Search in sources :

Example 1 with PKCS12PfxPdu

use of org.bouncycastle.pkcs.PKCS12PfxPdu in project certmgr by hdecarne.

the class PKCS12CertReaderWriter method writeEncryptedBinary.

@Override
public void writeEncryptedBinary(IOResource<OutputStream> out, CertObjectStore certObjects, PasswordCallback newPassword) throws IOException {
    char[] passwordChars = newPassword.queryPassword(out.resource());
    if (passwordChars == null) {
        throw new PasswordRequiredException(out.resource());
    }
    try {
        List<PKCS12SafeBagBuilder> safeBagBuilders = new ArrayList<>(certObjects.size());
        for (CertObjectStore.Entry certObject : certObjects) {
            switch(certObject.type()) {
                case CRT:
                    safeBagBuilders.add(createCRTSafeBagBuilder(certObject.alias(), certObject.getCRT(), safeBagBuilders.isEmpty()));
                    break;
                case KEY:
                    safeBagBuilders.add(createKeySafeBagBuilder(certObject.alias(), certObject.getKey(), passwordChars));
                    break;
                case CSR:
                    break;
                case CRL:
                    break;
            }
        }
        PKCS12PfxPduBuilder pkcs12Builder = new PKCS12PfxPduBuilder();
        for (PKCS12SafeBagBuilder safeBagBuilder : safeBagBuilders) {
            pkcs12Builder.addData(safeBagBuilder.build());
        }
        PKCS12PfxPdu pkcs12 = pkcs12Builder.build(new BcPKCS12MacCalculatorBuilder(), passwordChars);
        out.io().write(pkcs12.getEncoded());
    } catch (GeneralSecurityException | PKCSException e) {
        throw new CertProviderException(e);
    }
}
Also used : PKCS12SafeBagBuilder(org.bouncycastle.pkcs.PKCS12SafeBagBuilder) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder) GeneralSecurityException(java.security.GeneralSecurityException) ArrayList(java.util.ArrayList) PasswordRequiredException(de.carne.certmgr.certs.PasswordRequiredException) PKCSException(org.bouncycastle.pkcs.PKCSException) CertProviderException(de.carne.certmgr.certs.CertProviderException) CertObjectStore(de.carne.certmgr.certs.CertObjectStore) BcPKCS12MacCalculatorBuilder(org.bouncycastle.pkcs.bc.BcPKCS12MacCalculatorBuilder) PKCS12PfxPdu(org.bouncycastle.pkcs.PKCS12PfxPdu) PKCS12PfxPduBuilder(org.bouncycastle.pkcs.PKCS12PfxPduBuilder)

Example 2 with PKCS12PfxPdu

use of org.bouncycastle.pkcs.PKCS12PfxPdu in project certmgr by hdecarne.

the class PKCS12CertReaderWriter method readBinary.

@Override
@Nullable
public CertObjectStore readBinary(IOResource<InputStream> in, PasswordCallback password) throws IOException {
    LOG.debug("Trying to read PKCS#12 objects from: ''{0}''...", in);
    CertObjectStore certObjects = null;
    PKCS12PfxPdu pkcs12 = readPKCS12(in);
    if (pkcs12 != null) {
        certObjects = new CertObjectStore();
        for (ContentInfo contentInfo : pkcs12.getContentInfos()) {
            ASN1ObjectIdentifier contentType = contentInfo.getContentType();
            PKCS12SafeBagFactory safeBagFactory;
            if (contentType.equals(PKCSObjectIdentifiers.encryptedData)) {
                safeBagFactory = getSafeBagFactory(contentInfo, in.resource(), password);
            } else {
                safeBagFactory = getSafeBagFactory(contentInfo);
            }
            for (PKCS12SafeBag safeBag : safeBagFactory.getSafeBags()) {
                Object safeBagValue = safeBag.getBagValue();
                if (safeBagValue instanceof X509CertificateHolder) {
                    certObjects.addCRT(convertCRT((X509CertificateHolder) safeBagValue));
                } else if (safeBagValue instanceof PKCS8EncryptedPrivateKeyInfo) {
                    PrivateKey privateKey = convertPrivateKey((PKCS8EncryptedPrivateKeyInfo) safeBagValue, in.resource(), password);
                    try {
                        certObjects.addKey(KeyHelper.rebuildKeyPair(privateKey));
                    } catch (IOException e) {
                        LOG.warning(e, "Unable to rebuild key pair for private key of type ''{1}''", privateKey.getClass().getName());
                    }
                } else if (safeBagValue instanceof PrivateKeyInfo) {
                    PrivateKey privateKey = convertPrivateKey((PrivateKeyInfo) safeBagValue);
                    try {
                        certObjects.addKey(KeyHelper.rebuildKeyPair(privateKey));
                    } catch (IOException e) {
                        LOG.warning(e, "Unable to rebuild key pair for private key of type ''{1}''", privateKey.getClass().getName());
                    }
                } else {
                    LOG.warning(CertIOI18N.STR_PKCS12_UNKNOWN_OBJECT, safeBagValue.getClass().getName());
                }
            }
        }
    }
    return certObjects;
}
Also used : PrivateKey(java.security.PrivateKey) PKCS12SafeBagFactory(org.bouncycastle.pkcs.PKCS12SafeBagFactory) ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) CertObjectStore(de.carne.certmgr.certs.CertObjectStore) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) IOException(java.io.IOException) PKCS12SafeBag(org.bouncycastle.pkcs.PKCS12SafeBag) PKCS12PfxPdu(org.bouncycastle.pkcs.PKCS12PfxPdu) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo) PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo) Nullable(de.carne.check.Nullable)

Example 3 with PKCS12PfxPdu

use of org.bouncycastle.pkcs.PKCS12PfxPdu in project certmgr by hdecarne.

the class PKCS12CertReaderWriter method writeBinary.

@Override
public void writeBinary(IOResource<OutputStream> out, CertObjectStore certObjects) throws IOException, UnsupportedOperationException {
    try {
        List<PKCS12SafeBagBuilder> safeBagBuilders = new ArrayList<>(certObjects.size());
        for (CertObjectStore.Entry certObject : certObjects) {
            switch(certObject.type()) {
                case CRT:
                    safeBagBuilders.add(createCRTSafeBagBuilder(certObject.alias(), certObject.getCRT(), safeBagBuilders.isEmpty()));
                    break;
                case KEY:
                    safeBagBuilders.add(createKeySafeBagBuilder(certObject.alias(), certObject.getKey()));
                    break;
                case CSR:
                    break;
                case CRL:
                    break;
            }
        }
        PKCS12PfxPduBuilder pkcs12Builder = new PKCS12PfxPduBuilder();
        for (PKCS12SafeBagBuilder safeBagBuilder : safeBagBuilders) {
            pkcs12Builder.addData(safeBagBuilder.build());
        }
        PKCS12PfxPdu pkcs12 = pkcs12Builder.build(null, null);
        out.io().write(pkcs12.getEncoded());
    } catch (GeneralSecurityException | PKCSException e) {
        throw new CertProviderException(e);
    }
}
Also used : PKCS12SafeBagBuilder(org.bouncycastle.pkcs.PKCS12SafeBagBuilder) JcaPKCS12SafeBagBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder) GeneralSecurityException(java.security.GeneralSecurityException) ArrayList(java.util.ArrayList) CertObjectStore(de.carne.certmgr.certs.CertObjectStore) PKCS12PfxPdu(org.bouncycastle.pkcs.PKCS12PfxPdu) PKCSException(org.bouncycastle.pkcs.PKCSException) CertProviderException(de.carne.certmgr.certs.CertProviderException) PKCS12PfxPduBuilder(org.bouncycastle.pkcs.PKCS12PfxPduBuilder)

Aggregations

CertObjectStore (de.carne.certmgr.certs.CertObjectStore)3 PKCS12PfxPdu (org.bouncycastle.pkcs.PKCS12PfxPdu)3 CertProviderException (de.carne.certmgr.certs.CertProviderException)2 GeneralSecurityException (java.security.GeneralSecurityException)2 ArrayList (java.util.ArrayList)2 PKCS12PfxPduBuilder (org.bouncycastle.pkcs.PKCS12PfxPduBuilder)2 PKCS12SafeBagBuilder (org.bouncycastle.pkcs.PKCS12SafeBagBuilder)2 PKCSException (org.bouncycastle.pkcs.PKCSException)2 JcaPKCS12SafeBagBuilder (org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder)2 PasswordRequiredException (de.carne.certmgr.certs.PasswordRequiredException)1 Nullable (de.carne.check.Nullable)1 IOException (java.io.IOException)1 PrivateKey (java.security.PrivateKey)1 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)1 ContentInfo (org.bouncycastle.asn1.pkcs.ContentInfo)1 PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)1 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1 PKCS12SafeBag (org.bouncycastle.pkcs.PKCS12SafeBag)1 PKCS12SafeBagFactory (org.bouncycastle.pkcs.PKCS12SafeBagFactory)1 PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)1