Examples with PEMKeyPair org.bouncycastle.openssl.PEMKeyPair used on opensource projects

Search in sources :

Example 6 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project incubator-pulsar by apache.

the class MessageCrypto method loadPrivateKey.

private PrivateKey loadPrivateKey(byte[] keyBytes) throws Exception {
    Reader keyReader = new StringReader(new String(keyBytes));
    PrivateKey privateKey = null;
    try (PEMParser pemReader = new PEMParser(keyReader)) {
        X9ECParameters ecParam = null;
        Object pemObj = pemReader.readObject();
        if (pemObj instanceof ASN1ObjectIdentifier) {
            // make sure this is EC Parameter we're handling. In which case
            // we'll store it and read the next object which should be our
            // EC Private Key
            ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
            ecParam = ECNamedCurveTable.getByOID(ecOID);
            if (ecParam == null) {
                throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ecOID.getId());
            }
            pemObj = pemReader.readObject();
        } else if (pemObj instanceof X9ECParameters) {
            ecParam = (X9ECParameters) pemObj;
            pemObj = pemReader.readObject();
        }
        if (pemObj instanceof PEMKeyPair) {
            PrivateKeyInfo pKeyInfo = ((PEMKeyPair) pemObj).getPrivateKeyInfo();
            JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
            privateKey = pemConverter.getPrivateKey(pKeyInfo);
        }
        if (ecParam != null && ECDSA.equals(privateKey.getAlgorithm())) {
            ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
            KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME);
            ECPrivateKeySpec keySpec = new ECPrivateKeySpec(((BCECPrivateKey) privateKey).getS(), ecSpec);
            privateKey = (PrivateKey) keyFactory.generatePrivate(keySpec);
        }
    } catch (IOException e) {
        throw new Exception(e);
    }
    return privateKey;
}
Also used : BCECPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey) PrivateKey(java.security.PrivateKey) ECPrivateKeySpec(org.bouncycastle.jce.spec.ECPrivateKeySpec) X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters) Reader(java.io.Reader) CryptoKeyReader(org.apache.pulsar.client.api.CryptoKeyReader) StringReader(java.io.StringReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) ByteString(com.google.protobuf.ByteString) IOException(java.io.IOException) PulsarClientException(org.apache.pulsar.client.api.PulsarClientException) ShortBufferException(javax.crypto.ShortBufferException) IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) NoSuchPaddingException(javax.crypto.NoSuchPaddingException) CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException) PEMException(org.bouncycastle.openssl.PEMException) IOException(java.io.IOException) BadPaddingException(javax.crypto.BadPaddingException) NoSuchProviderException(java.security.NoSuchProviderException) PEMParser(org.bouncycastle.openssl.PEMParser) ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec) PEMException(org.bouncycastle.openssl.PEMException) StringReader(java.io.StringReader) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) KeyFactory(java.security.KeyFactory)

Example 7 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project candlepin by candlepin.

the class CertificateReaderForTesting method readPrivateKey.

@Override
protected PrivateKey readPrivateKey(PrivateKeyReader reader) throws FileNotFoundException {
    InputStream keyStream = this.getClass().getClassLoader().getResourceAsStream("test-ca.key");
    KeyPair keyPair = null;
    try (PEMParser parser = new PEMParser(new InputStreamReader(keyStream))) {
        keyPair = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getKeyPair((PEMKeyPair) parser.readObject());
    } catch (IOException e) {
        Assert.fail("Could not load private key");
    }
    return keyPair.getPrivate();
}
Also used : KeyPair(java.security.KeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) InputStreamReader(java.io.InputStreamReader) InputStream(java.io.InputStream) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) IOException(java.io.IOException)

Example 8 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project candlepin by candlepin.

the class PrivateKeyReaderTest method testReadPKCS1.

@Test
public void testReadPKCS1() throws Exception {
    String keyFile = "keys/pkcs1-unencrypted.pem";
    try (InputStream keyStream = cl.getResourceAsStream(keyFile);
        Reader expectedReader = new InputStreamReader(cl.getResourceAsStream(keyFile))) {
        PrivateKey actualKey = new PrivateKeyReader().read(keyStream, null);
        PEMKeyPair expected = (PEMKeyPair) new PEMParser(expectedReader).readObject();
        PrivateKey expectedKey = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getKeyPair(expected).getPrivate();
        assertEquals(actualKey, expectedKey);
    }
}
Also used : PrivateKey(java.security.PrivateKey) InputStreamReader(java.io.InputStreamReader) PEMParser(org.bouncycastle.openssl.PEMParser) InputStream(java.io.InputStream) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) Test(org.junit.Test)

Example 9 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project certmgr by hdecarne.

the class PEMCertReaderWriter method readObjectsString.

/**
 * Read all available certificate objects from a PEM encoded {@link Reader} resource.
 *
 * @param in The reader resource to read from.
 * @param password The callback to use for querying passwords (if needed).
 * @return The read certificate objects, or {@code null} if the input is not recognized.
 * @throws IOException if an I/O error occurs while reading.
 */
@Nullable
public static CertObjectStore readObjectsString(IOResource<Reader> in, PasswordCallback password) throws IOException {
    LOG.debug("Trying to read PEM objects from: ''{0}''...", in);
    CertObjectStore certObjects = null;
    try (PEMParser parser = new PEMParser(in.io())) {
        Object pemObject;
        try {
            pemObject = parser.readObject();
        } catch (IOException e) {
            LOG.info(e, "No PEM objects recognized in: ''{0}''", in);
            pemObject = null;
        }
        while (pemObject != null) {
            if (certObjects == null) {
                certObjects = new CertObjectStore();
            }
            LOG.info("Decoding PEM object of type {0}", pemObject.getClass().getName());
            if (pemObject instanceof X509CertificateHolder) {
                certObjects.addCRT(convertCRT((X509CertificateHolder) pemObject));
            } else if (pemObject instanceof PEMKeyPair) {
                certObjects.addKey(convertKey((PEMKeyPair) pemObject));
            } else if (pemObject instanceof PEMEncryptedKeyPair) {
                certObjects.addKey(convertKey((PEMEncryptedKeyPair) pemObject, in.resource(), password));
            } else if (pemObject instanceof PKCS10CertificationRequest) {
                certObjects.addCSR(convertCSR((PKCS10CertificationRequest) pemObject));
            } else if (pemObject instanceof X509CRLHolder) {
                certObjects.addCRL(convertCRL((X509CRLHolder) pemObject));
            } else {
                LOG.warning("Ignoring unrecognized PEM object of type {0}", pemObject.getClass().getName());
            }
            pemObject = parser.readObject();
        }
    }
    return certObjects;
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) X509CRLHolder(org.bouncycastle.cert.X509CRLHolder) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) CertObjectStore(de.carne.certmgr.certs.CertObjectStore) IOException(java.io.IOException) Nullable(de.carne.check.Nullable)

Example 10 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project certmgr by hdecarne.

the class PEMCertReaderWriter method convertKey.

private static KeyPair convertKey(PEMEncryptedKeyPair pemObject, String resource, PasswordCallback password) throws IOException {
    PEMKeyPair pemKeyPair = null;
    Throwable passwordException = null;
    while (pemKeyPair == null) {
        char[] passwordChars = (passwordException == null ? password.queryPassword(resource) : password.requeryPassword(resource, passwordException));
        if (passwordChars == null) {
            throw new PasswordRequiredException(resource, passwordException);
        }
        PEMDecryptorProvider pemDecryptorProvider = PEM_DECRYPTOR_PROVIDER_BUILDER.build(passwordChars);
        try {
            pemKeyPair = pemObject.decryptKeyPair(pemDecryptorProvider);
        } catch (EncryptionException e) {
            passwordException = e;
        }
    }
    return convertKey(pemKeyPair);
}
Also used : PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) EncryptionException(org.bouncycastle.openssl.EncryptionException) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PasswordRequiredException(de.carne.certmgr.certs.PasswordRequiredException)

Aggregations

PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)37 PEMParser (org.bouncycastle.openssl.PEMParser)35 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)28 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)17 IOException (java.io.IOException)13 InputStreamReader (java.io.InputStreamReader)13 PrivateKey (java.security.PrivateKey)12 PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)12 StringReader (java.io.StringReader)11 PEMDecryptorProvider (org.bouncycastle.openssl.PEMDecryptorProvider)11 JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)11 InputStream (java.io.InputStream)10 KeyPair (java.security.KeyPair)8 Reader (java.io.Reader)7 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)7 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)7 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)6 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)6 PemObject (org.bouncycastle.util.io.pem.PemObject)6 KeyFactory (java.security.KeyFactory)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial