Java library with security utilities. Some of the classes of the [jpTools] (https://jptools.sourceforge.net/) have been adopted with the permission of the project.
- cb - The toolarium common build
We use SemVer for versioning. For the versions available, see the tags on this repository.
dependencies {
implementation "com.github.toolarium:toolarium-security:1.1.2"
}
<dependency>
<groupId>com.github.toolarium</groupId>
<artifactId>toolarium-security</artifactId>
<version>1.1.2</version>
</dependency>
byte[] digest1 = CryptoHashUtil.getInstance().sha256("content".getBytes());
byte[] digest2 = CryptoHashUtil.getInstance().createHash(/*provider*/null, "SHA-256", "content")
// create new certificate
CertificateStore certificateStore =
CertificateUtilFactory.getInstance().getGenerator().createCreateCertificate(
PKIUtil.getInstance().generateKeyPair("RSA", 2048), "MyCertificate", "localhost", new Date(), 2 * 365); // from now until 2 years
certificateStore.write("mypkc12-cert.p12", "alias", "password");
certificateStore.writeCertificate("mycertificate.crt");
certificateStore.writePublicKey("mypublickey.pub");
certificateStore.writePrivateKey("myprivatekey.pem");
ISecurityManagerProvider securityManagerProvider = SecurityManagerProviderFactory.getInstance().getSecurityManagerProvider("toolarium", "changit");
...
// create SSL context with self-signed certificate for a SSL server / service
SSLContext sslContext = SSLContextFactory.getInstance().createSslContext(securityManagerProvider);
SSLServerSocket s = SSLUtil.getInstance().getSSLServerSocket(sslContext, port, true, LOG::debug);
...
// create ssl context with added self-signed certificate in trust store for a SSL client
SSLContext sslContext = SSLContextFactory.getInstance().createSslContext(securityManagerProvider);
Sign JSON requests accodringly to https://global.alipay.com/docs/ac/gr/signature#d2e38597
// add bouncy castle as provider
Security.addProvider(new BouncyCastleProvider());
final KeyPair keyPair = PKIUtil.getInstance().generateKeyPair("BC", "EC", 256);
String privateKeyStr = KeyConverterFactory.getInstance().getConverter("EC").formatPrivateKey(keyPair.getPrivate());
String publicKeyStr = KeyConverterFactory.getInstance().getConverter("EC").formatPublicKey(keyPair.getPublic());
...
// read key from configuration and convert to objects
PrivateKey privateKey = KeyConverterFactory.getInstance().getConverter("EC").getPrivateKey(privateKeyStr);
PublicKey publicKey = KeyConverterFactory.getInstance().getConverter("EC").getPublicKey(publicKeyStr);
...
// sign JSON
String jsonResponse = JsonSignatureUtil.getInstance().sign("BC", "SHA256withECDSA", privateKey, content);
// verify: decode signature and compare
boolean result = JsonSignatureUtil.getInstance().verify("BC", "SHA256withECDSA", publicKey, jsonResponse);
String provider = null;
KeyPair keyPair = PKIUtil.getInstance().generateKeyPair(provider, "RSA", 1024);
// generate challenge
byte[] challenge = ChallengeResponseUtil.getInstance().getChallenge(128);
// generate response of the given challenge
byte[] response = ChallengeResponseUtil.getInstance().generateResponse(provider, "RSA", keyPair.getPrivate(), challenge);
// verify the response and the challenge
assertTrue(ChallengeResponseUtil.getInstance().checkResponse(provider, "RSA", keyPair.getPublic(), challenge, response));