Example 21 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project BiglyBT by BiglySoftware.
the class JCEECPrivateKey method getEncoded.
/**
* Return a PKCS8 representation of the key. The sequence returned
* represents a full PrivateKeyInfo object.
*
* @return a PKCS8 representation of the key.
*/
@Override
public byte[] getEncoded() {
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream dOut = new DEROutputStream(bOut);
X962Parameters params = null;
if (ecSpec instanceof ECNamedCurveParameterSpec) {
params = new X962Parameters(X962NamedCurves.getOID(((ECNamedCurveParameterSpec) ecSpec).getName()));
} else {
X9ECParameters ecP = new X9ECParameters(ecSpec.getCurve(), ecSpec.getG(), ecSpec.getN(), ecSpec.getH(), ecSpec.getSeed());
params = new X962Parameters(ecP);
}
PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), new ECPrivateKeyStructure(this.getD()).getDERObject());
try {
dOut.writeObject(info);
dOut.close();
} catch (IOException e) {
throw new RuntimeException("Error encoding EC private key");
}
return bOut.toByteArray();
}
Also used :
X962Parameters(org.gudy.bouncycastle.asn1.x9.X962Parameters)
X9ECParameters(org.gudy.bouncycastle.asn1.x9.X9ECParameters)
ECNamedCurveParameterSpec(org.gudy.bouncycastle.jce.spec.ECNamedCurveParameterSpec)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ECPrivateKeyStructure(org.gudy.bouncycastle.asn1.sec.ECPrivateKeyStructure)
IOException(java.io.IOException)
PrivateKeyInfo(org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo)
AlgorithmIdentifier(org.gudy.bouncycastle.asn1.x509.AlgorithmIdentifier)
Example 22 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project certmgr by hdecarne.
the class DERCertReaderWriter method tryDecodeKey.
@Nullable
private static KeyPair tryDecodeKey(ASN1Primitive asn1Object, String resource, PasswordCallback password) throws IOException {
PKCS8EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = null;
try {
encryptedPrivateKeyInfo = new PKCS8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo.getInstance(asn1Object));
} catch (Exception e) {
Exceptions.ignore(e);
}
PrivateKeyInfo privateKeyInfo = null;
if (encryptedPrivateKeyInfo != null) {
Throwable passwordException = null;
while (privateKeyInfo == null) {
char[] passwordChars = password.queryPassword(resource);
if (passwordChars == null) {
throw new PasswordRequiredException(resource, passwordException);
}
InputDecryptorProvider inputDecryptorProvider = INPUT_DECRYPTOR_BUILDER.build(passwordChars);
try {
privateKeyInfo = encryptedPrivateKeyInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
} catch (PKCSException e) {
passwordException = e;
}
}
}
try {
privateKeyInfo = PrivateKeyInfo.getInstance(asn1Object);
} catch (Exception e) {
Exceptions.ignore(e);
}
KeyPair key = null;
if (privateKeyInfo != null) {
PrivateKey privateKey;
try {
String algorithmId = privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm().getId();
KeyFactory keyFactory = JCA_JCE_HELPER.createKeyFactory(algorithmId);
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded());
privateKey = keyFactory.generatePrivate(keySpec);
} catch (GeneralSecurityException e) {
throw new CertProviderException(e);
}
key = KeyHelper.rebuildKeyPair(privateKey);
}
return key;
}
Also used :
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
GeneralSecurityException(java.security.GeneralSecurityException)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
PasswordRequiredException(de.carne.certmgr.certs.PasswordRequiredException)
PKCSException(org.bouncycastle.pkcs.PKCSException)
CertProviderException(de.carne.certmgr.certs.CertProviderException)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
CertProviderException(de.carne.certmgr.certs.CertProviderException)
GeneralSecurityException(java.security.GeneralSecurityException)
PKCSException(org.bouncycastle.pkcs.PKCSException)
IOException(java.io.IOException)
PasswordRequiredException(de.carne.certmgr.certs.PasswordRequiredException)
InputDecryptorProvider(org.bouncycastle.operator.InputDecryptorProvider)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
EncryptedPrivateKeyInfo(org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo)
KeyFactory(java.security.KeyFactory)
Nullable(de.carne.check.Nullable)
Example 23 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project certmgr by hdecarne.
the class PKCS12CertReaderWriter method readBinary.
@Override
@Nullable
public CertObjectStore readBinary(IOResource<InputStream> in, PasswordCallback password) throws IOException {
LOG.debug("Trying to read PKCS#12 objects from: ''{0}''...", in);
CertObjectStore certObjects = null;
PKCS12PfxPdu pkcs12 = readPKCS12(in);
if (pkcs12 != null) {
certObjects = new CertObjectStore();
for (ContentInfo contentInfo : pkcs12.getContentInfos()) {
ASN1ObjectIdentifier contentType = contentInfo.getContentType();
PKCS12SafeBagFactory safeBagFactory;
if (contentType.equals(PKCSObjectIdentifiers.encryptedData)) {
safeBagFactory = getSafeBagFactory(contentInfo, in.resource(), password);
} else {
safeBagFactory = getSafeBagFactory(contentInfo);
}
for (PKCS12SafeBag safeBag : safeBagFactory.getSafeBags()) {
Object safeBagValue = safeBag.getBagValue();
if (safeBagValue instanceof X509CertificateHolder) {
certObjects.addCRT(convertCRT((X509CertificateHolder) safeBagValue));
} else if (safeBagValue instanceof PKCS8EncryptedPrivateKeyInfo) {
PrivateKey privateKey = convertPrivateKey((PKCS8EncryptedPrivateKeyInfo) safeBagValue, in.resource(), password);
try {
certObjects.addKey(KeyHelper.rebuildKeyPair(privateKey));
} catch (IOException e) {
LOG.warning(e, "Unable to rebuild key pair for private key of type ''{1}''", privateKey.getClass().getName());
}
} else if (safeBagValue instanceof PrivateKeyInfo) {
PrivateKey privateKey = convertPrivateKey((PrivateKeyInfo) safeBagValue);
try {
certObjects.addKey(KeyHelper.rebuildKeyPair(privateKey));
} catch (IOException e) {
LOG.warning(e, "Unable to rebuild key pair for private key of type ''{1}''", privateKey.getClass().getName());
}
} else {
LOG.warning(CertIOI18N.STR_PKCS12_UNKNOWN_OBJECT, safeBagValue.getClass().getName());
}
}
}
}
return certObjects;
}
Also used :
PrivateKey(java.security.PrivateKey)
PKCS12SafeBagFactory(org.bouncycastle.pkcs.PKCS12SafeBagFactory)
ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
CertObjectStore(de.carne.certmgr.certs.CertObjectStore)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
IOException(java.io.IOException)
PKCS12SafeBag(org.bouncycastle.pkcs.PKCS12SafeBag)
PKCS12PfxPdu(org.bouncycastle.pkcs.PKCS12PfxPdu)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
Nullable(de.carne.check.Nullable)
Example 24 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project xipki by xipki.
the class PrivateKeyCryptor method decrypt.
PrivateKey decrypt(PKCS8EncryptedPrivateKeyInfo encryptedPrivateKeyInfo) throws P11TokenException {
ParamUtil.requireNonNull("encryptedPrivateKeyInfo", encryptedPrivateKeyInfo);
PrivateKeyInfo privateKeyInfo;
synchronized (decryptorProvider) {
try {
privateKeyInfo = encryptedPrivateKeyInfo.decryptPrivateKeyInfo(decryptorProvider);
} catch (PKCSException ex) {
throw new P11TokenException(ex.getMessage(), ex);
}
}
AlgorithmIdentifier keyAlg = privateKeyInfo.getPrivateKeyAlgorithm();
ASN1ObjectIdentifier keyAlgOid = keyAlg.getAlgorithm();
String algoName;
if (PKCSObjectIdentifiers.rsaEncryption.equals(keyAlgOid)) {
algoName = "RSA";
} else if (X9ObjectIdentifiers.id_dsa.equals(keyAlgOid)) {
algoName = "DSA";
} else if (X9ObjectIdentifiers.id_ecPublicKey.equals(keyAlgOid)) {
algoName = "EC";
} else {
throw new P11TokenException("unknown private key algorithm " + keyAlgOid.getId());
}
try {
KeySpec keySpec = new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance(algoName, "BC");
return keyFactory.generatePrivate(keySpec);
} catch (IOException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException ex) {
throw new P11TokenException(ex.getClass().getName() + ": " + ex.getMessage(), ex);
}
}
Also used :
P11TokenException(org.xipki.security.exception.P11TokenException)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
KeySpec(java.security.spec.KeySpec)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
PKCSException(org.bouncycastle.pkcs.PKCSException)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
PKCS8EncodedKeySpec(java.security.spec.PKCS8EncodedKeySpec)
InvalidKeySpecException(java.security.spec.InvalidKeySpecException)
NoSuchProviderException(java.security.NoSuchProviderException)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
KeyFactory(java.security.KeyFactory)
Example 25 with PrivateKeyInfo
use of org.gudy.bouncycastle.asn1.pkcs.PrivateKeyInfo in project xipki by xipki.
the class PrivateKeyCryptor method encrypt.
PKCS8EncryptedPrivateKeyInfo encrypt(PrivateKey privateKey) {
ParamUtil.requireNonNull("privateKey", privateKey);
PrivateKeyInfo privateKeyInfo = PrivateKeyInfo.getInstance(privateKey.getEncoded());
PKCS8EncryptedPrivateKeyInfoBuilder builder = new PKCS8EncryptedPrivateKeyInfoBuilder(privateKeyInfo);
synchronized (encryptor) {
return builder.build(encryptor);
}
}
Also used :
PKCS8EncryptedPrivateKeyInfoBuilder(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder)
PKCS8EncryptedPrivateKeyInfo(org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
Aggregations
PrivateKeyInfo (org.bouncycastle.asn1.pkcs.PrivateKeyInfo)46
IOException (java.io.IOException)30
JcaPEMKeyConverter (org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter)26
PEMParser (org.bouncycastle.openssl.PEMParser)23
PrivateKey (java.security.PrivateKey)21
PEMKeyPair (org.bouncycastle.openssl.PEMKeyPair)18
PKCS8EncryptedPrivateKeyInfo (org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo)18
ByteArrayInputStream (java.io.ByteArrayInputStream)13
InputDecryptorProvider (org.bouncycastle.operator.InputDecryptorProvider)13
JceOpenSSLPKCS8DecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder)11
PKCS8EncodedKeySpec (java.security.spec.PKCS8EncodedKeySpec)9
PemObject (org.bouncycastle.util.io.pem.PemObject)9
ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)8
PrivateKeyInfo (com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo)8
StringReader (java.io.StringReader)8
JcePEMDecryptorProviderBuilder (org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder)8
ObjectIdentifier (sun.security.util.ObjectIdentifier)8
AlgorithmId (sun.security.x509.AlgorithmId)8
GeneralSecurityException (java.security.GeneralSecurityException)7
KeyPair (java.security.KeyPair)7
