Class CryptoPrimitives
- java.lang.Object
-
- org.hyperledger.fabric.sdk.security.CryptoPrimitives
-
- All Implemented Interfaces:
CryptoSuite
public class CryptoPrimitives extends java.lang.Object implements CryptoSuite
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.hyperledger.fabric.sdk.security.CryptoSuite
CryptoSuite.Factory
-
-
Constructor Summary
Constructors Constructor Description CryptoPrimitives()
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description voidaddCACertificatesToTrustStore(java.io.BufferedInputStream bis)addCACertificatesToTrustStore adds a CA certs in a stream to the trust store used for signature validationvoidaddCACertificateToTrustStore(java.io.File caCertPem, java.lang.String alias)addCACertificateToTrustStore adds a CA cert to the set of certificates used for signature validationjava.security.cert.CertificatebytesToCertificate(byte[] certBytes)Convert bytes in PEM format to Certificate.java.security.PrivateKeybytesToPrivateKey(byte[] pemKey)Return PrivateKey from pem bytes.byte[]certificateToDER(java.lang.String certificatePEM)java.lang.StringgenerateCertificationRequest(java.lang.String subject, java.security.KeyPair pair)generateCertificationRequestCryptoSuiteFactorygetCryptoSuiteFactory()Get Crypto Suite Factory for this implementation.java.util.PropertiesgetProperties()java.security.KeyStoregetTrustStore()getTrustStore returns the KeyStore object where we keep trusted certificates.byte[]hash(byte[] input)Hash the specified text byte data.voidinit()java.security.KeyPairkeyGen()Generate a key.voidloadCACertificates(java.util.Collection<java.security.cert.Certificate> certificates)Set the Certificate Authority certificates to be used when validating a certificate chain of trustvoidloadCACertificatesAsBytes(java.util.Collection<byte[]> certificatesBytes)Set the Certificate Authority certificates to be used when validating a certificate chain of trust.byte[]sign(java.security.PrivateKey key, byte[] data)Sign the specified byte string.booleanverify(byte[] pemCertificate, java.lang.String signatureAlgorithm, byte[] signature, byte[] plainText)Verify the specified signature
-
-
-
Method Detail
-
bytesToCertificate
public java.security.cert.Certificate bytesToCertificate(byte[] certBytes) throws CryptoExceptionDescription copied from interface:CryptoSuiteConvert bytes in PEM format to Certificate.- Specified by:
bytesToCertificatein interfaceCryptoSuite- Returns:
- Certificate
- Throws:
CryptoException
-
bytesToPrivateKey
public java.security.PrivateKey bytesToPrivateKey(byte[] pemKey) throws CryptoExceptionReturn PrivateKey from pem bytes.- Parameters:
pemKey- pem-encoded private key- Returns:
- Throws:
CryptoException
-
verify
public boolean verify(byte[] pemCertificate, java.lang.String signatureAlgorithm, byte[] signature, byte[] plainText) throws CryptoExceptionDescription copied from interface:CryptoSuiteVerify the specified signature- Specified by:
verifyin interfaceCryptoSuite- Parameters:
pemCertificate- the certificate of the signer as the contents of the PEM filesignatureAlgorithm- the algorithm used to create the signature.signature- the signature to verifyplainText- the original text that is to be verified- Returns:
trueif the signature is successfully verified; otherwisefalse.- Throws:
CryptoException
-
getTrustStore
public java.security.KeyStore getTrustStore() throws CryptoExceptiongetTrustStore returns the KeyStore object where we keep trusted certificates. If no trust store has been set, this method will create one.- Returns:
- the trust store as a java.security.KeyStore object
- Throws:
CryptoException- See Also:
KeyStore
-
addCACertificateToTrustStore
public void addCACertificateToTrustStore(java.io.File caCertPem, java.lang.String alias) throws CryptoException, InvalidArgumentExceptionaddCACertificateToTrustStore adds a CA cert to the set of certificates used for signature validation- Parameters:
caCertPem- an X.509 certificate in PEM formatalias- an alias associated with the certificate. Used as shorthand for the certificate during crypto operations- Throws:
CryptoExceptionInvalidArgumentException
-
addCACertificatesToTrustStore
public void addCACertificatesToTrustStore(java.io.BufferedInputStream bis) throws CryptoException, InvalidArgumentExceptionaddCACertificatesToTrustStore adds a CA certs in a stream to the trust store used for signature validation- Parameters:
bis- an X.509 certificate stream in PEM format in bytes- Throws:
CryptoExceptionInvalidArgumentException
-
loadCACertificates
public void loadCACertificates(java.util.Collection<java.security.cert.Certificate> certificates) throws CryptoExceptionDescription copied from interface:CryptoSuiteSet the Certificate Authority certificates to be used when validating a certificate chain of trust- Specified by:
loadCACertificatesin interfaceCryptoSuite- Parameters:
certificates- A collection ofCertificates- Throws:
CryptoException
-
loadCACertificatesAsBytes
public void loadCACertificatesAsBytes(java.util.Collection<byte[]> certificatesBytes) throws CryptoExceptionDescription copied from interface:CryptoSuiteSet the Certificate Authority certificates to be used when validating a certificate chain of trust.- Specified by:
loadCACertificatesAsBytesin interfaceCryptoSuite- Parameters:
certificatesBytes- a collection of certificates in PEM format- Throws:
CryptoException
-
keyGen
public java.security.KeyPair keyGen() throws CryptoExceptionDescription copied from interface:CryptoSuiteGenerate a key.- Specified by:
keyGenin interfaceCryptoSuite- Returns:
- the generated key.
- Throws:
CryptoException
-
sign
public byte[] sign(java.security.PrivateKey key, byte[] data) throws CryptoExceptionDescription copied from interface:CryptoSuiteSign the specified byte string.- Specified by:
signin interfaceCryptoSuite- Parameters:
key- thePrivateKeyto be used for signingdata- the byte string to sign- Returns:
- the signed data.
- Throws:
java.lang.ClassCastException- if the supplied private key is not of typeECPrivateKey.CryptoException
-
generateCertificationRequest
public java.lang.String generateCertificationRequest(java.lang.String subject, java.security.KeyPair pair) throws InvalidArgumentExceptiongenerateCertificationRequest- Specified by:
generateCertificationRequestin interfaceCryptoSuite- Parameters:
subject- The subject to be added to the certificatepair- Public private key pair- Returns:
- PKCS10CertificationRequest Certificate Signing Request.
- Throws:
org.bouncycastle.operator.OperatorCreationExceptionInvalidArgumentException
-
hash
public byte[] hash(byte[] input)
Description copied from interface:CryptoSuiteHash the specified text byte data.- Specified by:
hashin interfaceCryptoSuite- Parameters:
input- the text to hash- Returns:
- the hashed data.
-
getCryptoSuiteFactory
public CryptoSuiteFactory getCryptoSuiteFactory()
Description copied from interface:CryptoSuiteGet Crypto Suite Factory for this implementation.- Specified by:
getCryptoSuiteFactoryin interfaceCryptoSuite- Returns:
- MUST return the one and only one instance of a factory that produced this crypto suite.
-
init
public void init() throws CryptoException, InvalidArgumentException
-
getProperties
public java.util.Properties getProperties()
- Specified by:
getPropertiesin interfaceCryptoSuite- Returns:
- the
Propertiesobject containing implementation specific key generation properties
-
certificateToDER
public byte[] certificateToDER(java.lang.String certificatePEM)
-
-