Package org.forgerock.json.jose.utils

Class Utils

  • public final class Utils
extends Object
    This class provides utility methods to share common behaviour.
    Since:
    2.0.0

    • Field Detail

      • CHARSET

        public static final Charset CHARSET
        UTF-8 Charset.

    • Method Detail

      • base64urlEncode

        public static String base64urlEncode​(String s)
        Deprecated.
        Use encodeJwtComponent(String).
        Base64url encodes the given String, converting the String to UTF-8 bytes.
        Parameters:
        s - The String to encode.
        Returns:
        A Base64url encoded UTF-8 String.

      • base64urlDecode

        public static String base64urlDecode​(String s)
        Deprecated.
        Use decodeJwtComponent(String).
        Base64url decodes the given String and converts the decoded bytes into a UTF-8 String.
        Parameters:
        s - The Base64url encoded String to decode.
        Returns:
        The UTF-8 decoded String.

      • encodeJwtComponent

        public static String encodeJwtComponent​(String s)
        Encodes the given String, converting the String to UTF-8 bytes.
        Parameters:
        s - The String to encode.
        Returns:
        An encoded UTF-8 String.

      • decodeJwtComponent

        public static String decodeJwtComponent​(String s)
        Decodes the given String and converts the decoded bytes into a UTF-8 String.
        Parameters:
        s - The encoded String to decode.
        Returns:
        The UTF-8 decoded String.

      • constantEquals

        public static boolean constantEquals​(byte[] a,
                                     byte[] b)
        Compares two byte arrays for equality, in a constant time.

        If the two byte arrays don't match the method will not return until the whole byte array has been checked. This prevents timing attacks. Unless the two arrays are not off equal length, and in this case the method will return immediately.

        Parameters:
        a - One of the byte arrays to compare.
        b - The other byte array to compare.
        Returns:
        true if the arrays are equal, false otherwise.

      • parseJson

        public static Map<String,​Object> parseJson​(String json)
        Parses the given JSON string into a NoDuplicatesMap.

        The JWT specification details that any JWT with duplicate header parameters or claims MUST be rejected so a Map implementation is used to parse the JSON which will throw an exception if an entry with the same key is added to the map more than once.

        Parameters:
        json - The JSON string to parse.
        Returns:
        A Map of the JSON properties.
        Throws:
        InvalidJwtException - if the json value is not well formed or contains duplicate keys.

      • writeJsonObject

        public static String writeJsonObject​(Map<String,​Object> object)
        Writes the given map as a string in JSON object format.
        Parameters:
        object - the object to write as JSON.
        Returns:
        the JSON serialisation of the given object.
        Throws:
        InvalidJwtException - if the object cannot be converted to JSON for any reason.

      • sha256

        public static byte[] sha256​(byte[] data)
        Convenience method to perform SHA-256 hashing of the input data.
        Parameters:
        data - the data to hash.
        Returns:
        the SHA-256 hash of the data.

      • reverse

        public static byte[] reverse​(byte[] xs)
        Reverses the given array and returns the reversed copy.
        Parameters:
        xs - the array to reverse.
        Returns:
        the reversed array.

      • concat

        public static byte[] concat​(byte[] xs,
                            byte[] ys)
        Concatenates two byte arrays. Note: if one of the arrays is empty then the other array is returned immediately without allocating a new array. A defensive copy should be taken if you need to guarantee that a fresh array is returned.
        Parameters:
        xs - the first byte array.
        ys - the second byte array.
        Returns:
        the concatenation of the two byte arrays.
        Throws:
        NullPointerException - if either array is null

      • copyOf

        public static byte[] copyOf​(byte[] array)
        Copy the entire input bytes array in a new same-sized array.
        Parameters:
        array - the input array
        Returns:
        a same-size copy of the array or null if array is null.

      • loadBouncyCastle

        public static void loadBouncyCastle()
        Attempts to load the BouncyCastle JCE provider and register it.

      • checkRsaKeySize

        public static void checkRsaKeySize​(Key key,
                                   String keyId)
        Verifies that the RSA key being used meets minimum key size requirement of 2048 bits as specified in the JOSE specifications.
        Parameters:
        key - the key to check for key size requirements.
        keyId - an identifier for the key that can be used in error messages or log messages. May be null.
        Throws:
        IllegalArgumentException - if the key is too small.

      • checkRsaKeySize

        public static void checkRsaKeySize​(CryptoKey key)
        Verifies that the RSA key being used meets minimum key size requirement of 2048 bits as specified in the JOSE specifications.
        Parameters:
        key - the key to check for key size requirements.