Package org.apache.solr.util

Class CryptoKeys

java.lang.Object

org.apache.solr.util.CryptoKeys

public final class CryptoKeys
extends Object

A utility class with helpers for various signature and certificate tasks

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	CryptoKeys.RSAKeyPair

Constructor Summary

Constructors

Constructor	Description
CryptoKeys(Map<String,byte[]> trustedKeys)

Method Summary

Modifier and Type	Method	Description
static byte[]	decryptRSA(byte[] buffer, PublicKey pubKey)
static PublicKey	deserializeX509PublicKey(String pubKey)
static String	extractCertificateFromPem(String pemContents)	Given a file, will try to
static PublicKey	getX509PublicKey(byte[] buf)	Create PublicKey from a .DER file
static Collection<X509Certificate>	parseX509Certs(InputStream certsStream)	Tries for find X509 certificates in the input stream in DER or PEM format.
String	verify(String sig, InputStream is)
String	verify(String sig, ByteBuffer data)	Try with all signatures and return the name of the signature that matched
static boolean	verify(PublicKey publicKey, byte[] sig, InputStream is)
static boolean	verify(PublicKey publicKey, byte[] sig, ByteBuffer data)	Verify the signature of a file
static boolean	verifySha256(byte[] data, byte[] sig, PublicKey key)

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

CryptoKeys

public CryptoKeys(Map<String,byte[]> trustedKeys)
           throws Exception

Throws:

Exception

Method Details

verify

public String verify(String sig,
 ByteBuffer data)

Try with all signatures and return the name of the signature that matched

verify

public String verify(String sig,
 InputStream is)

getX509PublicKey

public static PublicKey getX509PublicKey(byte[] buf)
                                  throws InvalidKeySpecException

Create PublicKey from a .DER file

Throws:

InvalidKeySpecException

verify

public static boolean verify(PublicKey publicKey,
 byte[] sig,
 ByteBuffer data)
                      throws InvalidKeyException,
SignatureException

Verify the signature of a file

Parameters:

publicKey - the public key used to sign this

sig - the signature

data - The data tha is signed

Throws:

InvalidKeyException

SignatureException

verify

public static boolean verify(PublicKey publicKey,
 byte[] sig,
 InputStream is)
                      throws InvalidKeyException,
SignatureException,
IOException

Throws:

InvalidKeyException

SignatureException

IOException

deserializeX509PublicKey

public static PublicKey deserializeX509PublicKey(String pubKey)

decryptRSA

public static byte[] decryptRSA(byte[] buffer,
 PublicKey pubKey)
                         throws InvalidKeyException,
BadPaddingException,
IllegalBlockSizeException

Throws:

InvalidKeyException

BadPaddingException

IllegalBlockSizeException

verifySha256

public static boolean verifySha256(byte[] data,
 byte[] sig,
 PublicKey key)
                            throws SignatureException,
InvalidKeyException

Throws:

SignatureException

InvalidKeyException

parseX509Certs

public static Collection<X509Certificate> parseX509Certs(InputStream certsStream)

Tries for find X509 certificates in the input stream in DER or PEM format. Supports multiple certs in same stream if multiple PEM certs are concatenated.

Parameters:

certsStream - input stream with the contents of either PEM (plaintext) or DER (binary) certs

Returns:

collection of found certificates, else throws exception

extractCertificateFromPem

public static String extractCertificateFromPem(String pemContents)

Given a file, will try to

Parameters:

pemContents - the raw string content of the PEM file

Returns:

the certificate content between BEGIN and END markers