Examples with PEMKeyPair org.bouncycastle.openssl.PEMKeyPair used on opensource projects

Search in sources :

Example 11 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project vespa by vespa-engine.

the class PemKeyStore method loadPrivateKey.

private void loadPrivateKey(PEMParser parser) {
    try {
        Object object = parser.readObject();
        PrivateKeyInfo privateKeyInfo;
        if (object instanceof PEMKeyPair) {
            // Legacy PKCS1
            privateKeyInfo = ((PEMKeyPair) object).getPrivateKeyInfo();
        } else if (object instanceof PrivateKeyInfo) {
            // PKCS8
            privateKeyInfo = (PrivateKeyInfo) object;
        } else {
            throw new UnsupportedOperationException("Expected " + PrivateKeyInfo.class + " or " + PEMKeyPair.class + ", got " + object.getClass());
        }
        Object nextObject = parser.readObject();
        if (nextObject != null) {
            throw new UnsupportedOperationException("Expected a single private key, but found a second element " + nextObject.getClass());
        }
        setPrivateKey(privateKeyInfo);
    } catch (Exception e) {
        throw throwUnchecked(e);
    }
}
Also used : PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) KeyStoreException(java.security.KeyStoreException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) PEMException(org.bouncycastle.openssl.PEMException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) UncheckedIOException(java.io.UncheckedIOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)

Example 12 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project cloudbreak by hortonworks.

the class PkiUtil method generateSignature.

public static String generateSignature(String privateKeyPem, byte[] data) {
    RSAKeyParameters rsaKeyParameters = CACHE.get(privateKeyPem);
    if (rsaKeyParameters == null) {
        try (PEMParser pEMParser = new PEMParser(new StringReader(clarifyPemKey(privateKeyPem)))) {
            PEMKeyPair pemKeyPair = (PEMKeyPair) pEMParser.readObject();
            KeyFactory factory = KeyFactory.getInstance("RSA");
            KeySpec publicKeySpec = new X509EncodedKeySpec(pemKeyPair.getPublicKeyInfo().getEncoded());
            PublicKey publicKey = factory.generatePublic(publicKeySpec);
            KeySpec privateKeySpec = new PKCS8EncodedKeySpec(pemKeyPair.getPrivateKeyInfo().getEncoded());
            PrivateKey privateKey = factory.generatePrivate(privateKeySpec);
            KeyPair kp = new KeyPair(publicKey, privateKey);
            RSAPrivateKeySpec privKeySpec = factory.getKeySpec(kp.getPrivate(), RSAPrivateKeySpec.class);
            rsaKeyParameters = new RSAKeyParameters(true, privKeySpec.getModulus(), privKeySpec.getPrivateExponent());
            CACHE.put(privateKeyPem, rsaKeyParameters);
        } catch (NoSuchAlgorithmException | IOException | InvalidKeySpecException e) {
            throw new SecurityException(e);
        }
    }
    Signer signer = new PSSSigner(new RSAEngine(), new SHA256Digest(), SALT_LENGTH);
    signer.init(true, rsaKeyParameters);
    signer.update(data, 0, data.length);
    try {
        byte[] signature = signer.generateSignature();
        return BaseEncoding.base64().encode(signature);
    } catch (CryptoException e) {
        throw new SecurityException(e);
    }
}
Also used : KeyPair(java.security.KeyPair) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKey(java.security.PrivateKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) KeySpec(java.security.spec.KeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) RSAPrivateKeySpec(java.security.spec.RSAPrivateKeySpec) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) RSAKeyParameters(org.bouncycastle.crypto.params.RSAKeyParameters) Signer(org.bouncycastle.crypto.Signer) ContentSigner(org.bouncycastle.operator.ContentSigner) PSSSigner(org.bouncycastle.crypto.signers.PSSSigner) PEMParser(org.bouncycastle.openssl.PEMParser) RSAPrivateKeySpec(java.security.spec.RSAPrivateKeySpec) SHA256Digest(org.bouncycastle.crypto.digests.SHA256Digest) PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec) StringReader(java.io.StringReader) PSSSigner(org.bouncycastle.crypto.signers.PSSSigner) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) CryptoException(org.bouncycastle.crypto.CryptoException) RSAEngine(org.bouncycastle.crypto.engines.RSAEngine) PrivateKeyFactory(org.bouncycastle.crypto.util.PrivateKeyFactory) KeyFactory(java.security.KeyFactory)

Example 13 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project neo4j by neo4j.

the class PkiUtils method loadPrivateKey.

public static PrivateKey loadPrivateKey(Path privateKeyFile, String passPhrase) throws IOException {
    if (passPhrase == null) {
        passPhrase = "";
    }
    try (PEMParser r = new PEMParser(Files.newBufferedReader(privateKeyFile))) {
        Object pemObject = r.readObject();
        final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(PROVIDER);
        if (// -----BEGIN RSA/DSA/EC PRIVATE KEY----- Proc-Type: 4,ENCRYPTED
        pemObject instanceof PEMEncryptedKeyPair) {
            final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) pemObject;
            final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(passPhrase.toCharArray());
            return converter.getKeyPair(ckp.decryptKeyPair(decProv)).getPrivate();
        } else if (// -----BEGIN ENCRYPTED PRIVATE KEY-----
        pemObject instanceof PKCS8EncryptedPrivateKeyInfo) {
            try {
                final PKCS8EncryptedPrivateKeyInfo encryptedInfo = (PKCS8EncryptedPrivateKeyInfo) pemObject;
                final InputDecryptorProvider provider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(passPhrase.toCharArray());
                final PrivateKeyInfo privateKeyInfo = encryptedInfo.decryptPrivateKeyInfo(provider);
                return converter.getPrivateKey(privateKeyInfo);
            } catch (PKCSException | OperatorCreationException e) {
                throw new IOException("Unable to decrypt private key.", e);
            }
        } else if (// -----BEGIN PRIVATE KEY-----
        pemObject instanceof PrivateKeyInfo) {
            return converter.getPrivateKey((PrivateKeyInfo) pemObject);
        } else if (// -----BEGIN RSA/DSA/EC PRIVATE KEY-----
        pemObject instanceof PEMKeyPair) {
            return converter.getKeyPair((PEMKeyPair) pemObject).getPrivate();
        } else {
            throw new IOException("Unrecognized private key format.");
        }
    }
}
Also used : PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PemObject(org.bouncycastle.util.io.pem.PemObject) JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) IOException(java.io.IOException) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)

Example 14 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project gocd by gocd.

the class GoAgentServerClientBuilder method getPrivateKey.

private PrivateKey getPrivateKey() throws IOException {
    PrivateKey privateKey;
    try (PEMParser reader = new PEMParser(new FileReader(this.sslPrivateKey, StandardCharsets.UTF_8))) {
        Object pemObject = reader.readObject();
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());
        if (pemObject instanceof PEMEncryptedKeyPair) {
            PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(passphrase());
            KeyPair keyPair = converter.getKeyPair(((PEMEncryptedKeyPair) pemObject).decryptKeyPair(decProv));
            privateKey = keyPair.getPrivate();
        } else if (pemObject instanceof PEMKeyPair) {
            KeyPair keyPair = converter.getKeyPair((PEMKeyPair) pemObject);
            privateKey = keyPair.getPrivate();
        } else if (pemObject instanceof PrivateKeyInfo) {
            PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) pemObject;
            privateKey = converter.getPrivateKey(privateKeyInfo);
        } else {
            throw new RuntimeException("Unable to parse key of type " + pemObject.getClass());
        }
        return privateKey;
    }
}
Also used : PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PEMParser(org.bouncycastle.openssl.PEMParser) FileReader(java.io.FileReader) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 15 with PEMKeyPair

use of org.bouncycastle.openssl.PEMKeyPair in project cas by apereo.

the class PrivateKeyFactoryBean method readPemPrivateKey.

private PrivateKey readPemPrivateKey() {
    LOGGER.trace("Attempting to read as PEM [{}]", this.location);
    try (val in = new InputStreamReader(this.location.getInputStream(), StandardCharsets.UTF_8);
        val br = new BufferedReader(in);
        val pp = new PEMParser(br)) {
        val object = pp.readObject();
        if (object instanceof PrivateKeyInfo) {
            return new JcaPEMKeyConverter().getPrivateKey((PrivateKeyInfo) object);
        }
        if (object instanceof PEMKeyPair) {
            val pemKeyPair = (PEMKeyPair) object;
            val kp = new JcaPEMKeyConverter().getKeyPair(pemKeyPair);
            return kp.getPrivate();
        }
    } catch (final Exception e) {
        LOGGER.debug("Unable to read key", e);
    }
    return null;
}
Also used : lombok.val(lombok.val) InputStreamReader(java.io.InputStreamReader) PEMParser(org.bouncycastle.openssl.PEMParser) BufferedReader(java.io.BufferedReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)

Aggregations

PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)37 PEMParser (org.bouncycastle.openssl.PEMParser)35 JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)28 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)17 IOException (java.io.IOException)13 InputStreamReader (java.io.InputStreamReader)13 PrivateKey (java.security.PrivateKey)12 PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)12 StringReader (java.io.StringReader)11 PEMDecryptorProvider (org.bouncycastle.openssl.PEMDecryptorProvider)11 JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)11 InputStream (java.io.InputStream)10 KeyPair (java.security.KeyPair)8 Reader (java.io.Reader)7 PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)7 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)7 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)6 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)6 PemObject (org.bouncycastle.util.io.pem.PemObject)6 KeyFactory (java.security.KeyFactory)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial