List of usage examples for org.bouncycastle.asn1.pkcs PrivateKeyInfo PrivateKeyInfo
private PrivateKeyInfo(ASN1Sequence seq)
From source file:de.tsenger.animamea.ta.CertificateProvider.java
License:Open Source License
public ECPrivateKey getPrivateKey() throws IOException { ASN1Sequence pkSeq = null;/* w w w . java 2 s .co m*/ pkSeq = (ASN1Sequence) ASN1Sequence.fromByteArray(pkBytes); PrivateKeyInfo pkInfo = new PrivateKeyInfo(pkSeq); ECPrivateKey ecpk = ECPrivateKey.getInstance(pkInfo.parsePrivateKey()); return ecpk; }
From source file:de.tsenger.sandbox.PKCS8PrivateKey.java
License:Open Source License
public static void main(String[] args) throws IOException { byte[] pkBytes = readBinaryFile( "/home/tsenger/Dokumente/Programming/animamea/certs/Key_DEATTIDBSIDE003.pkcs8"); DERSequence pkSeq = (DERSequence) DERSequence.fromByteArray(pkBytes); PrivateKeyInfo pkInfo = new PrivateKeyInfo(pkSeq); AlgorithmIdentifier ecPublicKey = pkInfo.getPrivateKeyAlgorithm(); System.out.println(ecPublicKey.getAlgorithm().toString()); System.out.println(HexString.bufferToHex(ecPublicKey.getEncoded(null))); X9ECParameters ecp = X9ECParameters.getInstance(ecPublicKey.getParameters()); System.out.println("N: \n" + HexString.bufferToHex(Converter.bigIntToByteArray(ecp.getN()))); ECPrivateKey ecpk2 = ECPrivateKey.getInstance(ecPublicKey); //ECPrivateKey.getInstance(pkInfo.getPrivateKey()); System.out.println("private Key: \n" + HexString.bufferToHex(Converter.bigIntToByteArray(ecpk2.getKey()))); }
From source file:es.unican.meteo.esgf.myproxyclient.MyProxyLogon.java
License:Open Source License
private static void printKey(PrivateKey paramPrivateKey, PrintStream paramPrintStream) throws IOException { paramPrintStream.println("-----BEGIN RSA PRIVATE KEY-----"); ByteArrayInputStream localByteArrayInputStream = new ByteArrayInputStream(paramPrivateKey.getEncoded()); ASN1InputStream localASN1InputStream = new ASN1InputStream(localByteArrayInputStream); DERObject localDERObject1 = localASN1InputStream.readObject(); PrivateKeyInfo localPrivateKeyInfo = new PrivateKeyInfo((ASN1Sequence) localDERObject1); DERObject localDERObject2 = localPrivateKeyInfo.getPrivateKey(); ByteArrayOutputStream localByteArrayOutputStream = new ByteArrayOutputStream(); DEROutputStream localDEROutputStream = new DEROutputStream(localByteArrayOutputStream); localDEROutputStream.writeObject(localDERObject2); printB64(localByteArrayOutputStream.toByteArray(), paramPrintStream); paramPrintStream.println("-----END RSA PRIVATE KEY-----"); localASN1InputStream.close(); localDEROutputStream.close();//from w w w.j av a 2 s . c om }
From source file:org.globus.cog.security.cert.request.BouncyCastleOpenSSLKey.java
License:Open Source License
protected byte[] getEncoded(PrivateKey key) { String format = key.getFormat(); if (format != null && (format.equalsIgnoreCase("PKCS#8") || format.equalsIgnoreCase("PKCS8"))) { try {/* w w w . j av a 2s .c om*/ DERObject keyInfo = BouncyCastleUtil.toDERObject(key.getEncoded()); PrivateKeyInfo pkey = new PrivateKeyInfo((DERConstructedSequence) keyInfo); DERObject derKey = pkey.getPrivateKey(); return BouncyCastleUtil.toByteArray(derKey); } catch (IOException e) { // that should never happen e.printStackTrace(); return null; } } else if (format != null && format.equalsIgnoreCase("PKCS#1") && key instanceof RSAPrivateCrtKey) { // this condition will rarely be true RSAPrivateCrtKey pKey = (RSAPrivateCrtKey) key; RSAPrivateKeyStructure st = new RSAPrivateKeyStructure(pKey.getModulus(), pKey.getPublicExponent(), pKey.getPrivateExponent(), pKey.getPrimeP(), pKey.getPrimeQ(), pKey.getPrimeExponentP(), pKey.getPrimeExponentQ(), pKey.getCrtCoefficient()); DERObject ob = st.getDERObject(); try { return BouncyCastleUtil.toByteArray(ob); } catch (IOException e) { // that should never happen return null; } } else { return null; } }
From source file:org.globus.gsi.bc.BouncyCastleOpenSSLKey.java
License:Apache License
protected byte[] getEncoded(PrivateKey key) { String format = key.getFormat(); if (format != null && (format.equalsIgnoreCase("PKCS#8") || format.equalsIgnoreCase("PKCS8"))) { try {/* w w w .j a v a 2 s.co m*/ ASN1Primitive keyInfo = BouncyCastleUtil.toASN1Primitive(key.getEncoded()); PrivateKeyInfo pkey = new PrivateKeyInfo((ASN1Sequence) keyInfo); ASN1Primitive derKey = pkey.getPrivateKey(); return BouncyCastleUtil.toByteArray(derKey); } catch (IOException e) { // that should never happen logger.warn("This shouldn't have happened.", e); return new byte[] {}; } } else if (format != null && format.equalsIgnoreCase("PKCS#1") && key instanceof RSAPrivateCrtKey) { // this condition will rarely be true RSAPrivateCrtKey pKey = (RSAPrivateCrtKey) key; RSAPrivateKeyStructure st = new RSAPrivateKeyStructure(pKey.getModulus(), pKey.getPublicExponent(), pKey.getPrivateExponent(), pKey.getPrimeP(), pKey.getPrimeQ(), pKey.getPrimeExponentP(), pKey.getPrimeExponentQ(), pKey.getCrtCoefficient()); ASN1Primitive ob = st.toASN1Primitive(); try { return BouncyCastleUtil.toByteArray(ob); } catch (IOException e) { // that should never happen return new byte[0]; } } else { return new byte[0]; } }
From source file:org.globus.security.bc.BouncyCastleOpenSSLKey.java
License:Apache License
protected byte[] getEncoded(PrivateKey key) { String format = key.getFormat(); if (format != null && (format.equalsIgnoreCase("PKCS#8") || format.equalsIgnoreCase("PKCS8"))) { try {/*from w w w . j a v a 2 s . c o m*/ DERObject keyInfo = BouncyCastleUtil.toDERObject(key.getEncoded()); PrivateKeyInfo pkey = new PrivateKeyInfo((ASN1Sequence) keyInfo); DERObject derKey = pkey.getPrivateKey(); return BouncyCastleUtil.toByteArray(derKey); } catch (IOException e) { // that should never happen logger.log(Level.WARNING, "This shouldn't have happened.", e); return new byte[] {}; } } else if (format != null && format.equalsIgnoreCase("PKCS#1") && key instanceof RSAPrivateCrtKey) { // this condition will rarely be true RSAPrivateCrtKey pKey = (RSAPrivateCrtKey) key; RSAPrivateKeyStructure st = new RSAPrivateKeyStructure(pKey.getModulus(), pKey.getPublicExponent(), pKey.getPrivateExponent(), pKey.getPrimeP(), pKey.getPrimeQ(), pKey.getPrimeExponentP(), pKey.getPrimeExponentQ(), pKey.getCrtCoefficient()); DERObject ob = st.getDERObject(); try { return BouncyCastleUtil.toByteArray(ob); } catch (IOException e) { // that should never happen return new byte[0]; } } else { return new byte[0]; } }
From source file:org.jruby.ext.openssl.impl.pem.MiscPEMGenerator.java
License:Open Source License
private PemObject createPemObject(Object o) throws IOException { String type;/*from w ww . j av a 2 s . c o m*/ byte[] encoding; if (o instanceof PemObject) { return (PemObject) o; } if (o instanceof PemObjectGenerator) { return ((PemObjectGenerator) o).generate(); } if (o instanceof X509CertificateHolder) { type = "CERTIFICATE"; encoding = ((X509CertificateHolder) o).getEncoded(); } else if (o instanceof X509CRLHolder) { type = "X509 CRL"; encoding = ((X509CRLHolder) o).getEncoded(); } else if (o instanceof PrivateKeyInfo) { PrivateKeyInfo info = (PrivateKeyInfo) o; ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm(); if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)) { type = "RSA PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1])) { type = "DSA PRIVATE KEY"; DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(BigInteger.ZERO)); v.add(new ASN1Integer(p.getP())); v.add(new ASN1Integer(p.getQ())); v.add(new ASN1Integer(p.getG())); BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue(); BigInteger y = p.getG().modPow(x, p.getP()); v.add(new ASN1Integer(y)); v.add(new ASN1Integer(x)); encoding = new DERSequence(v).getEncoded(); } else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey)) { type = "EC PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else { throw new IOException("Cannot identify private key"); } } else if (o instanceof SubjectPublicKeyInfo) { type = "PUBLIC KEY"; encoding = ((SubjectPublicKeyInfo) o).getEncoded(); } else if (o instanceof X509AttributeCertificateHolder) { type = "ATTRIBUTE CERTIFICATE"; encoding = ((X509AttributeCertificateHolder) o).getEncoded(); } else if (o instanceof PKCS10CertificationRequest) { type = "CERTIFICATE REQUEST"; encoding = ((PKCS10CertificationRequest) o).getEncoded(); } else if (o instanceof ContentInfo) { type = "PKCS7"; encoding = ((ContentInfo) o).getEncoded(); } // // NOTE: added behaviour to provide backwards compatibility with 1.47 : // else if (o instanceof java.security.cert.X509Certificate) // 1.47 compatibility { type = "CERTIFICATE"; try { encoding = ((java.security.cert.X509Certificate) o).getEncoded(); } catch (CertificateEncodingException e) { throw new PemGenerationException("Cannot encode object: " + e.toString()); } } else if (o instanceof java.security.cert.X509CRL) // 1.47 compatibility { type = "X509 CRL"; try { encoding = ((java.security.cert.X509CRL) o).getEncoded(); } catch (CRLException e) { throw new PemGenerationException("Cannot encode object: " + e.toString()); } } else if (o instanceof java.security.KeyPair) // 1.47 compatibility { return createPemObject(((java.security.KeyPair) o).getPrivate()); } else if (o instanceof java.security.PrivateKey) // 1.47 compatibility { PrivateKeyInfo info = new PrivateKeyInfo( (ASN1Sequence) ASN1Primitive.fromByteArray(((java.security.Key) o).getEncoded())); if (o instanceof java.security.interfaces.RSAPrivateKey) { type = "RSA PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else if (o instanceof java.security.interfaces.DSAPrivateKey) { type = "DSA PRIVATE KEY"; DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERInteger(0)); v.add(new DERInteger(p.getP())); v.add(new DERInteger(p.getQ())); v.add(new DERInteger(p.getG())); BigInteger x = ((java.security.interfaces.DSAPrivateKey) o).getX(); BigInteger y = p.getG().modPow(x, p.getP()); v.add(new DERInteger(y)); v.add(new DERInteger(x)); encoding = new DERSequence(v).getEncoded(); } else if (((java.security.PrivateKey) o).getAlgorithm().equals("ECDSA")) { type = "EC PRIVATE KEY"; encoding = info.parsePrivateKey().toASN1Primitive().getEncoded(); } else { throw new IOException("Cannot identify private key"); } } else if (o instanceof java.security.PublicKey) // 1.47 compatibility { type = "PUBLIC KEY"; encoding = ((java.security.PublicKey) o).getEncoded(); } else if (o instanceof X509AttributeCertificate) // 1.47 compatibility { type = "ATTRIBUTE CERTIFICATE"; encoding = ((X509AttributeCertificate) o).getEncoded(); } // // // else { throw new PemGenerationException("unknown object passed - can't encode."); } if (encryptor != null) // NEW STUFF (NOT IN OLD) { String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm()); // Note: For backward compatibility if (dekAlgName.equals("DESEDE")) { dekAlgName = "DES-EDE3-CBC"; } byte[] iv = encryptor.getIV(); byte[] encData = encryptor.encrypt(encoding); List<PemHeader> headers = new ArrayList<PemHeader>(2); headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED")); headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv))); return new PemObject(type, headers, encData); } return new PemObject(type, encoding); }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
/** * c: PEM_read_PrivateKey + PEM_read_bio_PrivateKey * CAUTION: KeyPair#getPublic() may be null. *//*from w w w. ja va 2 s .c om*/ @Override public KeyPair readPrivateKey(Reader in, char[] password) throws IOException { BufferedReader _in = makeBuffered(in); String line; while ((line = _in.readLine()) != null) { if (line.indexOf(BEF_G + PEM_STRING_RSA) != -1) { try { return readKeyPair(_in, password, "RSA", BEF_E + PEM_STRING_RSA); } catch (Exception e) { throw new IOException("problem creating RSA private key: " + e.toString()); } } else if (line.indexOf(BEF_G + PEM_STRING_DSA) != -1) { try { return readKeyPair(_in, password, "DSA", BEF_E + PEM_STRING_DSA); } catch (Exception e) { throw new IOException("problem creating DSA private key: " + e.toString()); } } else if (line.indexOf(BEF_G + PEM_STRING_ECPRIVATEKEY) != -1) { throw new IOException("EC private key not supported"); } else if (line.indexOf(BEF_G + PEM_STRING_PKCS8INF) != -1) { try { byte[] bytes = readBytes(_in, BEF_E + PEM_STRING_PKCS8INF); ByteArrayInputStream bIn = new ByteArrayInputStream(bytes); ASN1InputStream aIn = new ASN1InputStream(bIn); PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) aIn.readObject()); String type = getPrivateKeyTypeFromObjectId(info.getAlgorithmId().getObjectId()); return readPrivateKeySequence(info.getPrivateKey().getDEREncoded(), type); } catch (Exception e) { throw new IOException("problem creating private key: " + e.toString()); } } else if (line.indexOf(BEF_G + PEM_STRING_PKCS8) != -1) { try { byte[] bytes = readBytes(_in, BEF_E + PEM_STRING_PKCS8); ByteArrayInputStream bIn = new ByteArrayInputStream(bytes); ASN1InputStream aIn = new ASN1InputStream(bIn); org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo eIn = new org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo( (ASN1Sequence) aIn.readObject()); AlgorithmIdentifier algId = eIn.getEncryptionAlgorithm(); String algorithm = ASN1Registry.o2a(algId.getObjectId()); algorithm = (algorithm.split("-"))[0]; PKCS12PBEParams pbeParams = new PKCS12PBEParams((ASN1Sequence) algId.getParameters()); SecretKeyFactory fact = OpenSSLReal.getSecretKeyFactoryBC(algorithm); // need to use BC for PKCS12PBEParams. PBEKeySpec pbeSpec = new PBEKeySpec(password); SecretKey key = fact.generateSecret(pbeSpec); PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue()); Cipher cipher = OpenSSLReal.getCipherBC(algorithm); // need to use BC for PBEParameterSpec. cipher.init(Cipher.UNWRAP_MODE, key, defParams); // wrappedKeyAlgorithm is unknown ("") PrivateKey privKey = (PrivateKey) cipher.unwrap(eIn.getEncryptedData(), "", Cipher.PRIVATE_KEY); return new KeyPair(null, privKey); } catch (Exception e) { throw new IOException("problem creating private key: " + e.toString()); } } } return null; }
From source file:org.jruby.ext.openssl.x509store.BouncyCastleASN1FormatHandler.java
License:LGPL
@Override public void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, String algo, char[] f) throws IOException { BufferedWriter out = makeBuffered(_out); ByteArrayInputStream bIn = new ByteArrayInputStream(getEncoded(obj)); ASN1InputStream aIn = new ASN1InputStream(bIn); PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) aIn.readObject()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DERInteger(0)); v.add(new DERInteger(p.getP())); v.add(new DERInteger(p.getQ())); v.add(new DERInteger(p.getG())); BigInteger x = obj.getX();/* ww w . j av a 2 s .co m*/ BigInteger y = p.getG().modPow(x, p.getP()); v.add(new DERInteger(y)); v.add(new DERInteger(x)); aOut.writeObject(new DERSequence(v)); byte[] encoding = bOut.toByteArray(); if (algo != null && f != null) { byte[] salt = new byte[8]; byte[] encData = null; random.nextBytes(salt); OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator(); pGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(f), salt); SecretKey secretKey = null; if (algo.equalsIgnoreCase("DESede/CBC/PKCS5Padding")) { // generate key int keyLength = 24; KeyParameter param = (KeyParameter) pGen.generateDerivedParameters(keyLength * 8); secretKey = new SecretKeySpec(param.getKey(), "DESede"); } else { throw new IOException("unknown algorithm in write_DSAPrivateKey: " + algo); } // cipher try { Cipher c = Cipher.getInstance("DESede/CBC/PKCS5Padding"); c.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(salt)); encData = c.doFinal(encoding); } catch (Exception e) { throw new IOException("exception using cipher: " + e.toString()); } // write the data out.write(BEF_G + PEM_STRING_DSA + AFT); out.newLine(); out.write("Proc-Type: 4,ENCRYPTED"); out.newLine(); out.write("DEK-Info: DES-EDE3-CBC,"); writeHexEncoded(out, salt); out.newLine(); out.newLine(); writeEncoded(out, encData); out.write(BEF_E + PEM_STRING_DSA + AFT); out.flush(); } else { out.write(BEF_G + PEM_STRING_DSA + AFT); out.newLine(); writeEncoded(out, encoding); out.write(BEF_E + PEM_STRING_DSA + AFT); out.newLine(); out.flush(); } }
From source file:org.jruby.ext.openssl.x509store.PEMInputOutput.java
License:LGPL
public static void writeDSAPrivateKey(Writer _out, DSAPrivateKey obj, CipherSpec cipher, char[] passwd) throws IOException { BufferedWriter out = makeBuffered(_out); PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) new ASN1InputStream(getEncoded(obj)).readObject()); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); ASN1OutputStream aOut = new ASN1OutputStream(bOut); DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters()); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(0)); v.add(new ASN1Integer(p.getP())); v.add(new ASN1Integer(p.getQ())); v.add(new ASN1Integer(p.getG())); BigInteger x = obj.getX();/*from www.j av a 2 s . co m*/ BigInteger y = p.getG().modPow(x, p.getP()); v.add(new ASN1Integer(y)); v.add(new ASN1Integer(x)); aOut.writeObject(new DLSequence(v)); byte[] encoding = bOut.toByteArray(); if (cipher != null && passwd != null) { writePemEncrypted(out, PEM_STRING_DSA, encoding, cipher, passwd); } else { writePemPlain(out, PEM_STRING_DSA, encoding); } }