List of usage examples for org.bouncycastle.asn1.pkcs PrivateKeyInfo getEncoded
public byte[] getEncoded() throws IOException
From source file:com.spotify.docker.client.DockerCertificates.java
License:Apache License
private static PrivateKey generatePrivateKey(PrivateKeyInfo privateKeyInfo) throws IOException, InvalidKeySpecException, NoSuchAlgorithmException { final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePrivate(spec); }
From source file:com.spotify.helios.client.tls.CertificateAndPrivateKey.java
License:Apache License
public static CertificateAndPrivateKey from(final Path certPath, final Path keyPath) throws IOException, GeneralSecurityException { final CertificateFactory cf = CertificateFactory.getInstance("X.509"); final Certificate certificate; try (final InputStream is = Files.newInputStream(certPath)) { certificate = cf.generateCertificate(is); }//from w ww . j a v a 2 s.c o m final Object parsedPem; try (final BufferedReader br = Files.newBufferedReader(keyPath, Charset.defaultCharset())) { parsedPem = new PEMParser(br).readObject(); } final PrivateKeyInfo keyInfo; if (parsedPem instanceof PEMKeyPair) { keyInfo = ((PEMKeyPair) parsedPem).getPrivateKeyInfo(); } else if (parsedPem instanceof PrivateKeyInfo) { keyInfo = (PrivateKeyInfo) parsedPem; } else { throw new UnsupportedOperationException("Unable to parse x509 certificate."); } final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyInfo.getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); return new CertificateAndPrivateKey(certificate, kf.generatePrivate(spec)); }
From source file:com.spotify.sshagenttls.CertKey.java
License:Apache License
public static CertKey fromPaths(final Path certPath, final Path keyPath) throws IOException, GeneralSecurityException { // TODO (dxia) Cert might not be X.509 final CertificateFactory cf = CertificateFactory.getInstance("X.509"); final Certificate cert; try (final InputStream is = Files.newInputStream(certPath)) { cert = cf.generateCertificate(is); }// w w w.ja v a2s . c om final Object parsedPem; try (final BufferedReader br = Files.newBufferedReader(keyPath, Charset.defaultCharset())) { parsedPem = new PEMParser(br).readObject(); } final PrivateKeyInfo keyInfo; if (parsedPem instanceof PEMKeyPair) { keyInfo = ((PEMKeyPair) parsedPem).getPrivateKeyInfo(); } else if (parsedPem instanceof PrivateKeyInfo) { keyInfo = (PrivateKeyInfo) parsedPem; } else { throw new UnsupportedOperationException( "Unable to parse X.509 certificate, received " + parsedPem.getClass()); } final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyInfo.getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); return new AutoValue_CertKey(cert, kf.generatePrivate(spec)); }
From source file:COSE.ECPrivateKey.java
public ECPrivateKey(OneKey oneKey) throws CoseException, IOException { X9ECParameters p = oneKey.GetCurve(); org.bouncycastle.math.ec.ECPoint pubPoint; ECDomainParameters parameters = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()); if (oneKey.get(KeyKeys.EC2_Y).getType() == CBORType.Boolean) { byte[] X = oneKey.get(KeyKeys.EC2_X.AsCBOR()).GetByteString(); byte[] rgb = new byte[X.length + 1]; System.arraycopy(X, 0, rgb, 1, X.length); rgb[0] = (byte) (2 + (oneKey.get(KeyKeys.EC2_Y).AsBoolean() ? 1 : 0)); pubPoint = p.getCurve().decodePoint(rgb); point = new ECPoint(point.getAffineX(), point.getAffineY()); } else {/*from w ww . j a va2 s . c om*/ point = new ECPoint(new BigInteger(1, oneKey.get(KeyKeys.EC2_X).GetByteString()), new BigInteger(1, oneKey.get(KeyKeys.EC2_Y).GetByteString())); pubPoint = p.getCurve().createPoint(new BigInteger(1, oneKey.get(KeyKeys.EC2_X).GetByteString()), new BigInteger(1, oneKey.get(KeyKeys.EC2_Y).GetByteString())); } ECPublicKeyParameters pub = new ECPublicKeyParameters(pubPoint, parameters); ECPrivateKeyParameters priv = new ECPrivateKeyParameters( new BigInteger(1, oneKey.get(KeyKeys.EC2_D.AsCBOR()).GetByteString()), parameters); /* switch (AlgorithmID.FromCBOR(oneKey.get(KeyKeys.Algorithm))) { case ECDH_ES_HKDF_256: case ECDH_ES_HKDF_512: case ECDH_SS_HKDF_256: case ECDH_SS_HKDF_512: case ECDH_ES_HKDF_256_AES_KW_128: case ECDH_ES_HKDF_256_AES_KW_192: case ECDH_ES_HKDF_256_AES_KW_256: case ECDH_SS_HKDF_256_AES_KW_128: case ECDH_SS_HKDF_256_AES_KW_192: case ECDH_SS_HKDF_256_AES_KW_256: algorithm = "ECDH"; break; case ECDSA_256: algorithm = "SHA256withECDSA"; break; case ECDSA_384: algorithm = "SHA384withECDSA"; break; case ECDSA_512: algorithm = "SHA512withECDSA"; break; default: throw new CoseException("No algorithm specified"); } */ algorithm = "EC"; CBORObject curve = oneKey.get(KeyKeys.EC2_Curve); int keySize; ASN1ObjectIdentifier curveOID; if (curve.equals(KeyKeys.EC2_P256)) { curveOID = org.bouncycastle.asn1.sec.SECObjectIdentifiers.secp256r1; keySize = 256; } else if (curve.equals(KeyKeys.EC2_P384)) { curveOID = org.bouncycastle.asn1.sec.SECObjectIdentifiers.secp384r1; keySize = 384; } else if (curve.equals(KeyKeys.EC2_P521)) { curveOID = org.bouncycastle.asn1.sec.SECObjectIdentifiers.secp521r1; keySize = 521; } else { throw new CoseException("Unrecognized Curve"); } privateKey = new BigInteger(1, oneKey.get(KeyKeys.EC2_D).GetByteString()); ECField field = new ECFieldFp(p.getCurve().getField().getCharacteristic()); EllipticCurve crv = new EllipticCurve(field, p.getCurve().getA().toBigInteger(), p.getCurve().getB().toBigInteger()); ECPoint pt = new ECPoint(p.getG().getRawXCoord().toBigInteger(), p.getG().getRawYCoord().toBigInteger()); ecParameterSpec = new ECParameterSpec(crv, pt, p.getN(), p.getH().intValue()); AlgorithmIdentifier alg = new AlgorithmIdentifier(org.bouncycastle.asn1.x9.X9Curve.id_ecPublicKey, curveOID); org.bouncycastle.asn1.sec.ECPrivateKey asnPrivate = new org.bouncycastle.asn1.sec.ECPrivateKey(keySize, privateKey); byte[] x = asnPrivate.getEncoded(); PrivateKeyInfo asnPrivateX = new PrivateKeyInfo(alg, asnPrivate); encodedKey = asnPrivateX.getEncoded(); }
From source file:de.carne.certmgr.store.provider.bouncycastle.PKCS12Decoder.java
License:Open Source License
public void decodeKeyBag(PrivateKeyInfo bagValue, Attribute[] bagAttributes) { try {//from w w w . ja v a2 s. c o m KeyFactory keyFactory = KeyFactory.getInstance(bagValue.getPrivateKeyAlgorithm().getAlgorithm().getId(), BouncyCastleProvider.PROVIDER_NAME); PrivateKey privateKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bagValue.getEncoded())); for (Attribute bagAttribute : bagAttributes) { if (bagAttribute.getAttrType().equals(PKCS12SafeBag.localKeyIdAttribute)) { decodeKey(bagAttribute.getAttributeValues()[0], privateKey); break; } } } catch (Exception e) { LOG.info(e, null, "Unable to decode key data from PKCS#12 bag"); } }
From source file:org.albertschmitt.crypto.common.RSAPrivateKey.java
License:Open Source License
/** * @param pki the pki to set//from www. j av a 2s . c om * @throws java.io.IOException */ public final void setKey(PrivateKeyInfo pki) throws IOException { byte[] data = pki.getEncoded(); super.setKey(PrivateKeyFactory.createKey(data)); }
From source file:org.albertschmitt.crypto.RSAService.java
License:Open Source License
/** * Write the RSAPrivateKey to a stream in DER format. * * @param outstream/* ww w. j a va 2s .c o m*/ * The stream the DER key is to be written to. * @param key * The RSAPrivatKey. * @throws IOException */ public void writeDERKey(OutputStream outstream, RSAPrivateKey key) throws IOException { AsymmetricKeyParameter keyParam = key.getKey(); PrivateKeyInfo pki = PrivateKeyInfoFactory.createPrivateKeyInfo(keyParam); byte[] keybytes = pki.getEncoded(); outstream.write(keybytes); outstream.close(); }
From source file:org.appenders.log4j2.elasticsearch.tls.KeyReader.java
License:Open Source License
public PKCS8EncodedKeySpec readPrivateKey(FileInputStream fis, Optional<String> keyPassword) throws IOException { PEMParser keyReader = new PEMParser(new InputStreamReader(fis)); PEMDecryptorProvider decryptorProvider = new JcePEMDecryptorProviderBuilder() .build(keyPassword.get().toCharArray()); Object keyPair = keyReader.readObject(); keyReader.close();//from w w w. j a v a 2s .co m PrivateKeyInfo keyInfo; if (keyPair instanceof PEMEncryptedKeyPair) { PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptorProvider); keyInfo = decryptedKeyPair.getPrivateKeyInfo(); } else { keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo(); } return new PKCS8EncodedKeySpec(keyInfo.getEncoded()); }
From source file:org.jruby.ext.openssl.x509store.PEMInputOutput.java
License:LGPL
private static PrivateKey derivePrivateKeyPBES1(EncryptedPrivateKeyInfo eIn, AlgorithmIdentifier algId, char[] password) throws GeneralSecurityException, IOException { // From BC's PEMReader PKCS12PBEParams pkcs12Params = PKCS12PBEParams.getInstance(algId.getParameters()); PBEKeySpec pbeSpec = new PBEKeySpec(password); PBEParameterSpec pbeParams = new PBEParameterSpec(pkcs12Params.getIV(), pkcs12Params.getIterations().intValue()); //String algorithm = algId.getAlgorithm().getId(); String algorithm = ASN1Registry.o2a(algId.getAlgorithm()); algorithm = (algorithm.split("-"))[0]; SecretKeyFactory secKeyFact = SecretKeyFactory.getInstance(algorithm); Cipher cipher = Cipher.getInstance(algorithm); cipher.init(Cipher.DECRYPT_MODE, secKeyFact.generateSecret(pbeSpec), pbeParams); PrivateKeyInfo pInfo = PrivateKeyInfo .getInstance(ASN1Primitive.fromByteArray(cipher.doFinal(eIn.getEncryptedData()))); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(pInfo.getEncoded()); String keyFactAlg = ASN1Registry.o2a(pInfo.getPrivateKeyAlgorithm().getAlgorithm()); // TODO: Can we just set it to RSA as in derivePrivateKeyPBES2? KeyFactory keyFact;/*from w w w. j a v a 2 s .co m*/ if (keyFactAlg.startsWith("dsa")) { keyFact = KeyFactory.getInstance("DSA"); } else { keyFact = KeyFactory.getInstance("RSA"); } return keyFact.generatePrivate(keySpec); }
From source file:org.soulwing.credo.service.crypto.bc.BcPKCS8PrivateKeyWrapper.java
License:Apache License
/** * {@inheritDoc}//from w w w.j a v a 2s .c o m */ @Override public PrivateKey derive() { Validate.notNull(passphrase, "passphrase is required"); InputDecryptorProvider decryptor = createPrivateKeyDecryptor(); try { PrivateKeyInfo keyInfo = delegate.decryptPrivateKeyInfo(decryptor); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyInfo.getEncoded()); return keyFactory.generatePrivate(keySpec); } catch (PKCSException ex) { throw new IncorrectPassphraseException(); } catch (InvalidKeySpecException ex) { throw new RuntimeException(ex); } catch (IOException ex) { throw new RuntimeException(ex); } }