Examples with PemInfo org.kse.utilities.pem.PemInfo used on opensource projects

Example 6 with PemInfo

use of org.kse.utilities.pem.PemInfo in project keystore-explorer by kaikramer.

the class OpenSslPubUtil method getPem.

/**
 * OpenSSL encode a public key and PEM the encoding.
 *
 * @return The PEM'd encoding
 * @param publicKey
 *            The public key
 */
public static String getPem(PublicKey publicKey) {
    byte[] openSsl = get(publicKey);
    PemInfo pemInfo = new PemInfo(OPENSSL_PUB_PEM_TYPE, null, openSsl);
    String openSslPem = PemUtil.encode(pemInfo);
    return openSslPem;
}

Example 7 with PemInfo

use of org.kse.utilities.pem.PemInfo in project keystore-explorer by kaikramer.

the class OpenSslPvkUtil method getPem.

/**
 * OpenSSL encode a private key and PEM the encoding.
 *
 * @return The PEM'd encoding
 * @param privateKey
 *            The private key
 * @throws CryptoException
 *             Problem encountered while getting the encoded private key
 */
public static String getPem(PrivateKey privateKey) throws CryptoException {
    byte[] openSsl = get(privateKey);
    String pemType = null;
    if (privateKey instanceof RSAPrivateCrtKey) {
        pemType = OPENSSL_RSA_PVK_PEM_TYPE;
    } else if (privateKey instanceof ECPrivateKey) {
        pemType = OPENSSL_EC_PVK_PEM_TYPE;
    } else {
        pemType = OPENSSL_DSA_PVK_PEM_TYPE;
    }
    PemInfo pemInfo = new PemInfo(pemType, null, openSsl);
    String openSslPem = PemUtil.encode(pemInfo);
    return openSslPem;
}

Example 8 with PemInfo

use of org.kse.utilities.pem.PemInfo in project keystore-explorer by kaikramer.

the class OpenSslPvkUtil method loadEncrypted.

/**
 * Load an encrypted OpenSSL private key from the specified stream. The
 * encoding of the private key will be PEM.
 *
 * @param is
 *            Stream load the encrypted private key from
 * @param password
 *            Password to decrypt
 * @return The private key
 * @throws PrivateKeyUnencryptedException
 *             If private key is unencrypted
 * @throws PrivateKeyPbeNotSupportedException
 *             If private key PBE algorithm is not supported
 * @throws CryptoException
 *             Problem encountered while loading the private key
 * @throws IOException
 *             An I/O error occurred
 */
public static PrivateKey loadEncrypted(InputStream is, Password password) throws CryptoException, IOException {
    byte[] streamContents = ReadUtil.readFully(is);
    EncryptionType encType = getEncryptionType(new ByteArrayInputStream(streamContents));
    if (encType == null) {
        throw new CryptoException(res.getString("NotValidOpenSsl.exception.message"));
    }
    if (encType == UNENCRYPTED) {
        throw new PrivateKeyUnencryptedException(res.getString("OpenSslIsUnencrypted.exception.message"));
    }
    // OpenSSL must be encrypted and therefore must be PEM
    PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
    byte[] encKey = pemInfo.getContent();
    PemAttributes attributes = pemInfo.getAttributes();
    String dekInfo = attributes.get(DEK_INFO_ATTR_NAME).getValue();
    // Split DEK-Info into encryption pbe algorithm and salt
    int separator = dekInfo.indexOf(',');
    if (separator == -1) {
        throw new CryptoException(MessageFormat.format("OpenSslDekInfoMalformed.exception.message", dekInfo));
    }
    String encAlg = dekInfo.substring(0, separator);
    String salt = dekInfo.substring(separator + 1);
    byte[] saltBytes = hexToBytes(salt);
    OpenSslPbeType pbeType = OpenSslPbeType.resolveDekInfo(encAlg);
    if (pbeType == null) {
        throw new PrivateKeyPbeNotSupportedException(encAlg, MessageFormat.format(res.getString("PrivateKeyWrappingAlgUnsupported.exception.message"), encAlg));
    }
    try {
        byte[] decryptKey = deriveKeyFromPassword(password, saltBytes, pbeType.keySize());
        // Create cipher - use all of the salt as the IV
        Cipher cipher = createCipher(pbeType.jceCipher(), decryptKey, saltBytes, DECRYPT_MODE);
        byte[] key = cipher.doFinal(encKey);
        return load(new ByteArrayInputStream(key));
    } catch (GeneralSecurityException ex) {
        throw new CryptoException(MessageFormat.format("OpenSslDecryptionFailed.exception.message", pbeType.friendly()), ex);
    }
}

Example 9 with PemInfo

use of org.kse.utilities.pem.PemInfo in project keystore-explorer by kaikramer.

the class Pkcs8Util method load.

/**
 * Load an unencrypted PKCS #8 private key from the stream. The encoding of
 * the private key may be PEM or DER.
 *
 * @param is
 *            Stream to load the unencrypted private key from
 * @return The private key
 * @throws PrivateKeyEncryptedException
 *             If private key is encrypted
 * @throws CryptoException
 *             Problem encountered while loading the private key
 * @throws IOException
 *             If an I/O error occurred
 */
public static PrivateKey load(InputStream is) throws CryptoException, IOException {
    byte[] streamContents = ReadUtil.readFully(is);
    // Check pkcs #8 is unencrypted
    EncryptionType encType = getEncryptionType(new ByteArrayInputStream(streamContents));
    if (encType == null) {
        // Not a valid PKCS #8 private key
        throw new CryptoException(res.getString("NotValidPkcs8.exception.message"));
    }
    if (encType == ENCRYPTED) {
        throw new PrivateKeyEncryptedException(res.getString("Pkcs8IsEncrypted.exception.message"));
    }
    byte[] pvkBytes = null;
    // Check if stream is PEM encoded
    PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
    if (pemInfo != null) {
        // It is - get DER from PEM
        pvkBytes = pemInfo.getContent();
    }
    /*
		 * If we haven't got the key bytes via PEM then just use stream
		 * contents directly (assume it is DER encoded)
		 */
    if (pvkBytes == null) {
        // Read in private key bytes
        pvkBytes = streamContents;
    }
    try {
        // Determine private key algorithm from key bytes
        String privateKeyAlgorithm = getPrivateKeyAlgorithm(pvkBytes);
        // Convert bytes to private key
        PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(pvkBytes);
        KeyFactory keyFactory = KeyFactory.getInstance(privateKeyAlgorithm);
        PrivateKey pvk = keyFactory.generatePrivate(privateKeySpec);
        return pvk;
    } catch (NoSuchAlgorithmException ex) {
        throw new CryptoException(res.getString("NoLoadPkcs8PrivateKey.exception.message"), ex);
    } catch (InvalidKeySpecException ex) {
        throw new CryptoException(res.getString("NoLoadPkcs8PrivateKey.exception.message"), ex);
    }
}

Example 10 with PemInfo

use of org.kse.utilities.pem.PemInfo in project keystore-explorer by kaikramer.

the class OpenSslPubUtil method load.

/**
 * Load an unencrypted OpenSSL public key from the stream. The encoding of
 * the public key may be PEM or DER.
 *
 * @param is
 *            Stream to load the unencrypted public key from
 * @return The public key
 * @throws CryptoException
 *             Problem encountered while loading the public key
 * @throws IOException
 *             An I/O error occurred
 */
public static PublicKey load(InputStream is) throws CryptoException, IOException {
    byte[] streamContents = ReadUtil.readFully(is);
    // Check if stream is PEM encoded
    PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
    if (pemInfo != null) {
        // It is - get DER from PEM
        streamContents = pemInfo.getContent();
    }
    try {
        // DER-encoded subjectPublicKeyInfo structure - the OpenSSL format
        SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(streamContents);
        return new JcaPEMKeyConverter().getPublicKey(publicKeyInfo);
    } catch (Exception ex) {
        throw new CryptoException(res.getString("NoLoadOpenSslPublicKey.exception.message"), ex);
    }
}