Examples with JceOpenSSLPKCS8EncryptorBuilder org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder used on opensource projects

Search in sources :

Example 1 with JceOpenSSLPKCS8EncryptorBuilder

use of org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder in project kafka by apache.

the class TestSslUtils method pem.

static String pem(PrivateKey privateKey, Password password) throws IOException {
    ByteArrayOutputStream out = new ByteArrayOutputStream();
    try (PemWriter pemWriter = new PemWriter(new OutputStreamWriter(out, StandardCharsets.UTF_8.name()))) {
        if (password == null) {
            pemWriter.writeObject(new JcaPKCS8Generator(privateKey, null));
        } else {
            JceOpenSSLPKCS8EncryptorBuilder encryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.PBE_SHA1_3DES);
            encryptorBuilder.setPassword(password.value().toCharArray());
            try {
                pemWriter.writeObject(new JcaPKCS8Generator(privateKey, encryptorBuilder.build()));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
    }
    return new String(out.toByteArray(), StandardCharsets.UTF_8);
}
Also used : JceOpenSSLPKCS8EncryptorBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder) PemWriter(org.bouncycastle.util.io.pem.PemWriter) JcaPKCS8Generator(org.bouncycastle.openssl.jcajce.JcaPKCS8Generator) OutputStreamWriter(java.io.OutputStreamWriter) ByteArrayOutputStream(java.io.ByteArrayOutputStream) DEROctetString(org.bouncycastle.asn1.DEROctetString) GeneralSecurityException(java.security.GeneralSecurityException) EOFException(java.io.EOFException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Example 2 with JceOpenSSLPKCS8EncryptorBuilder

use of org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder in project zookeeper by apache.

the class X509TestHelpers method pemEncodePrivateKey.

/**
 * PEM-encodes the given private key (compatible with OpenSSL), optionally protecting it with a password, and
 * returns the result as a String.
 * @param key the private key.
 * @param password an optional key password. If empty or null, the private key will not be encrypted.
 * @return a String containing the PEM encoding of the private key.
 * @throws IOException if converting the key to PEM format fails.
 * @throws OperatorCreationException if constructing the encryptor from the given password fails.
 */
public static String pemEncodePrivateKey(PrivateKey key, String password) throws IOException, OperatorCreationException {
    StringWriter stringWriter = new StringWriter();
    JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter);
    OutputEncryptor encryptor = null;
    if (password != null && password.length() > 0) {
        encryptor = new JceOpenSSLPKCS8EncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).setRandom(PRNG).setPasssword(password.toCharArray()).build();
    }
    pemWriter.writeObject(new JcaPKCS8Generator(key, encryptor));
    pemWriter.close();
    return stringWriter.toString();
}
Also used : JceOpenSSLPKCS8EncryptorBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder) StringWriter(java.io.StringWriter) JcaPKCS8Generator(org.bouncycastle.openssl.jcajce.JcaPKCS8Generator) JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter) OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)

Example 3 with JceOpenSSLPKCS8EncryptorBuilder

use of org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder in project graylog2-server by Graylog2.

the class KeyUtil method generatePKCS8FromPrivateKey.

/**
 * Build a password-encrypted PKCS8 private key and write it to a PEM file in the temp directory.
 * Caller is responsible for ensuring that the temp directory is writable. The file will be deleted
 * when the VM exits.
 * @param tmpDir path to directory in which to create the
 * @param password to protect the key
 * @param key encrypt this key
 * @return PEM file
 * @throws GeneralSecurityException
 */
public static File generatePKCS8FromPrivateKey(Path tmpDir, char[] password, PrivateKey key) throws GeneralSecurityException {
    try {
        JceOpenSSLPKCS8EncryptorBuilder encryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(PKCS8Generator.AES_256_CBC).setRandom(new SecureRandom()).setPasssword(password);
        OutputEncryptor encryptor = encryptorBuilder.build();
        // construct object to create the PKCS8 object from the private key and encryptor
        PemObject pemObj = new JcaPKCS8Generator(key, encryptor).generate();
        StringWriter stringWriter = new StringWriter();
        try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) {
            pemWriter.writeObject(pemObj);
        }
        // write PKCS8 to file
        String pkcs8Key = stringWriter.toString();
        File tmpFile = Files.createTempFile(tmpDir, "pkcs8", ".key").toFile();
        try (FileOutputStream fos = new FileOutputStream(tmpFile)) {
            fos.write(pkcs8Key.getBytes(StandardCharsets.UTF_8));
            tmpFile.deleteOnExit();
        }
        return tmpFile;
    } catch (IOException | OperatorCreationException e) {
        throw new GeneralSecurityException(e);
    }
}
Also used : JceOpenSSLPKCS8EncryptorBuilder(org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder) GeneralSecurityException(java.security.GeneralSecurityException) SecureRandom(java.security.SecureRandom) IOException(java.io.IOException) PemObject(org.bouncycastle.util.io.pem.PemObject) StringWriter(java.io.StringWriter) JcaPKCS8Generator(org.bouncycastle.openssl.jcajce.JcaPKCS8Generator) FileOutputStream(java.io.FileOutputStream) JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) File(java.io.File) OutputEncryptor(org.bouncycastle.operator.OutputEncryptor)

Aggregations

JcaPKCS8Generator (org.bouncycastle.openssl.jcajce.JcaPKCS8Generator)3 JceOpenSSLPKCS8EncryptorBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder)3 IOException (java.io.IOException)2 StringWriter (java.io.StringWriter)2 GeneralSecurityException (java.security.GeneralSecurityException)2 JcaPEMWriter (org.bouncycastle.openssl.jcajce.JcaPEMWriter)2 OutputEncryptor (org.bouncycastle.operator.OutputEncryptor)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 EOFException (java.io.EOFException)1 File (java.io.File)1 FileOutputStream (java.io.FileOutputStream)1 OutputStreamWriter (java.io.OutputStreamWriter)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 SecureRandom (java.security.SecureRandom)1 CertificateException (java.security.cert.CertificateException)1 DEROctetString (org.bouncycastle.asn1.DEROctetString)1 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)1 PemObject (org.bouncycastle.util.io.pem.PemObject)1 PemWriter (org.bouncycastle.util.io.pem.PemWriter)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial