List of usage examples for org.bouncycastle.util.io.pem PemObject getType
public String getType()
From source file:com.foilen.smalltools.crypt.bouncycastle.asymmetric.RSACrypt.java
License:Open Source License
@Override public AsymmetricKeys loadKeysPemFromString(String... pems) { RSAKeyDetails keyDetails = new RSAKeyDetails(); PemReader reader = null;//from www . j ava2 s .c o m try { for (String pem : pems) { if (pem == null) { continue; } reader = new PemReader(new StringReader(pem)); PemObject pemObject; while ((pemObject = reader.readPemObject()) != null) { switch (pemObject.getType()) { case "RSA PRIVATE KEY": RSAPrivateKey rsaPrivateKey = RSAPrivateKey.getInstance(pemObject.getContent()); keyDetails.setModulus(rsaPrivateKey.getModulus()); keyDetails.setPrivateExponent(rsaPrivateKey.getPrivateExponent()); keyDetails.setPublicExponent(rsaPrivateKey.getPublicExponent()); if (CollectionsTools.isAnyItemNotNull(rsaPrivateKey.getPrime1(), rsaPrivateKey.getPrime2(), rsaPrivateKey.getExponent1(), rsaPrivateKey.getExponent2(), rsaPrivateKey.getCoefficient())) { keyDetails.setCrt(true); keyDetails.setPrimeP(rsaPrivateKey.getPrime1()); keyDetails.setPrimeQ(rsaPrivateKey.getPrime2()); keyDetails.setPrimeExponentP(rsaPrivateKey.getExponent1()); keyDetails.setPrimeExponentQ(rsaPrivateKey.getExponent2()); keyDetails.setCrtCoefficient(rsaPrivateKey.getCoefficient()); } break; case "PUBLIC KEY": KeyFactory kf = KeyFactory.getInstance("RSA"); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(pemObject.getContent()); RSAPublicKey rsaPublicKey = (RSAPublicKey) kf.generatePublic(keySpec); keyDetails.setModulus(rsaPublicKey.getModulus()); keyDetails.setPublicExponent(rsaPublicKey.getPublicExponent()); break; } } } return createKeyPair(keyDetails); } catch (Exception e) { throw new SmallToolsException("Problem loading the keys", e); } finally { CloseableTools.close(reader); } }
From source file:com.foilen.smalltools.crypt.bouncycastle.cert.RSACertificate.java
License:Open Source License
/** * Load the certificate and keys (if present in the strings). * * @param pems/* www .ja v a 2 s . co m*/ * the pems (some can be null) * @return the certificate */ public static RSACertificate loadPemFromString(String... pems) { RSACertificate certificate = new RSACertificate(); PemReader pemReader = null; try { // Keys if present certificate.keysForSigning = rsaCrypt.loadKeysPemFromString(pems); // Certificate for (String pem : pems) { if (pem == null) { continue; } pemReader = new PemReader(new StringReader(pem)); PemObject pemObject; while ((pemObject = pemReader.readPemObject()) != null) { if ("CERTIFICATE".equals(pemObject.getType())) { certificate.certificateHolder = new X509CertificateHolder(pemObject.getContent()); } } } return certificate; } catch (Exception e) { throw new SmallToolsException("Problem loading the certificate", e); } finally { CloseableTools.close(pemReader); } }
From source file:com.foilen.smalltools.crypt.bouncycastle.cert.RSATrustedCertificates.java
License:Open Source License
private void addToList(Map<X500Name, List<RSACertificate>> certificatesBySubject, String filePath) { PemReader reader = null;/*from w w w . j a v a2 s . c o m*/ try { // Certificate reader = new PemReader(new FileReader(filePath)); PemObject pemObject; while ((pemObject = reader.readPemObject()) != null) { if ("CERTIFICATE".equals(pemObject.getType())) { RSACertificate rsaCertificate = new RSACertificate(); rsaCertificate.setCertificateHolder(new X509CertificateHolder(pemObject.getContent())); addToList(certificatesBySubject, rsaCertificate); } } } catch (Exception e) { throw new SmallToolsException("Problem loading the certificates", e); } finally { CloseableTools.close(reader); } }
From source file:io.apigee.trireme.crypto.algorithms.DsaKeyPairProvider.java
License:Open Source License
/** * DSA Key Pair format -- the PEM file contains an ASN.1 sequence containing six integers: * p, q, g, y, and x. We construct the appropriate Java data structures after parsing those. *///from w w w . jav a2s .c om @Override public KeyPair readKeyPair(String algorithm, Reader rdr, char[] passphrase) throws CryptoException, IOException { PemReader reader = new PemReader(rdr); PemObject pemObj = reader.readPemObject(); if (pemObj == null) { throw new CryptoException("Not a valid PEM file"); } if (!DSA_TYPE.equals(pemObj.getType())) { throw new CryptoException("PEM file does not contain a DSA private key"); } ASN1InputStream asnIn = new ASN1InputStream(pemObj.getContent()); ASN1Primitive ao = asnIn.readObject(); if (ao == null) { throw new CryptoException("PEM file does not contain an ASN.1 object"); } if (!(ao instanceof ASN1Sequence)) { throw new CryptoException("PEM file does not contain a sequence"); } ASN1Sequence seq = (ASN1Sequence) ao; if (seq.size() != 6) { throw new CryptoException("ASN.1 sequence is the wrong length for a DSA key"); } DERInteger p = (DERInteger) seq.getObjectAt(1); DERInteger q = (DERInteger) seq.getObjectAt(2); DERInteger g = (DERInteger) seq.getObjectAt(3); DERInteger y = (DERInteger) seq.getObjectAt(4); DERInteger x = (DERInteger) seq.getObjectAt(5); try { KeyFactory factory = KeyFactory.getInstance("DSA"); DSAPublicKeySpec pubSpec = new DSAPublicKeySpec(y.getValue(), p.getValue(), q.getValue(), g.getValue()); PublicKey pub = factory.generatePublic(pubSpec); DSAPrivateKeySpec keySpec = new DSAPrivateKeySpec(x.getValue(), p.getValue(), q.getValue(), g.getValue()); PrivateKey key = factory.generatePrivate(keySpec); return new KeyPair(pub, key); } catch (GeneralSecurityException gse) { throw new CryptoException(gse); } }
From source file:jazmin.server.relay.udp.webrtc.TlsUtils.java
License:Open Source License
static org.bouncycastle.asn1.x509.Certificate loadCertificateResource(String resource) throws IOException { PemObject pem = loadPemResource(resource); if (pem.getType().endsWith("CERTIFICATE")) { return org.bouncycastle.asn1.x509.Certificate.getInstance(pem.getContent()); }/*ww w . jav a 2 s . c o m*/ throw new IllegalArgumentException("'resource' doesn't specify a valid certificate"); }
From source file:jazmin.server.relay.udp.webrtc.TlsUtils.java
License:Open Source License
static AsymmetricKeyParameter loadPrivateKeyResource(String resource) throws IOException { PemObject pem = loadPemResource(resource); if (pem.getType().endsWith("RSA PRIVATE KEY")) { RSAPrivateKey rsa = RSAPrivateKey.getInstance(pem.getContent()); return new RSAPrivateCrtKeyParameters(rsa.getModulus(), rsa.getPublicExponent(), rsa.getPrivateExponent(), rsa.getPrime1(), rsa.getPrime2(), rsa.getExponent1(), rsa.getExponent2(), rsa.getCoefficient()); }//from ww w . j a va 2 s . c o m if (pem.getType().endsWith("PRIVATE KEY")) { return PrivateKeyFactory.createKey(pem.getContent()); } throw new IllegalArgumentException("'resource' doesn't specify a valid private key"); }
From source file:net.solarnetwork.pki.bc.BCCertificateService.java
License:Open Source License
@Override public X509Certificate signCertificate(String csrPEM, X509Certificate caCert, PrivateKey privateKey) throws CertificateException { if (!csrPEM.matches("(?is)^\\s*-----BEGIN.*")) { // let's throw in the guards csrPEM = "-----BEGIN CERTIFICATE REQUEST-----\n" + csrPEM + "\n-----END CERTIFICATE REQUEST-----\n"; }//w w w. jav a 2s . co m PemReader reader = null; try { reader = new PemReader(new StringReader(csrPEM)); PemObject pemObj = reader.readPemObject(); log.debug("Parsed PEM type {}", pemObj.getType()); PKCS10CertificationRequest csr = new PKCS10CertificationRequest(pemObj.getContent()); Date now = new Date(); Date expire = new Date(now.getTime() + (1000L * 60L * 60L * 24L * certificateExpireDays)); X509v3CertificateBuilder builder = new X509v3CertificateBuilder(JcaX500NameUtil.getIssuer(caCert), new BigInteger(String.valueOf(counter.incrementAndGet())), now, expire, csr.getSubject(), csr.getSubjectPublicKeyInfo()); JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(signatureAlgorithm); ContentSigner signer; DefaultDigestAlgorithmIdentifierFinder digestAlgFinder = new DefaultDigestAlgorithmIdentifierFinder(); try { DigestCalculatorProvider digestCalcProvider = new JcaDigestCalculatorProviderBuilder() .setProvider(new BouncyCastleProvider()).build(); JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils( digestCalcProvider.get(digestAlgFinder.find("SHA-256"))); builder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(false)); builder.addExtension(X509Extension.subjectKeyIdentifier, false, extUtils.createSubjectKeyIdentifier(csr.getSubjectPublicKeyInfo())); builder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caCert)); signer = signerBuilder.build(privateKey); } catch (OperatorException e) { log.error("Error signing CSR {}", csr.getSubject(), e); throw new CertificateException("Error signing CSR" + csr.getSubject() + ": " + e.getMessage()); } catch (CertificateEncodingException e) { log.error("Error signing CSR {}", csr.getSubject().toString(), e); throw new CertificateException("Error signing CSR" + csr.getSubject() + ": " + e.getMessage()); } X509CertificateHolder holder = builder.build(signer); JcaX509CertificateConverter converter = new JcaX509CertificateConverter(); try { return converter.getCertificate(holder); } catch (java.security.cert.CertificateException e) { throw new CertificateException("Error creating certificate", e); } } catch (IOException e) { throw new CertificateException("Error signing CSR", e); } finally { if (reader != null) { try { reader.close(); } catch (IOException e2) { log.warn("IOException closing PemReader", e2); } } } }
From source file:net.solarnetwork.pki.bc.BCCertificateService.java
License:Open Source License
@Override public X509Certificate[] parsePKCS7CertificateChainString(String pem) throws CertificateException { if (!pem.matches("(?is)^\\s*-----BEGIN.*")) { // let's throw in the guards pem = "-----BEGIN CERTIFICATE CHAIN-----\n" + pem + "\n-----END CERTIFICATE CHAIN-----\n"; }/*from w w w . ja va 2 s. c o m*/ PemReader reader = new PemReader(new StringReader(pem)); List<X509Certificate> results = new ArrayList<X509Certificate>(3); try { CertificateFactory cf = CertificateFactory.getInstance("X.509"); PemObject pemObj = reader.readPemObject(); log.debug("Parsed PEM type {}", pemObj.getType()); Collection<? extends Certificate> certs = cf .generateCertificates(new ByteArrayInputStream(pemObj.getContent())); // OK barf, generateCertificates() and even CertPath doesn't return the chain in order // (see http://bugs.sun.com/view_bug.do?bug_id=6238093; but we can't use the Sun-specific // workaround listed there). So let's try to order them ourselves Map<X500Principal, X509Certificate> map = new LinkedHashMap<X500Principal, X509Certificate>(); for (Certificate c : certs) { X509Certificate x509 = (X509Certificate) c; if (x509.getIssuerDN().equals(x509.getSubjectDN())) { // root CA results.add(x509); } else { map.put(x509.getSubjectX500Principal(), x509); } } if (results.size() == 0) { // no root, just add everything to list results.addAll(map.values()); } else { orderCertificateChain(map, results); } } catch (IOException e) { throw new CertificateException("Error reading certificate", e); } catch (java.security.cert.CertificateException e) { throw new CertificateException("Error loading CertificateFactory", e); } finally { try { reader.close(); } catch (IOException e) { // ignore me } } return results.toArray(new X509Certificate[results.size()]); }
From source file:org.jruby.ext.openssl.impl.pem.PEMParser.java
License:Open Source License
public Object readObject() throws IOException { PemObject obj = readPemObject(); if (obj != null) { String type = obj.getType(); if (parsers.containsKey(type)) { return ((PemObjectParser) parsers.get(type)).parseObject(obj); } else {/* ww w . j a v a 2 s .com*/ throw new IOException("unrecognised object: " + type); } } return null; }
From source file:org.restcomm.sbc.media.dtls.TlsUtils.java
License:Open Source License
static AsymmetricKeyParameter loadPrivateKeyResource(String resource) throws IOException { PemObject pem = loadPemResource(resource); if (LOGGER.isTraceEnabled()) { LOGGER.trace("load Private key =" + resource); LOGGER.trace("type =" + pem.getType()); }// w w w . j a v a 2 s .c o m if (pem.getType().endsWith("RSA PRIVATE KEY")) { RSAPrivateKey rsa = RSAPrivateKey.getInstance(pem.getContent()); return new RSAPrivateCrtKeyParameters(rsa.getModulus(), rsa.getPublicExponent(), rsa.getPrivateExponent(), rsa.getPrime1(), rsa.getPrime2(), rsa.getExponent1(), rsa.getExponent2(), rsa.getCoefficient()); } if (pem.getType().endsWith("PRIVATE KEY")) { AsymmetricKeyParameter pKey = PrivateKeyFactory.createKey(pem.getContent()); if (LOGGER.isTraceEnabled()) { LOGGER.trace("key =" + pKey.isPrivate()); LOGGER.trace(pKey.toString()); } return pKey; } throw new IllegalArgumentException("'resource' doesn't specify a valid private key"); }