List of usage examples for java.security KeyFactory generatePrivate
public final PrivateKey generatePrivate(KeySpec keySpec) throws InvalidKeySpecException
From source file:org.thingsboard.rule.engine.mqtt.credentials.CertPemClientCredentials.java
private PrivateKey readPrivateKeyFile(String fileContent) throws Exception { RSAPrivateKey privateKey = null; if (fileContent != null && !fileContent.isEmpty()) { fileContent = fileContent.replaceAll(".*BEGIN.*PRIVATE KEY.*", "") .replaceAll(".*END.*PRIVATE KEY.*", "").replaceAll("\\s", ""); byte[] decoded = Base64.decodeBase64(fileContent); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); privateKey = (RSAPrivateKey) keyFactory.generatePrivate(new PKCS8EncodedKeySpec(decoded)); }//from ww w.ja v a2 s.c o m return privateKey; }
From source file:net.oauth.jsontoken.JsonTokenTestBase.java
@Override protected void setUp() throws Exception { final Verifier hmacVerifier = new HmacSHA256Verifier(SYMMETRIC_KEY); VerifierProvider hmacLocator = new VerifierProvider() { @Override//w ww.j av a 2s .c o m public List<Verifier> findVerifier(String signerId, String keyId) { return Lists.newArrayList(hmacVerifier); } }; VerifierProvider rsaLocator = new DefaultPublicKeyLocator(new IdentityServerDescriptorProvider(), new ServerInfoResolver() { @Override public ServerInfo resolve(URI uri) { return JsonServerInfo.getDocument(SERVER_INFO_DOCUMENT); } }); locators = new VerifierProviders(); locators.setVerifierProvider(SignatureAlgorithm.HS256, hmacLocator); locators.setVerifierProvider(SignatureAlgorithm.RS256, rsaLocator); EncodedKeySpec spec = new PKCS8EncodedKeySpec(Base64.decodeBase64(PRIVATE_KEY)); KeyFactory fac = KeyFactory.getInstance("RSA"); privateKey = (RSAPrivateKey) fac.generatePrivate(spec); //final Verifier hmacVerifierFromRuby = new HmacSHA256Verifier("R9bPJ_QRlcgK_hDLgu1Klg".getBytes()); final Verifier hmacVerifierFromRuby = new HmacSHA256Verifier("secret".getBytes()); VerifierProvider hmacLocatorFromRuby = new VerifierProvider() { @Override public List<Verifier> findVerifier(String signerId, String keyId) { return Lists.newArrayList(hmacVerifierFromRuby); } }; locatorsFromRuby = new VerifierProviders(); locatorsFromRuby.setVerifierProvider(SignatureAlgorithm.HS256, hmacLocatorFromRuby); }
From source file:com.spotify.docker.client.DockerCertificates.java
private DockerCertificates(final Builder builder) throws DockerCertificateException { try {//from ww w . j a v a 2 s. com final CertificateFactory cf = CertificateFactory.getInstance("X.509"); final Certificate caCert = cf.generateCertificate(Files.newInputStream(builder.caCertPath)); final Certificate clientCert = cf.generateCertificate(Files.newInputStream(builder.clientCertPath)); final PEMKeyPair clientKeyPair = (PEMKeyPair) new PEMParser( Files.newBufferedReader(builder.clientKeyPath, Charset.defaultCharset())).readObject(); final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( clientKeyPair.getPrivateKeyInfo().getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); final PrivateKey clientKey = kf.generatePrivate(spec); final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setEntry("ca", new KeyStore.TrustedCertificateEntry(caCert), null); final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); keyStore.setCertificateEntry("client", clientCert); keyStore.setKeyEntry("key", clientKey, KEY_STORE_PASSWORD, new Certificate[] { clientCert }); this.sslContext = SSLContexts.custom().loadTrustMaterial(trustStore) .loadKeyMaterial(keyStore, KEY_STORE_PASSWORD).useTLS().build(); } catch (CertificateException | IOException | NoSuchAlgorithmException | InvalidKeySpecException | KeyStoreException | UnrecoverableKeyException | KeyManagementException e) { throw new DockerCertificateException(e); } }
From source file:com.shekhargulati.reactivex.docker.client.ssl.DockerCertificates.java
private DockerCertificates(final Builder builder) throws DockerCertificateException { if ((builder.caCertPath == null) || (builder.clientCertPath == null) || (builder.clientKeyPath == null)) { throw new DockerCertificateException( "caCertPath, clientCertPath, and clientKeyPath must all be specified"); }//from w w w .j a va 2s. c om try { final CertificateFactory cf = CertificateFactory.getInstance("X.509"); final Certificate caCert = cf.generateCertificate(Files.newInputStream(builder.caCertPath)); final Certificate clientCert = cf.generateCertificate(Files.newInputStream(builder.clientCertPath)); final PEMKeyPair clientKeyPair = (PEMKeyPair) new PEMParser( Files.newBufferedReader(builder.clientKeyPath, Charset.defaultCharset())).readObject(); final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( clientKeyPair.getPrivateKeyInfo().getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); final PrivateKey clientKey = kf.generatePrivate(spec); final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setEntry("ca", new KeyStore.TrustedCertificateEntry(caCert), null); final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, KEY_STORE_PASSWORD); keyStore.setCertificateEntry("client", clientCert); keyStore.setKeyEntry("key", clientKey, KEY_STORE_PASSWORD, new Certificate[] { clientCert }); this.sslContext = SSLContexts.custom().loadTrustMaterial(trustStore) .loadKeyMaterial(keyStore, KEY_STORE_PASSWORD).useTLS().build(); } catch (CertificateException | IOException | NoSuchAlgorithmException | InvalidKeySpecException | KeyStoreException | UnrecoverableKeyException | KeyManagementException e) { throw new DockerCertificateException(e); } }
From source file:com.shekhargulati.reactivex.rxokhttp.SslCertificates.java
private SslCertificates(final Builder builder) throws SslCertificateException { if ((builder.caCertPath == null) || (builder.clientCertPath == null) || (builder.clientKeyPath == null)) { throw new SslCertificateException( "caCertPath, clientCertPath, and clientKeyPath must all be specified"); }//from www . j ava2 s. co m try { final CertificateFactory cf = CertificateFactory.getInstance("X.509"); final Certificate caCert = cf.generateCertificate(Files.newInputStream(builder.caCertPath)); final Certificate clientCert = cf.generateCertificate(Files.newInputStream(builder.clientCertPath)); final PEMKeyPair clientKeyPair = (PEMKeyPair) new PEMParser( Files.newBufferedReader(builder.clientKeyPath, Charset.defaultCharset())).readObject(); final PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec( clientKeyPair.getPrivateKeyInfo().getEncoded()); final KeyFactory kf = KeyFactory.getInstance("RSA"); final PrivateKey clientKey = kf.generatePrivate(spec); final KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); trustStore.load(null, null); trustStore.setEntry("ca", new KeyStore.TrustedCertificateEntry(caCert), null); final KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, KEY_STORE_PASSWORD); keyStore.setCertificateEntry("client", clientCert); keyStore.setKeyEntry("key", clientKey, KEY_STORE_PASSWORD, new Certificate[] { clientCert }); this.sslContext = SSLContexts.custom().loadTrustMaterial(trustStore) .loadKeyMaterial(keyStore, KEY_STORE_PASSWORD).useTLS().build(); } catch (java.security.cert.CertificateException | IOException | NoSuchAlgorithmException | InvalidKeySpecException | KeyStoreException | UnrecoverableKeyException | KeyManagementException e) { throw new SslCertificateException(e); } }
From source file:org.globus.gsi.bc.BouncyCastleOpenSSLKey.java
protected PrivateKey getKey(String alg, byte[] data) throws GeneralSecurityException { if (alg.equals("RSA")) { try {//from w w w .j a va 2s . c om if (data.length == 0) { throw new GeneralSecurityException("Cannot process empty byte stream."); } ByteArrayInputStream bis = new ByteArrayInputStream(data); ASN1InputStream derin = new ASN1InputStream(bis); ASN1Primitive keyInfo = derin.readObject(); DERObjectIdentifier rsaOid = PKCSObjectIdentifiers.rsaEncryption; AlgorithmIdentifier rsa = new AlgorithmIdentifier(rsaOid); PrivateKeyInfo pkeyinfo = new PrivateKeyInfo(rsa, keyInfo); ASN1Primitive derkey = pkeyinfo.toASN1Primitive(); byte[] keyData = BouncyCastleUtil.toByteArray(derkey); // The DER object needs to be mangled to // create a proper ProvateKeyInfo object PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyData); KeyFactory kfac = KeyFactory.getInstance("RSA"); return kfac.generatePrivate(spec); } catch (IOException e) { // that should never happen return null; } } else { return null; } }
From source file:com.adobe.acs.commons.adobeio.service.impl.IntegrationServiceImpl.java
private PrivateKey getPrivateKey() throws NoSuchAlgorithmException, InvalidKeySpecException { PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(buildPkcs8Key(jwtServiceConfig.privateKey())); KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePrivate(keySpec); }
From source file:org.soulwing.credo.service.crypto.bc.BcPrivateKeyWrapper.java
/** * {@inheritDoc}//w w w. ja v a 2 s . c o m */ @Override public PrivateKey derive() { try { PrivateKeyInfo keyInfo = derivePrivateKeyInfo(); PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyInfo.getEncoded()); KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePrivate(keySpec); } catch (NoSuchAlgorithmException ex) { throw new RuntimeException(ex); } catch (InvalidKeySpecException ex) { throw new RuntimeException(ex); } catch (IOException ex) { throw new RuntimeException(ex); } }
From source file:org.cloudfoundry.identity.uaa.oauth.SignerProvider.java
static KeyPair parseKeyPair(String pemData) { Matcher m = PEM_DATA.matcher(pemData.trim()); if (!m.matches()) { throw new IllegalArgumentException("String is not PEM encoded data"); }/* w ww . j a va 2 s .co m*/ String type = m.group(1); final byte[] content = b64Decode(utf8Encode(m.group(2))); PublicKey publicKey; PrivateKey privateKey = null; try { KeyFactory fact = KeyFactory.getInstance("RSA"); if (type.equals("RSA PRIVATE KEY")) { ASN1Sequence seq = ASN1Sequence.getInstance(content); if (seq.size() != 9) { throw new IllegalArgumentException("Invalid RSA Private Key ASN1 sequence."); } org.bouncycastle.asn1.pkcs.RSAPrivateKey key = org.bouncycastle.asn1.pkcs.RSAPrivateKey .getInstance(seq); RSAPublicKeySpec pubSpec = new RSAPublicKeySpec(key.getModulus(), key.getPublicExponent()); RSAPrivateCrtKeySpec privSpec = new RSAPrivateCrtKeySpec(key.getModulus(), key.getPublicExponent(), key.getPrivateExponent(), key.getPrime1(), key.getPrime2(), key.getExponent1(), key.getExponent2(), key.getCoefficient()); publicKey = fact.generatePublic(pubSpec); privateKey = fact.generatePrivate(privSpec); } else if (type.equals("PUBLIC KEY")) { KeySpec keySpec = new X509EncodedKeySpec(content); publicKey = fact.generatePublic(keySpec); } else if (type.equals("RSA PUBLIC KEY")) { ASN1Sequence seq = ASN1Sequence.getInstance(content); org.bouncycastle.asn1.pkcs.RSAPublicKey key = org.bouncycastle.asn1.pkcs.RSAPublicKey .getInstance(seq); RSAPublicKeySpec pubSpec = new RSAPublicKeySpec(key.getModulus(), key.getPublicExponent()); publicKey = fact.generatePublic(pubSpec); } else { throw new IllegalArgumentException(type + " is not a supported format"); } return new KeyPair(publicKey, privateKey); } catch (InvalidKeySpecException e) { throw new RuntimeException(e); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException(e); } }
From source file:com.cliqset.magicsig.MagicKey.java
public PrivateKey getPrivateKey() { try {// www . j ava2s.c o m KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return keyFactory .generatePrivate(new RSAPrivateKeySpec(new BigInteger(1, getN()), new BigInteger(1, getD()))); } catch (NoSuchAlgorithmException e) { return null; } catch (InvalidKeySpecException ex) { return null; } }