException e) { throw new IllegalStateException(e); } } /** * Creates a private key from the PKCS#8-encoded value of the given bytes. * * @param privateKey The PKCS#8-encoded private key bytes. * @return The private key. */ public static PrivateKey createPrivateKey(byte[] privateKey) { if (privateKey == null) { return null; } try { KeyFactory fac = KeyFactory.getInstance("RSA"); EncodedKeySpec spec = new PKCS8EncodedKeySpec(privateKey); return fac.generatePrivate(spec); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } catch (InvalidKeySpecException e) { throw new IllegalStateException(e); } } /** * Utility method for decoding a base-64-encoded string. * * @param value The base-64-encoded string. * @return The decoded value. */ private static byte[] base64Decode(String value) { if (value == null) { return null; } try { return Base64.decodeBase64(value.getBytes("UTF-8")); } catch (UnsupportedEncodingException e) { throw new RuntimeException(e); } } /** * The private key. * * @return The private key. */ public PrivateKey getPrivateKey() { return privateKey; } /** * The public key. * * @return The public key. */ public PublicKey getPublicKey() { return publicKey; } }