use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project candlepin by candlepin.
the class X509CRLStreamWriterTest method testAddEntryToActualCRL.
@Test
public void testAddEntryToActualCRL() throws Exception {
ClassLoader classLoader = this.getClass().getClassLoader();
InputStream crl = classLoader.getResourceAsStream("real-crl.der");
InputStream keyStream = classLoader.getResourceAsStream("real.key");
InputStreamReader keyReader = new InputStreamReader(keyStream);
PEMParser reader = null;
try {
reader = new PEMParser(keyReader);
Object pemObj = reader.readObject();
if (pemObj == null) {
crl.close();
throw new RuntimeException("Reading CA private key failed");
}
if (pemObj instanceof PEMKeyPair) {
keyPair = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemObj);
} else {
crl.close();
throw new RuntimeException("Unexpected CA key object: " + pemObj.getClass().getName());
}
} finally {
if (reader != null) {
reader.close();
}
}
File outfile = new File(folder.getRoot(), "new.crl");
X509CRLStreamWriter stream = new X509CRLStreamWriter(crl, (RSAPrivateKey) keyPair.getPrivate(), (RSAPublicKey) keyPair.getPublic());
// Add enough items to cause the number of length bytes to change
Set<BigInteger> newSerials = new HashSet<>(Arrays.asList(new BigInteger("2358215310"), new BigInteger("7231352433"), new BigInteger("8233181205"), new BigInteger("1455615868"), new BigInteger("4323487764"), new BigInteger("6673256679")));
for (BigInteger i : newSerials) {
stream.add(i, new Date(), CRLReason.privilegeWithdrawn);
}
// Since we have to walk the stream twice, we need two streams!
stream.preScan(classLoader.getResourceAsStream("real-crl.der")).lock();
OutputStream o = new BufferedOutputStream(new FileOutputStream(outfile));
stream.write(o);
o.close();
X509CRL changedCrl = readCRL();
Set<BigInteger> discoveredSerials = new HashSet<>();
for (X509CRLEntry entry : changedCrl.getRevokedCertificates()) {
discoveredSerials.add(entry.getSerialNumber());
}
assertTrue(discoveredSerials.containsAll(newSerials));
}
use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project candlepin by candlepin.
the class PrivateKeyReaderTest method testReadEncryptedPKCS1.
@Test
public void testReadEncryptedPKCS1() throws Exception {
String keyFile = "keys/pkcs1-aes256-encrypted.pem";
try (InputStream keyStream = cl.getResourceAsStream(keyFile);
Reader expectedReader = new InputStreamReader(cl.getResourceAsStream(keyFile))) {
PrivateKey actualKey = new PrivateKeyReader().read(keyStream, "password");
PEMEncryptedKeyPair expected = (PEMEncryptedKeyPair) new PEMParser(expectedReader).readObject();
PEMDecryptorProvider provider = new JcePEMDecryptorProviderBuilder().setProvider(BC_PROVIDER).build(PASSWORD);
PEMKeyPair decryptedInfo = expected.decryptKeyPair(provider);
PrivateKey expectedKey = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getKeyPair(decryptedInfo).getPrivate();
assertEquals(actualKey, expectedKey);
}
}
use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project alien4cloud by alien4cloud.
the class SSHUtil method loadKeyPair.
private static KeyPair loadKeyPair(String pemFile) {
try {
Security.addProvider(new BouncyCastleProvider());
PEMParser pemParser = new PEMParser(new FileReader(pemFile));
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
Object object = pemParser.readObject();
return converter.getKeyPair((PEMKeyPair) object);
} catch (Exception e) {
log.error("Could not load key pair", e);
throw new RuntimeException("Could not load key pair", e);
}
}
use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project keystore-explorer by kaikramer.
the class OpenSslPubUtil method load.
/**
* Load an unencrypted OpenSSL public key from the stream. The encoding of
* the public key may be PEM or DER.
*
* @param is
* Stream to load the unencrypted public key from
* @return The public key
* @throws CryptoException
* Problem encountered while loading the public key
* @throws IOException
* An I/O error occurred
*/
public static PublicKey load(InputStream is) throws CryptoException, IOException {
byte[] streamContents = ReadUtil.readFully(is);
// Check if stream is PEM encoded
PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
if (pemInfo != null) {
// It is - get DER from PEM
streamContents = pemInfo.getContent();
}
try {
// DER-encoded subjectPublicKeyInfo structure - the OpenSSL format
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(streamContents);
return new JcaPEMKeyConverter().getPublicKey(publicKeyInfo);
} catch (Exception ex) {
throw new CryptoException(res.getString("NoLoadOpenSslPublicKey.exception.message"), ex);
}
}
use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project vespa by vespa-engine.
the class PemKeyStore method setPrivateKey.
private synchronized void setPrivateKey(PrivateKeyInfo privateKey) throws PEMException {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(bouncyCastleProvider);
this.privateKey = converter.getPrivateKey(privateKey);
}
Aggregations