Example 6 with PrivateKeyInfo
use of com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project Openfire by igniterealtime.
the class CertificateManager method parsePrivateKey.
/**
* Parses a PrivateKey instance from a PEM representation.
*
* When the provided key is encrypted, the provided pass phrase is applied.
*
* @param pemRepresentation a PEM representation of a private key (cannot be null or empty)
* @param passPhrase optional pass phrase (must be present if the private key is encrypted).
* @return a PrivateKey instance (never null)
*/
public static PrivateKey parsePrivateKey(InputStream pemRepresentation, String passPhrase) throws IOException {
if (passPhrase == null) {
passPhrase = "";
}
try (//
Reader reader = new InputStreamReader(pemRepresentation);
PEMParser pemParser = new PEMParser(reader)) {
final Object object = pemParser.readObject();
final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
final KeyPair kp;
if (object instanceof PEMEncryptedKeyPair) {
// Encrypted key - we will use provided password
final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(passPhrase.toCharArray());
kp = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));
} else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
// Encrypted key - we will use provided password
try {
final PKCS8EncryptedPrivateKeyInfo encryptedInfo = (PKCS8EncryptedPrivateKeyInfo) object;
final InputDecryptorProvider provider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(passPhrase.toCharArray());
final PrivateKeyInfo privateKeyInfo = encryptedInfo.decryptPrivateKeyInfo(provider);
return converter.getPrivateKey(privateKeyInfo);
} catch (PKCSException | OperatorCreationException e) {
throw new IOException("Unable to decrypt private key.", e);
}
} else if (object instanceof PrivateKeyInfo) {
return converter.getPrivateKey((PrivateKeyInfo) object);
} else {
// Unencrypted key - no password needed
kp = converter.getKeyPair((PEMKeyPair) object);
}
return kp.getPrivate();
}
}
Also used :
KeyPair(java.security.KeyPair)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
InputStreamReader(java.io.InputStreamReader)
PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
IOException(java.io.IOException)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
PEMParser(org.bouncycastle.openssl.PEMParser)
InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider)
JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
Example 7 with PrivateKeyInfo
use of com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project robovm by robovm.
the class JCEECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
public byte[] getEncoded() {
X962Parameters params;
if (ecSpec instanceof ECNamedCurveSpec) {
DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
if (// guess it's the OID
curveOid == null) {
curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
}
params = new X962Parameters(curveOid);
} else if (ecSpec == null) {
params = new X962Parameters(DERNull.INSTANCE);
} else {
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info;
ECPrivateKeyStructure keyStructure;
if (publicKey != null) {
keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
} else {
keyStructure = new ECPrivateKeyStructure(this.getS(), params);
}
try {
// BEGIN android-removed
// if (algorithm.equals("ECGOST3410"))
// {
// info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
// }
// else
// END android-removed
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
}
return info.getEncoded(ASN1Encoding.DER);
} catch (IOException e) {
return null;
}
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
ECCurve(org.bouncycastle.math.ec.ECCurve)
ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure)
IOException(java.io.IOException)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 8 with PrivateKeyInfo
use of com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project XobotOS by xamarin.
the class JCEECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
public byte[] getEncoded() {
X962Parameters params;
if (ecSpec instanceof ECNamedCurveSpec) {
DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
if (// guess it's the OID
curveOid == null) {
curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
}
params = new X962Parameters(curveOid);
} else if (ecSpec == null) {
params = new X962Parameters(DERNull.INSTANCE);
} else {
ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info;
ECPrivateKeyStructure keyStructure;
if (publicKey != null) {
keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
} else {
keyStructure = new ECPrivateKeyStructure(this.getS(), params);
}
// BEGIN android-removed
// if (algorithm.equals("ECGOST3410"))
// {
// info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), keyStructure.getDERObject());
// }
// else
// END android-removed
{
info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), keyStructure.getDERObject());
}
return info.getDEREncoded();
}
Also used :
X962Parameters(org.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
ECCurve(org.bouncycastle.math.ec.ECCurve)
ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 9 with PrivateKeyInfo
use of com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project Resurrection_packages_apps_Settings by ResurrectionRemix.
the class CredentialStorage method isHardwareBackedKey.
private boolean isHardwareBackedKey(byte[] keyData) {
try {
ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
String algOid = pki.getAlgorithmId().getAlgorithm().getId();
String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
return KeyChain.isBoundKeyAlgorithm(algName);
} catch (IOException e) {
Log.e(TAG, "Failed to parse key data");
return false;
}
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
AlgorithmId(sun.security.x509.AlgorithmId)
IOException(java.io.IOException)
PrivateKeyInfo(com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Aggregations
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8
IOException (java.io.IOException)5
KeyPair (java.security.KeyPair)3
PrivateKey (java.security.PrivateKey)3
DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)3
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)3
X962Parameters (org.bouncycastle.asn1.x9.X962Parameters)3
X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)3
ECNamedCurveSpec (org.bouncycastle.jce.spec.ECNamedCurveSpec)3
ECCurve (org.bouncycastle.math.ec.ECCurve)3
BigInteger (java.math.BigInteger)2
DSAPrivateKey (java.security.interfaces.DSAPrivateKey)2
RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)2
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)2
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)2
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)2
DERInteger (org.bouncycastle.asn1.DERInteger)2
DERSequence (org.bouncycastle.asn1.DERSequence)2
ECPrivateKeyStructure (org.bouncycastle.asn1.sec.ECPrivateKeyStructure)2
PemObject (org.bouncycastle.util.io.pem.PemObject)2
