Search in sources :

Example 36 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project karaf by apache.

the class KeyPairLoader method getKeyPair.

public static KeyPair getKeyPair(InputStream is, String password) throws GeneralSecurityException, IOException {
    try (PEMParser parser = new PEMParser(new InputStreamReader(is))) {
        Object o = parser.readObject();
        JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
        if (o instanceof PEMEncryptedKeyPair) {
            if (password == null) {
                throw new GeneralSecurityException("A password must be supplied to read an encrypted key pair");
            }
            JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();
            PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(password.toCharArray());
            o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor));
        } else if (o instanceof PKCS8EncryptedPrivateKeyInfo) {
            if (password == null) {
                throw new GeneralSecurityException("A password must be supplied to read an encrypted key pair");
            }
            JceOpenSSLPKCS8DecryptorProviderBuilder jce = new JceOpenSSLPKCS8DecryptorProviderBuilder();
            try {
                InputDecryptorProvider decProv = jce.build(password.toCharArray());
                o = ((PKCS8EncryptedPrivateKeyInfo) o).decryptPrivateKeyInfo(decProv);
            } catch (OperatorCreationException | PKCSException ex) {
                LOGGER.debug("Error decrypting key pair", ex);
                throw new GeneralSecurityException("Error decrypting key pair", ex);
            }
        }
        if (o instanceof PEMKeyPair) {
            return pemConverter.getKeyPair((PEMKeyPair) o);
        } else if (o instanceof KeyPair) {
            return (KeyPair) o;
        } else if (o instanceof PrivateKeyInfo) {
            PrivateKey privateKey = pemConverter.getPrivateKey((PrivateKeyInfo) o);
            PublicKey publicKey = convertPrivateToPublicKey(privateKey);
            if (publicKey != null) {
                return new KeyPair(publicKey, privateKey);
            }
        }
    }
    throw new GeneralSecurityException("Failed to parse input stream");
}
Also used : KeyPair(java.security.KeyPair) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) ECPrivateKey(java.security.interfaces.ECPrivateKey) PrivateKey(java.security.PrivateKey) InputStreamReader(java.io.InputStreamReader) PublicKey(java.security.PublicKey) GeneralSecurityException(java.security.GeneralSecurityException) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider) JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)

Example 37 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project XobotOS by xamarin.

the class PrivateKeyInfo method toASN1Object.

/**
     * write out an RSA private key with its associated information
     * as described in PKCS8.
     * <pre>
     *      PrivateKeyInfo ::= SEQUENCE {
     *                              version Version,
     *                              privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
     *                              privateKey PrivateKey,
     *                              attributes [0] IMPLICIT Attributes OPTIONAL 
     *                          }
     *      Version ::= INTEGER {v1(0)} (v1,...)
     *
     *      PrivateKey ::= OCTET STRING
     *
     *      Attributes ::= SET OF Attribute
     * </pre>
     */
public DERObject toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(new DERInteger(0));
    v.add(algId);
    v.add(new DEROctetString(privKey));
    if (attributes != null) {
        v.add(new DERTaggedObject(false, 0, attributes));
    }
    return new DERSequence(v);
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERInteger(org.bouncycastle.asn1.DERInteger)

Example 38 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project XobotOS by xamarin.

the class JCEECPrivateKey method getEncoded.

/**
     * Return a PKCS8 representation of the key. The sequence returned
     * represents a full PrivateKeyInfo object.
     *
     * @return a PKCS8 representation of the key.
     */
public byte[] getEncoded() {
    X962Parameters params;
    if (ecSpec instanceof ECNamedCurveSpec) {
        DERObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec) ecSpec).getName());
        if (// guess it's the OID
        curveOid == null) {
            curveOid = new DERObjectIdentifier(((ECNamedCurveSpec) ecSpec).getName());
        }
        params = new X962Parameters(curveOid);
    } else if (ecSpec == null) {
        params = new X962Parameters(DERNull.INSTANCE);
    } else {
        ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
        X9ECParameters ecP = new X9ECParameters(curve, EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression), ecSpec.getOrder(), BigInteger.valueOf(ecSpec.getCofactor()), ecSpec.getCurve().getSeed());
        params = new X962Parameters(ecP);
    }
    PrivateKeyInfo info;
    ECPrivateKeyStructure keyStructure;
    if (publicKey != null) {
        keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
    } else {
        keyStructure = new ECPrivateKeyStructure(this.getS(), params);
    }
    // BEGIN android-removed
    // if (algorithm.equals("ECGOST3410"))
    // {
    //     info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.getDERObject()), keyStructure.getDERObject());
    // }
    // else
    // END android-removed
    {
        info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), keyStructure.getDERObject());
    }
    return info.getDEREncoded();
}
Also used : X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) ECCurve(org.bouncycastle.math.ec.ECCurve) ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 39 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project XobotOS by xamarin.

the class JCEECPrivateKey method populateFromPrivKeyInfo.

private void populateFromPrivKeyInfo(PrivateKeyInfo info) {
    X962Parameters params = new X962Parameters((DERObject) info.getAlgorithmId().getParameters());
    if (params.isNamedCurve()) {
        DERObjectIdentifier oid = (DERObjectIdentifier) params.getParameters();
        X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
        // BEGIN android-removed
        // if (ecP == null) // GOST Curve
        // {
        //     ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
        //     EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
        //
        //     ecSpec = new ECNamedCurveSpec(
        //             ECGOST3410NamedCurves.getName(oid),
        //             ellipticCurve,
        //             new ECPoint(
        //                     gParam.getG().getX().toBigInteger(),
        //                     gParam.getG().getY().toBigInteger()),
        //             gParam.getN(),
        //             gParam.getH());
        // }
        // else
        // END android-removed
        {
            EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
            ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH());
        }
    } else if (params.isImplicitlyCA()) {
        ecSpec = null;
    } else {
        X9ECParameters ecP = new X9ECParameters((ASN1Sequence) params.getParameters());
        EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
        this.ecSpec = new ECParameterSpec(ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH().intValue());
    }
    if (info.getPrivateKey() instanceof DERInteger) {
        DERInteger derD = (DERInteger) info.getPrivateKey();
        this.d = derD.getValue();
    } else {
        ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence) info.getPrivateKey());
        this.d = ec.getKey();
        this.publicKey = ec.getPublicKey();
    }
}
Also used : X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) EllipticCurve(java.security.spec.EllipticCurve) ECParameterSpec(java.security.spec.ECParameterSpec) ECPrivateKeyStructure(org.bouncycastle.asn1.sec.ECPrivateKeyStructure) ECPoint(java.security.spec.ECPoint) DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier) ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec) DERInteger(org.bouncycastle.asn1.DERInteger)

Example 40 with PrivateKeyInfo

use of org.bouncycastle.asn1.pkcs.PrivateKeyInfo in project robovm by robovm.

the class BCECPrivateKey method populateFromPrivKeyInfo.

private void populateFromPrivKeyInfo(PrivateKeyInfo info) throws IOException {
    X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
    if (params.isNamedCurve()) {
        ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
        X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
        // BEGIN android-removed
        // if (ecP == null) // GOST Curve
        // {
        //     ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
        //     EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
        //
        //     ecSpec = new ECNamedCurveSpec(
        //             ECGOST3410NamedCurves.getName(oid),
        //             ellipticCurve,
        //             new ECPoint(
        //                     gParam.getG().getX().toBigInteger(),
        //                     gParam.getG().getY().toBigInteger()),
        //             gParam.getN(),
        //             gParam.getH());
        // }
        // else
        // END android-removed
        {
            EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
            ecSpec = new ECNamedCurveSpec(ECUtil.getCurveName(oid), ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH());
        }
    } else if (params.isImplicitlyCA()) {
        ecSpec = null;
    } else {
        X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
        EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
        this.ecSpec = new ECParameterSpec(ellipticCurve, new ECPoint(ecP.getG().getX().toBigInteger(), ecP.getG().getY().toBigInteger()), ecP.getN(), ecP.getH().intValue());
    }
    ASN1Encodable privKey = info.parsePrivateKey();
    if (privKey instanceof DERInteger) {
        DERInteger derD = DERInteger.getInstance(privKey);
        this.d = derD.getValue();
    } else {
        org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
        this.d = ec.getKey();
        this.publicKey = ec.getPublicKey();
    }
}
Also used : X962Parameters(org.bouncycastle.asn1.x9.X962Parameters) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) EllipticCurve(java.security.spec.EllipticCurve) ECParameterSpec(java.security.spec.ECParameterSpec) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ECPoint(java.security.spec.ECPoint) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) ECNamedCurveSpec(org.bouncycastle.jce.spec.ECNamedCurveSpec) DERInteger(org.bouncycastle.asn1.DERInteger)

Aggregations

PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)47 IOException (java.io.IOException)31 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)27 PEMParser (org.bouncycastle.openssl.PEMParser)24 PrivateKey (java.security.PrivateKey)22 PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)19 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)18 ByteArrayInputStream (java.io.ByteArrayInputStream)14 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)13 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)11 X9ECParameters (org.bouncycastle.asn1.x9.X9ECParameters)10 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)9 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)9 JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)9 PemObject (org.bouncycastle.util.io.pem.PemObject)9 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)8 PrivateKeyInfo (com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8 StringReader (java.io.StringReader)8 BigInteger (java.math.BigInteger)8 GeneralSecurityException (java.security.GeneralSecurityException)8