Examples with PKCS8EncodedKeySpec java.security.spec.PKCS8EncodedKeySpec used on opensource projects
Example 91 with PKCS8EncodedKeySpec
use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_RSA_Unencrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_RSA_Unencrypted_Success() throws Exception {
mKeyStore.load(null, null);
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
PrivateKey(java.security.PrivateKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
CertificateFactory(java.security.cert.CertificateFactory)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
KeyFactory(java.security.KeyFactory)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 92 with PKCS8EncodedKeySpec
use of java.security.spec.PKCS8EncodedKeySpec in project jdk8u_jdk by JetBrains.
the class DSAKeyFactory method engineGetKeySpec.
/**
* Returns a specification (key material) of the given key object
* in the requested format.
*
* @param key the key
*
* @param keySpec the requested format in which the key material shall be
* returned
*
* @return the underlying key specification (key material) in the
* requested format
*
* @exception InvalidKeySpecException if the requested key specification is
* inappropriate for the given key, or the given key cannot be processed
* (e.g., the given key has an unrecognized algorithm or format).
*/
protected <T extends KeySpec> T engineGetKeySpec(Key key, Class<T> keySpec) throws InvalidKeySpecException {
DSAParams params;
try {
if (key instanceof java.security.interfaces.DSAPublicKey) {
// Determine valid key specs
Class<?> dsaPubKeySpec = Class.forName("java.security.spec.DSAPublicKeySpec");
Class<?> x509KeySpec = Class.forName("java.security.spec.X509EncodedKeySpec");
if (dsaPubKeySpec.isAssignableFrom(keySpec)) {
java.security.interfaces.DSAPublicKey dsaPubKey = (java.security.interfaces.DSAPublicKey) key;
params = dsaPubKey.getParams();
return keySpec.cast(new DSAPublicKeySpec(dsaPubKey.getY(), params.getP(), params.getQ(), params.getG()));
} else if (x509KeySpec.isAssignableFrom(keySpec)) {
return keySpec.cast(new X509EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException("Inappropriate key specification");
}
} else if (key instanceof java.security.interfaces.DSAPrivateKey) {
// Determine valid key specs
Class<?> dsaPrivKeySpec = Class.forName("java.security.spec.DSAPrivateKeySpec");
Class<?> pkcs8KeySpec = Class.forName("java.security.spec.PKCS8EncodedKeySpec");
if (dsaPrivKeySpec.isAssignableFrom(keySpec)) {
java.security.interfaces.DSAPrivateKey dsaPrivKey = (java.security.interfaces.DSAPrivateKey) key;
params = dsaPrivKey.getParams();
return keySpec.cast(new DSAPrivateKeySpec(dsaPrivKey.getX(), params.getP(), params.getQ(), params.getG()));
} else if (pkcs8KeySpec.isAssignableFrom(keySpec)) {
return keySpec.cast(new PKCS8EncodedKeySpec(key.getEncoded()));
} else {
throw new InvalidKeySpecException("Inappropriate key specification");
}
} else {
throw new InvalidKeySpecException("Inappropriate key type");
}
} catch (ClassNotFoundException e) {
throw new InvalidKeySpecException("Unsupported key specification: " + e.getMessage());
}
}
Also used :
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
DSAParams(java.security.interfaces.DSAParams)
DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)
Example 93 with PKCS8EncodedKeySpec
use of java.security.spec.PKCS8EncodedKeySpec in project jdk8u_jdk by JetBrains.
the class CipherWithWrappingSpi method constructPrivateKey.
/**
* Construct a private key from its encoding.
*
* @param encodedKey the encoding of a private key.
*
* @param encodedKeyAlgorithm the algorithm the wrapped key is for.
*
* @return a private key constructed from the encodedKey.
*/
private final PrivateKey constructPrivateKey(byte[] encodedKey, String encodedKeyAlgorithm) throws InvalidKeyException, NoSuchAlgorithmException {
PrivateKey key = null;
try {
KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm, SunJCE.getInstance());
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
return keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException nsae) {
// provider which supports this algorithm
try {
KeyFactory keyFactory = KeyFactory.getInstance(encodedKeyAlgorithm);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
key = keyFactory.generatePrivate(keySpec);
} catch (NoSuchAlgorithmException nsae2) {
throw new NoSuchAlgorithmException("No installed providers " + "can create keys for the " + encodedKeyAlgorithm + "algorithm");
} catch (InvalidKeySpecException ikse2) {
// Should never happen.
}
} catch (InvalidKeySpecException ikse) {
// Should never happen.
}
return key;
}
Also used :
PrivateKey(java.security.PrivateKey)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
KeyFactory(java.security.KeyFactory)
Example 94 with PKCS8EncodedKeySpec
use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreCipherSpiBase method engineWrap.
@Override
protected final byte[] engineWrap(Key key) throws IllegalBlockSizeException, InvalidKeyException {
if (mKey == null) {
throw new IllegalStateException("Not initilized");
}
if (!isEncrypting()) {
throw new IllegalStateException("Cipher must be initialized in Cipher.WRAP_MODE to wrap keys");
}
if (key == null) {
throw new NullPointerException("key == null");
}
byte[] encoded = null;
if (key instanceof SecretKey) {
if ("RAW".equalsIgnoreCase(key.getFormat())) {
encoded = key.getEncoded();
}
if (encoded == null) {
try {
SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(key.getAlgorithm());
SecretKeySpec spec = (SecretKeySpec) keyFactory.getKeySpec((SecretKey) key, SecretKeySpec.class);
encoded = spec.getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
}
}
} else if (key instanceof PrivateKey) {
if ("PKCS8".equalsIgnoreCase(key.getFormat())) {
encoded = key.getEncoded();
}
if (encoded == null) {
try {
KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
PKCS8EncodedKeySpec spec = keyFactory.getKeySpec(key, PKCS8EncodedKeySpec.class);
encoded = spec.getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
}
}
} else if (key instanceof PublicKey) {
if ("X.509".equalsIgnoreCase(key.getFormat())) {
encoded = key.getEncoded();
}
if (encoded == null) {
try {
KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm());
X509EncodedKeySpec spec = keyFactory.getKeySpec(key, X509EncodedKeySpec.class);
encoded = spec.getEncoded();
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material", e);
}
}
} else {
throw new InvalidKeyException("Unsupported key type: " + key.getClass().getName());
}
if (encoded == null) {
throw new InvalidKeyException("Failed to wrap key because it does not export its key material");
}
try {
return engineDoFinal(encoded, 0, encoded.length);
} catch (BadPaddingException e) {
throw (IllegalBlockSizeException) new IllegalBlockSizeException().initCause(e);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
PublicKey(java.security.PublicKey)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
BadPaddingException(javax.crypto.BadPaddingException)
InvalidKeyException(java.security.InvalidKeyException)
SecretKey(javax.crypto.SecretKey)
SecretKeySpec(javax.crypto.spec.SecretKeySpec)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
KeyFactory(java.security.KeyFactory)
Example 95 with PKCS8EncodedKeySpec
use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by crdroidandroid.
the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_CAEntry_Encrypted_Success.
public void testKeyStore_SetEntry_PrivateKeyEntry_Overwrites_CAEntry_Encrypted_Success() throws Exception {
setupPassword();
mKeyStore.load(null, null);
final CertificateFactory f = CertificateFactory.getInstance("X.509");
final Certificate caCert = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
// Start with PrivateKeyEntry
{
KeyFactory keyFact = KeyFactory.getInstance("RSA");
PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
final Certificate[] expectedChain = new Certificate[2];
expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
expectedChain[1] = caCert;
PrivateKeyEntry expectedPrivEntry = new PrivateKeyEntry(expectedKey, expectedChain);
mKeyStore.setEntry(TEST_ALIAS_1, expectedPrivEntry, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
PrivateKeyEntry actualPrivEntry = (PrivateKeyEntry) actualEntry;
assertPrivateKeyEntryEquals(actualPrivEntry, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}
// Replace with TrustedCertificateEntry
{
TrustedCertificateEntry expectedCertEntry = new TrustedCertificateEntry(caCert);
mKeyStore.setEntry(TEST_ALIAS_1, expectedCertEntry, null);
Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
assertNotNull("Retrieved entry should exist", actualEntry);
assertTrue("Retrieved entry should be of type TrustedCertificateEntry", actualEntry instanceof TrustedCertificateEntry);
TrustedCertificateEntry actualCertEntry = (TrustedCertificateEntry) actualEntry;
assertEquals("Stored and retrieved certificates should be the same", expectedCertEntry.getTrustedCertificate(), actualCertEntry.getTrustedCertificate());
}
}
Also used :
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
Entry(java.security.KeyStore.Entry)
PrivateKey(java.security.PrivateKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
CertificateFactory(java.security.cert.CertificateFactory)
PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry)
KeyFactory(java.security.KeyFactory)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
TrustedCertificateEntry(java.security.KeyStore.TrustedCertificateEntry)
Aggregations
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)227
KeyFactory (java.security.KeyFactory)179
PrivateKey (java.security.PrivateKey)148
CertificateFactory (java.security.cert.CertificateFactory)86
ByteArrayInputStream (java.io.ByteArrayInputStream)85
Certificate (java.security.cert.Certificate)72
X509Certificate (java.security.cert.X509Certificate)71
PrivateKeyEntry (java.security.KeyStore.PrivateKeyEntry)59
Entry (java.security.KeyStore.Entry)53
TrustedCertificateEntry (java.security.KeyStore.TrustedCertificateEntry)53
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)50
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)47
X509EncodedKeySpec (java.security.spec.X509EncodedKeySpec)40
PublicKey (java.security.PublicKey)39
IOException (java.io.IOException)30
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)30
SecretKey (javax.crypto.SecretKey)28
InvalidKeyException (java.security.InvalidKeyException)26
Key (java.security.Key)24
KeyStoreException (java.security.KeyStoreException)15
