use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project jmulticard by ctt-gob-es.
the class BCSphincs256PrivateKey method getEncoded.
public byte[] getEncoded() {
try {
PrivateKeyInfo pki;
if (params.getTreeDigest() != null) {
pki = PrivateKeyInfoFactory.createPrivateKeyInfo(params, attributes);
} else {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(new AlgorithmIdentifier(treeDigest)));
pki = new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(params.getKeyData()), attributes);
}
return pki.getEncoded();
} catch (IOException e) {
return null;
}
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project jmulticard by ctt-gob-es.
the class BCRainbowPrivateKey method getEncoded.
public byte[] getEncoded() {
RainbowPrivateKey privateKey = new RainbowPrivateKey(A1inv, b1, A2inv, b2, vi, layers);
PrivateKeyInfo pki;
try {
AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
} catch (IOException e) {
return null;
}
try {
byte[] encoded = pki.getEncoded();
return encoded;
} catch (IOException e) {
return null;
}
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project karaf by apache.
the class KeyPairLoader method getKeyPair.
public static KeyPair getKeyPair(InputStream is, String password) throws GeneralSecurityException, IOException {
try (PEMParser parser = new PEMParser(new InputStreamReader(is))) {
Object o = parser.readObject();
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
if (o instanceof PEMEncryptedKeyPair) {
if (password == null) {
throw new GeneralSecurityException("A password must be supplied to read an encrypted key pair");
}
JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();
PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(password.toCharArray());
o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor));
} else if (o instanceof PKCS8EncryptedPrivateKeyInfo) {
if (password == null) {
throw new GeneralSecurityException("A password must be supplied to read an encrypted key pair");
}
JceOpenSSLPKCS8DecryptorProviderBuilder jce = new JceOpenSSLPKCS8DecryptorProviderBuilder();
try {
InputDecryptorProvider decProv = jce.build(password.toCharArray());
o = ((PKCS8EncryptedPrivateKeyInfo) o).decryptPrivateKeyInfo(decProv);
} catch (OperatorCreationException | PKCSException ex) {
LOGGER.debug("Error decrypting key pair", ex);
throw new GeneralSecurityException("Error decrypting key pair", ex);
}
}
if (o instanceof PEMKeyPair) {
return pemConverter.getKeyPair((PEMKeyPair) o);
} else if (o instanceof KeyPair) {
return (KeyPair) o;
} else if (o instanceof PrivateKeyInfo) {
PrivateKey privateKey = pemConverter.getPrivateKey((PrivateKeyInfo) o);
PublicKey publicKey = convertPrivateToPublicKey(privateKey);
if (publicKey != null) {
return new KeyPair(publicKey, privateKey);
}
}
}
throw new GeneralSecurityException("Failed to parse input stream");
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project pri-fidoiot by secure-device-onboard.
the class InteropVoucher method doPost.
@Override
protected void doPost() throws Exception {
try {
String pemString = getStringBody();
OwnershipVoucher voucher = null;
UUID guid = null;
PrivateKey signKey = null;
try (StringReader reader = new StringReader(pemString);
PEMParser parser = new PEMParser(reader)) {
for (; ; ) {
Object obj = parser.readPemObject();
if (obj == null) {
break;
}
if (obj instanceof PemObject) {
PemObject pemObj = (PemObject) obj;
if (pemObj.getType().equals("OWNERSHIP VOUCHER")) {
voucher = Mapper.INSTANCE.readValue(pemObj.getContent(), OwnershipVoucher.class);
OwnershipVoucherHeader header = Mapper.INSTANCE.readValue(voucher.getHeader(), OwnershipVoucherHeader.class);
guid = header.getGuid().toUuid();
logger.info("voucher guid: " + guid.toString());
} else if (pemObj.getType().equals("EC PRIVATE KEY")) {
ASN1Sequence seq = ASN1Sequence.getInstance(pemObj.getContent());
// PrivateKeyInfo info = PrivateKeyInfo.getInstance(seq);
// signKey = new JcaPEMKeyConverter().getPrivateKey(info);
ECPrivateKey ecpKey = ECPrivateKey.getInstance(seq);
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, ecpKey.getParameters());
byte[] serverPkcs8 = new PrivateKeyInfo(algId, ecpKey).getEncoded();
KeyFactory fact = KeyFactory.getInstance("EC", "BC");
signKey = fact.generatePrivate(new PKCS8EncodedKeySpec(serverPkcs8));
} else if (pemObj.getType().equals("RSA PRIVATE KEY")) {
ASN1Sequence seq = ASN1Sequence.getInstance(pemObj.getContent());
PrivateKeyInfo info = PrivateKeyInfo.getInstance(seq);
signKey = new JcaPEMKeyConverter().getPrivateKey(info);
}
}
}
}
// we should have voucher and private key
if (voucher != null) {
logger.info("decoded voucher from pem");
} else {
logger.warn("unable to decode voucher from pem");
getResponse().setStatus(HttpServletResponse.SC_BAD_REQUEST);
return;
}
if (signKey != null) {
logger.info("decoded private key from pem");
} else {
logger.warn("unable to decode private key from pem");
}
CryptoService cs = Config.getWorker(CryptoService.class);
KeyResolver resolver = Config.getWorker(OwnerKeySupplier.class).get();
OwnerPublicKey prevKey = VoucherUtils.getLastOwner(voucher);
String alias = KeyResolver.getAlias(prevKey.getType(), new AlgorithmFinder().getKeySizeType(cs.decodeKey(prevKey)));
Certificate[] certs = resolver.getCertificateChain(alias);
extend(voucher, signKey, certs);
getTransaction();
OnboardingVoucher dbVoucher = getSession().get(OnboardingVoucher.class, guid.toString());
if (dbVoucher == null) {
dbVoucher = new OnboardingVoucher();
dbVoucher.setGuid(guid.toString());
dbVoucher.setData(Mapper.INSTANCE.writeValue(voucher));
dbVoucher.setCreatedOn(new Date(System.currentTimeMillis()));
getSession().save(dbVoucher);
} else {
dbVoucher.setData(Mapper.INSTANCE.writeValue(voucher));
getSession().update(dbVoucher);
}
// save the voucher
// todo: need to do TO0 manually
// write the guid response
byte[] guidResponse = guid.toString().getBytes(StandardCharsets.UTF_8);
getResponse().setContentLength(guidResponse.length);
getResponse().getOutputStream().write(guidResponse);
} catch (Exception e) {
logger.warn("Request failed because of internal server error.");
getResponse().setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project pri-fidoiot by secure-device-onboard.
the class PemLoader method loadPrivateKey.
/**
* Loads a private key from a PEM formatted String.
*
* @param pemString A String containing PEM information.
* @param password A Pem password or null.
* @return The PrivateKey found in the PEM String.
*/
public static PrivateKey loadPrivateKey(String pemString, String password) {
try {
PEMParser parser = new PEMParser(new StringReader(pemString));
for (; ; ) {
Object obj = parser.readObject();
if (obj == null) {
break;
}
if (obj instanceof PKCS8EncryptedPrivateKeyInfo) {
PKCS8EncryptedPrivateKeyInfo epki = (PKCS8EncryptedPrivateKeyInfo) obj;
JcePKCSPBEInputDecryptorProviderBuilder builder = new JcePKCSPBEInputDecryptorProviderBuilder().setProvider(new BouncyCastleProvider());
InputDecryptorProvider idp = builder.build(password.toCharArray());
PrivateKeyInfo pki = epki.decryptPrivateKeyInfo(idp);
return new JcaPEMKeyConverter().getPrivateKey(pki);
} else if (obj instanceof PEMKeyPair) {
PEMKeyPair kp = (PEMKeyPair) obj;
return new JcaPEMKeyConverter().getPrivateKey(kp.getPrivateKeyInfo());
} else if (obj instanceof PrivateKeyInfo) {
return new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) obj);
}
}
} catch (IOException | PKCSException e) {
throw new RuntimeException(e);
}
throw new RuntimeException(new CertStoreException());
}
Aggregations