use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method engineGetCertificateChain.
public Certificate[] engineGetCertificateChain(String alias) {
ObjectData ent = (ObjectData) entries.get(alias);
if (ent != null) {
if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
com.github.zhenwei.core.asn1.x509.Certificate[] certificates = encPrivData.getCertificateChain();
Certificate[] chain = new X509Certificate[certificates.length];
for (int i = 0; i != chain.length; i++) {
chain[i] = decodeCertificate(certificates[i]);
}
return chain;
}
}
return null;
}
use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method engineGetCertificateAlias.
public String engineGetCertificateAlias(Certificate certificate) {
if (certificate == null) {
return null;
}
byte[] encodedCert;
try {
encodedCert = certificate.getEncoded();
} catch (CertificateEncodingException e) {
return null;
}
for (Iterator<String> it = entries.keySet().iterator(); it.hasNext(); ) {
String alias = (String) it.next();
ObjectData ent = (ObjectData) entries.get(alias);
if (ent.getType().equals(CERTIFICATE)) {
if (Arrays.areEqual(ent.getData(), encodedCert)) {
return alias;
}
} else if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
try {
EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
if (Arrays.areEqual(encPrivData.getCertificateChain()[0].toASN1Primitive().getEncoded(), encodedCert)) {
return alias;
}
} catch (IOException e) {
// ignore - this should never happen
}
}
}
return null;
}
use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method engineGetCertificate.
public Certificate engineGetCertificate(String s) {
ObjectData ent = (ObjectData) entries.get(s);
if (ent != null) {
if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
com.github.zhenwei.core.asn1.x509.Certificate[] certificates = encPrivData.getCertificateChain();
return decodeCertificate(certificates[0]);
} else if (ent.getType().equals(CERTIFICATE)) {
return decodeCertificate(ent.getData());
}
}
return null;
}
use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method engineDeleteEntry.
public void engineDeleteEntry(String alias) throws KeyStoreException {
ObjectData entry = (ObjectData) entries.get(alias);
if (entry == null) {
return;
}
privateKeyCache.remove(alias);
entries.remove(alias);
lastModifiedDate = new Date();
}
use of com.github.zhenwei.core.asn1.bc.ObjectData in project LinLong-Java by zhenwei1108.
the class BcFKSKeyStoreSpi method getEncryptedObjectStoreData.
private EncryptedObjectStoreData getEncryptedObjectStoreData(AlgorithmIdentifier integrityAlgorithm, char[] password) throws IOException, NoSuchAlgorithmException {
ObjectData[] dataArray = (ObjectData[]) entries.values().toArray(new ObjectData[entries.size()]);
KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, 256 / 8);
byte[] keyBytes = generateKey(pbkdAlgId, "STORE_ENCRYPTION", ((password != null) ? password : new char[0]), 256 / 8);
ObjectStoreData storeData = new ObjectStoreData(integrityAlgorithm, creationDate, lastModifiedDate, new ObjectDataSequence(dataArray), null);
EncryptedObjectStoreData encStoreData;
try {
if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM)) {
Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
byte[] encOut = c.doFinal(storeData.getEncoded());
AlgorithmParameters algorithmParameters = c.getParameters();
PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algorithmParameters.getEncoded())));
encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
} else {
Cipher c = createCipher("AESKWP", keyBytes);
byte[] encOut = c.doFinal(storeData.getEncoded());
PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
}
} catch (NoSuchPaddingException e) {
throw new NoSuchAlgorithmException(e.toString());
} catch (BadPaddingException e) {
throw new IOException(e.toString());
} catch (IllegalBlockSizeException e) {
throw new IOException(e.toString());
} catch (InvalidKeyException e) {
throw new IOException(e.toString());
} catch (NoSuchProviderException e) {
throw new IOException(e.toString());
}
return encStoreData;
}
Aggregations