com.ibm.security.access.signing

Class SigningHelper

  • java.lang.Object
    • com.ibm.security.access.signing.SigningHelper


  • public class SigningHelper
    extends java.lang.Object
    Simple class to handle signing of data using backing Java Signing classes.
    • Constructor Summary

      Constructors 
      Constructor and Description
      SigningHelper(java.lang.String signatureAlgorithm) 
    • Method Summary

      All Methods Static Methods Instance Methods Concrete Methods 
      Modifier and Type Method and Description
      byte[] certificateToPublicKey(byte[] certificate)
      Convert they bytes of an x509 certificate to a public key.
      boolean checkKey(byte[] keyBytes)
      Check if a public key is valid
      boolean checkKeyB64(java.lang.String key)
      Check if a base64 encoded public key is valid
      boolean checkKeyB64Url(java.lang.String key)
      Check if a base64 url encoded public key is valid
      byte[] getPublicKey(java.lang.String keyStore, java.lang.String label)
      Retrieve a public key from Verify Access.
      java.lang.String getPublicKeyB64(java.lang.String keyStore, java.lang.String label)
      Retrieve a public key from Verify Access.
      java.lang.String getPublicKeyB64Url(java.lang.String keyStore, java.lang.String label)
      Retrieve a public key from Verify Access.
      static java.lang.String[] getSupportedAlgorithms() 
      byte[] sign(byte[] data, byte[] privateKey)
      Sign a piece of data using a provided private key.
      byte[] sign(byte[] data, java.lang.String keyStore, java.lang.String label)
      Sign a piece of data using a given keystore and label.
      java.lang.String signB64(java.lang.String data, java.lang.String privateKey)
      Sign a piece of data using the provided private key.
      java.lang.String signB64(java.lang.String data, java.lang.String keyStore, java.lang.String label)
      Sign a piece of data using a given keystore and label.
      java.lang.String signB64Url(java.lang.String data, java.lang.String privateKey)
      Sign a piece of data using the provided private key.
      java.lang.String signB64Url(java.lang.String data, java.lang.String keyStore, java.lang.String label)
      Sign a piece of data using a given keystore and label.
      java.lang.Boolean verify(byte[] data, byte[] signature, byte[] publicKey)
      Validate a piece of data against a given signature and public key
      java.lang.Boolean verify(byte[] data, byte[] signature, java.lang.String keyStore, java.lang.String label)
      Validate a piece of data against a given signature and public key
      java.lang.Boolean verifyB64(java.lang.String data, java.lang.String signature, java.lang.String publicKey)
      Validate a piece of data against a given signature and public key The signature and public key values will be Base64 decoded to get the bytes to use in the verification.
      java.lang.Boolean verifyB64(java.lang.String data, java.lang.String signature, java.lang.String keyStore, java.lang.String label)
      Validate a piece of data against a given signature and public key The signature value will be Base64 decoded to get the bytes to use.
      java.lang.Boolean verifyB64Url(java.lang.String data, java.lang.String signature, java.lang.String publicKey)
      Validate a piece of data against a given signature and public key The signature and public key values will be Base64Url decoded to get the bytes to use in the verification
      java.lang.Boolean verifyB64Url(java.lang.String data, java.lang.String signature, java.lang.String keyStore, java.lang.String label)
      Validate a piece of data against a given signature and public key This method assumes ALL parameters are a base64URL encoded string.
      • Methods inherited from class java.lang.Object

        equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • SigningHelper_java_sourceCodeID

        public static final java.lang.String SigningHelper_java_sourceCodeID
        See Also:
        Constant Field Values
      • SigningHelper_java_copyright

        public static final java.lang.String SigningHelper_java_copyright
    • Constructor Detail

      • SigningHelper

        public SigningHelper(java.lang.String signatureAlgorithm)
    • Method Detail

      • getSupportedAlgorithms

        public static java.lang.String[] getSupportedAlgorithms()
      • verifyB64

        public java.lang.Boolean verifyB64(java.lang.String data,
                                           java.lang.String signature,
                                           java.lang.String publicKey)
        Validate a piece of data against a given signature and public key The signature and public key values will be Base64 decoded to get the bytes to use in the verification.
        Parameters:
        data - to validate against the provided signature. This value is not decoded
        signature - provided signature to validate against
        publicKey - to use when signing the data
        Returns:
        true if the signature matches, false if it does not, null if an error occured.
      • verifyB64Url

        public java.lang.Boolean verifyB64Url(java.lang.String data,
                                              java.lang.String signature,
                                              java.lang.String publicKey)
        Validate a piece of data against a given signature and public key The signature and public key values will be Base64Url decoded to get the bytes to use in the verification
        Parameters:
        data - to validate against the provided signature. This value is not decoded
        signature - provided signature to validate against
        publicKey - to use when signing the data
        Returns:
        true if the signature matches, false if it does not, null if an error occured.
      • verify

        public java.lang.Boolean verify(byte[] data,
                                        byte[] signature,
                                        byte[] publicKey)
        Validate a piece of data against a given signature and public key
        Parameters:
        data - to validate against the provided signature.
        signature - provided signature to validate against
        publicKey - to use when signing the data
        Returns:
        true if the signature matches, false if it does not, null if an error occured.
      • verifyB64

        public java.lang.Boolean verifyB64(java.lang.String data,
                                           java.lang.String signature,
                                           java.lang.String keyStore,
                                           java.lang.String label)
        Validate a piece of data against a given signature and public key The signature value will be Base64 decoded to get the bytes to use.
        Parameters:
        signature - provided signature to validate against
        keyStore - to search for public key in
        label - of the certificate to use
        Returns:
        true if the signature matches, false if it does not, null if an error occured.
      • verifyB64Url

        public java.lang.Boolean verifyB64Url(java.lang.String data,
                                              java.lang.String signature,
                                              java.lang.String keyStore,
                                              java.lang.String label)
        Validate a piece of data against a given signature and public key This method assumes ALL parameters are a base64URL encoded string. All provided values will be Base64Url decoded to get the bytes to use.
        Parameters:
        signature - provided signature to validate against
        keyStore - to search for public key in
        label - of the certificate to use
        Returns:
        true if the signature matches, false if it does not, null if an error occured.
      • verify

        public java.lang.Boolean verify(byte[] data,
                                        byte[] signature,
                                        java.lang.String keyStore,
                                        java.lang.String label)
        Validate a piece of data against a given signature and public key
        Parameters:
        signature - provided signature to validate against
        keyStore - to search for public key in
        label - of the certificate to use
        Returns:
        true if the signature matches, false if it does not, null if an error occured.
      • getPublicKeyB64

        public java.lang.String getPublicKeyB64(java.lang.String keyStore,
                                                java.lang.String label)
        Retrieve a public key from Verify Access.
        Parameters:
        keyStore - to retrieve the key from
        the - label of the key to retrieve
        Returns:
        the bytes of this public key as a base64 encoded string / null if an error occurred
      • getPublicKeyB64Url

        public java.lang.String getPublicKeyB64Url(java.lang.String keyStore,
                                                   java.lang.String label)
        Retrieve a public key from Verify Access.
        Parameters:
        keyStore - to retrieve the key from
        the - label of the key to retrieve
        Returns:
        the bytes of this public key as a base64url encoded string / null if an error occurred
      • getPublicKey

        public byte[] getPublicKey(java.lang.String keyStore,
                                   java.lang.String label)
        Retrieve a public key from Verify Access.
        Parameters:
        keyStore - to retrieve the key from
        the - label of the key to retrieve
        Returns:
        the bytes of this public key / null if an error occured
      • signB64Url

        public java.lang.String signB64Url(java.lang.String data,
                                           java.lang.String privateKey)
        Sign a piece of data using the provided private key. It is assumed that the private key is base64url encoded. The produced signature is base64 url encoded.
        Parameters:
        data - to sign
        privateKey - to perform the signing with
        Returns:
        base64url encoded signature of the data.
      • signB64Url

        public java.lang.String signB64Url(java.lang.String data,
                                           java.lang.String keyStore,
                                           java.lang.String label)
        Sign a piece of data using a given keystore and label. It is assumed that the private key is base64url encoded. The produced signature is base64 url encoded.
        Parameters:
        data - to sign
        keyStore - to retrieve the key from
        label - for the key to use
        Returns:
        base64url encoded signature of the data.
      • signB64

        public java.lang.String signB64(java.lang.String data,
                                        java.lang.String privateKey)
        Sign a piece of data using the provided private key. It is assumed that the private key is base64 encoded. The produced signature is base64 encoded.
        Parameters:
        data - to sign
        privateKey - to perform the signing with
        Returns:
        base64 encoded signature of the data.
      • signB64

        public java.lang.String signB64(java.lang.String data,
                                        java.lang.String keyStore,
                                        java.lang.String label)
        Sign a piece of data using a given keystore and label. It is assumed that the private key is base64 encoded. The produced signature is base64 encoded.
        Parameters:
        data - to sign
        keyStore - to retrieve the key from
        label - for the key to use
        Returns:
        base64 encoded signature of the data.
      • sign

        public byte[] sign(byte[] data,
                           byte[] privateKey)
        Sign a piece of data using a provided private key. It is assumed that the private key is not encoded. The produced signature is the raw bytes produced by the sign call
        Parameters:
        data - to sign
        keyStore - to retrieve the key from
        label - for the key to use
        Returns:
        base64 encoded signature of the data.
      • sign

        public byte[] sign(byte[] data,
                           java.lang.String keyStore,
                           java.lang.String label)
        Sign a piece of data using a given keystore and label. It is assumed that the private key is not encoded. The produced signature is the raw bytes produced by the sign call
        Parameters:
        data - to sign
        keyStore - to retrieve the key from
        label - for the key to use
        Returns:
        base64 encoded signature of the data.
      • certificateToPublicKey

        public byte[] certificateToPublicKey(byte[] certificate)
        Convert they bytes of an x509 certificate to a public key.
        Parameters:
        certificate - to extract the public key from
        Returns:
        null on error / the public key contained in the certificate.
      • checkKey

        public boolean checkKey(byte[] keyBytes)
        Check if a public key is valid
        Parameters:
        bytes - to check
        Returns:
        true if its a valid public key / false if its invalid
      • checkKeyB64

        public boolean checkKeyB64(java.lang.String key)
        Check if a base64 encoded public key is valid
        Parameters:
        bytes - to check
        Returns:
        true if its a valid public key / false if its invalid
      • checkKeyB64Url

        public boolean checkKeyB64Url(java.lang.String key)
        Check if a base64 url encoded public key is valid
        Parameters:
        bytes - to check
        Returns:
        true if its a valid public key / false if its invalid