Example 96 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project xipki by xipki.
the class KeyUtil method convertXDHToDummyEdDSAPrivateKey.
/**
* Convert XDH edwards private key to EdDSA private key. As the name indicates,
* the converted key is dummy, you cannot verify the signature signed with
* the converted private key against the correspond public key.
* @param key XDH private key
* @return the corresponding EdDSA private key (dummy)
* @throws InvalidKeySpecException
* If key is invalid.
*/
// CHECKSTYLE:SKIP
public static PrivateKey convertXDHToDummyEdDSAPrivateKey(PrivateKey key) throws InvalidKeySpecException {
if (key instanceof XDHKey) {
PrivateKeyInfo xdhPki = PrivateKeyInfo.getInstance(key.getEncoded());
String xdhAlgo = key.getAlgorithm();
try {
PrivateKeyInfo edPki;
if (xdhAlgo.equalsIgnoreCase(EdECConstants.X25519)) {
edPki = new PrivateKeyInfo(new AlgorithmIdentifier(EdECConstants.id_ED25519), xdhPki.parsePrivateKey());
} else if (xdhAlgo.equalsIgnoreCase(EdECConstants.X448)) {
byte[] x448Octets = ASN1OctetString.getInstance(xdhPki.parsePrivateKey()).getOctets();
byte[] ed448Octets = new byte[57];
System.arraycopy(x448Octets, 0, ed448Octets, 0, 56);
edPki = new PrivateKeyInfo(new AlgorithmIdentifier(EdECConstants.id_ED448), new DEROctetString(ed448Octets));
} else {
throw new IllegalArgumentException("unknown key algorithm " + xdhAlgo);
}
byte[] encoded = edPki.getEncoded();
return getKeyFactory("EDDSA").generatePrivate(new PKCS8EncodedKeySpec(encoded));
} catch (IOException ex) {
throw new InvalidKeySpecException("could not convert XDH to EdDSA private key", ex);
}
} else {
throw new IllegalArgumentException("key is not an XDH private key");
}
}
Also used :
XDHKey(org.bouncycastle.jcajce.interfaces.XDHKey)
IOException(java.io.IOException)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 97 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project xipki by xipki.
the class GrandCertTemplateBuilder method create.
GrantedCertTemplate create(IdentifiedCertprofile certprofile, CertTemplateData certTemplate, RequestorInfo requestor, boolean update) throws OperationException {
if (caInfo.getRevocationInfo() != null) {
throw new OperationException(NOT_PERMITTED, "CA is revoked");
}
if (certprofile == null) {
throw new OperationException(UNKNOWN_CERT_PROFILE, "unknown cert profile " + certTemplate.getCertprofileName());
}
ConcurrentContentSigner signer = caInfo.getSigner(certprofile.getSignatureAlgorithms());
if (signer == null) {
throw new OperationException(SYSTEM_FAILURE, "CA does not support any signature algorithm restricted by the cert profile");
}
final NameId certprofileIdent = certprofile.getIdent();
if (certprofile.getVersion() != Certprofile.X509CertVersion.v3) {
throw new OperationException(SYSTEM_FAILURE, "unknown cert version " + certprofile.getVersion());
}
if (certprofile.isOnlyForRa()) {
if (requestor == null || !requestor.isRa()) {
throw new OperationException(NOT_PERMITTED, "profile " + certprofileIdent + " not applied to non-RA");
}
}
switch(certprofile.getCertLevel()) {
case RootCA:
throw new OperationException(NOT_PERMITTED, "CA is not allowed to generate Root CA certificate");
case SubCA:
Integer reqPathlen = certprofile.getPathLenBasicConstraint();
int caPathLen = caInfo.getPathLenConstraint();
boolean allowed = (reqPathlen == null && caPathLen == Integer.MAX_VALUE) || (reqPathlen != null && reqPathlen < caPathLen);
if (!allowed) {
throw new OperationException(NOT_PERMITTED, "invalid BasicConstraint.pathLenConstraint");
}
break;
default:
}
X500Name requestedSubject = CaUtil.removeEmptyRdns(certTemplate.getSubject());
if (!certprofile.isSerialNumberInReqPermitted()) {
RDN[] rdns = requestedSubject.getRDNs(ObjectIdentifiers.DN.SN);
if (rdns != null && rdns.length > 0) {
throw new OperationException(BAD_CERT_TEMPLATE, "subjectDN SerialNumber in request is not permitted");
}
}
Date reqNotBefore = certTemplate.getNotBefore();
Date grantedNotBefore = certprofile.getNotBefore(reqNotBefore);
// notBefore in the past is not permitted (due to the fact that some clients may not have
// accurate time, we allow max. 5 minutes in the past)
long currentMillis = System.currentTimeMillis();
if (currentMillis - grantedNotBefore.getTime() > MS_PER_10MINUTES) {
grantedNotBefore = new Date(currentMillis - MS_PER_10MINUTES);
}
long time = caInfo.getNoNewCertificateAfter();
if (grantedNotBefore.getTime() > time) {
throw new OperationException(NOT_PERMITTED, "CA is not permitted to issue certifate after " + new Date(time));
}
if (grantedNotBefore.before(caInfo.getNotBefore())) {
// notBefore may not be before CA's notBefore
grantedNotBefore = caInfo.getNotBefore();
}
PrivateKeyInfo privateKey;
SubjectPublicKeyInfo grantedPublicKeyInfo = certTemplate.getPublicKeyInfo();
if (grantedPublicKeyInfo != null) {
privateKey = null;
try {
grantedPublicKeyInfo = X509Util.toRfc3279Style(certTemplate.getPublicKeyInfo());
} catch (InvalidKeySpecException ex) {
LogUtil.warn(LOG, ex, "invalid SubjectPublicKeyInfo");
throw new OperationException(BAD_CERT_TEMPLATE, "invalid SubjectPublicKeyInfo");
}
// CHECK weak public key, like RSA key (ROCA)
if (grantedPublicKeyInfo.getAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.rsaEncryption)) {
try {
ASN1Sequence seq = ASN1Sequence.getInstance(grantedPublicKeyInfo.getPublicKeyData().getOctets());
if (seq.size() != 2) {
throw new OperationException(BAD_CERT_TEMPLATE, "invalid format of RSA public key");
}
BigInteger modulus = ASN1Integer.getInstance(seq.getObjectAt(0)).getPositiveValue();
if (RSABrokenKey.isAffected(modulus)) {
throw new OperationException(BAD_CERT_TEMPLATE, "RSA public key is too weak");
}
} catch (IllegalArgumentException ex) {
throw new OperationException(BAD_CERT_TEMPLATE, "invalid format of RSA public key");
}
}
} else if (certTemplate.isCaGenerateKeypair()) {
KeypairGenControl kg = certprofile.getKeypairGenControl();
try {
if (kg instanceof KeypairGenControl.InheritCAKeypairGenControl) {
kg = keypairGenControlByImplictCA;
}
if (kg == null || kg instanceof KeypairGenControl.ForbiddenKeypairGenControl) {
throw new OperationException(BAD_CERT_TEMPLATE, "no public key is specified");
}
if (kg instanceof KeypairGenControl.RSAKeypairGenControl) {
KeypairGenControl.RSAKeypairGenControl tkg = (KeypairGenControl.RSAKeypairGenControl) kg;
int keysize = tkg.getKeysize();
if (keysize > 4096) {
throw new OperationException(BAD_CERT_TEMPLATE, "keysize too large");
}
BigInteger publicExponent = tkg.getPublicExponent();
KeyPair kp = KeyUtil.generateRSAKeypair(keysize, publicExponent, random);
java.security.interfaces.RSAPublicKey rsaPubKey = (java.security.interfaces.RSAPublicKey) kp.getPublic();
grantedPublicKeyInfo = new SubjectPublicKeyInfo(tkg.getKeyAlgorithm(), new RSAPublicKey(rsaPubKey.getModulus(), rsaPubKey.getPublicExponent()));
/*
* RSA private keys are BER-encoded according to PKCS #1’s RSAPrivateKey ASN.1 type.
*
* RSAPrivateKey ::= SEQUENCE {
* version Version,
* modulus INTEGER, -- n
* publicExponent INTEGER, -- e
* privateExponent INTEGER, -- d
* prime1 INTEGER, -- p
* prime2 INTEGER, -- q
* exponent1 INTEGER, -- d mod (p-1)
* exponent2 INTEGER, -- d mod (q-1)
* coefficient INTEGER, -- (inverse of q) mod p
* otherPrimeInfos OtherPrimeInfos OPTIONAL.
* }
*/
RSAPrivateCrtKey priv = (RSAPrivateCrtKey) kp.getPrivate();
privateKey = new PrivateKeyInfo(tkg.getKeyAlgorithm(), new RSAPrivateKey(priv.getModulus(), priv.getPublicExponent(), priv.getPrivateExponent(), priv.getPrimeP(), priv.getPrimeQ(), priv.getPrimeExponentP(), priv.getPrimeExponentQ(), priv.getCrtCoefficient()));
} else if (kg instanceof KeypairGenControl.ECKeypairGenControl) {
KeypairGenControl.ECKeypairGenControl tkg = (KeypairGenControl.ECKeypairGenControl) kg;
ASN1ObjectIdentifier curveOid = tkg.getCurveOid();
KeyPair kp = KeyUtil.generateECKeypair(curveOid, random);
ECPublicKey pub = (ECPublicKey) kp.getPublic();
int orderBitLength = pub.getParams().getOrder().bitLength();
byte[] keyData = KeyUtil.getUncompressedEncodedECPoint(pub.getW(), orderBitLength);
grantedPublicKeyInfo = new SubjectPublicKeyInfo(tkg.getKeyAlgorithm(), keyData);
/*
* ECPrivateKey ::= SEQUENCE {
* Version INTEGER { ecPrivkeyVer1(1) }
* (ecPrivkeyVer1),
* privateKey OCTET STRING,
* parameters [0] Parameters OPTIONAL,
* publicKey [1] BIT STRING OPTIONAL
* }
*
* Since the EC domain parameters are placed in the PKCS #8’s privateKeyAlgorithm field,
* the optional parameters field in an ECPrivateKey must be omitted. A Cryptoki
* application must be able to unwrap an ECPrivateKey that contains the optional publicKey
* field; however, what is done with this publicKey field is outside the scope of
* Cryptoki.
*/
ECPrivateKey priv = (ECPrivateKey) kp.getPrivate();
privateKey = new PrivateKeyInfo(tkg.getKeyAlgorithm(), new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, priv.getS()));
} else if (kg instanceof KeypairGenControl.DSAKeypairGenControl) {
KeypairGenControl.DSAKeypairGenControl tkg = (KeypairGenControl.DSAKeypairGenControl) kg;
KeyPair kp = KeyUtil.generateDSAKeypair(tkg.getParameterSpec(), random);
grantedPublicKeyInfo = new SubjectPublicKeyInfo(tkg.getKeyAlgorithm(), new ASN1Integer(((DSAPublicKey) kp.getPublic()).getY()));
// DSA private keys are represented as BER-encoded ASN.1 type INTEGER.
DSAPrivateKey priv = (DSAPrivateKey) kp.getPrivate();
privateKey = new PrivateKeyInfo(grantedPublicKeyInfo.getAlgorithm(), new ASN1Integer(priv.getX()));
} else if (kg instanceof KeypairGenControl.EDDSAKeypairGenControl) {
KeypairGenControl.EDDSAKeypairGenControl tkg = (KeypairGenControl.EDDSAKeypairGenControl) kg;
KeyPair kp = KeyUtil.generateEdECKeypair(tkg.getKeyAlgorithm().getAlgorithm(), random);
grantedPublicKeyInfo = KeyUtil.createSubjectPublicKeyInfo(kp.getPublic());
// make sure that the algorithm match
if (!grantedPublicKeyInfo.getAlgorithm().equals(tkg.getKeyAlgorithm())) {
throw new OperationException(SYSTEM_FAILURE, "invalid SubjectPublicKeyInfo.algorithm");
}
privateKey = PrivateKeyInfo.getInstance(kp.getPrivate().getEncoded());
} else {
throw new RuntimeCryptoException("unknown KeyPairGenControl " + kg);
}
} catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeyException | IOException ex) {
throw new OperationException(SYSTEM_FAILURE, ex);
}
} else {
// show not reach here
throw new OperationException(BAD_CERT_TEMPLATE, "no public key is specified genkey");
}
// public key
try {
grantedPublicKeyInfo = certprofile.checkPublicKey(grantedPublicKeyInfo);
} catch (CertprofileException ex) {
throw new OperationException(SYSTEM_FAILURE, "exception in cert profile " + certprofileIdent);
} catch (BadCertTemplateException ex) {
throw new OperationException(BAD_CERT_TEMPLATE, ex);
}
// subject
Certprofile.SubjectInfo subjectInfo;
try {
subjectInfo = certprofile.getSubject(requestedSubject, grantedPublicKeyInfo);
} catch (CertprofileException ex) {
throw new OperationException(SYSTEM_FAILURE, "exception in cert profile " + certprofileIdent);
} catch (BadCertTemplateException ex) {
throw new OperationException(BAD_CERT_TEMPLATE, ex);
}
X500Name grantedSubject = subjectInfo.getGrantedSubject();
// make sure that empty subject is not permitted
ASN1ObjectIdentifier[] attrTypes = grantedSubject.getAttributeTypes();
if (attrTypes == null || attrTypes.length == 0) {
throw new OperationException(BAD_CERT_TEMPLATE, "empty subject is not permitted");
}
// make sure that the grantedSubject does not equal the CA's subject
if (X509Util.canonicalizName(grantedSubject).equals(caInfo.getPublicCaInfo().getC14nSubject())) {
throw new OperationException(ALREADY_ISSUED, "certificate with the same subject as CA is not allowed");
}
if (update) {
CertStore.CertStatus certStatus = certstore.getCertStatusForSubject(caInfo.getIdent(), grantedSubject);
if (certStatus == CertStore.CertStatus.REVOKED) {
throw new OperationException(CERT_REVOKED);
} else if (certStatus == CertStore.CertStatus.UNKNOWN) {
throw new OperationException(UNKNOWN_CERT);
}
}
// end if(update)
StringBuilder msgBuilder = new StringBuilder();
if (subjectInfo.getWarning() != null) {
msgBuilder.append(", ").append(subjectInfo.getWarning());
}
Validity validity = certprofile.getValidity();
if (validity == null) {
validity = caInfo.getMaxValidity();
} else if (validity.compareTo(caInfo.getMaxValidity()) > 0) {
validity = caInfo.getMaxValidity();
}
Date maxNotAfter = validity.add(grantedNotBefore);
// maxNotAfter not after 99991231-235959
if (maxNotAfter.getTime() > MAX_CERT_TIME_MS) {
maxNotAfter = MAX_CERT_TIME;
}
Date grantedNotAfter = certTemplate.getNotAfter();
if (grantedNotAfter != null) {
if (grantedNotAfter.after(maxNotAfter)) {
grantedNotAfter = maxNotAfter;
msgBuilder.append(", notAfter modified");
}
} else {
grantedNotAfter = maxNotAfter;
}
if (grantedNotAfter.after(caInfo.getNotAfter())) {
ValidityMode caMode = caInfo.getValidityMode();
NotAfterMode profileMode = certprofile.getNotAfterMode();
if (profileMode == null) {
profileMode = NotAfterMode.BY_CA;
}
if (profileMode == NotAfterMode.STRICT) {
throw new OperationException(NOT_PERMITTED, "notAfter outside of CA's validity is not permitted by the CertProfile");
}
if (caMode == ValidityMode.STRICT) {
throw new OperationException(NOT_PERMITTED, "notAfter outside of CA's validity is not permitted by the CA");
}
if (caMode == ValidityMode.CUTOFF) {
grantedNotAfter = caInfo.getNotAfter();
} else if (caMode == ValidityMode.LAX) {
if (profileMode == NotAfterMode.CUTOFF) {
grantedNotAfter = caInfo.getNotAfter();
}
} else {
throw new IllegalStateException("should not reach here, CA ValidityMode " + caMode + " CertProfile NotAfterMode " + profileMode);
}
// end if (mode)
}
// end if (notAfter)
String warning = null;
if (msgBuilder.length() > 2) {
warning = msgBuilder.substring(2);
}
GrantedCertTemplate gct = new GrantedCertTemplate(certTemplate.getExtensions(), certprofile, grantedNotBefore, grantedNotAfter, requestedSubject, grantedPublicKeyInfo, privateKey, signer, warning);
gct.setGrantedSubject(grantedSubject);
return gct;
}
Also used :
Certprofile(org.xipki.ca.api.profile.Certprofile)
NameId(org.xipki.ca.api.NameId)
X500Name(org.bouncycastle.asn1.x500.X500Name)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
KeypairGenControl(org.xipki.ca.api.profile.KeypairGenControl)
ValidityMode(org.xipki.ca.api.mgmt.ValidityMode)
RSAPublicKey(org.bouncycastle.asn1.pkcs.RSAPublicKey)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
GrantedCertTemplate(org.xipki.ca.server.X509Ca.GrantedCertTemplate)
OperationException(org.xipki.ca.api.OperationException)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException)
BigInteger(java.math.BigInteger)
RSAPrivateKey(org.bouncycastle.asn1.pkcs.RSAPrivateKey)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
java.security(java.security)
RDN(org.bouncycastle.asn1.x500.RDN)
java.security.interfaces(java.security.interfaces)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
NotAfterMode(org.xipki.ca.api.profile.NotAfterMode)
Date(java.util.Date)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
BigInteger(java.math.BigInteger)
Validity(org.xipki.util.Validity)
RuntimeCryptoException(org.bouncycastle.crypto.RuntimeCryptoException)
ConcurrentContentSigner(org.xipki.security.ConcurrentContentSigner)
CertStore(org.xipki.ca.server.db.CertStore)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Example 98 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project certmgr by hdecarne.
the class PKCS12CertReaderWriter method convertPrivateKey.
private static PrivateKey convertPrivateKey(PKCS8EncryptedPrivateKeyInfo safeBagValue, String resource, PasswordCallback password) throws IOException {
PrivateKeyInfo decryptedSafeBagValue = null;
PKCSException decryptException = null;
while (decryptedSafeBagValue == null) {
try {
decryptedSafeBagValue = safeBagValue.decryptPrivateKeyInfo(buildInputDecryptorProvider(resource, password, decryptException));
} catch (PKCSException e) {
decryptException = e;
}
}
return convertPrivateKey(decryptedSafeBagValue);
}
Also used :
PKCSException(org.bouncycastle.pkcs.PKCSException)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
Example 99 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project BiglyBT by BiglySoftware.
the class PEMReader method readECPrivateKey.
private KeyPair readECPrivateKey(String endMarker) throws IOException {
try {
ECPrivateKeyStructure pKey = new ECPrivateKeyStructure((ASN1Sequence) ASN1Object.fromByteArray(readBytes(endMarker)));
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.getDERObject());
SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privInfo.getEncoded());
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
KeyFactory fact = KeyFactory.getInstance("ECDSA", provider);
return new KeyPair(fact.generatePublic(pubSpec), fact.generatePrivate(privSpec));
} catch (ClassCastException e) {
throw new IOException("wrong ASN.1 object found in stream");
} catch (Exception e) {
throw new IOException("problem parsing EC private key: " + e);
}
}
Also used :
ECPrivateKeyStructure(org.gudy.bouncycastle.asn1.sec.ECPrivateKeyStructure)
SubjectPublicKeyInfo(org.gudy.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo)
AlgorithmIdentifier(org.gudy.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 100 with PrivateKeyInfo
use of com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo in project BiglyBT by BiglySoftware.
the class PEMWriter method writeObject.
public void writeObject(Object o) throws IOException {
String type;
byte[] encoding;
if (o instanceof X509Certificate) {
type = "CERTIFICATE";
try {
encoding = ((X509Certificate) o).getEncoded();
} catch (CertificateEncodingException e) {
throw new IOException("Cannot encode object: " + e.toString());
}
} else if (o instanceof X509CRL) {
type = "X509 CRL";
try {
encoding = ((X509CRL) o).getEncoded();
} catch (CRLException e) {
throw new IOException("Cannot encode object: " + e.toString());
}
} else if (o instanceof KeyPair) {
writeObject(((KeyPair) o).getPrivate());
return;
} else if (o instanceof PrivateKey) {
PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(((Key) o).getEncoded()));
if (o instanceof RSAPrivateKey) {
type = "RSA PRIVATE KEY";
encoding = info.getPrivateKey().getEncoded();
} else if (o instanceof DSAPrivateKey) {
type = "DSA PRIVATE KEY";
DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(p.getP()));
v.add(new DERInteger(p.getQ()));
v.add(new DERInteger(p.getG()));
BigInteger x = ((DSAPrivateKey) o).getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new DERInteger(y));
v.add(new DERInteger(x));
encoding = new DERSequence(v).getEncoded();
} else {
throw new IOException("Cannot identify private key");
}
} else if (o instanceof PublicKey) {
type = "PUBLIC KEY";
encoding = ((PublicKey) o).getEncoded();
} else if (o instanceof X509AttributeCertificate) {
type = "ATTRIBUTE CERTIFICATE";
encoding = ((X509V2AttributeCertificate) o).getEncoded();
} else if (o instanceof PKCS10CertificationRequest) {
type = "CERTIFICATE REQUEST";
encoding = ((PKCS10CertificationRequest) o).getEncoded();
} else if (o instanceof ContentInfo) {
type = "PKCS7";
encoding = ((ContentInfo) o).getEncoded();
} else {
throw new IOException("unknown object passed - can't encode.");
}
writeHeader(type);
writeEncoded(encoding);
writeFooter(type);
}
Also used :
PKCS10CertificationRequest(org.gudy.bouncycastle.jce.PKCS10CertificationRequest)
X509CRL(java.security.cert.X509CRL)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
X509AttributeCertificate(org.gudy.bouncycastle.x509.X509AttributeCertificate)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
X509V2AttributeCertificate(org.gudy.bouncycastle.x509.X509V2AttributeCertificate)
X509Certificate(java.security.cert.X509Certificate)
ContentInfo(org.gudy.bouncycastle.asn1.cms.ContentInfo)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
BigInteger(java.math.BigInteger)
DSAParameter(org.gudy.bouncycastle.asn1.x509.DSAParameter)
CRLException(java.security.cert.CRLException)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)
Aggregations
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)100
IOException (java.io.IOException)69
JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)53
PEMParser (org.bouncycastle.openssl.PEMParser)49
PrivateKey (java.security.PrivateKey)37
PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)35
PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)33
PrivateKeyInfo (com.github.zhenwei.core.asn1.pkcs.PrivateKeyInfo)25
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)25
InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)25
JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)20
AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)18
BigInteger (java.math.BigInteger)17
ByteArrayInputStream (java.io.ByteArrayInputStream)16
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)16
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)16
KeyPair (java.security.KeyPair)15
PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)15
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)14
InputStreamReader (java.io.InputStreamReader)14
