Example 21 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project certmgr by hdecarne.
the class KeyHelper method rebuildKeyPair.
/**
* Rebuild the {@link KeyPair} associated with the submitted {@link PrivateKey}.
*
* @param privateKey The {@link PrivateKey} to rebuild the {@link KeyPair} for.
* @return The rebuild {@link KeyPair}.
* @throws IOException if an I/O error occurs during the rebuild.
*/
public static KeyPair rebuildKeyPair(PrivateKey privateKey) throws IOException {
StringWriter stringWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) {
pemWriter.writeObject(privateKey);
pemWriter.flush();
}
StringReader stringReader = new StringReader(stringWriter.toString());
Object pemObject;
try (PEMParser pemParser = new PEMParser(stringReader)) {
pemObject = pemParser.readObject();
}
if (!(pemObject instanceof PEMKeyPair)) {
throw new IOException("Unexpected pem object: " + pemObject);
}
PEMKeyPair pemKeyPair = (PEMKeyPair) pemObject;
return PEM_KEY_CONVERTER.getKeyPair(pemKeyPair);
}
Also used :
StringWriter(java.io.StringWriter)
PEMParser(org.bouncycastle.openssl.PEMParser)
StringReader(java.io.StringReader)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
IOException(java.io.IOException)
JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter)
Example 22 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project vespa by vespa-engine.
the class KeyUtils method fromPemEncodedPrivateKey.
public static PrivateKey fromPemEncodedPrivateKey(String pem) {
try (PEMParser parser = new PEMParser(new StringReader(pem))) {
Object pemObject = parser.readObject();
if (pemObject instanceof PrivateKeyInfo) {
PrivateKeyInfo keyInfo = (PrivateKeyInfo) pemObject;
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyInfo.getEncoded());
return KeyFactory.getInstance(KeyAlgorithm.RSA.getAlgorithmName()).generatePrivate(keySpec);
} else if (pemObject instanceof PEMKeyPair) {
PEMKeyPair pemKeypair = (PEMKeyPair) pemObject;
PrivateKeyInfo keyInfo = pemKeypair.getPrivateKeyInfo();
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
return pemConverter.getPrivateKey(keyInfo);
}
throw new IllegalArgumentException("Unexpected type of PEM type: " + pemObject);
} catch (IOException e) {
throw new UncheckedIOException(e);
} catch (GeneralSecurityException e) {
throw new RuntimeException(e);
}
}
Also used :
PEMParser(org.bouncycastle.openssl.PEMParser)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
GeneralSecurityException(java.security.GeneralSecurityException)
StringReader(java.io.StringReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PemObject(org.bouncycastle.util.io.pem.PemObject)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
UncheckedIOException(java.io.UncheckedIOException)
IOException(java.io.IOException)
UncheckedIOException(java.io.UncheckedIOException)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Example 23 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project groovity by disney.
the class KeyPairValueHandler method doLoad.
@Override
protected Object doLoad(InputStream stream, String contentType, @SuppressWarnings("rawtypes") Class valueClass, @SuppressWarnings("rawtypes") Map config) throws Exception {
// look here http://stackoverflow.com/questions/15656644/get-keypair-from-pem-key-with-bouncycastle
PEMKeyPair keyPair;
Reader reader = new InputStreamReader(stream, getCharset(contentType));
PEMParser pemReader = new PEMParser(reader);
try {
Object o = pemReader.readObject();
if (o == null) {
return null;
}
if (o instanceof PEMEncryptedKeyPair) {
if (config != null && config.containsKey(PASSWORD)) {
String password = config.get(PASSWORD).toString();
PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());
keyPair = ((PEMEncryptedKeyPair) o).decryptKeyPair(decryptionProv);
} else {
throw new RuntimeException("Keypair requires password but none provided");
}
} else {
keyPair = ((PEMKeyPair) o);
}
} finally {
pemReader.close();
}
return new JcaPEMKeyConverter().getKeyPair(keyPair);
}
Also used :
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
InputStreamReader(java.io.InputStreamReader)
PEMParser(org.bouncycastle.openssl.PEMParser)
PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)
Example 24 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project candlepin by candlepin.
the class DefaultEntitlementCertServiceAdapterTest method keyPair.
@BeforeClass
public static void keyPair() throws Exception {
ClassLoader cl = DefaultEntitlementCertServiceAdapterTest.class.getClassLoader();
InputStream keyStream = cl.getResourceAsStream("test.key");
PEMParser reader = null;
keyPair = null;
try {
reader = new PEMParser(new InputStreamReader(keyStream));
keyPair = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getKeyPair((PEMKeyPair) reader.readObject());
} finally {
if (reader != null) {
reader.close();
}
}
}
Also used :
PEMParser(org.bouncycastle.openssl.PEMParser)
InputStreamReader(java.io.InputStreamReader)
InputStream(java.io.InputStream)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
BeforeClass(org.junit.BeforeClass)
Example 25 with PEMKeyPair
use of org.bouncycastle.openssl.PEMKeyPair in project candlepin by candlepin.
the class X509CRLStreamWriterTest method testAddEntryToActualCRL.
@Test
public void testAddEntryToActualCRL() throws Exception {
ClassLoader classLoader = this.getClass().getClassLoader();
InputStream crl = classLoader.getResourceAsStream("real-crl.der");
InputStream keyStream = classLoader.getResourceAsStream("real.key");
InputStreamReader keyReader = new InputStreamReader(keyStream);
PEMParser reader = null;
try {
reader = new PEMParser(keyReader);
Object pemObj = reader.readObject();
if (pemObj == null) {
crl.close();
throw new RuntimeException("Reading CA private key failed");
}
if (pemObj instanceof PEMKeyPair) {
keyPair = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemObj);
} else {
crl.close();
throw new RuntimeException("Unexpected CA key object: " + pemObj.getClass().getName());
}
} finally {
if (reader != null) {
reader.close();
}
}
File outfile = new File(folder.getRoot(), "new.crl");
X509CRLStreamWriter stream = new X509CRLStreamWriter(crl, (RSAPrivateKey) keyPair.getPrivate(), (RSAPublicKey) keyPair.getPublic());
// Add enough items to cause the number of length bytes to change
Set<BigInteger> newSerials = new HashSet<>(Arrays.asList(new BigInteger("2358215310"), new BigInteger("7231352433"), new BigInteger("8233181205"), new BigInteger("1455615868"), new BigInteger("4323487764"), new BigInteger("6673256679")));
for (BigInteger i : newSerials) {
stream.add(i, new Date(), CRLReason.privilegeWithdrawn);
}
// Since we have to walk the stream twice, we need two streams!
stream.preScan(classLoader.getResourceAsStream("real-crl.der")).lock();
OutputStream o = new BufferedOutputStream(new FileOutputStream(outfile));
stream.write(o);
o.close();
X509CRL changedCrl = readCRL();
Set<BigInteger> discoveredSerials = new HashSet<>();
for (X509CRLEntry entry : changedCrl.getRevokedCertificates()) {
discoveredSerials.add(entry.getSerialNumber());
}
assertTrue(discoveredSerials.containsAll(newSerials));
}
Also used :
X509CRL(java.security.cert.X509CRL)
InputStreamReader(java.io.InputStreamReader)
BufferedInputStream(java.io.BufferedInputStream)
FileInputStream(java.io.FileInputStream)
InputStream(java.io.InputStream)
BufferedOutputStream(java.io.BufferedOutputStream)
OutputStream(java.io.OutputStream)
FileOutputStream(java.io.FileOutputStream)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
Date(java.util.Date)
X509CRLEntry(java.security.cert.X509CRLEntry)
PEMParser(org.bouncycastle.openssl.PEMParser)
FileOutputStream(java.io.FileOutputStream)
BigInteger(java.math.BigInteger)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
File(java.io.File)
BufferedOutputStream(java.io.BufferedOutputStream)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Aggregations
PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)37
PEMParser (org.bouncycastle.openssl.PEMParser)35
JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)28
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)17
IOException (java.io.IOException)13
InputStreamReader (java.io.InputStreamReader)13
PrivateKey (java.security.PrivateKey)12
PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)12
StringReader (java.io.StringReader)11
PEMDecryptorProvider (org.bouncycastle.openssl.PEMDecryptorProvider)11
JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)11
InputStream (java.io.InputStream)10
KeyPair (java.security.KeyPair)8
Reader (java.io.Reader)7
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)7
PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)7
JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)6
InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)6
PemObject (org.bouncycastle.util.io.pem.PemObject)6
KeyFactory (java.security.KeyFactory)5
