use of org.bouncycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder in project vcert-java by Venafi.
the class PEMCollection method toPkcs12.
public byte[] toPkcs12(String password) throws PKCSException {
try {
SubjectKeyIdentifier pubKeyId = new JcaX509ExtensionUtils().createSubjectKeyIdentifier(certificate.getPublicKey());
OutputEncryptor encOut = new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes128_CBC).setProvider("BC").build(password.toCharArray());
ArrayList<PKCS12SafeBag> safeBags = new ArrayList<>();
safeBags.ensureCapacity(chain.size() + 2);
safeBags.add(new JcaPKCS12SafeBagBuilder((X509Certificate) certificate).addBagAttribute(PKCS12SafeBag.localKeyIdAttribute, pubKeyId).build());
for (Certificate intermediateCert : chain) {
safeBags.add(new JcaPKCS12SafeBagBuilder((X509Certificate) intermediateCert).build());
}
safeBags.add(new JcaPKCS12SafeBagBuilder(privateKey, encOut).addBagAttribute(PKCS12SafeBag.localKeyIdAttribute, pubKeyId).build());
PKCS12PfxPduBuilder builder = new PKCS12PfxPduBuilder();
builder.addEncryptedData(new JcePKCSPBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC).setProvider("BC").build(password.toCharArray()), safeBags.toArray(new PKCS12SafeBag[] {}));
PKCS12PfxPdu pfx = builder.build(new JcePKCS12MacCalculatorBuilder(NISTObjectIdentifiers.id_sha256), password.toCharArray());
ByteArrayOutputStream out = new ByteArrayOutputStream();
out.write(pfx.getEncoded(ASN1Encoding.DL));
out.close();
return out.toByteArray();
} catch (IOException | NoSuchAlgorithmException | OperatorCreationException e) {
throw new RuntimeException(e);
}
}
use of org.bouncycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder in project snowflake-kafka-connector by snowflakedb.
the class FIPSTest method generateAESKey.
public static String generateAESKey(PrivateKey key, char[] passwd) throws IOException, OperatorCreationException {
Security.addProvider(new BouncyCastleFipsProvider());
StringWriter writer = new StringWriter();
JcaPEMWriter pemWriter = new JcaPEMWriter(writer);
PKCS8EncryptedPrivateKeyInfoBuilder pkcs8EncryptedPrivateKeyInfoBuilder = new JcaPKCS8EncryptedPrivateKeyInfoBuilder(key);
pemWriter.writeObject(pkcs8EncryptedPrivateKeyInfoBuilder.build(new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes256_CBC).setProvider("BCFIPS").build(passwd)));
pemWriter.close();
return writer.toString();
}
Aggregations