use of org.bouncycastle.pkcs.PKCS12PfxPdu in project certmgr by hdecarne.
the class PKCS12CertReaderWriter method writeEncryptedBinary.
@Override
public void writeEncryptedBinary(IOResource<OutputStream> out, CertObjectStore certObjects, PasswordCallback newPassword) throws IOException {
char[] passwordChars = newPassword.queryPassword(out.resource());
if (passwordChars == null) {
throw new PasswordRequiredException(out.resource());
}
try {
List<PKCS12SafeBagBuilder> safeBagBuilders = new ArrayList<>(certObjects.size());
for (CertObjectStore.Entry certObject : certObjects) {
switch(certObject.type()) {
case CRT:
safeBagBuilders.add(createCRTSafeBagBuilder(certObject.alias(), certObject.getCRT(), safeBagBuilders.isEmpty()));
break;
case KEY:
safeBagBuilders.add(createKeySafeBagBuilder(certObject.alias(), certObject.getKey(), passwordChars));
break;
case CSR:
break;
case CRL:
break;
}
}
PKCS12PfxPduBuilder pkcs12Builder = new PKCS12PfxPduBuilder();
for (PKCS12SafeBagBuilder safeBagBuilder : safeBagBuilders) {
pkcs12Builder.addData(safeBagBuilder.build());
}
PKCS12PfxPdu pkcs12 = pkcs12Builder.build(new BcPKCS12MacCalculatorBuilder(), passwordChars);
out.io().write(pkcs12.getEncoded());
} catch (GeneralSecurityException | PKCSException e) {
throw new CertProviderException(e);
}
}
use of org.bouncycastle.pkcs.PKCS12PfxPdu in project certmgr by hdecarne.
the class PKCS12CertReaderWriter method readBinary.
@Override
@Nullable
public CertObjectStore readBinary(IOResource<InputStream> in, PasswordCallback password) throws IOException {
LOG.debug("Trying to read PKCS#12 objects from: ''{0}''...", in);
CertObjectStore certObjects = null;
PKCS12PfxPdu pkcs12 = readPKCS12(in);
if (pkcs12 != null) {
certObjects = new CertObjectStore();
for (ContentInfo contentInfo : pkcs12.getContentInfos()) {
ASN1ObjectIdentifier contentType = contentInfo.getContentType();
PKCS12SafeBagFactory safeBagFactory;
if (contentType.equals(PKCSObjectIdentifiers.encryptedData)) {
safeBagFactory = getSafeBagFactory(contentInfo, in.resource(), password);
} else {
safeBagFactory = getSafeBagFactory(contentInfo);
}
for (PKCS12SafeBag safeBag : safeBagFactory.getSafeBags()) {
Object safeBagValue = safeBag.getBagValue();
if (safeBagValue instanceof X509CertificateHolder) {
certObjects.addCRT(convertCRT((X509CertificateHolder) safeBagValue));
} else if (safeBagValue instanceof PKCS8EncryptedPrivateKeyInfo) {
PrivateKey privateKey = convertPrivateKey((PKCS8EncryptedPrivateKeyInfo) safeBagValue, in.resource(), password);
try {
certObjects.addKey(KeyHelper.rebuildKeyPair(privateKey));
} catch (IOException e) {
LOG.warning(e, "Unable to rebuild key pair for private key of type ''{1}''", privateKey.getClass().getName());
}
} else if (safeBagValue instanceof PrivateKeyInfo) {
PrivateKey privateKey = convertPrivateKey((PrivateKeyInfo) safeBagValue);
try {
certObjects.addKey(KeyHelper.rebuildKeyPair(privateKey));
} catch (IOException e) {
LOG.warning(e, "Unable to rebuild key pair for private key of type ''{1}''", privateKey.getClass().getName());
}
} else {
LOG.warning(CertIOI18N.STR_PKCS12_UNKNOWN_OBJECT, safeBagValue.getClass().getName());
}
}
}
}
return certObjects;
}
use of org.bouncycastle.pkcs.PKCS12PfxPdu in project certmgr by hdecarne.
the class PKCS12CertReaderWriter method writeBinary.
@Override
public void writeBinary(IOResource<OutputStream> out, CertObjectStore certObjects) throws IOException, UnsupportedOperationException {
try {
List<PKCS12SafeBagBuilder> safeBagBuilders = new ArrayList<>(certObjects.size());
for (CertObjectStore.Entry certObject : certObjects) {
switch(certObject.type()) {
case CRT:
safeBagBuilders.add(createCRTSafeBagBuilder(certObject.alias(), certObject.getCRT(), safeBagBuilders.isEmpty()));
break;
case KEY:
safeBagBuilders.add(createKeySafeBagBuilder(certObject.alias(), certObject.getKey()));
break;
case CSR:
break;
case CRL:
break;
}
}
PKCS12PfxPduBuilder pkcs12Builder = new PKCS12PfxPduBuilder();
for (PKCS12SafeBagBuilder safeBagBuilder : safeBagBuilders) {
pkcs12Builder.addData(safeBagBuilder.build());
}
PKCS12PfxPdu pkcs12 = pkcs12Builder.build(null, null);
out.io().write(pkcs12.getEncoded());
} catch (GeneralSecurityException | PKCSException e) {
throw new CertProviderException(e);
}
}
Aggregations