Package io.fusionauth.http.security
Class SecurityTools
java.lang.Object
io.fusionauth.http.security.SecurityTools
A toolkit for security helper methods.
- Author:
- Brian Pontarelli
-
Field Summary
Fields -
Method Summary
Modifier and TypeMethodDescriptionstatic SSLContextclientContext(Certificate certificate) This creates an in-memory trust store containing the certificate and initializes the SSLContext with it.static CertificateparseCertificate(String certificateString) Parses a single certificate from a PEM string.static Certificate[]parseCertificates(String certificateString) Parses and re-orders multiple Certificates from a PEM-formatted string into an ordered certificate chain array.static byte[]parseDERFromPEM(String pem, String beginDelimiter, String endDelimiter) Parses a single object in a PEM-formatted string into a byte[].static RSAPrivateKeyparsePrivateKey(String privateKey) static SSLContextserverContext(Certificate[] certificateChain, PrivateKey privateKey) This creates an in-memory keystore containing the certificate chain and private key and initializes the SSLContext with the key material it contains.static SSLContextserverContext(Certificate certificate, PrivateKey privateKey) This creates an in-memory keystore containing the certificate and private key and initializes the SSLContext with the key material it contains.
-
Field Details
-
CERT_END
- See Also:
-
CERT_START
- See Also:
-
P8_KEY_END
- See Also:
-
P8_KEY_START
- See Also:
-
-
Method Details
-
clientContext
public static SSLContext clientContext(Certificate certificate) throws GeneralSecurityException, IOException This creates an in-memory trust store containing the certificate and initializes the SSLContext with it.- Parameters:
certificate- A Certificate object.- Returns:
- A SSLContext configured with the Certificate.
- Throws:
GeneralSecurityExceptionIOException
-
parseCertificate
Parses a single certificate from a PEM string.- Parameters:
certificateString- PEM-formatted certificate text.- Returns:
- The first
Certificateencoded in the file. - Throws:
CertificateException- If unable to parse PEM content.
-
parseCertificates
Parses and re-orders multiple Certificates from a PEM-formatted string into an ordered certificate chain array.- Parameters:
certificateString- the PEM-formatted content of one or more certificates in a chain.- Returns:
- An array of
Certificates ordered from the end-entity through each supplied issuer. - Throws:
CertificateException- If unable to parse PEM content.
-
parseDERFromPEM
Parses a single object in a PEM-formatted string into a byte[]. -
parsePrivateKey
public static RSAPrivateKey parsePrivateKey(String privateKey) throws InvalidKeySpecException, NoSuchAlgorithmException -
serverContext
public static SSLContext serverContext(Certificate certificate, PrivateKey privateKey) throws GeneralSecurityException, IOException This creates an in-memory keystore containing the certificate and private key and initializes the SSLContext with the key material it contains.- Parameters:
certificate- A Certificate object.privateKey- A PrivateKey object.- Returns:
- A SSLContext configured with the Certificate and Private Key.
- Throws:
GeneralSecurityExceptionIOException
-
serverContext
public static SSLContext serverContext(Certificate[] certificateChain, PrivateKey privateKey) throws GeneralSecurityException, IOException This creates an in-memory keystore containing the certificate chain and private key and initializes the SSLContext with the key material it contains.- Parameters:
certificateChain- The chain of certificates to include in the TLS negotiation. Should be ordered by end-entity first.privateKey- The PrivateKey corresponding to the end-entity certificate in the chain.- Returns:
- A SSLContext configured with the Certificate and Private Key.
- Throws:
GeneralSecurityExceptionIOException
-