List of usage examples for org.bouncycastle.openpgp.operator.jcajce JcePBESecretKeyDecryptorBuilder JcePBESecretKeyDecryptorBuilder
public JcePBESecretKeyDecryptorBuilder(PGPDigestCalculatorProvider calculatorProvider)
From source file:org.kontalk.certgen.PGP.java
License:Open Source License
@SuppressWarnings("unchecked") public static PrivateKey convertPrivateKey(byte[] privateKeyData, String passphrase) throws PGPException, IOException { PGPDigestCalculatorProvider sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build(); PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder(sha1Calc).setProvider(PGP.PROVIDER) .build(passphrase.toCharArray()); // load the secret key ring KeyFingerPrintCalculator fpr = new BcKeyFingerprintCalculator(); PGPSecretKeyRing secRing = new PGPSecretKeyRing(privateKeyData, fpr); // search and decrypt the master (signing key) // secret keys Iterator<PGPSecretKey> skeys = secRing.getSecretKeys(); while (skeys.hasNext()) { PGPSecretKey key = skeys.next(); PGPSecretKey sec = secRing.getSecretKey(); if (key.isMasterKey()) return convertPrivateKey(sec.extractPrivateKey(decryptor)); }/*from w ww . j av a 2s. c o m*/ throw new PGPException("no suitable private key found."); }
From source file:org.kontalk.certgen.X509Bridge.java
License:Open Source License
public static X509Certificate createCertificate(PGPPublicKeyRing publicKeyring, PGPSecretKey secretKey, String passphrase, String subjectAltName) throws PGPException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, IOException, OperatorCreationException { // extract the private key PGPDigestCalculatorProvider sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build(); PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder(sha1Calc).setProvider(PGP.PROVIDER) .build(passphrase.toCharArray()); PGPPrivateKey privateKey = secretKey.extractPrivateKey(decryptor); return createCertificate(publicKeyring, privateKey, subjectAltName); }
From source file:org.kontalk.certgen.X509Bridge.java
License:Open Source License
public static X509Certificate createCertificate(byte[] privateKeyData, byte[] publicKeyData, String passphrase, String subjectAltName)/*from w w w. j av a 2 s .c o m*/ throws PGPException, IOException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, OperatorCreationException { KeyFingerPrintCalculator fpr = new BcKeyFingerprintCalculator(); PGPSecretKeyRing secRing = new PGPSecretKeyRing(privateKeyData, fpr); PGPPublicKeyRing pubRing = new PGPPublicKeyRing(publicKeyData, fpr); PGPDigestCalculatorProvider sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build(); PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder(sha1Calc).setProvider(PGP.PROVIDER) .build(passphrase.toCharArray()); // secret key PGPSecretKey secKey = secRing.getSecretKey(); return createCertificate(pubRing, secKey.extractPrivateKey(decryptor), subjectAltName); }
From source file:org.kontalk.crypto.PersonalKey.java
License:Open Source License
/** Creates a {@link PersonalKey} from private and public key byte buffers. */ @SuppressWarnings("unchecked") public static PersonalKey load(byte[] privateKeyData, byte[] publicKeyData, char[] passphrase, byte[] bridgeCertData) throws KonException, IOException, PGPException, CertificateException, NoSuchProviderException { KeyFingerPrintCalculator fpr = new BcKeyFingerprintCalculator(); PGPSecretKeyRing secRing = new PGPSecretKeyRing(privateKeyData, fpr); PGPPublicKeyRing pubRing = new PGPPublicKeyRing(publicKeyData, fpr); PGPDigestCalculatorProvider sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build(); PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder(sha1Calc) .setProvider(PGPUtils.PROVIDER).build(passphrase); PGPKeyPair signKp, encryptKp;/*from w w w . j a v a2s .c o m*/ PGPPublicKey signPub = null; PGPPrivateKey signPriv = null; PGPPublicKey encPub = null; PGPPrivateKey encPriv = null; // public keys Iterator<PGPPublicKey> pkeys = pubRing.getPublicKeys(); while (pkeys.hasNext()) { PGPPublicKey key = pkeys.next(); if (key.isMasterKey()) { // master (signing) key signPub = key; } else { // sub (encryption) key encPub = key; } } // secret keys Iterator<PGPSecretKey> skeys = secRing.getSecretKeys(); while (skeys.hasNext()) { PGPSecretKey key = skeys.next(); if (key.isMasterKey()) { // master (signing) key try { signPriv = key.extractPrivateKey(decryptor); } catch (PGPException ex) { throw new KonException(KonException.Error.LOAD_KEY_DECRYPT, ex); } } else { // sub (encryption) key encPriv = key.extractPrivateKey(decryptor); } } // X.509 bridge certificate X509Certificate bridgeCert = X509Bridge.load(bridgeCertData); if (encPriv == null || encPub == null || signPriv == null || signPub == null || bridgeCert == null) throw new PGPException("invalid key data"); signKp = new PGPKeyPair(signPub, signPriv); encryptKp = new PGPKeyPair(encPub, encPriv); return new PersonalKey(signKp, encryptKp, bridgeCert); }
From source file:org.kontalk.crypto.PGPUtils.java
License:Open Source License
public static PGPSecretKeyRing copySecretKeyRingWithNewPassword(byte[] privateKeyData, char[] oldPassphrase, char[] newPassphrase) throws PGPException, IOException { // load the secret key ring KeyFingerPrintCalculator fpr = new BcKeyFingerprintCalculator(); PGPSecretKeyRing secRing = new PGPSecretKeyRing(privateKeyData, fpr); PGPDigestCalculatorProvider sha1CalcProv = new JcaPGPDigestCalculatorProviderBuilder().build(); PBESecretKeyDecryptor decryptor = new JcePBESecretKeyDecryptorBuilder(sha1CalcProv) .setProvider(PGPUtils.PROVIDER).build(oldPassphrase); PGPDigestCalculator sha1Calc = new JcaPGPDigestCalculatorProviderBuilder().build() .get(HashAlgorithmTags.SHA1); PBESecretKeyEncryptor encryptor = new JcePBESecretKeyEncryptorBuilder(PGPEncryptedData.AES_256, sha1Calc) .setProvider(PROVIDER).build(newPassphrase); return PGPSecretKeyRing.copyWithNewPassword(secRing, decryptor, encryptor); }