Examples with PrivateKeyInfo org.bouncycastle.asn1.pkcs.PrivateKeyInfo used on opensource projects

Search in sources :

Example 66 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project thingsboard by thingsboard.

the class PemSslCredentials method loadKeyStore.

@Override
protected KeyStore loadKeyStore(boolean trustsOnly, char[] keyPasswordArray) throws IOException, GeneralSecurityException {
    if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
        Security.addProvider(new BouncyCastleProvider());
    }
    List<X509Certificate> certificates = new ArrayList<>();
    PrivateKey privateKey = null;
    JcaX509CertificateConverter certConverter = new JcaX509CertificateConverter();
    JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter();
    try (InputStream inStream = ResourceUtils.getInputStream(this, this.certFile)) {
        try (PEMParser pemParser = new PEMParser(new InputStreamReader(inStream))) {
            Object object;
            while ((object = pemParser.readObject()) != null) {
                if (object instanceof X509CertificateHolder) {
                    X509Certificate x509Cert = certConverter.getCertificate((X509CertificateHolder) object);
                    certificates.add(x509Cert);
                } else if (object instanceof PEMEncryptedKeyPair) {
                    PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(keyPasswordArray);
                    privateKey = keyConverter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv)).getPrivate();
                } else if (object instanceof PEMKeyPair) {
                    privateKey = keyConverter.getKeyPair((PEMKeyPair) object).getPrivate();
                } else if (object instanceof PrivateKeyInfo) {
                    privateKey = keyConverter.getPrivateKey((PrivateKeyInfo) object);
                }
            }
        }
    }
    if (privateKey == null && !StringUtils.isEmpty(this.keyFile)) {
        if (ResourceUtils.resourceExists(this, this.keyFile)) {
            try (InputStream inStream = ResourceUtils.getInputStream(this, this.keyFile)) {
                try (PEMParser pemParser = new PEMParser(new InputStreamReader(inStream))) {
                    Object object;
                    while ((object = pemParser.readObject()) != null) {
                        if (object instanceof PEMEncryptedKeyPair) {
                            PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(keyPasswordArray);
                            privateKey = keyConverter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv)).getPrivate();
                            break;
                        } else if (object instanceof PEMKeyPair) {
                            privateKey = keyConverter.getKeyPair((PEMKeyPair) object).getPrivate();
                            break;
                        } else if (object instanceof PrivateKeyInfo) {
                            privateKey = keyConverter.getPrivateKey((PrivateKeyInfo) object);
                        }
                    }
                }
            }
        }
    }
    if (certificates.isEmpty()) {
        throw new IllegalArgumentException("No certificates found in certFile: " + this.certFile);
    }
    if (privateKey == null && !trustsOnly) {
        throw new IllegalArgumentException("Unable to load private key neither from certFile: " + this.certFile + " nor from keyFile: " + this.keyFile);
    }
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null);
    if (trustsOnly) {
        List<Certificate> unique = certificates.stream().distinct().collect(Collectors.toList());
        for (int i = 0; i < unique.size(); i++) {
            keyStore.setCertificateEntry("root-" + i, unique.get(i));
        }
    }
    if (privateKey != null) {
        CertificateFactory factory = CertificateFactory.getInstance("X.509");
        CertPath certPath = factory.generateCertPath(certificates);
        List<? extends Certificate> path = certPath.getCertificates();
        Certificate[] x509Certificates = path.toArray(new Certificate[0]);
        keyStore.setKeyEntry(DEFAULT_KEY_ALIAS, privateKey, keyPasswordArray, x509Certificates);
    }
    return keyStore;
}
Also used : PrivateKey(java.security.PrivateKey) ArrayList(java.util.ArrayList) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) CertificateFactory(java.security.cert.CertificateFactory) PEMParser(org.bouncycastle.openssl.PEMParser) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) CertPath(java.security.cert.CertPath) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) InputStreamReader(java.io.InputStreamReader) InputStream(java.io.InputStream) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 67 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project tray by qzind.

the class CertificateManager method createTrustedKeystore.

public CertificateManager createTrustedKeystore(File pemKey, File pemCert) throws Exception {
    sslKeyPair = new KeyPairWrapper(SSL);
    // Private Key
    PEMParser pem = new PEMParser(new FileReader(pemKey));
    Object parsedObject = pem.readObject();
    PrivateKeyInfo privateKeyInfo = parsedObject instanceof PEMKeyPair ? ((PEMKeyPair) parsedObject).getPrivateKeyInfo() : (PrivateKeyInfo) parsedObject;
    PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded());
    KeyFactory factory = KeyFactory.getInstance("RSA");
    PrivateKey key = factory.generatePrivate(privateKeySpec);
    List<X509Certificate> certs = new ArrayList<>();
    X509CertificateHolder certHolder = (X509CertificateHolder) pem.readObject();
    if (certHolder != null) {
        certs.add(new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder));
    }
    // Certificate
    pem = new PEMParser(new FileReader(pemCert));
    while ((certHolder = (X509CertificateHolder) pem.readObject()) != null) {
        certs.add(new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder));
    }
    // Keystore
    KeyStore ks = KeyStore.getInstance("PKCS12");
    ks.load(null);
    for (int i = 0; i < certs.size(); i++) {
        ks.setCertificateEntry(sslKeyPair.getAlias() + "_" + i, certs.get(i));
    }
    KeyStore keyStore = KeyStore.getInstance("PKCS12");
    keyStore.load(null);
    keyStore.setKeyEntry(sslKeyPair.getAlias(), key, getPassword(), certs.toArray(new X509Certificate[certs.size()]));
    sslKeyPair.init(keyStore, getPassword());
    return this;
}
Also used : X509Certificate(java.security.cert.X509Certificate) PEMParser(org.bouncycastle.openssl.PEMParser) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

Aggregations

PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)48 IOException (java.io.IOException)31 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)27 PEMParser (org.bouncycastle.openssl.PEMParser)25 PrivateKey (java.security.PrivateKey)22 PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)20 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)18 ByteArrayInputStream (java.io.ByteArrayInputStream)14 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)13 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)11 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)10 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)10 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)9 JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)9 PemObject (org.bouncycastle.util.io.pem.PemObject)9 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)8 PrivateKeyInfo (com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8 StringReader (java.io.StringReader)8 GeneralSecurityException (java.security.GeneralSecurityException)8 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial