Search in sources :

Example 31 with JcaPEMKeyConverter

use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project candlepin by candlepin.

the class X509CRLStreamWriterTest method testAddEntryToActualCRL.

@Test
public void testAddEntryToActualCRL() throws Exception {
    ClassLoader classLoader = this.getClass().getClassLoader();
    InputStream crl = classLoader.getResourceAsStream("real-crl.der");
    InputStream keyStream = classLoader.getResourceAsStream("real.key");
    InputStreamReader keyReader = new InputStreamReader(keyStream);
    PEMParser reader = null;
    try {
        reader = new PEMParser(keyReader);
        Object pemObj = reader.readObject();
        if (pemObj == null) {
            crl.close();
            throw new RuntimeException("Reading CA private key failed");
        }
        if (pemObj instanceof PEMKeyPair) {
            keyPair = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemObj);
        } else {
            crl.close();
            throw new RuntimeException("Unexpected CA key object: " + pemObj.getClass().getName());
        }
    } finally {
        if (reader != null) {
            reader.close();
        }
    }
    File outfile = new File(folder.getRoot(), "new.crl");
    X509CRLStreamWriter stream = new X509CRLStreamWriter(crl, (RSAPrivateKey) keyPair.getPrivate(), (RSAPublicKey) keyPair.getPublic());
    // Add enough items to cause the number of length bytes to change
    Set<BigInteger> newSerials = new HashSet<>(Arrays.asList(new BigInteger("2358215310"), new BigInteger("7231352433"), new BigInteger("8233181205"), new BigInteger("1455615868"), new BigInteger("4323487764"), new BigInteger("6673256679")));
    for (BigInteger i : newSerials) {
        stream.add(i, new Date(), CRLReason.privilegeWithdrawn);
    }
    // Since we have to walk the stream twice, we need two streams!
    stream.preScan(classLoader.getResourceAsStream("real-crl.der")).lock();
    OutputStream o = new BufferedOutputStream(new FileOutputStream(outfile));
    stream.write(o);
    o.close();
    X509CRL changedCrl = readCRL();
    Set<BigInteger> discoveredSerials = new HashSet<>();
    for (X509CRLEntry entry : changedCrl.getRevokedCertificates()) {
        discoveredSerials.add(entry.getSerialNumber());
    }
    assertTrue(discoveredSerials.containsAll(newSerials));
}
Also used : X509CRL(java.security.cert.X509CRL) InputStreamReader(java.io.InputStreamReader) BufferedInputStream(java.io.BufferedInputStream) FileInputStream(java.io.FileInputStream) InputStream(java.io.InputStream) BufferedOutputStream(java.io.BufferedOutputStream) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) Date(java.util.Date) X509CRLEntry(java.security.cert.X509CRLEntry) PEMParser(org.bouncycastle.openssl.PEMParser) FileOutputStream(java.io.FileOutputStream) BigInteger(java.math.BigInteger) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) File(java.io.File) BufferedOutputStream(java.io.BufferedOutputStream) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 32 with JcaPEMKeyConverter

use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project candlepin by candlepin.

the class PrivateKeyReaderTest method testReadEncryptedPKCS1.

@Test
public void testReadEncryptedPKCS1() throws Exception {
    String keyFile = "keys/pkcs1-aes256-encrypted.pem";
    try (InputStream keyStream = cl.getResourceAsStream(keyFile);
        Reader expectedReader = new InputStreamReader(cl.getResourceAsStream(keyFile))) {
        PrivateKey actualKey = new PrivateKeyReader().read(keyStream, "password");
        PEMEncryptedKeyPair expected = (PEMEncryptedKeyPair) new PEMParser(expectedReader).readObject();
        PEMDecryptorProvider provider = new JcePEMDecryptorProviderBuilder().setProvider(BC_PROVIDER).build(PASSWORD);
        PEMKeyPair decryptedInfo = expected.decryptKeyPair(provider);
        PrivateKey expectedKey = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getKeyPair(decryptedInfo).getPrivate();
        assertEquals(actualKey, expectedKey);
    }
}
Also used : PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair) PrivateKey(java.security.PrivateKey) InputStreamReader(java.io.InputStreamReader) PEMParser(org.bouncycastle.openssl.PEMParser) InputStream(java.io.InputStream) PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair) JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder) Test(org.junit.Test)

Example 33 with JcaPEMKeyConverter

use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project alien4cloud by alien4cloud.

the class SSHUtil method loadKeyPair.

private static KeyPair loadKeyPair(String pemFile) {
    try {
        Security.addProvider(new BouncyCastleProvider());
        PEMParser pemParser = new PEMParser(new FileReader(pemFile));
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
        Object object = pemParser.readObject();
        return converter.getKeyPair((PEMKeyPair) object);
    } catch (Exception e) {
        log.error("Could not load key pair", e);
        throw new RuntimeException("Could not load key pair", e);
    }
}
Also used : PEMParser(org.bouncycastle.openssl.PEMParser) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) FileReader(java.io.FileReader) IOException(java.io.IOException) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 34 with JcaPEMKeyConverter

use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project keystore-explorer by kaikramer.

the class OpenSslPubUtil method load.

/**
 * Load an unencrypted OpenSSL public key from the stream. The encoding of
 * the public key may be PEM or DER.
 *
 * @param is
 *            Stream to load the unencrypted public key from
 * @return The public key
 * @throws CryptoException
 *             Problem encountered while loading the public key
 * @throws IOException
 *             An I/O error occurred
 */
public static PublicKey load(InputStream is) throws CryptoException, IOException {
    byte[] streamContents = ReadUtil.readFully(is);
    // Check if stream is PEM encoded
    PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
    if (pemInfo != null) {
        // It is - get DER from PEM
        streamContents = pemInfo.getContent();
    }
    try {
        // DER-encoded subjectPublicKeyInfo structure - the OpenSSL format
        SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(streamContents);
        return new JcaPEMKeyConverter().getPublicKey(publicKeyInfo);
    } catch (Exception ex) {
        throw new CryptoException(res.getString("NoLoadOpenSslPublicKey.exception.message"), ex);
    }
}
Also used : ByteArrayInputStream(java.io.ByteArrayInputStream) PemInfo(org.kse.utilities.pem.PemInfo) JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter) CryptoException(org.kse.crypto.CryptoException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) IOException(java.io.IOException) CryptoException(org.kse.crypto.CryptoException)

Example 35 with JcaPEMKeyConverter

use of org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter in project vespa by vespa-engine.

the class PemKeyStore method setPrivateKey.

private synchronized void setPrivateKey(PrivateKeyInfo privateKey) throws PEMException {
    JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(bouncyCastleProvider);
    this.privateKey = converter.getPrivateKey(privateKey);
}
Also used : JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)

Aggregations

JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)55 PEMParser (org.bouncycastle.openssl.PEMParser)48 PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)31 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)26 IOException (java.io.IOException)20 InputStreamReader (java.io.InputStreamReader)19 PrivateKey (java.security.PrivateKey)19 Reader (java.io.Reader)15 JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)14 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)14 StringReader (java.io.StringReader)13 PEMEncryptedKeyPair (org.bouncycastle.openssl.PEMEncryptedKeyPair)13 InputStream (java.io.InputStream)12 InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)12 PEMDecryptorProvider (org.bouncycastle.openssl.PEMDecryptorProvider)11 JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)11 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)10 KeyPair (java.security.KeyPair)9 PemObject (org.bouncycastle.util.io.pem.PemObject)7 ByteArrayInputStream (java.io.ByteArrayInputStream)6