Example usage for org.bouncycastle.pkcs.jcajce JcaPKCS12SafeBagBuilder JcaPKCS12SafeBagBuilder

Introduction

In this page you can find the example usage for org.bouncycastle.pkcs.jcajce JcaPKCS12SafeBagBuilder JcaPKCS12SafeBagBuilder.

Prototype

public JcaPKCS12SafeBagBuilder(PrivateKey privateKey, OutputEncryptor encryptor) 

Source Link

Usage

From source file:org.cryptoworkshop.ximix.node.crypto.key.ECKeyManager.java

License:Apache License

public synchronized byte[] getEncoded(char[] password) throws IOException, GeneralSecurityException {
    KeyFactory fact = KeyFactory.getInstance("ECDSA", "BC");

    try {// w w w . ja v  a2s  . co m
        OutputEncryptor encOut = new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes256_CBC)
                .setProvider("BC").build(password);

        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
        PKCS12PfxPduBuilder builder = new PKCS12PfxPduBuilder();

        for (String keyID : sharedPrivateKeyMap.getIDs()) {
            ECDomainParameters domainParams = paramsMap.get(keyID);
            PrivateKey privKey = fact
                    .generatePrivate(new PKCS8EncodedKeySpec(PrivateKeyInfoFactory
                            .createPrivateKeyInfo(new ECPrivateKeyParameters(
                                    sharedPrivateKeyMap.getShare(keyID).getValue(), domainParams))
                            .getEncoded()));
            SubjectPublicKeyInfo pubKey = this.fetchPublicKey(keyID);

            // TODO: perhaps add CA cert and trust anchor to key store if available
            PKCS12SafeBagBuilder eeCertBagBuilder = new PKCS12SafeBagBuilder(
                    createCertificate(keyID, sharedPrivateKeyMap.getShare(keyID).getSequenceNo(),
                            (PrivateKey) nodeContext.getNodeCAStore().getKey("nodeCA", new char[0])));

            eeCertBagBuilder.addBagAttribute(PKCS12SafeBag.friendlyNameAttribute, new DERBMPString(keyID));

            SubjectKeyIdentifier pubKeyId = extUtils.createSubjectKeyIdentifier(pubKey);

            eeCertBagBuilder.addBagAttribute(PKCS12SafeBag.localKeyIdAttribute, pubKeyId);

            PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey, encOut);

            keyBagBuilder.addBagAttribute(PKCS12SafeBag.friendlyNameAttribute, new DERBMPString(keyID));
            keyBagBuilder.addBagAttribute(PKCS12SafeBag.localKeyIdAttribute, pubKeyId);

            builder.addEncryptedData(
                    new JcePKCSPBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC)
                            .setProvider("BC").build(password),
                    new PKCS12SafeBag[] { eeCertBagBuilder.build() });

            builder.addData(keyBagBuilder.build());
        }

        PKCS12PfxPdu pfx = builder.build(new JcePKCS12MacCalculatorBuilder(NISTObjectIdentifiers.id_sha256),
                password);

        return pfx.getEncoded(ASN1Encoding.DL);
    } catch (PKCSException e) {
        throw new GeneralSecurityException("Unable to create key store: " + e.getMessage(), e);
    } catch (OperatorCreationException e) {
        throw new GeneralSecurityException("Unable to create operator: " + e.getMessage(), e);
    }
}

---