List of usage examples for org.bouncycastle.util.io.pem PemReader readPemObject
public PemObject readPemObject() throws IOException
From source file:com.enioka.jqm.pki.JpaCa.java
License:Open Source License
public static CertificateRequest initCa(EntityManager em) { // result field CertificateRequest cr = new CertificateRequest(); // Get the alias of the private key to use String caAlias = null;// w w w .j a va2s.c o m try { caAlias = em .createQuery("SELECT p FROM GlobalParameter p WHERE p.key = 'keyAlias'", GlobalParameter.class) .getSingleResult().getValue(); } catch (NoResultException e) { caAlias = Constants.CA_DEFAULT_PRETTY_NAME; } // Create the CA if it does not already exist PKI pki = null; try { pki = em.createQuery("SELECT p FROM PKI p WHERE p.prettyName = :pn", PKI.class) .setParameter("pn", caAlias).getSingleResult(); } catch (NoResultException e) { // Create the CA certificate and PK cr = new CertificateRequest(); cr.generateCA(caAlias); // Store pki = new PKI(); pki.setPemPK(cr.writePemPrivateToString()); pki.setPemCert(cr.writePemPublicToString()); pki.setPrettyName(caAlias); em.getTransaction().begin(); em.persist(pki); em.getTransaction().commit(); } try { // Public (X509 certificate) String pemCert = pki.getPemCert(); StringReader sr = new StringReader(pemCert); PemReader pr = new PemReader(sr); cr.holder = new X509CertificateHolder(pr.readPemObject().getContent()); pr.close(); // Private key String pemPrivate = pki.getPemPK(); sr = new StringReader(pemPrivate); PEMParser pp = new PEMParser(sr); PEMKeyPair caKeyPair = (PEMKeyPair) pp.readObject(); pp.close(); byte[] encodedPrivateKey = caKeyPair.getPrivateKeyInfo().getEncoded(); KeyFactory keyFactory = KeyFactory.getInstance(Constants.KEY_ALGORITHM); PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey); cr.privateKey = keyFactory.generatePrivate(privateKeySpec); } catch (Exception e) { throw new PkiException(e); } // Done return cr; }
From source file:com.foilen.smalltools.crypt.bouncycastle.asymmetric.RSACrypt.java
License:Open Source License
@Override public AsymmetricKeys loadKeysPemFromString(String... pems) { RSAKeyDetails keyDetails = new RSAKeyDetails(); PemReader reader = null; try {/* www. ja v a2s .c o m*/ for (String pem : pems) { if (pem == null) { continue; } reader = new PemReader(new StringReader(pem)); PemObject pemObject; while ((pemObject = reader.readPemObject()) != null) { switch (pemObject.getType()) { case "RSA PRIVATE KEY": RSAPrivateKey rsaPrivateKey = RSAPrivateKey.getInstance(pemObject.getContent()); keyDetails.setModulus(rsaPrivateKey.getModulus()); keyDetails.setPrivateExponent(rsaPrivateKey.getPrivateExponent()); keyDetails.setPublicExponent(rsaPrivateKey.getPublicExponent()); if (CollectionsTools.isAnyItemNotNull(rsaPrivateKey.getPrime1(), rsaPrivateKey.getPrime2(), rsaPrivateKey.getExponent1(), rsaPrivateKey.getExponent2(), rsaPrivateKey.getCoefficient())) { keyDetails.setCrt(true); keyDetails.setPrimeP(rsaPrivateKey.getPrime1()); keyDetails.setPrimeQ(rsaPrivateKey.getPrime2()); keyDetails.setPrimeExponentP(rsaPrivateKey.getExponent1()); keyDetails.setPrimeExponentQ(rsaPrivateKey.getExponent2()); keyDetails.setCrtCoefficient(rsaPrivateKey.getCoefficient()); } break; case "PUBLIC KEY": KeyFactory kf = KeyFactory.getInstance("RSA"); X509EncodedKeySpec keySpec = new X509EncodedKeySpec(pemObject.getContent()); RSAPublicKey rsaPublicKey = (RSAPublicKey) kf.generatePublic(keySpec); keyDetails.setModulus(rsaPublicKey.getModulus()); keyDetails.setPublicExponent(rsaPublicKey.getPublicExponent()); break; } } } return createKeyPair(keyDetails); } catch (Exception e) { throw new SmallToolsException("Problem loading the keys", e); } finally { CloseableTools.close(reader); } }
From source file:com.foilen.smalltools.crypt.bouncycastle.cert.RSACertificate.java
License:Open Source License
/** * Load the certificate and keys (if present in the strings). * * @param pems//w w w . ja v a 2 s .c o m * the pems (some can be null) * @return the certificate */ public static RSACertificate loadPemFromString(String... pems) { RSACertificate certificate = new RSACertificate(); PemReader pemReader = null; try { // Keys if present certificate.keysForSigning = rsaCrypt.loadKeysPemFromString(pems); // Certificate for (String pem : pems) { if (pem == null) { continue; } pemReader = new PemReader(new StringReader(pem)); PemObject pemObject; while ((pemObject = pemReader.readPemObject()) != null) { if ("CERTIFICATE".equals(pemObject.getType())) { certificate.certificateHolder = new X509CertificateHolder(pemObject.getContent()); } } } return certificate; } catch (Exception e) { throw new SmallToolsException("Problem loading the certificate", e); } finally { CloseableTools.close(pemReader); } }
From source file:com.foilen.smalltools.crypt.bouncycastle.cert.RSATrustedCertificates.java
License:Open Source License
private void addToList(Map<X500Name, List<RSACertificate>> certificatesBySubject, String filePath) { PemReader reader = null; try {//from w w w .ja v a 2 s.c o m // Certificate reader = new PemReader(new FileReader(filePath)); PemObject pemObject; while ((pemObject = reader.readPemObject()) != null) { if ("CERTIFICATE".equals(pemObject.getType())) { RSACertificate rsaCertificate = new RSACertificate(); rsaCertificate.setCertificateHolder(new X509CertificateHolder(pemObject.getContent())); addToList(certificatesBySubject, rsaCertificate); } } } catch (Exception e) { throw new SmallToolsException("Problem loading the certificates", e); } finally { CloseableTools.close(reader); } }
From source file:com.github.ibole.infrastructure.security.key.PemUtils.java
License:Apache License
private static byte[] parsePEMFile(File pemFile) throws IOException { if (!pemFile.isFile() || !pemFile.exists()) { throw new FileNotFoundException( String.format("The file '%s' doesn't exist.", pemFile.getAbsolutePath())); }/*from www. j a v a 2s . co m*/ PemReader reader = null; PemObject pemObject; try { reader = new PemReader(new FileReader(pemFile)); pemObject = reader.readPemObject(); } finally { IOUtils.closeQuietly(reader); } return pemObject.getContent(); }
From source file:com.securekey.samplerp.web.BriidgeController.java
License:Open Source License
@RequestMapping(value = "verifyJWT.json", method = { RequestMethod.GET, RequestMethod.POST }) public @ResponseBody String verifyJWT(@RequestParam("jwt") String jwt) throws Exception { JWSObject jws = JWSObject.parse(jwt); HttpClient client = new DefaultHttpClient(); HttpGet request = new HttpGet(jws.getHeader().getX509CertURL().toString()); request.addHeader("Accept", "text/plain"); try {//from w ww.j av a2s. c o m HttpResponse response = client.execute(request); HttpEntity entity = response.getEntity(); if (entity != null) { String pemFileContent = entity == null ? null : EntityUtils.toString(entity); PemReader pemReader = new PemReader(new StringReader(pemFileContent)); byte[] pubK = pemReader.readPemObject().getContent(); pemReader.close(); Certificate serverCert = CertificateFactory.getInstance("X.509") .generateCertificate(new ByteArrayInputStream(pubK)); pemReader.close(); if (serverCert instanceof X509Certificate) { X509Certificate cert = (X509Certificate) serverCert; PublicKey publicKey = cert.getPublicKey(); if (publicKey instanceof RSAPublicKey) { JWSVerifier verifier = new RSASSAVerifier((RSAPublicKey) publicKey); if (jws.verify(verifier)) { return "{\"status\":\"jwt_verified\"}"; } else { return "{\"status\":\"jwt_verify_fail\"}"; } } else { return "{\"status\":\"jwt_pub_key_not_rsa\"}"; } } else { return "{\"status\":\"jwt_pem_not_cert\"}"; } } else { return "{\"status\":\"jwt_pem_download_fail\"}"; } } catch (IOException e) { return "{\"status\":\"jwt_pem_download_fail\"}"; } }
From source file:com.thoughtworks.go.security.Registration.java
License:Apache License
public static Registration fromJson(String json) { Map map = new Gson().fromJson(json, Map.class); List<Certificate> chain = new ArrayList<>(); try {// w w w. j a v a2 s . co m PemReader reader = new PemReader(new StringReader((String) map.get("agentPrivateKey"))); KeyFactory kf = KeyFactory.getInstance("RSA"); PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(reader.readPemObject().getContent()); PrivateKey privateKey = kf.generatePrivate(spec); String agentCertificate = (String) map.get("agentCertificate"); PemReader certReader = new PemReader(new StringReader(agentCertificate)); while (true) { PemObject obj = certReader.readPemObject(); if (obj == null) { break; } chain.add(CertificateFactory.getInstance("X.509") .generateCertificate(new ByteArrayInputStream(obj.getContent()))); } return new Registration(privateKey, chain.toArray(new Certificate[chain.size()])); } catch (IOException | NoSuchAlgorithmException | CertificateException | InvalidKeySpecException e) { throw bomb(e); } }
From source file:com.thoughtworks.go.security.RegistrationJSONizer.java
License:Apache License
public static Registration fromJson(String json) { Map map = GSON.fromJson(json, Map.class); if (map.isEmpty()) { return Registration.createNullPrivateKeyEntry(); }/* www .java 2s.c o m*/ List<X509Certificate> chain = new ArrayList<>(); try { PemReader reader = new PemReader(new StringReader((String) map.get("agentPrivateKey"))); KeyFactory kf = KeyFactory.getInstance("RSA"); PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(reader.readPemObject().getContent()); PrivateKey privateKey = kf.generatePrivate(spec); String agentCertificate = (String) map.get("agentCertificate"); PemReader certReader = new PemReader(new StringReader(agentCertificate)); while (true) { PemObject obj = certReader.readPemObject(); if (obj == null) { break; } chain.add((X509Certificate) CertificateFactory.getInstance("X.509") .generateCertificate(new ByteArrayInputStream(obj.getContent()))); } return new Registration(privateKey, chain.toArray(new X509Certificate[0])); } catch (IOException | NoSuchAlgorithmException | CertificateException | InvalidKeySpecException e) { throw bomb(e); } }
From source file:com.thoughtworks.go.server.util.EncryptionHelper.java
License:Apache License
private static PublicKey getRSAPublicKeyFrom(String content) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { PemReader reader = new PemReader(new StringReader(content)); EncodedKeySpec spec = new X509EncodedKeySpec(reader.readPemObject().getContent()); return KeyFactory.getInstance("RSA").generatePublic(spec); }
From source file:com.thoughtworks.go.server.util.EncryptionHelper.java
License:Apache License
private static PrivateKey getRSAPrivateKeyFrom(String content) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { PemReader reader = new PemReader(new StringReader(content)); PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(reader.readPemObject().getContent()); return KeyFactory.getInstance("RSA").generatePrivate(spec); }