Examples with PrivateKeyInfo com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo used on opensource projects

Example 46 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class JcaPKIXIdentityBuilder method build.

/**
 * Build an identity from the passed in key and certificate stream in PEM format.
 *
 * @param keyStream         the PEM stream containing the key
 * @param certificateStream the PEM stream containing the certificate
 * @return an identity object.
 * @throws IOException          on a general parsing error.
 * @throws CertificateException on a certificate parsing error.
 */
public JcaPKIXIdentity build(InputStream keyStream, InputStream certificateStream) throws IOException, CertificateException {
    PEMParser keyParser = new PEMParser(new InputStreamReader(keyStream));
    PrivateKey privKey;
    Object keyObj = keyParser.readObject();
    if (keyObj instanceof PEMKeyPair) {
        PEMKeyPair kp = (PEMKeyPair) keyObj;
        privKey = keyConverter.getPrivateKey(kp.getPrivateKeyInfo());
    } else if (keyObj instanceof PrivateKeyInfo) {
        privKey = keyConverter.getPrivateKey((PrivateKeyInfo) keyObj);
    } else {
        // TODO: handle encrypted private keys
        throw new IOException("unrecognised private key file");
    }
    PEMParser certParser = new PEMParser(new InputStreamReader(certificateStream));
    List certs = new ArrayList();
    Object certObj;
    while ((certObj = certParser.readObject()) != null) {
        certs.add(certConverter.getCertificate((X509CertificateHolder) certObj));
    }
    return new JcaPKIXIdentity(privKey, (X509Certificate[]) certs.toArray(new X509Certificate[certs.size()]));
}

Example 47 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class MiscPEMGenerator method createPemObject.

private PemObject createPemObject(Object o) throws IOException {
    String type;
    byte[] encoding;
    if (o instanceof PemObject) {
        return (PemObject) o;
    }
    if (o instanceof PemObjectGenerator) {
        return ((PemObjectGenerator) o).generate();
    }
    if (o instanceof X509CertificateHolder) {
        type = "CERTIFICATE";
        encoding = ((X509CertificateHolder) o).getEncoded();
    } else if (o instanceof X509CRLHolder) {
        type = "X509 CRL";
        encoding = ((X509CRLHolder) o).getEncoded();
    } else if (o instanceof X509TrustedCertificateBlock) {
        type = "TRUSTED CERTIFICATE";
        encoding = ((X509TrustedCertificateBlock) o).getEncoded();
    } else if (o instanceof PrivateKeyInfo) {
        PrivateKeyInfo info = (PrivateKeyInfo) o;
        ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm();
        if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)) {
            type = "RSA PRIVATE KEY";
            encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
        } else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1])) {
            type = "DSA PRIVATE KEY";
            DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new ASN1Integer(0));
            v.add(new ASN1Integer(p.getP()));
            v.add(new ASN1Integer(p.getQ()));
            v.add(new ASN1Integer(p.getG()));
            BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue();
            BigInteger y = p.getG().modPow(x, p.getP());
            v.add(new ASN1Integer(y));
            v.add(new ASN1Integer(x));
            encoding = new DERSequence(v).getEncoded();
        } else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey)) {
            type = "EC PRIVATE KEY";
            encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
        } else {
            type = "PRIVATE KEY";
            encoding = info.getEncoded();
        }
    } else if (o instanceof SubjectPublicKeyInfo) {
        type = "PUBLIC KEY";
        encoding = ((SubjectPublicKeyInfo) o).getEncoded();
    } else if (o instanceof X509AttributeCertificateHolder) {
        type = "ATTRIBUTE CERTIFICATE";
        encoding = ((X509AttributeCertificateHolder) o).getEncoded();
    } else if (o instanceof com.github.zhenwei.pkix.pkcs.PKCS10CertificationRequest) {
        type = "CERTIFICATE REQUEST";
        encoding = ((PKCS10CertificationRequest) o).getEncoded();
    } else if (o instanceof PKCS8EncryptedPrivateKeyInfo) {
        type = "ENCRYPTED PRIVATE KEY";
        encoding = ((PKCS8EncryptedPrivateKeyInfo) o).getEncoded();
    } else if (o instanceof ContentInfo) {
        type = "PKCS7";
        encoding = ((ContentInfo) o).getEncoded();
    } else {
        throw new PemGenerationException("unknown object passed - can't encode.");
    }
    if (encryptor != null) {
        String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm());
        // Note: For backward compatibility
        if (dekAlgName.equals("DESEDE")) {
            dekAlgName = "DES-EDE3-CBC";
        }
        byte[] iv = encryptor.getIV();
        byte[] encData = encryptor.encrypt(encoding);
        List headers = new ArrayList(2);
        headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
        headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
        return new PemObject(type, headers, encData);
    }
    return new PemObject(type, encoding);
}

Example 48 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class EncKeyWithID method toASN1Primitive.

/**
 * <pre>
 * EncKeyWithID ::= SEQUENCE {
 *      privateKey           PrivateKeyInfo,
 *      identifier CHOICE {
 *         string               UTF8String,
 *         generalName          GeneralName
 *     } OPTIONAL
 * }
 * </pre>
 *
 * @return an ASN.1 primitive composition of this EncKeyWithID.
 */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector(2);
    v.add(privKeyInfo);
    if (identifier != null) {
        v.add(identifier);
    }
    return new DERSequence(v);
}

Example 49 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class BcFKSKeyStoreSpi method engineGetKey.

public Key engineGetKey(String alias, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException {
    ObjectData ent = (ObjectData) entries.get(alias);
    if (ent != null) {
        if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY)) {
            PrivateKey cachedKey = (PrivateKey) privateKeyCache.get(alias);
            if (cachedKey != null) {
                return cachedKey;
            }
            EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
            EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.getInstance(encPrivData.getEncryptedPrivateKeyInfo());
            try {
                PrivateKeyInfo pInfo = PrivateKeyInfo.getInstance(decryptData("PRIVATE_KEY_ENCRYPTION", encInfo.getEncryptionAlgorithm(), password, encInfo.getEncryptedData()));
                KeyFactory kFact = helper.createKeyFactory(getPublicKeyAlg(pInfo.getPrivateKeyAlgorithm().getAlgorithm()));
                PrivateKey privateKey = kFact.generatePrivate(new PKCS8EncodedKeySpec(pInfo.getEncoded()));
                // check that the key pair and the certificate public key are consistent
                // TODO: new ConsistentKeyPair(engineGetCertificate(alias).getPublicKey(), privateKey);
                privateKeyCache.put(alias, privateKey);
                return privateKey;
            } catch (Exception e) {
                throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover private key (" + alias + "): " + e.getMessage());
            }
        } else if (ent.getType().equals(SECRET_KEY) || ent.getType().equals(PROTECTED_SECRET_KEY)) {
            EncryptedSecretKeyData encKeyData = EncryptedSecretKeyData.getInstance(ent.getData());
            try {
                SecretKeyData keyData = SecretKeyData.getInstance(decryptData("SECRET_KEY_ENCRYPTION", encKeyData.getKeyEncryptionAlgorithm(), password, encKeyData.getEncryptedKeyData()));
                SecretKeyFactory kFact = helper.createSecretKeyFactory(keyData.getKeyAlgorithm().getId());
                return kFact.generateSecret(new SecretKeySpec(keyData.getKeyBytes(), keyData.getKeyAlgorithm().getId()));
            } catch (Exception e) {
                throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + alias + "): " + e.getMessage());
            }
        } else {
            throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + alias + "): type not recognized");
        }
    }
    return null;
}

Example 50 with PrivateKeyInfo

use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project LinLong-Java by zhenwei1108.

the class McElieceKeyFactorySpi method engineGeneratePrivate.

/**
 * Converts, if possible, a key specification into a {@link BCMcEliecePrivateKey}.
 *
 * @param keySpec the key specification
 * @return the McEliece private key
 * @throws InvalidKeySpecException if the KeySpec is not supported.
 */
protected PrivateKey engineGeneratePrivate(KeySpec keySpec) throws InvalidKeySpecException {
    if (keySpec instanceof PKCS8EncodedKeySpec) {
        // get the DER-encoded Key according to PKCS#8 from the spec
        byte[] encKey = ((PKCS8EncodedKeySpec) keySpec).getEncoded();
        // decode the PKCS#8 data structure to the pki object
        PrivateKeyInfo pki;
        try {
            pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
        } catch (IOException e) {
            throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
        }
        try {
            if (PQCObjectIdentifiers.mcEliece.equals(pki.getPrivateKeyAlgorithm().getAlgorithm())) {
                McEliecePrivateKey key = McEliecePrivateKey.getInstance(pki.parsePrivateKey());
                return new BCMcEliecePrivateKey(new McEliecePrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP1(), key.getP2(), key.getSInv()));
            } else {
                throw new InvalidKeySpecException("Unable to recognise OID in McEliece private key");
            }
        } catch (IOException cce) {
            throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec.");
        }
    }
    throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
}