Package org.moera.lib.crypto

Class CryptoUtil

java.lang.Object
org.moera.lib.crypto.CryptoUtil
public class CryptoUtil extends Object
Utility class that provides cryptographic functions for key generation, signature creation, fingerprinting, verification, and mnemonic handling.

  • Constructor Details

    • CryptoUtil

      public CryptoUtil()

  • Method Details

    • generateKey

      public static KeyPair generateKey()
      Generates an elliptic curve key pair using the standard EC curve used in Moera (Rules.EC_CURVE) and a secure random generator. The generated key pair consists of a private key and a public key.
      Returns:
      a KeyPair object containing the generated elliptic curve keys
      Throws:
      CryptoException - if a cryptographic error occurs during key pair generation

    • generateMnemonicKey

      public static MnemonicKey generateMnemonicKey()
      Generates a new MnemonicKey containing a securely generated mnemonic phrase, corresponding secret in base64 format, and a public key derived from the mnemonic. The mnemonic and public key are generated using the elliptic curve specified by Rules.EC_CURVE.
      Returns:
      A new instance of MnemonicKey containing the secret, mnemonic phrase, and derived public key.
      Throws:
      CryptoException - if any cryptographic operation fails during the key generation process.

    • secretToMnemonic

      public static String secretToMnemonic(String secret)
      Converts a Base64-encoded secret into a mnemonic phrase using the BIP39 standard.

      The method decodes the provided Base64 secret into entropy bytes, then generates a mnemonic phrase using the English word list. The resulting mnemonic is a human-readable sequence of words corresponding to the entropy.

      Parameters:
      secret - the Base64-encoded secret to be transformed into a mnemonic phrase
      Returns:
      the mnemonic phrase representing the decoded entropy

    • mnemonicToPrivateKey

      public static ECPrivateKey mnemonicToPrivateKey(String mnemonic)
      Converts a mnemonic phrase into an elliptic curve private key. The mnemonic is processed to generate a seed, which is used to derive the private key.
      Parameters:
      mnemonic - A valid mnemonic phrase used to generate the private key.
      Returns:
      The derived elliptic curve private key.
      Throws:
      CryptoException - If a cryptographic error occurs during key generation.

    • rawPublicKey

      public static byte[] rawPublicKey(ECPublicKey publicKey)
      Converts an ECPublicKey to its raw representation in a byte array format. The raw representation includes the X and Y affine coordinates of the key, encoded as unsigned integers.
      Parameters:
      publicKey - the ECPublicKey to be converted to its raw byte array format
      Returns:
      a byte array containing the raw representation of the public key

    • rawToPublicKey

      public static ECPublicKey rawToPublicKey(byte[] rawKey)
      Converts a raw byte array representation of an EC public key into an ECPublicKey object.
      Parameters:
      rawKey - the raw byte array representing the EC public key. It is expected to contain the concatenated X and Y coordinates of the elliptic curve point.
      Returns:
      the ECPublicKey object created from the provided raw byte array.
      Throws:
      CryptoException - if the key cannot be generated due to invalid input, missing algorithm/provider, or an invalid key specification.

    • rawPrivateKey

      public static byte[] rawPrivateKey(ECPrivateKey privateKey)
      Converts the provided ECPrivateKey into its raw byte representation.
      Parameters:
      privateKey - the ECPrivateKey instance to be converted into a raw byte array
      Returns:
      a byte array representing the raw form of the given private key

    • rawToPrivateKey

      public static ECPrivateKey rawToPrivateKey(byte[] rawKey)
      Converts a raw private key represented as a byte array into an ECPrivateKey instance using the standard Moera elliptic curve (Rules.EC_CURVE) parameters.
      Parameters:
      rawKey - the raw private key as a byte array
      Returns:
      an ECPrivateKey instance corresponding to the provided raw key
      Throws:
      CryptoException - if an error occurs during the conversion process, such as invalid key specification or issues with the cryptographic provider

    • token

      public static String token()
      Generates a secure random token encoded in Base64 URL format.
      Returns:
      Base64 URL-encoded token string.
      Throws:
      CryptoException - If the specified cryptographic algorithm or provider is not available.

    • fingerprint

      public static byte[] fingerprint(Fingerprint fingerprint, FieldWithSchema[] schema)
      Computes the byte array representation of a given fingerprint using the provided schema.
      Parameters:
      fingerprint - the Fingerprint object to be converted into bytes
      schema - the schema that describes the structure of the fingerprint
      Returns:
      a byte array representing the serialized fingerprint

    • fingerprint

      public static byte[] fingerprint(String text)
      Generates a fingerprint of the given text.
      Parameters:
      text - the input text to be fingerprinted
      Returns:
      a byte array representing the fingerprint of the input text
      Throws:
      CryptoException - if an error occurs during fingerprint generation

    • restoreFingerprint

      public static RestoredFingerprint restoreFingerprint(byte[] bytes, FieldWithSchema[] schema)
      Restores a fingerprint object from the given byte array using the provided schema.
      Parameters:
      bytes - the byte array containing the serialized fingerprint data
      schema - the schema of the fingerprint
      Returns:
      a RestoredFingerprint object containing the reconstructed fingerprint and the number of bytes remaining in the input array

    • restoreFingerprint

      public static RestoredFingerprint restoreFingerprint(byte[] bytes, Function<Integer,FieldWithSchema[]> schemaProvider)
      Restores a fingerprint object from the given byte array using the provided schema.
      Parameters:
      bytes - the byte array containing the serialized representation of the fingerprint
      schemaProvider - a function that provides the schema for a given fingerprint version
      Returns:
      a RestoredFingerprint object containing the reconstructed fingerprint and the number of bytes remaining in the input array

    • digest

      public static byte[] digest(byte[] fingerprint)
      Computes the cryptographic digest of the provided fingerprint using the standard digest algorithm (Rules.DIGEST_ALGORITHM).
      Parameters:
      fingerprint - the byte array containing the fingerprint to be processed
      Returns:
      a byte array containing the computed digest

    • digest

      public static List<byte[]> digest(Collection<byte[]> fingerprint)
      Hashes each byte array in the provided collection using the standard cryptographic digest algorithm (Rules.DIGEST_ALGORITHM).
      Parameters:
      fingerprint - a collection of byte arrays to be processed; each array will be hashed individually.
      Returns:
      a list of hashed byte arrays corresponding to the inputs, or null if the input is null.

    • sign

      public static byte[] sign(byte[] fingerprint, byte[] privateKey)
      Signs the given fingerprint using the specified private key.
      Parameters:
      fingerprint - the data to be signed, represented as a byte array
      privateKey - the private key to be used for signing the fingerprint, in the raw format
      Returns:
      the resulting signature as a byte array
      Throws:
      CryptoException - if an error occurs during the signing process

    • sign

      public static byte[] sign(byte[] fingerprint, ECPrivateKey privateKey)
      Signs the given fingerprint data using the specified private key.
      Parameters:
      fingerprint - the data to be signed, represented as a byte array.
      privateKey - the EC private key to be used for generating the signature.
      Returns:
      the resulting signature as a byte array
      Throws:
      CryptoException - if an error occurs during the signing process

    • verifySignature

      public static boolean verifySignature(byte[] fingerprint, byte[] signature, byte[] publicKey)
      Verifies a digital signature using a provided fingerprint, signature, and public key.
      Parameters:
      fingerprint - the byte array representation of the data (fingerprint) to be validated
      signature - the byte array representing the digital signature to verify
      publicKey - the byte array of the raw public key used for verification
      Returns:
      true if the signature is valid and matches the fingerprint using the public key, false otherwise
      Throws:
      CryptoException - if any cryptographic error occurs during verification

    • verifySignature

      public static boolean verifySignature(byte[] fingerprint, byte[] signature, ECPublicKey publicKey)
      Verifies a digital signature using a provided fingerprint, signature, and public key.
      Parameters:
      fingerprint - the byte array representation of the data (fingerprint) to be validated
      signature - the byte array representing the digital signature to verify
      publicKey - the ECDSA public key used to verify the signature
      Returns:
      true if the signature is valid and matches the fingerprint using the public key, false otherwise
      Throws:
      CryptoException - if any cryptographic error occurs during verification