Example 11 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project android_packages_apps_Settings by DirtyUnicorns.
the class CredentialStorage method isHardwareBackedKey.
private boolean isHardwareBackedKey(byte[] keyData) {
try {
ASN1InputStream bIn = new ASN1InputStream(new ByteArrayInputStream(keyData));
PrivateKeyInfo pki = PrivateKeyInfo.getInstance(bIn.readObject());
String algOid = pki.getAlgorithmId().getAlgorithm().getId();
String algName = new AlgorithmId(new ObjectIdentifier(algOid)).getName();
return KeyChain.isBoundKeyAlgorithm(algName);
} catch (IOException e) {
Log.e(TAG, "Failed to parse key data");
return false;
}
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
AlgorithmId(sun.security.x509.AlgorithmId)
IOException(java.io.IOException)
PrivateKeyInfo(com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 12 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project runwar by cfmlprojects.
the class SSLUtil method loadPemPrivateKey.
private static PrivateKey loadPemPrivateKey(final File file, final char[] passphrase) throws Exception {
Security.addProvider(new BouncyCastleProvider());
final PEMParser pemParser = new PEMParser(new BufferedReader(new FileReader(file)));
final PEMDecryptorProvider build = new JcePEMDecryptorProviderBuilder().build(passphrase);
final JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
PrivateKey privateKey;
try {
final Object object = pemParser.readObject();
if (object instanceof PEMEncryptedKeyPair) {
privateKey = jcaPEMKeyConverter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(build)).getPrivate();
} else {
PrivateKeyInfo privateKeyInfo;
if (object instanceof PEMKeyPair) {
privateKeyInfo = ((PEMKeyPair) object).getPrivateKeyInfo();
} else {
privateKeyInfo = (PrivateKeyInfo) object;
}
if (privateKeyInfo != null) {
privateKey = new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo);
} else {
final KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
final FileInputStream fileInputStream = new FileInputStream(file);
keyStore.load(fileInputStream, passphrase);
fileInputStream.close();
final Enumeration<String> aliases = keyStore.aliases();
String alias = "";
while (aliases.hasMoreElements()) {
alias = aliases.nextElement();
}
privateKey = (PrivateKey) keyStore.getKey(alias, passphrase);
}
}
} finally {
pemParser.close();
}
pemParser.close();
return privateKey;
}
Also used :
PrivateKey(java.security.PrivateKey)
PEMDecryptorProvider(org.bouncycastle.openssl.PEMDecryptorProvider)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
JcePEMDecryptorProviderBuilder(org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)
KeyStore(java.security.KeyStore)
FileInputStream(java.io.FileInputStream)
PEMEncryptedKeyPair(org.bouncycastle.openssl.PEMEncryptedKeyPair)
PEMParser(org.bouncycastle.openssl.PEMParser)
BufferedReader(java.io.BufferedReader)
FileReader(java.io.FileReader)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
EncryptedPrivateKeyInfo(javax.crypto.EncryptedPrivateKeyInfo)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
Example 13 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project incubator-pulsar by apache.
the class MessageCrypto method loadPrivateKey.
private PrivateKey loadPrivateKey(byte[] keyBytes) throws Exception {
Reader keyReader = new StringReader(new String(keyBytes));
PrivateKey privateKey = null;
try (PEMParser pemReader = new PEMParser(keyReader)) {
X9ECParameters ecParam = null;
Object pemObj = pemReader.readObject();
if (pemObj instanceof ASN1ObjectIdentifier) {
// make sure this is EC Parameter we're handling. In which case
// we'll store it and read the next object which should be our
// EC Private Key
ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier) pemObj;
ecParam = ECNamedCurveTable.getByOID(ecOID);
if (ecParam == null) {
throw new PEMException("Unable to find EC Parameter for the given curve oid: " + ecOID.getId());
}
pemObj = pemReader.readObject();
} else if (pemObj instanceof X9ECParameters) {
ecParam = (X9ECParameters) pemObj;
pemObj = pemReader.readObject();
}
if (pemObj instanceof PEMKeyPair) {
PrivateKeyInfo pKeyInfo = ((PEMKeyPair) pemObj).getPrivateKeyInfo();
JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter();
privateKey = pemConverter.getPrivateKey(pKeyInfo);
}
if (ecParam != null && ECDSA.equals(privateKey.getAlgorithm())) {
ECParameterSpec ecSpec = new ECParameterSpec(ecParam.getCurve(), ecParam.getG(), ecParam.getN(), ecParam.getH(), ecParam.getSeed());
KeyFactory keyFactory = KeyFactory.getInstance(ECDSA, BouncyCastleProvider.PROVIDER_NAME);
ECPrivateKeySpec keySpec = new ECPrivateKeySpec(((BCECPrivateKey) privateKey).getS(), ecSpec);
privateKey = (PrivateKey) keyFactory.generatePrivate(keySpec);
}
} catch (IOException e) {
throw new Exception(e);
}
return privateKey;
}
Also used :
BCECPrivateKey(org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey)
PrivateKey(java.security.PrivateKey)
ECPrivateKeySpec(org.bouncycastle.jce.spec.ECPrivateKeySpec)
X9ECParameters(org.bouncycastle.asn1.x9.X9ECParameters)
Reader(java.io.Reader)
CryptoKeyReader(org.apache.pulsar.client.api.CryptoKeyReader)
StringReader(java.io.StringReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
ByteString(com.google.protobuf.ByteString)
IOException(java.io.IOException)
PulsarClientException(org.apache.pulsar.client.api.PulsarClientException)
ShortBufferException(javax.crypto.ShortBufferException)
IllegalBlockSizeException(javax.crypto.IllegalBlockSizeException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
NoSuchPaddingException(javax.crypto.NoSuchPaddingException)
CryptoException(org.apache.pulsar.client.api.PulsarClientException.CryptoException)
PEMException(org.bouncycastle.openssl.PEMException)
IOException(java.io.IOException)
BadPaddingException(javax.crypto.BadPaddingException)
NoSuchProviderException(java.security.NoSuchProviderException)
PEMParser(org.bouncycastle.openssl.PEMParser)
ECParameterSpec(org.bouncycastle.jce.spec.ECParameterSpec)
PEMException(org.bouncycastle.openssl.PEMException)
StringReader(java.io.StringReader)
PEMKeyPair(org.bouncycastle.openssl.PEMKeyPair)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
KeyFactory(java.security.KeyFactory)
Example 14 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project candlepin by candlepin.
the class PrivateKeyReaderTest method testReadUnencryptedPKCS8.
@Test
public void testReadUnencryptedPKCS8() throws Exception {
String keyFile = "keys/pkcs8-unencrypted.pem";
try (InputStream keyStream = cl.getResourceAsStream(keyFile);
Reader expectedReader = new InputStreamReader(cl.getResourceAsStream(keyFile))) {
PrivateKey actualKey = new PrivateKeyReader().read(keyStream, null);
PrivateKeyInfo expected = (PrivateKeyInfo) new PEMParser(expectedReader).readObject();
PrivateKey expectedKey = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getPrivateKey(expected);
assertEquals(actualKey, expectedKey);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
InputStreamReader(java.io.InputStreamReader)
PEMParser(org.bouncycastle.openssl.PEMParser)
InputStream(java.io.InputStream)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Test(org.junit.Test)
Example 15 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project candlepin by candlepin.
the class PrivateKeyReaderTest method testReadEncryptedPKCS8.
/**
* Currently fails due to a bug in OpenJDK: https://bugs.openjdk.java.net/browse/JDK-8076999
*/
@Test
@Ignore
public void testReadEncryptedPKCS8() throws Exception {
String keyFile = "keys/pkcs8-aes256-encrypted.pem";
try (InputStream keyStream = cl.getResourceAsStream(keyFile);
Reader expectedReader = new InputStreamReader(cl.getResourceAsStream(keyFile))) {
PrivateKey actualKey = new PrivateKeyReader().read(keyStream, "password");
PKCS8EncryptedPrivateKeyInfo expected = (PKCS8EncryptedPrivateKeyInfo) new PEMParser(expectedReader).readObject();
// the PBE in JcePKCSPBEInputDecryptorProviderBuilder stands for "password based encryption"
InputDecryptorProvider provider = new JcePKCSPBEInputDecryptorProviderBuilder().setProvider(BC_PROVIDER).build(PASSWORD);
PrivateKeyInfo decryptedInfo = expected.decryptPrivateKeyInfo(provider);
PrivateKey expectedKey = new JcaPEMKeyConverter().setProvider(BC_PROVIDER).getPrivateKey(decryptedInfo);
assertEquals(actualKey, expectedKey);
}
}
Also used :
PrivateKey(java.security.PrivateKey)
InputStreamReader(java.io.InputStreamReader)
PEMParser(org.bouncycastle.openssl.PEMParser)
InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider)
InputStream(java.io.InputStream)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
JcaPEMKeyConverter(org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
JcePKCSPBEInputDecryptorProviderBuilder(org.bouncycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Ignore(org.junit.Ignore)
Test(org.junit.Test)
Aggregations
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)46
IOException (java.io.IOException)30
JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)26
PEMParser (org.bouncycastle.openssl.PEMParser)23
PrivateKey (java.security.PrivateKey)21
PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)18
PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)18
ByteArrayInputStream (java.io.ByteArrayInputStream)13
InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)13
JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)11
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)9
PemObject (org.bouncycastle.util.io.pem.PemObject)9
ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)8
PrivateKeyInfo (com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8
StringReader (java.io.StringReader)8
JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)8
ObjectIdentifier (sun.security.util.ObjectIdentifier)8
AlgorithmId (sun.security.x509.AlgorithmId)8
GeneralSecurityException (java.security.GeneralSecurityException)7
KeyPair (java.security.KeyPair)7
