List of usage examples for org.bouncycastle.pkcs.bc BcPKCS12PBEOutputEncryptorBuilder build
public OutputEncryptor build(final char[] password)
From source file:de.carne.certmgr.store.provider.bouncycastle.BouncyCastleStoreProvider.java
License:Open Source License
@Override public byte[] encodePKCS12(X509Certificate[] crtChain, KeyPair key, PKCS10Object csr, X509CRL crl, PasswordCallback password, String resource) throws IOException, PasswordRequiredException { String passwordInput = (password != null ? password.queryPassword(resource) : null); if (password != null && passwordInput == null) { throw new PasswordRequiredException("Password input cancelled while writing PKCS#12 file"); }/* w w w . j av a 2 s . c om*/ PKCS12SafeBagBuilder[] crtBagBuilders = new PKCS12SafeBagBuilder[crtChain != null ? crtChain.length : 0]; DERBMPString crt0FriendlyName = null; SubjectKeyIdentifier subjectKeyIdentifier = null; if (crtChain != null) { int crtIndex = 0; for (X509Certificate crt : crtChain) { PKCS12SafeBagBuilder crtBagBuilder = crtBagBuilders[crtIndex] = new JcaPKCS12SafeBagBuilder(crt); DERBMPString crtFriendlyName = new DERBMPString(crt.getSubjectX500Principal().toString()); crtBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, crtFriendlyName); if (crtIndex == 0) { crt0FriendlyName = crtFriendlyName; try { JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils(); subjectKeyIdentifier = extensionUtils.createSubjectKeyIdentifier(crt.getPublicKey()); } catch (NoSuchAlgorithmException e) { throw new StoreProviderException(e); } } crtIndex++; } } PKCS12SafeBagBuilder keyBagBuilder = null; if (key != null) { if (passwordInput != null) { BcPKCS12PBEOutputEncryptorBuilder keyBagEncryptorBuilder = new BcPKCS12PBEOutputEncryptorBuilder( PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())); OutputEncryptor keyBagEncrypter = keyBagEncryptorBuilder.build(passwordInput.toCharArray()); keyBagBuilder = new JcaPKCS12SafeBagBuilder(key.getPrivate(), keyBagEncrypter); } else { keyBagBuilder = new JcaPKCS12SafeBagBuilder(key.getPrivate()); } if (crtBagBuilders.length > 0) { crtBagBuilders[0].addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, subjectKeyIdentifier); keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, subjectKeyIdentifier); keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, crt0FriendlyName); } } PKCS12SafeBag[] crtBags = new PKCS12SafeBag[crtBagBuilders.length]; int crtBagIndex = 0; for (PKCS12SafeBagBuilder crtBagBuilder : crtBagBuilders) { crtBags[crtBagIndex] = crtBagBuilder.build(); crtBagIndex++; } PKCS12PfxPduBuilder pkcs12Builder = new PKCS12PfxPduBuilder(); if (passwordInput != null) { BcPKCS12PBEOutputEncryptorBuilder crtBagEncryptorBuilder = new BcPKCS12PBEOutputEncryptorBuilder( PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())); OutputEncryptor crtBagEncryptor = crtBagEncryptorBuilder.build(passwordInput.toCharArray()); pkcs12Builder.addEncryptedData(crtBagEncryptor, crtBags); } else { for (PKCS12SafeBag crtBag : crtBags) { pkcs12Builder.addData(crtBag); } } if (keyBagBuilder != null) { pkcs12Builder.addData(keyBagBuilder.build()); } PKCS12PfxPdu pkcs12; try { if (passwordInput != null) { pkcs12 = pkcs12Builder.build(new BcPKCS12MacCalculatorBuilder(), passwordInput.toCharArray()); } else { pkcs12 = pkcs12Builder.build(null, null); } } catch (PKCSException e) { throw new StoreProviderException(e); } return pkcs12.getEncoded(); }