Example 26 with EncryptedPrivateKeyInfo
use of javax.crypto.EncryptedPrivateKeyInfo in project nhin-d by DirectProject.
the class CertLoader method loadCertificate.
public static CertCreateFields loadCertificate(File certFile, File keyFile, char[] password) throws Exception {
byte[] certData = loadFileData(certFile);
byte[] keyData = loadFileData(keyFile);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
InputStream inStr = new ByteArrayInputStream(certData);
java.security.cert.Certificate holdCert = cf.generateCertificate(inStr);
X509Certificate cert = (X509Certificate) holdCert;
IOUtils.closeQuietly(inStr);
KeyFactory kf = KeyFactory.getInstance("RSA", CryptoExtensions.getJCEProviderName());
PKCS8EncodedKeySpec keysp = null;
if (password != null && password.length > 0) {
EncryptedPrivateKeyInfo encInfo = new EncryptedPrivateKeyInfo(keyData);
PBEKeySpec keySpec = new PBEKeySpec(password);
String alg = encInfo.getAlgName();
SecretKeyFactory secFactory = SecretKeyFactory.getInstance(alg, CryptoExtensions.getJCEProviderName());
SecretKey secKey = secFactory.generateSecret(keySpec);
keysp = encInfo.getKeySpec(secKey, CryptoExtensions.getJCEProviderName());
} else {
keysp = new PKCS8EncodedKeySpec(keyData);
}
PrivateKey privKey = kf.generatePrivate(keysp);
Map<String, Object> attributes = getAttributes(cert);
Calendar now = Calendar.getInstance();
Calendar exp = Calendar.getInstance();
exp.setTime(cert.getNotAfter());
long diff = exp.getTimeInMillis() - now.getTimeInMillis();
long diffDays = diff / (24 * 60 * 60 * 1000);
// TODO: get the key strength
// just hard coded
int keyStr = 1024;
CertCreateFields retVal = new CertCreateFields(attributes, certFile, keyFile, password, (int) diffDays, keyStr, cert, privKey);
return retVal;
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
PrivateKey(java.security.PrivateKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
Calendar(java.util.Calendar)
CertificateFactory(java.security.cert.CertificateFactory)
X509Certificate(java.security.cert.X509Certificate)
SecretKey(javax.crypto.SecretKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
KeyFactory(java.security.KeyFactory)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Example 27 with EncryptedPrivateKeyInfo
use of javax.crypto.EncryptedPrivateKeyInfo in project nhin-d by DirectProject.
the class CreatePKCS12 method create.
/**
* Creates a PCKS12 file from the certificate and key files.
* @param certFile The X509 DER encoded certificate file.
* @param keyFile The PCKS8 DER encoded private key file.
* @param password Option password for the private key file. This is required if the private key file is encrypted. Should be null or empty
* if the private key file is not encrypted.
* @param createFile Optional file descriptor for the output file of the pkcs12 file. If this is null, the file name is based on the
* certificate file name.
* @return File descriptor of the created pcks12 file. Null if an error occurred.
*/
public static File create(File certFile, File keyFile, String password, File createFile) {
File pkcs12File = null;
CreatePKCS12.certFile = certFile;
CreatePKCS12.keyFile = keyFile;
FileOutputStream outStr = null;
InputStream inStr = null;
// load cert file
try {
KeyStore localKeyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
localKeyStore.load(null, null);
byte[] certData = loadFileData(certFile);
byte[] keyData = loadFileData(keyFile);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
inStr = new ByteArrayInputStream(certData);
java.security.cert.Certificate cert = cf.generateCertificate(inStr);
IOUtils.closeQuietly(inStr);
KeyFactory kf = KeyFactory.getInstance("RSA", CryptoExtensions.getJCEProviderName());
PKCS8EncodedKeySpec keysp = null;
if (password != null && !password.isEmpty()) {
EncryptedPrivateKeyInfo encInfo = new EncryptedPrivateKeyInfo(keyData);
PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
String alg = encInfo.getAlgName();
SecretKeyFactory secFactory = SecretKeyFactory.getInstance(alg, CryptoExtensions.getJCEProviderName());
SecretKey secKey = secFactory.generateSecret(keySpec);
keysp = encInfo.getKeySpec(secKey, CryptoExtensions.getJCEProviderName());
} else {
keysp = new PKCS8EncodedKeySpec(keyData);
}
Key privKey = kf.generatePrivate(keysp);
char[] array = "".toCharArray();
localKeyStore.setKeyEntry("privCert", privKey, array, new java.security.cert.Certificate[] { cert });
pkcs12File = getPKCS12OutFile(createFile);
outStr = new FileOutputStream(pkcs12File);
localKeyStore.store(outStr, p12Pass.toCharArray());
} catch (Exception e) {
System.err.println("Failed to create pcks12 file: " + e.getMessage());
e.printStackTrace(System.err);
return null;
} finally {
IOUtils.closeQuietly(outStr);
IOUtils.closeQuietly(inStr);
}
return pkcs12File;
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
KeyStore(java.security.KeyStore)
CertificateFactory(java.security.cert.CertificateFactory)
SecretKey(javax.crypto.SecretKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
FileOutputStream(java.io.FileOutputStream)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo)
File(java.io.File)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
KeyFactory(java.security.KeyFactory)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Key(java.security.Key)
SecretKey(javax.crypto.SecretKey)
Example 28 with EncryptedPrivateKeyInfo
use of javax.crypto.EncryptedPrivateKeyInfo in project graylog2-server by Graylog2.
the class KeyUtil method createKeySpec.
private static PKCS8EncodedKeySpec createKeySpec(byte[] keyBytes, String password) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
if (Strings.isNullOrEmpty(password)) {
return new PKCS8EncodedKeySpec(keyBytes);
}
final EncryptedPrivateKeyInfo pkInfo = new EncryptedPrivateKeyInfo(keyBytes);
final SecretKeyFactory kf = SecretKeyFactory.getInstance(pkInfo.getAlgName());
final PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray());
final SecretKey secretKey = kf.generateSecret(keySpec);
@SuppressWarnings("InsecureCryptoUsage") final Cipher cipher = Cipher.getInstance(pkInfo.getAlgName());
cipher.init(Cipher.DECRYPT_MODE, secretKey, pkInfo.getAlgParameters());
return pkInfo.getKeySpec(cipher);
}
Also used :
PBEKeySpec(javax.crypto.spec.PBEKeySpec)
SecretKey(javax.crypto.SecretKey)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo)
Cipher(javax.crypto.Cipher)
SecretKeyFactory(javax.crypto.SecretKeyFactory)
Example 29 with EncryptedPrivateKeyInfo
use of javax.crypto.EncryptedPrivateKeyInfo in project robovm by robovm.
the class EncryptedPrivateKeyInfoTest method testEncryptedPrivateKeyInfoAlgorithmParametersbyteArray4.
/**
* Test #4 for
* <code>EncryptedPrivateKeyInfo(java.security.AlgorithmParameters, byte[])
* </code>
* constructor <br>
* Assertion: byte array is copied to prevent subsequent modification <br>
* Test preconditions: valid array passed then modified <br>
* Expected: getEncryptedData(), invoked after above modification, must
* return array as it was before the modification
*
* @throws IOException
*/
public final void testEncryptedPrivateKeyInfoAlgorithmParametersbyteArray4() throws Exception {
AlgorithmParameters ap = AlgorithmParameters.getInstance("DSA");
// use pregenerated AlgorithmParameters encodings
ap.init(EncryptedPrivateKeyInfoData.getParametersEncoding("DSA"));
byte[] encryptedDataCopy = EncryptedPrivateKeyInfoData.encryptedData.clone();
// pass valid array
EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo(ap, encryptedDataCopy);
// modify array passed
encryptedDataCopy[0] = (byte) 6;
// check that internal state has not been affected
assertTrue(Arrays.equals(EncryptedPrivateKeyInfoData.encryptedData, epki.getEncryptedData()));
}
Also used :
EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo)
AlgorithmParameters(java.security.AlgorithmParameters)
Example 30 with EncryptedPrivateKeyInfo
use of javax.crypto.EncryptedPrivateKeyInfo in project robovm by robovm.
the class EncryptedPrivateKeyInfoTest method testGetEncoded03.
/**
* Test #3 for <code>getEncoded()</code> method <br>
* Assertion: returns the ASN.1 encoding of this object <br>
* Test preconditions: test object created using ctor which takes algorithm
* name and encrypted data as a parameters <br>
* Expected: equivalent encoded form (without alg params) must be returned
*
* @throws IOException
*/
public final void testGetEncoded03() throws IOException {
boolean performed = false;
for (int i = 0; i < EncryptedPrivateKeyInfoData.algName0.length; i++) {
try {
AlgorithmParameters ap = AlgorithmParameters.getInstance(EncryptedPrivateKeyInfoData.algName0[i][0]);
// use pregenerated AlgorithmParameters encodings
ap.init(EncryptedPrivateKeyInfoData.getParametersEncoding(EncryptedPrivateKeyInfoData.algName0[i][0]));
EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo(ap, EncryptedPrivateKeyInfoData.encryptedData);
// check that method under test returns
// valid encoded form
assertTrue(Arrays.equals(EncryptedPrivateKeyInfoData.getValidEncryptedPrivateKeyInfoEncoding(EncryptedPrivateKeyInfoData.algName0[i][0]), epki.getEncoded()));
performed = true;
} catch (NoSuchAlgorithmException allowedFailure) {
}
}
assertTrue("Test not performed", performed);
}
Also used :
EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
AlgorithmParameters(java.security.AlgorithmParameters)
Aggregations
EncryptedPrivateKeyInfo (javax.crypto.EncryptedPrivateKeyInfo)40
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)26
AlgorithmParameters (java.security.AlgorithmParameters)10
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)10
InvalidKeyException (java.security.InvalidKeyException)7
SecretKey (javax.crypto.SecretKey)7
PBEKeySpec (javax.crypto.spec.PBEKeySpec)7
SecretKeyFactory (javax.crypto.SecretKeyFactory)6
Cipher (javax.crypto.Cipher)5
Key (java.security.Key)4
KeyFactory (java.security.KeyFactory)3
InvalidKeySpecException (java.security.spec.InvalidKeySpecException)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
IOException (java.io.IOException)2
InputStream (java.io.InputStream)2
KeyStore (java.security.KeyStore)2
PrivateKey (java.security.PrivateKey)2
CertificateFactory (java.security.cert.CertificateFactory)2
X509Certificate (java.security.cert.X509Certificate)2
File (java.io.File)1
