Example 1 with PKCS12PbeParams
use of com.mindbright.security.pkcs12.PKCS12PbeParams in project SpringRemote by HaleyWang.
the class PKCS12KeyStore method extractPrivateKey.
private static PrivateKey extractPrivateKey(EncryptedPrivateKeyInfo keyBag, char[] password) throws NoSuchAlgorithmException, UnrecoverableKeyException {
new ASN1DER();
PKCS12PbeParams params = (PKCS12PbeParams) keyBag.encryptionAlgorithm.parameters.getValue();
String alg = keyBag.encryptionAlgorithm.algorithmName();
byte[] enc = keyBag.encryptedData.getRaw();
byte[] salt = params.salt.getRaw();
int iterations = params.iterations.getValue().intValue();
byte[] dec = new byte[enc.length];
doCipher(Cipher.DECRYPT_MODE, password, enc, enc.length, dec, salt, iterations, alg);
return extractPrivateKey(dec);
}
Also used :
ASN1DER(com.mindbright.asn1.ASN1DER)
PKCS12PbeParams(com.mindbright.security.pkcs12.PKCS12PbeParams)
ASN1OctetString(com.mindbright.asn1.ASN1OctetString)
ASN1CharString(com.mindbright.asn1.ASN1CharString)
Example 2 with PKCS12PbeParams
use of com.mindbright.security.pkcs12.PKCS12PbeParams in project SpringRemote by HaleyWang.
the class PKCS12KeyStore method engineLoad.
public void engineLoad(InputStream stream, char[] password) throws IOException, NoSuchAlgorithmException, CertificateException {
try {
ASN1DER ber = new ASN1DER();
PFX pfx = new PFX();
ber.decode(stream, pfx);
if (password == null) {
password = new char[0];
}
checkMac(pfx, password);
AuthenticatedSafe authSafe = new AuthenticatedSafe();
ASN1OctetString data = pfx.getDataContent();
ByteArrayInputStream ba = new ByteArrayInputStream(data.getRaw());
ber.decode(ba, authSafe);
for (int i = 0; i < authSafe.getCount(); i++) {
ContentInfo ci = authSafe.getContentInfo(i);
String cit = ci.contentType.getString();
if (cit.equals("1.2.840.113549.1.7.1")) {
data = (ASN1OctetString) ci.content.getValue();
processSafeContents(data.getRaw());
} else if (cit.equals("1.2.840.113549.1.7.6")) {
EncryptedData ed = (EncryptedData) ci.content.getValue();
String alg = ed.encryptedContentInfo.contentEncryptionAlgorithm.algorithmName();
byte[] enc = ed.encryptedContentInfo.encryptedContent.getRaw();
PKCS12PbeParams params = (PKCS12PbeParams) ed.encryptedContentInfo.contentEncryptionAlgorithm.parameters.getValue();
byte[] salt = params.salt.getRaw();
int iterations = params.iterations.getValue().intValue();
byte[] dec = new byte[enc.length];
doCipher(Cipher.DECRYPT_MODE, password, enc, enc.length, dec, salt, iterations, alg);
processSafeContents(dec);
} else {
throw new IOException("ContentInfo type not supported: " + cit);
}
}
} catch (IOException e) {
e.printStackTrace();
throw e;
}
}
Also used :
ASN1OctetString(com.mindbright.asn1.ASN1OctetString)
PFX(com.mindbright.security.pkcs12.PFX)
ASN1DER(com.mindbright.asn1.ASN1DER)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ContentInfo(com.mindbright.security.pkcs7.ContentInfo)
PKCS12PbeParams(com.mindbright.security.pkcs12.PKCS12PbeParams)
AuthenticatedSafe(com.mindbright.security.pkcs12.AuthenticatedSafe)
ASN1OctetString(com.mindbright.asn1.ASN1OctetString)
ASN1CharString(com.mindbright.asn1.ASN1CharString)
EncryptedData(com.mindbright.security.pkcs7.EncryptedData)
IOException(java.io.IOException)
Aggregations
ASN1CharString (com.mindbright.asn1.ASN1CharString)2
ASN1DER (com.mindbright.asn1.ASN1DER)2
ASN1OctetString (com.mindbright.asn1.ASN1OctetString)2
PKCS12PbeParams (com.mindbright.security.pkcs12.PKCS12PbeParams)2
AuthenticatedSafe (com.mindbright.security.pkcs12.AuthenticatedSafe)1
PFX (com.mindbright.security.pkcs12.PFX)1
ContentInfo (com.mindbright.security.pkcs7.ContentInfo)1
EncryptedData (com.mindbright.security.pkcs7.EncryptedData)1
ByteArrayInputStream (java.io.ByteArrayInputStream)1
IOException (java.io.IOException)1
