Examples with PKCS8EncodedKeySpec java.security.spec.PKCS8EncodedKeySpec used on opensource projects

Example 36 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project netty by netty.

the class SslContext method generateKeySpec.

/**
     * Generates a key specification for an (encrypted) private key.
     *
     * @param password characters, if {@code null} an unencrypted key is assumed
     * @param key bytes of the DER encoded private key
     *
     * @return a key specification
     *
     * @throws IOException if parsing {@code key} fails
     * @throws NoSuchAlgorithmException if the algorithm used to encrypt {@code key} is unkown
     * @throws NoSuchPaddingException if the padding scheme specified in the decryption algorithm is unkown
     * @throws InvalidKeySpecException if the decryption key based on {@code password} cannot be generated
     * @throws InvalidKeyException if the decryption key based on {@code password} cannot be used to decrypt
     *                             {@code key}
     * @throws InvalidAlgorithmParameterException if decryption algorithm parameters are somehow faulty
     */
protected static PKCS8EncodedKeySpec generateKeySpec(char[] password, byte[] key) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException {
    if (password == null) {
        return new PKCS8EncodedKeySpec(key);
    }
    EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(key);
    SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName());
    PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
    SecretKey pbeKey = keyFactory.generateSecret(pbeKeySpec);
    Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName());
    cipher.init(Cipher.DECRYPT_MODE, pbeKey, encryptedPrivateKeyInfo.getAlgParameters());
    return encryptedPrivateKeyInfo.getKeySpec(cipher);
}

Example 37 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project jersey by jersey.

the class RsaSha1Method method sign.

/**
     * Generates the RSA-SHA1 signature of OAuth request elements.
     *
     * @param baseString the combined OAuth elements to sign.
     * @param secrets the secrets object containing the private key for generating the signature.
     * @return the OAuth signature, in base64-encoded form.
     * @throws InvalidSecretException if the supplied secret is not valid.
     */
@Override
public String sign(final String baseString, final OAuth1Secrets secrets) throws InvalidSecretException {
    final Signature signature;
    try {
        signature = Signature.getInstance(SIGNATURE_ALGORITHM);
    } catch (final NoSuchAlgorithmException nsae) {
        throw new IllegalStateException(nsae);
    }
    byte[] decodedPrivateKey;
    try {
        decodedPrivateKey = Base64.decode(secrets.getConsumerSecret());
    } catch (final IOException ioe) {
        throw new InvalidSecretException(LocalizationMessages.ERROR_INVALID_CONSUMER_SECRET(ioe));
    }
    final KeyFactory keyFactory;
    try {
        keyFactory = KeyFactory.getInstance(KEY_TYPE);
    } catch (final NoSuchAlgorithmException nsae) {
        throw new IllegalStateException(nsae);
    }
    final EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(decodedPrivateKey);
    final RSAPrivateKey rsaPrivateKey;
    try {
        rsaPrivateKey = (RSAPrivateKey) keyFactory.generatePrivate(keySpec);
    } catch (final InvalidKeySpecException ikse) {
        throw new IllegalStateException(ikse);
    }
    try {
        signature.initSign(rsaPrivateKey);
    } catch (final InvalidKeyException ike) {
        throw new IllegalStateException(ike);
    }
    try {
        signature.update(baseString.getBytes());
    } catch (final SignatureException se) {
        throw new IllegalStateException(se);
    }
    final byte[] rsasha1;
    try {
        rsasha1 = signature.sign();
    } catch (final SignatureException se) {
        throw new IllegalStateException(se);
    }
    return Base64.encode(rsasha1);
}

Example 38 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project XobotOS by xamarin.

the class JDKKeyStore method decodeKey.

private Key decodeKey(DataInputStream dIn) throws IOException {
    int keyType = dIn.read();
    String format = dIn.readUTF();
    String algorithm = dIn.readUTF();
    byte[] enc = new byte[dIn.readInt()];
    KeySpec spec;
    dIn.readFully(enc);
    if (format.equals("PKCS#8") || format.equals("PKCS8")) {
        spec = new PKCS8EncodedKeySpec(enc);
    } else if (format.equals("X.509") || format.equals("X509")) {
        spec = new X509EncodedKeySpec(enc);
    } else if (format.equals("RAW")) {
        return new SecretKeySpec(enc, algorithm);
    } else {
        throw new IOException("Key format " + format + " not recognised!");
    }
    try {
        switch(keyType) {
            case KEY_PRIVATE:
                return KeyFactory.getInstance(algorithm, BouncyCastleProvider.PROVIDER_NAME).generatePrivate(spec);
            case KEY_PUBLIC:
                return KeyFactory.getInstance(algorithm, BouncyCastleProvider.PROVIDER_NAME).generatePublic(spec);
            case KEY_SECRET:
                return SecretKeyFactory.getInstance(algorithm, BouncyCastleProvider.PROVIDER_NAME).generateSecret(spec);
            default:
                throw new IOException("Key type " + keyType + " not recognised!");
        }
    } catch (Exception e) {
        throw new IOException("Exception creating key: " + e.toString());
    }
}

Example 39 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_RSA_Unencrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_RSA_Unencrypted_Success() throws Exception {
    mKeyStore.load(null, null);
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate[] expectedChain = new Certificate[2];
    expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
    expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
    mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
    Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
    assertNotNull("Retrieved entry should exist", actualEntry);
    assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
    PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
    assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}

Example 40 with PKCS8EncodedKeySpec

use of java.security.spec.PKCS8EncodedKeySpec in project android_frameworks_base by ResurrectionRemix.

the class AndroidKeyStoreTest method testKeyStore_SetEntry_PrivateKeyEntry_Encrypted_Success.

public void testKeyStore_SetEntry_PrivateKeyEntry_Encrypted_Success() throws Exception {
    setupPassword();
    mKeyStore.load(null, null);
    KeyFactory keyFact = KeyFactory.getInstance("RSA");
    PrivateKey expectedKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(FAKE_RSA_KEY_1));
    final CertificateFactory f = CertificateFactory.getInstance("X.509");
    final Certificate[] expectedChain = new Certificate[2];
    expectedChain[0] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_USER_1));
    expectedChain[1] = f.generateCertificate(new ByteArrayInputStream(FAKE_RSA_CA_1));
    PrivateKeyEntry expected = new PrivateKeyEntry(expectedKey, expectedChain);
    mKeyStore.setEntry(TEST_ALIAS_1, expected, null);
    Entry actualEntry = mKeyStore.getEntry(TEST_ALIAS_1, null);
    assertNotNull("Retrieved entry should exist", actualEntry);
    assertTrue("Retrieved entry should be of type PrivateKeyEntry", actualEntry instanceof PrivateKeyEntry);
    PrivateKeyEntry actual = (PrivateKeyEntry) actualEntry;
    assertPrivateKeyEntryEquals(actual, "RSA", FAKE_RSA_KEY_1, FAKE_RSA_USER_1, FAKE_RSA_CA_1);
}