Search in sources :

Example 1 with OpenSSLKey

use of org.globus.gsi.OpenSSLKey in project Falcon-File-Transfer-Optimizer by arif-zaman.

the class BouncyCastleOpenSSLKeyTest method testDecryptedToString.

public void testDecryptedToString() throws Exception {
    KeyPair keyPair = getKeyPair();
    OpenSSLKey inKey = new BouncyCastleOpenSSLKey(keyPair.getPrivate());
    assertTrue(!inKey.isEncrypted());
    ByteArrayInputStream in = null;
    in = new ByteArrayInputStream(toString(inKey).getBytes());
    OpenSSLKey outKey = new BouncyCastleOpenSSLKey(in);
    assertTrue(!outKey.isEncrypted());
    in = new ByteArrayInputStream(toString(outKey).getBytes());
    OpenSSLKey outKey2 = new BouncyCastleOpenSSLKey(in);
    assertTrue(!outKey2.isEncrypted());
}
Also used : BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) KeyPair(java.security.KeyPair) ByteArrayInputStream(java.io.ByteArrayInputStream) BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) OpenSSLKey(org.globus.gsi.OpenSSLKey)

Example 2 with OpenSSLKey

use of org.globus.gsi.OpenSSLKey in project Falcon-File-Transfer-Optimizer by arif-zaman.

the class BouncyCastleOpenSSLKeyTest method testEncrypt.

public void testEncrypt() throws Exception {
    KeyPair keyPair = getKeyPair();
    OpenSSLKey key = new BouncyCastleOpenSSLKey(keyPair.getPrivate());
    assertTrue(!key.isEncrypted());
    key.encrypt(pwd);
    assertTrue(key.isEncrypted());
}
Also used : BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) KeyPair(java.security.KeyPair) BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) OpenSSLKey(org.globus.gsi.OpenSSLKey)

Example 3 with OpenSSLKey

use of org.globus.gsi.OpenSSLKey in project Falcon-File-Transfer-Optimizer by arif-zaman.

the class BouncyCastleOpenSSLKeyTest method testEncryptAES.

public void testEncryptAES() throws Exception {
    KeyPair keyPair = getKeyPair();
    OpenSSLKey key = new BouncyCastleOpenSSLKey(keyPair.getPrivate());
    assertTrue(!key.isEncrypted());
    key.setEncryptionAlgorithm("AES-128-CBC");
    key.encrypt(pwd);
    assertTrue(key.isEncrypted());
}
Also used : BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) KeyPair(java.security.KeyPair) BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) OpenSSLKey(org.globus.gsi.OpenSSLKey)

Example 4 with OpenSSLKey

use of org.globus.gsi.OpenSSLKey in project Falcon-File-Transfer-Optimizer by arif-zaman.

the class MyProxyCLI method createNewProxy.

private static GSSCredential createNewProxy(String userCertFile, String userKeyFile, int lifetime, boolean stdin) {
    X509Certificate[] userCerts = null;
    PrivateKey userKey = null;
    try {
        OpenSSLKey key = new BouncyCastleOpenSSLKey(userKeyFile);
        if (key.isEncrypted()) {
            String prompt = "Enter GRID pass phrase: ";
            String pwd = (stdin) ? Util.getInput(prompt) : Util.getPrivateInput(prompt);
            if (pwd == null) {
                System.exit(-1);
            }
            key.decrypt(pwd);
        }
        userKey = key.getPrivateKey();
    } catch (IOException e) {
        System.err.println("Error: Failed to load key: " + userKeyFile);
        System.exit(-1);
    } catch (GeneralSecurityException e) {
        System.err.println("Error: Wrong pass phrase");
        System.exit(-1);
    }
    try {
        userCerts = CertificateLoadUtil.loadCertificates(userCertFile);
    } catch (IOException e) {
        System.err.println("Error: Failed to load cert: " + userCertFile);
        System.exit(-1);
    } catch (GeneralSecurityException e) {
        System.err.println("Error: Unable to load user certificate: " + userCertFile + " : " + e.getMessage());
        System.exit(-1);
    }
    BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
    int bits = org.globus.myproxy.MyProxy.DEFAULT_KEYBITS;
    boolean limited = false;
    GSIConstants.DelegationType proxyType = (limited) ? GSIConstants.DelegationType.LIMITED : GSIConstants.DelegationType.FULL;
    try {
        X509Credential proxy = factory.createCredential(userCerts, userKey, bits, lifetime, proxyType);
        return new GlobusGSSCredentialImpl(proxy, GSSCredential.INITIATE_ONLY);
    } catch (Exception e) {
        System.err.println("Failed to create a proxy: " + e.getMessage());
        System.exit(-1);
    }
    return null;
}
Also used : GlobusGSSCredentialImpl(org.globus.gsi.gssapi.GlobusGSSCredentialImpl) PrivateKey(java.security.PrivateKey) GeneralSecurityException(java.security.GeneralSecurityException) OpenSSLKey(org.globus.gsi.OpenSSLKey) BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) IOException(java.io.IOException) X509Certificate(java.security.cert.X509Certificate) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) GSSException(org.ietf.jgss.GSSException) BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) GSIConstants(org.globus.gsi.GSIConstants) X509Credential(org.globus.gsi.X509Credential) BouncyCastleCertProcessingFactory(org.globus.gsi.bc.BouncyCastleCertProcessingFactory)

Example 5 with OpenSSLKey

use of org.globus.gsi.OpenSSLKey in project Falcon-File-Transfer-Optimizer by arif-zaman.

the class ChangePassPhrase method main.

public static void main(String[] args) {
    String file = null;
    boolean error = false;
    boolean debug = false;
    for (int i = 0; i < args.length; i++) {
        if (args[i].equalsIgnoreCase("-file")) {
            file = args[++i];
        } else if (args[i].equalsIgnoreCase("-version")) {
            System.err.println(Version.getVersion());
            System.exit(1);
        } else if (args[i].equalsIgnoreCase("-debug")) {
            debug = true;
        } else if (args[i].equalsIgnoreCase("-help") || args[i].equalsIgnoreCase("-usage")) {
            System.err.println(message);
            System.exit(1);
        } else {
            System.err.println("Error: argument not recognized : " + args[i]);
            error = true;
        }
    }
    if (error) {
        System.err.println("\nUsage: java ChangePassPhrase [-help] [-version] [-file private_key_file]\n");
        System.err.println("Use -help to display full usage.");
        System.exit(1);
    }
    CertUtil.init();
    if (file == null) {
        file = CoGProperties.getDefault().getUserKeyFile();
    }
    OpenSSLKey key = null;
    String pwd1, pwd2 = null;
    try {
        key = new BouncyCastleOpenSSLKey(file);
        if (key.isEncrypted()) {
            pwd1 = Util.getPrivateInput("Enter OLD pass phrase: ");
            if (pwd1 == null || pwd1.length() == 0)
                return;
            try {
                key.decrypt(pwd1);
            } catch (Exception e) {
                System.err.println("Error: Wrong pass phrase or key is invalid.");
                if (debug) {
                    e.printStackTrace();
                }
                System.exit(1);
            }
        }
        pwd1 = Util.getPrivateInput("Enter NEW pass phrase: ");
        if (pwd1 == null || pwd1.length() == 0)
            return;
        pwd2 = Util.getPrivateInput("Verifying password - Enter NEW pass phrase: ");
        if (pwd2 == null || pwd2.length() == 0)
            return;
        if (!pwd1.equals(pwd2)) {
            System.err.println("Error: Passwords do not match!");
            System.exit(1);
        }
        key.encrypt(pwd1);
        File newFile = Util.createFile(file + ".new");
        Util.setOwnerAccessOnly(newFile.getAbsolutePath());
        File oldFile = Util.createFile(file + ".old");
        Util.setOwnerAccessOnly(oldFile.getAbsolutePath());
        File crFile = Util.createFile(file);
        Util.setOwnerAccessOnly(crFile.getAbsolutePath());
        copy(crFile, oldFile);
        key.writeTo(newFile.getAbsolutePath());
        if (!crFile.delete()) {
            System.err.println("Error: failed to remove " + file + " file.");
            System.exit(1);
        }
        if (newFile.renameTo(crFile)) {
            System.out.println("Pass phrase successfully changed.");
        } else {
            System.err.println("Error: failed to rename the files.");
            System.exit(1);
        }
    } catch (GeneralSecurityException e) {
        System.err.println("Error: " + e.getMessage());
        System.exit(1);
    } catch (Exception e) {
        System.err.println("Unable to load the private key : " + e.getMessage());
        System.exit(1);
    }
}
Also used : BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) GeneralSecurityException(java.security.GeneralSecurityException) BouncyCastleOpenSSLKey(org.globus.gsi.bc.BouncyCastleOpenSSLKey) OpenSSLKey(org.globus.gsi.OpenSSLKey) File(java.io.File) IOException(java.io.IOException) GeneralSecurityException(java.security.GeneralSecurityException)

Aggregations

OpenSSLKey (org.globus.gsi.OpenSSLKey)10 BouncyCastleOpenSSLKey (org.globus.gsi.bc.BouncyCastleOpenSSLKey)10 IOException (java.io.IOException)5 GeneralSecurityException (java.security.GeneralSecurityException)5 KeyPair (java.security.KeyPair)5 PrivateKey (java.security.PrivateKey)3 X509Certificate (java.security.cert.X509Certificate)3 ByteArrayInputStream (java.io.ByteArrayInputStream)2 FileOutputStream (java.io.FileOutputStream)2 GSSException (org.ietf.jgss.GSSException)2 File (java.io.File)1 PrintStream (java.io.PrintStream)1 KeyPairGenerator (java.security.KeyPairGenerator)1 KeyStore (java.security.KeyStore)1 PublicKey (java.security.PublicKey)1 DERSet (org.bouncycastle.asn1.DERSet)1 X509Name (org.bouncycastle.asn1.x509.X509Name)1 PKCS10CertificationRequest (org.bouncycastle.jce.PKCS10CertificationRequest)1 CoGProperties (org.globus.common.CoGProperties)1 GSIConstants (org.globus.gsi.GSIConstants)1