use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project jruby-openssl by jruby.
the class PEMInputOutput method writeDSAPrivateKey.
public static void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, CipherSpec cipher, char[] passwd) throws IOException {
BufferedWriter out = makeBuffered(_out);
PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) new ASN1InputStream(getEncoded(obj)).readObject());
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
ASN1OutputStream aOut = new ASN1OutputStream(bOut);
DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(BigInteger.ZERO));
v.add(new ASN1Integer(p.getP()));
v.add(new ASN1Integer(p.getQ()));
v.add(new ASN1Integer(p.getG()));
BigInteger x = obj.getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new ASN1Integer(y));
v.add(new ASN1Integer(x));
aOut.writeObject(new DLSequence(v));
if (cipher != null && passwd != null) {
writePemEncrypted(out, PEM_STRING_DSA, bOut.buffer(), bOut.size(), cipher, passwd);
} else {
writePemPlain(out, PEM_STRING_DSA, bOut.buffer(), bOut.size());
}
}
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project credhub by cloudfoundry-incubator.
the class PrivateKeyReader method getPrivateKey.
public static PrivateKey getPrivateKey(String privateKeyPem) throws IOException, UnsupportedFormatException {
PEMParser pemParser = new PEMParser(new StringReader(privateKeyPem));
Object parsed = pemParser.readObject();
pemParser.close();
if (!(parsed instanceof PEMKeyPair)) {
throw new UnsupportedFormatException("format of private key is not supported.");
}
PEMKeyPair pemKeyPair = (PEMKeyPair) parsed;
PrivateKeyInfo privateKeyInfo = pemKeyPair.getPrivateKeyInfo();
return new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo);
}
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project midpoint by Evolveum.
the class RemoteModuleWebSecurityConfiguration method getPrivateKey.
protected static PrivateKey getPrivateKey(AbstractSimpleKeyType key, Protector protector) throws EncryptionException, IOException, PKCSException, OperatorCreationException {
if (key == null) {
return null;
}
PrivateKey pkey = null;
String stringPrivateKey = protector.decryptString(key.getPrivateKey());
String stringPassphrase = protector.decryptString(key.getPassphrase());
if (hasText(stringPrivateKey)) {
Object obj;
PEMParser parser = new PEMParser(new CharArrayReader(stringPrivateKey.toCharArray()));
obj = parser.readObject();
parser.close();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
if (obj == null) {
throw new EncryptionException("Unable to decode PEM key:" + key.getPrivateKey());
} else if (obj instanceof PEMEncryptedKeyPair) {
// Encrypted key - we will use provided password
PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) obj;
char[] passarray = (ofNullable(stringPassphrase).orElse("")).toCharArray();
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(passarray);
KeyPair kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
pkey = kp.getPrivate();
} else if (obj instanceof PEMKeyPair) {
// Unencrypted key - no password needed
PEMKeyPair ukp = (PEMKeyPair) obj;
KeyPair kp = converter.getKeyPair(ukp);
pkey = kp.getPrivate();
} else if (obj instanceof PrivateKeyInfo) {
// Encrypted key - we will use provided password
PrivateKeyInfo pk = (PrivateKeyInfo) obj;
pkey = converter.getPrivateKey(pk);
} else if (obj instanceof PKCS8EncryptedPrivateKeyInfo) {
// Encrypted key - we will use provided password
PKCS8EncryptedPrivateKeyInfo cpk = (PKCS8EncryptedPrivateKeyInfo) obj;
char[] passarray = (ofNullable(stringPassphrase).orElse("")).toCharArray();
final InputDecryptorProvider provider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(passarray);
pkey = converter.getPrivateKey(cpk.decryptPrivateKeyInfo(provider));
} else {
throw new EncryptionException("Unable get private key from " + obj);
}
}
return pkey;
}
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project zeppelin by apache.
the class PEMImporter method createPrivateKey.
private static PrivateKey createPrivateKey(File privateKeyPem, String keyPassword) throws IOException, GeneralSecurityException, OperatorCreationException, PKCSException {
// add provider only if it's not in the JVM
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
Security.addProvider(new BouncyCastleProvider());
}
try (PEMParser parser = new PEMParser(Files.newBufferedReader(privateKeyPem.toPath()))) {
Object privateKeyObject = parser.readObject();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME);
KeyPair kp;
if (privateKeyObject instanceof PEMEncryptedKeyPair) {
// Encrypted key - we will use provided password
PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyObject;
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(keyPassword.toCharArray());
kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
} else if (privateKeyObject instanceof PEMKeyPair) {
// Unencrypted key - no password needed
PEMKeyPair ukp = (PEMKeyPair) privateKeyObject;
kp = converter.getKeyPair(ukp);
} else if (privateKeyObject instanceof PrivateKeyInfo) {
PrivateKeyInfo pki = (PrivateKeyInfo) privateKeyObject;
return converter.getPrivateKey(pki);
} else if (privateKeyObject instanceof PKCS8EncryptedPrivateKeyInfo) {
PKCS8EncryptedPrivateKeyInfo ckp = (PKCS8EncryptedPrivateKeyInfo) privateKeyObject;
InputDecryptorProvider devProv = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(keyPassword.toCharArray());
return converter.getPrivateKey(ckp.decryptPrivateKeyInfo(devProv));
} else {
throw new GeneralSecurityException("Unsupported key type: " + privateKeyObject.getClass());
}
return kp.getPrivate();
}
}
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project Openfire by igniterealtime.
the class CertificateManager method parsePrivateKey.
/**
* Parses a PrivateKey instance from a PEM representation.
*
* When the provided key is encrypted, the provided pass phrase is applied.
*
* @param pemRepresentation a PEM representation of a private key (cannot be null or empty)
* @param passPhrase optional pass phrase (must be present if the private key is encrypted).
* @return a PrivateKey instance (never null)
* @throws IOException if there was a problem parsing the key
*/
public static PrivateKey parsePrivateKey(InputStream pemRepresentation, String passPhrase) throws IOException {
if (passPhrase == null) {
passPhrase = "";
}
try (//
Reader reader = new InputStreamReader(pemRepresentation);
PEMParser pemParser = new PEMParser(reader)) {
final Object object = pemParser.readObject();
final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
final KeyPair kp;
if (object instanceof PEMEncryptedKeyPair) {
// Encrypted key - we will use provided password
final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(passPhrase.toCharArray());
kp = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));
} else if (object instanceof PKCS8EncryptedPrivateKeyInfo) {
// Encrypted key - we will use provided password
try {
final PKCS8EncryptedPrivateKeyInfo encryptedInfo = (PKCS8EncryptedPrivateKeyInfo) object;
final InputDecryptorProvider provider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build(passPhrase.toCharArray());
final PrivateKeyInfo privateKeyInfo = encryptedInfo.decryptPrivateKeyInfo(provider);
return converter.getPrivateKey(privateKeyInfo);
} catch (PKCSException | OperatorCreationException e) {
throw new IOException("Unable to decrypt private key.", e);
}
} else if (object instanceof PrivateKeyInfo) {
return converter.getPrivateKey((PrivateKeyInfo) object);
} else {
// Unencrypted key - no password needed
kp = converter.getKeyPair((PEMKeyPair) object);
}
return kp.getPrivate();
}
}
Aggregations