Example 16 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project ddf by codice.
the class KeystoreEditor method addToStore.
private synchronized void addToStore(String alias, String keyPassword, String storePassword, String data, String type, String fileName, String path, String storepass, KeyStore store) throws KeystoreEditorException {
OutputStream fos = null;
try (InputStream inputStream = new ByteArrayInputStream(Base64.getDecoder().decode(data))) {
if (StringUtils.isBlank(alias)) {
throw new IllegalArgumentException(NULL_ALIAS_MSG);
}
Path storeFile = Paths.get(path);
// check the two most common key/cert stores first (pkcs12 and jks)
if (PKCS12_TYPE.equals(type) || StringUtils.endsWithIgnoreCase(fileName, ".p12")) {
// priv key + cert chain
KeyStore pkcs12Store = KeyStore.getInstance("PKCS12");
pkcs12Store.load(inputStream, storePassword.toCharArray());
Certificate[] chain = pkcs12Store.getCertificateChain(alias);
Key key = pkcs12Store.getKey(alias, keyPassword.toCharArray());
if (key != null) {
store.setKeyEntry(alias, key, keyPassword.toCharArray(), chain);
fos = Files.newOutputStream(storeFile);
store.store(fos, storepass.toCharArray());
}
} else if (JKS_TYPE.equals(type) || StringUtils.endsWithIgnoreCase(fileName, ".jks")) {
// java keystore file
KeyStore jks = KeyStore.getInstance("jks");
jks.load(inputStream, storePassword.toCharArray());
Enumeration<String> aliases = jks.aliases();
// we are going to store all entries from the jks regardless of the passed in alias
while (aliases.hasMoreElements()) {
String jksAlias = aliases.nextElement();
if (jks.isKeyEntry(jksAlias)) {
Key key = jks.getKey(jksAlias, keyPassword.toCharArray());
Certificate[] certificateChain = jks.getCertificateChain(jksAlias);
store.setKeyEntry(jksAlias, key, keyPassword.toCharArray(), certificateChain);
} else {
Certificate certificate = jks.getCertificate(jksAlias);
store.setCertificateEntry(jksAlias, certificate);
}
}
fos = Files.newOutputStream(storeFile);
store.store(fos, storepass.toCharArray());
// need to parse der separately from pem, der has the same mime type but is binary hence
// checking both
} else if (DER_TYPE.equals(type) && StringUtils.endsWithIgnoreCase(fileName, ".der")) {
ASN1InputStream asn1InputStream = new ASN1InputStream(inputStream);
ASN1Primitive asn1Primitive = asn1InputStream.readObject();
X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(asn1Primitive.getEncoded());
CertificateFactory certificateFactory = CertificateFactory.getInstance(X509, "BC");
Certificate certificate = certificateFactory.generateCertificate(new ByteArrayInputStream(x509CertificateHolder.getEncoded()));
X500Name x500name = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
String cnStr = IETFUtils.valueToString(cn.getFirst().getValue());
if (!store.isCertificateEntry(cnStr) && !store.isKeyEntry(cnStr)) {
store.setCertificateEntry(cnStr, certificate);
}
store.setCertificateEntry(alias, certificate);
fos = Files.newOutputStream(storeFile);
store.store(fos, storepass.toCharArray());
// if it isn't one of the stores we support, it might be a key or cert by itself
} else if (isPemParsable(type, fileName)) {
// This is the catch all case for PEM, P7B, etc. with common file extensions if the mime
// type isn't read correctly in the browser
Reader reader = new BufferedReader(new InputStreamReader(inputStream, StandardCharsets.UTF_8));
PEMParser pemParser = new PEMParser(reader);
Object object;
boolean setEntry = false;
while ((object = pemParser.readObject()) != null) {
if (object instanceof PEMEncryptedKeyPair || object instanceof PEMKeyPair) {
PEMKeyPair pemKeyPair;
if (object instanceof PEMEncryptedKeyPair) {
PEMEncryptedKeyPair pemEncryptedKeyPairKeyPair = (PEMEncryptedKeyPair) object;
JcePEMDecryptorProviderBuilder jcePEMDecryptorProviderBuilder = new JcePEMDecryptorProviderBuilder();
pemKeyPair = pemEncryptedKeyPairKeyPair.decryptKeyPair(jcePEMDecryptorProviderBuilder.build(keyPassword.toCharArray()));
} else {
pemKeyPair = (PEMKeyPair) object;
}
KeyPair keyPair = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(pemKeyPair);
PrivateKey privateKey = keyPair.getPrivate();
Certificate[] chain = store.getCertificateChain(alias);
if (chain == null) {
chain = buildCertChain(alias, store);
}
store.setKeyEntry(alias, privateKey, keyPassword.toCharArray(), chain);
setEntry = true;
} else if (object instanceof X509CertificateHolder) {
X509CertificateHolder x509CertificateHolder = (X509CertificateHolder) object;
CertificateFactory certificateFactory = CertificateFactory.getInstance(X509, "BC");
Certificate certificate = certificateFactory.generateCertificate(new ByteArrayInputStream(x509CertificateHolder.getEncoded()));
X500Name x500name = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
String cnStr = IETFUtils.valueToString(cn.getFirst().getValue());
if (!store.isCertificateEntry(cnStr) && !store.isKeyEntry(cnStr)) {
store.setCertificateEntry(cnStr, certificate);
}
store.setCertificateEntry(alias, certificate);
setEntry = true;
} else if (object instanceof ContentInfo) {
ContentInfo contentInfo = (ContentInfo) object;
if (contentInfo.getContentType().equals(CMSObjectIdentifiers.envelopedData)) {
CMSEnvelopedData cmsEnvelopedData = new CMSEnvelopedData(contentInfo);
OriginatorInfo originatorInfo = cmsEnvelopedData.getOriginatorInfo().toASN1Structure();
ASN1Set certificates = originatorInfo.getCertificates();
setEntry = importASN1CertificatesToStore(store, setEntry, certificates);
} else if (contentInfo.getContentType().equals(CMSObjectIdentifiers.signedData)) {
SignedData signedData = SignedData.getInstance(contentInfo.getContent());
ASN1Set certificates = signedData.getCertificates();
setEntry = importASN1CertificatesToStore(store, setEntry, certificates);
}
} else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
PKCS8EncryptedPrivateKeyInfo pkcs8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) object;
Certificate[] chain = store.getCertificateChain(alias);
if (chain == null) {
chain = buildCertChain(alias, store);
}
try {
store.setKeyEntry(alias, pkcs8EncryptedPrivateKeyInfo.getEncoded(), chain);
setEntry = true;
} catch (KeyStoreException keyEx) {
try {
PKCS8Key pkcs8Key = new PKCS8Key(pkcs8EncryptedPrivateKeyInfo.getEncoded(), keyPassword.toCharArray());
store.setKeyEntry(alias, pkcs8Key.getPrivateKey(), keyPassword.toCharArray(), chain);
setEntry = true;
} catch (GeneralSecurityException e) {
LOGGER.info("Unable to add PKCS8 key to keystore with secondary method. Throwing original exception.", e);
throw keyEx;
}
}
}
}
if (setEntry) {
fos = Files.newOutputStream(storeFile);
store.store(fos, storepass.toCharArray());
}
}
} catch (Exception e) {
LOGGER.info("Unable to add entry {} to store", alias, e);
throw new KeystoreEditorException("Unable to add entry " + alias + " to store", e);
} finally {
if (fos != null) {
try {
fos.close();
} catch (IOException ignore) {
}
}
}
init();
}
Also used :
OriginatorInfo(org.bouncycastle.asn1.cms.OriginatorInfo)
PrivateKey(java.security.PrivateKey)
OutputStream(java.io.OutputStream)
FileOutputStream(java.io.FileOutputStream)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
BufferedReader(java.io.BufferedReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
X500Name(org.bouncycastle.asn1.x500.X500Name)
JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)
CertificateFactory(java.security.cert.CertificateFactory)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
PEMParser(org.bouncycastle.openssl.PEMParser)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
RDN(org.bouncycastle.asn1.x500.RDN)
Path(java.nio.file.Path)
PKCS8Key(org.apache.commons.ssl.PKCS8Key)
CMSEnvelopedData(org.bouncycastle.cms.CMSEnvelopedData)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
KeyPair(java.security.KeyPair)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
Enumeration(java.util.Enumeration)
InputStreamReader(java.io.InputStreamReader)
SignedData(org.bouncycastle.asn1.cms.SignedData)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
InputStream(java.io.InputStream)
GeneralSecurityException(java.security.GeneralSecurityException)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
KeyStoreException(java.security.KeyStoreException)
IOException(java.io.IOException)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
KeyStoreException(java.security.KeyStoreException)
GeneralSecurityException(java.security.GeneralSecurityException)
InstanceAlreadyExistsException(javax.management.InstanceAlreadyExistsException)
KeyManagementException(java.security.KeyManagementException)
MalformedObjectNameException(javax.management.MalformedObjectNameException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
NoSuchProviderException(java.security.NoSuchProviderException)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
ByteArrayInputStream(java.io.ByteArrayInputStream)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
BufferedReader(java.io.BufferedReader)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
PKCS8Key(org.apache.commons.ssl.PKCS8Key)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 17 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project athenz by yahoo.
the class Crypto method loadPrivateKey.
public static PrivateKey loadPrivateKey(Reader reader, String pwd) throws CryptoException {
try (PEMParser pemReader = new PEMParser(reader)) {
PrivateKey privKey = null;
X9ECParameters ecParam = null;
Object pemObj = pemReader.readObject();
if (pemObj instanceof ASN1ObjectIdentifier) {
// make sure this is EC Parameter we're handling. In which case
// we'll store it and read the next object which should be our
// EC Private Key
ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
ecParam = ECNamedCurveTable.getByOID(ecOID);
// /CLOVER:OFF
if (ecParam == null) {
throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ((ASN1ObjectIdentifier) pemObj).getId());
}
// /CLOVER:ON
pemObj = pemReader.readObject();
} else if (pemObj instanceof X9ECParameters) {
ecParam = (X9ECParameters) pemObj;
pemObj = pemReader.readObject();
}
if (pemObj instanceof PEMKeyPair) {
PrivateKeyInfo pKeyInfo = ((PEMKeyPair) pemObj).getPrivateKeyInfo();
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
privKey = pemConverter.getPrivateKey(pKeyInfo);
// /CLOVER:OFF
} else if (pemObj instanceof PKCS8EncryptedPrivateKeyInfo) {
// /CLOVER:ON
PKCS8EncryptedPrivateKeyInfo pKeyInfo = (PKCS8EncryptedPrivateKeyInfo) pemObj;
if (pwd == null) {
throw new CryptoException("No password specified to decrypt encrypted private key");
}
// Decrypt the private key with the specified password
InputDecryptorProvider pkcs8Prov = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider(BC_PROVIDER).build(pwd.toCharArray());
PrivateKeyInfo privateKeyInfo = pKeyInfo.decryptPrivateKeyInfo(pkcs8Prov);
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
privKey = pemConverter.getPrivateKey(privateKeyInfo);
}
if (ecParam != null && privKey != null && ECDSA.equals(privKey.getAlgorithm())) {
ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
KeyFactory keyFactory = KeyFactory.getInstance(getECDSAAlgo(), getKeyFactoryProvider());
ECPrivateKeySpec keySpec = new ECPrivateKeySpec(((BCECPrivateKey) privKey).getS(), ecSpec);
privKey = keyFactory.generatePrivate(keySpec);
}
return privKey;
// /CLOVER:OFF
} catch (PEMException e) {
LOG.error("loadPrivateKey: Caught PEMException, problem with format of key detected.");
throw new CryptoException(e);
} catch (NoSuchProviderException e) {
LOG.error("loadPrivateKey: Caught NoSuchProviderException, check to make sure the provider is loaded correctly.");
throw new CryptoException(e);
} catch (NoSuchAlgorithmException e) {
LOG.error("loadPrivateKey: Caught NoSuchAlgorithmException, check to make sure the algorithm is supported by the provider.");
throw new CryptoException(e);
} catch (InvalidKeySpecException e) {
LOG.error("loadPrivateKey: Caught InvalidKeySpecException, invalid key spec is being used.");
throw new CryptoException(e);
} catch (OperatorCreationException e) {
LOG.error("loadPrivateKey: Caught OperatorCreationException when creating JceOpenSSLPKCS8DecryptorProviderBuilder.");
throw new CryptoException(e);
} catch (PKCSException e) {
LOG.error("loadPrivateKey: Caught PKCSException when decrypting private key.");
throw new CryptoException(e);
} catch (IOException e) {
LOG.error("loadPrivateKey: Caught IOException, while trying to read key.");
throw new CryptoException(e);
}
// /CLOVER:ON
}
Also used :
BCECPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey)
ECPrivateKeySpec(org.bouncycastle.jce.spec.ECPrivateKeySpec)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
PKCSException(org.bouncycastle.pkcs.PKCSException)
PEMParser(org.bouncycastle.openssl.PEMParser)
InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider)
ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec)
PEMException(org.bouncycastle.openssl.PEMException)
PemObject(org.bouncycastle.util.io.pem.PemObject)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
JceOpenSSLPKCS8DecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
Example 18 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project java by kubernetes-client.
the class SSLUtils method loadKey.
public static PrivateKey loadKey(InputStream keyInputStream, String clientKeyAlgo) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
// Try PKCS7 / EC
if (clientKeyAlgo.equals("EC")) {
Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
PEMParser pemParser = new PEMParser(new InputStreamReader(keyInputStream));
Object pemObject;
while ((pemObject = pemParser.readObject()) != null) {
if (pemObject instanceof PEMKeyPair) {
return new JcaPEMKeyConverter().getKeyPair(((PEMKeyPair) pemObject)).getPrivate();
}
}
}
byte[] keyBytes = decodePem(keyInputStream);
// Try PKCS1 / RSA
if (clientKeyAlgo.equals("RSA")) {
RSAPrivateCrtKeySpec keySpec = decodePKCS1(keyBytes);
return KeyFactory.getInstance("RSA").generatePrivate(keySpec);
}
// Try PKCS8
// TODO: There _has_ to be a better way to do this, but I spent >
// 2 hours trying to find it and failed...
PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
try {
return KeyFactory.getInstance("RSA").generatePrivate(spec);
} catch (InvalidKeySpecException ex) {
// ignore if it's not RSA
}
try {
return KeyFactory.getInstance("ECDSA").generatePrivate(spec);
} catch (InvalidKeySpecException ex) {
// ignore if it's not DSA
}
throw new InvalidKeySpecException("Unknown type of PKCS8 Private Key, tried RSA and ECDSA");
}
Also used :
RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec)
PEMParser(org.bouncycastle.openssl.PEMParser)
InputStreamReader(java.io.InputStreamReader)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
Example 19 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project che by eclipse.
the class DockerCertificates method getPrivateKey.
private static PrivateKey getPrivateKey(Path clientKeyPath) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
final PEMKeyPair clientKeyPair;
try (Reader reader = Files.newBufferedReader(clientKeyPath, Charset.defaultCharset())) {
clientKeyPair = (PEMKeyPair) new PEMParser(reader).readObject();
}
final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(clientKeyPair.getPrivateKeyInfo().getEncoded());
final KeyFactory kf = KeyFactory.getInstance("RSA");
return kf.generatePrivate(spec);
}
Also used :
PEMParser(org.bouncycastle.openssl.PEMParser)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
Reader(java.io.Reader)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
KeyFactory(java.security.KeyFactory)
Example 20 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project camel by apache.
the class ResourceHelperKeyPairProvider method loadKeys.
@Override
public Iterable<KeyPair> loadKeys() {
if (!SecurityUtils.isBouncyCastleRegistered()) {
throw new IllegalStateException("BouncyCastle must be registered as a JCE provider");
}
final List<KeyPair> keys = new ArrayList<KeyPair>(this.resources.length);
for (String resource : resources) {
PEMParser r = null;
InputStreamReader isr = null;
InputStream is = null;
try {
is = ResourceHelper.resolveMandatoryResourceAsInputStream(classResolver, resource);
isr = new InputStreamReader(is);
r = new PEMParser(isr);
Object o = r.readObject();
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
pemConverter.setProvider("BC");
if (passwordFinder != null && o instanceof PEMEncryptedKeyPair) {
JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder();
PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(passwordFinder.getPassword());
o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor));
}
if (o instanceof PEMKeyPair) {
o = pemConverter.getKeyPair((PEMKeyPair) o);
keys.add((KeyPair) o);
} else if (o instanceof KeyPair) {
keys.add((KeyPair) o);
}
} catch (Exception e) {
log.warn("Unable to read key", e);
} finally {
IoUtils.closeQuietly(r, is, isr);
}
}
return keys;
}
Also used :
KeyPair(java.security.KeyPair)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
ArrayList(java.util.ArrayList)
PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
PEMParser(org.bouncycastle.openssl.PEMParser)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
Aggregations
PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)37
PEMParser (org.bouncycastle.openssl.PEMParser)35
JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)28
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)17
IOException (java.io.IOException)13
InputStreamReader (java.io.InputStreamReader)13
PrivateKey (java.security.PrivateKey)12
PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)12
StringReader (java.io.StringReader)11
PEMDecryptorProvider (org.bouncycastle.openssl.PEMDecryptorProvider)11
JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)11
InputStream (java.io.InputStream)10
KeyPair (java.security.KeyPair)8
Reader (java.io.Reader)7
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)7
PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)7
JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)6
InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)6
PemObject (org.bouncycastle.util.io.pem.PemObject)6
KeyFactory (java.security.KeyFactory)5
