List of usage examples for org.bouncycastle.openssl PEMParser PEMParser
public PEMParser(Reader reader)
From source file:cn.org.once.cstack.utils.KeyStoreUtils.java
License:Apache License
@SuppressWarnings({ "resource", "unchecked" })
private static <T> T loadPEM(String keyPath) throws IOException {
PEMParser parser = new PEMParser(new BufferedReader(new FileReader(keyPath)));
return (T) parser.readObject();
}
From source file:co.lqnt.lockbox.util.PemParserFactory.java
License:Open Source License
/** * Create a new PEM parser.//w ww . j av a2s. c om * * @param input The PEM stream to parse. * * @return A new PEM parser for the supplied stream. */ public PEMParser create(final InputStream input) { return new PEMParser(new BufferedReader(new InputStreamReader(input, Charset.forName("US-ASCII")))); }
From source file:com.amazonaws.services.iot.demo.danbo.rpi.SslUtil.java
License:Open Source License
public static SSLSocketFactory getSslSocketFactory(final String caCrtFile, final String crtFile, final String keyFile, final String password) throws InvalidPathException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException, Exception { Security.addProvider(new BouncyCastleProvider()); // load CA certificate PEMParser parser = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(caCrtFile))))); X509CertificateHolder caCert = (X509CertificateHolder) parser.readObject(); parser.close();// w w w. j a v a2 s . co m // load client certificate parser = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(crtFile))))); X509CertificateHolder cert = (X509CertificateHolder) parser.readObject(); parser.close(); // load client private key parser = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(keyFile))))); Object obj = parser.readObject(); KeyPair key = null; JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); if (obj instanceof PEMEncryptedKeyPair) { PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray()); converter = new JcaPEMKeyConverter().setProvider("BC"); key = converter.getKeyPair(((PEMEncryptedKeyPair) obj).decryptKeyPair(decProv)); } else { key = converter.getKeyPair((PEMKeyPair) obj); } parser.close(); JcaX509CertificateConverter certConverter = new JcaX509CertificateConverter(); certConverter.setProvider("BC"); // CA certificate is used to authenticate server KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType()); caKs.load(null, null); caKs.setCertificateEntry("ca-certificate", certConverter.getCertificate(caCert)); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(caKs); // Client key and certificates are sent to server so it can authenticate // us KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setCertificateEntry("certificate", certConverter.getCertificate(cert)); ks.setKeyEntry("private-key", key.getPrivate(), password.toCharArray(), new java.security.cert.Certificate[] { certConverter.getCertificate(cert) }); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, password.toCharArray()); // Finally, create SSL socket factory SSLContext context = SSLContext.getInstance("TLSv1.2"); context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); return context.getSocketFactory(); }
From source file:com.appdynamics.monitors.mongo.MongoDBMonitor.java
License:Apache License
private SSLSocketFactory getSocketFactoryFromPEM(String filePath) throws Exception { Security.addProvider(new BouncyCastleProvider()); PEMParser pemParser = new PEMParser(new FileReader(getConfigFilename(filePath))); pemParser.readObject();//from ww w . java 2s . co m PemObject pemObject = pemParser.readPemObject(); pemParser.close(); X509CertificateHolder holder = new X509CertificateHolder(pemObject.getContent()); X509Certificate bc = new JcaX509CertificateConverter().setProvider("BC").getCertificate(holder); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); keyStore.setCertificateEntry("ca", bc); TrustManager trustManager = TrustManagerUtils.getDefaultTrustManager(keyStore); SSLContext sslContext = SSLContextUtils.createSSLContext("TLS", null, trustManager); return sslContext.getSocketFactory(); }
From source file:com.aqnote.shared.cryptology.cert.io.PKCSReader.java
License:Open Source License
private static Object readFile(InputStream istream) throws Exception { if (istream == null) return null; PEMParser pemParser = new PEMParser(new InputStreamReader(istream)); Object object = pemParser.readObject(); pemParser.close();/*from w ww. java2 s.c o m*/ return object; }
From source file:com.brienwheeler.apps.tomcat.TomcatBean.java
License:Open Source License
private RSAPrivateKey readKeyFile() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { String parse[] = readPEMFile(sslKeyFile, KEY_PATTERN, 2); if (parse == null) throw new IllegalArgumentException("invalid key file contents"); if (parse[0].length() == 0) { // BEGIN PRIVATE KEY KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return (RSAPrivateKey) keyFactory.generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(parse[1]))); }/* www . ja va 2 s .com*/ if (parse[0].contains("RSA")) { // BEGIN RSA PRIVATE KEY Security.addProvider(new BouncyCastleProvider()); PEMParser pemParser = new PEMParser(new FileReader(sslKeyFile)); Object parsedObject = pemParser.readObject(); if (!(parsedObject instanceof PEMKeyPair)) throw new IllegalArgumentException("invalid key file contents"); PEMKeyPair keyPair = (PEMKeyPair) parsedObject; RSAPrivateKey privateKey = (RSAPrivateKey) BouncyCastleProvider .getPrivateKey(keyPair.getPrivateKeyInfo()); if (privateKey == null) throw new IllegalArgumentException("invalid key file contents"); return privateKey; } throw new IllegalArgumentException("invalid key file contents"); }
From source file:com.enioka.jqm.pki.JpaCa.java
License:Open Source License
public static CertificateRequest initCa(EntityManager em) { // result field CertificateRequest cr = new CertificateRequest(); // Get the alias of the private key to use String caAlias = null;/*w ww . j a va 2s. co m*/ try { caAlias = em .createQuery("SELECT p FROM GlobalParameter p WHERE p.key = 'keyAlias'", GlobalParameter.class) .getSingleResult().getValue(); } catch (NoResultException e) { caAlias = Constants.CA_DEFAULT_PRETTY_NAME; } // Create the CA if it does not already exist PKI pki = null; try { pki = em.createQuery("SELECT p FROM PKI p WHERE p.prettyName = :pn", PKI.class) .setParameter("pn", caAlias).getSingleResult(); } catch (NoResultException e) { // Create the CA certificate and PK cr = new CertificateRequest(); cr.generateCA(caAlias); // Store pki = new PKI(); pki.setPemPK(cr.writePemPrivateToString()); pki.setPemCert(cr.writePemPublicToString()); pki.setPrettyName(caAlias); em.getTransaction().begin(); em.persist(pki); em.getTransaction().commit(); } try { // Public (X509 certificate) String pemCert = pki.getPemCert(); StringReader sr = new StringReader(pemCert); PemReader pr = new PemReader(sr); cr.holder = new X509CertificateHolder(pr.readPemObject().getContent()); pr.close(); // Private key String pemPrivate = pki.getPemPK(); sr = new StringReader(pemPrivate); PEMParser pp = new PEMParser(sr); PEMKeyPair caKeyPair = (PEMKeyPair) pp.readObject(); pp.close(); byte[] encodedPrivateKey = caKeyPair.getPrivateKeyInfo().getEncoded(); KeyFactory keyFactory = KeyFactory.getInstance(Constants.KEY_ALGORITHM); PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey); cr.privateKey = keyFactory.generatePrivate(privateKeySpec); } catch (Exception e) { throw new PkiException(e); } // Done return cr; }
From source file:com.facebook.delegatedrecovery.DelegatedRecoveryUtils.java
License:Open Source License
/** * Loads a private key on the P-256 curve from a PEM file of the type created * by openssl ecparam -name prime256v1 -genkey -noout -out filename * /*from w ww . ja v a2 s . com*/ * @param filename The filename of the pem file * @return an EC key pair * @throws Exception If the file fails to read or parse. */ public static KeyPair keyPairFromPEMFile(final String filename) throws Exception { final Reader reader = new InputStreamReader(new FileInputStream(filename), StandardCharsets.UTF_8); final PEMParser pemParser = new PEMParser(reader); final KeyPair kp = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemParser.readObject()); pemParser.close(); return kp; }
From source file:com.facebook.delegatedrecovery.DelegatedRecoveryUtils.java
License:Open Source License
/** * As keyPairFromPEMFile but with a string instead of a file * /*from ww w . jav a 2 s . c om*/ * @param key The key from a PEM file as a string * @return an EC key pair * @throws Exception If the string failes to parse. */ public static KeyPair keyPairFromPEMString(final String key) throws Exception { final StringBuilder pem = new StringBuilder(300); pem.append(BEGIN_EC_PRIVATE_KEY + "\n"); for (int i = 0; i < key.length(); i++) { pem.append(key.charAt(i)); if ((i + 1) % 64 == 0) { pem.append("\n"); } } pem.append("\n" + END_EC_PRIVATE_KEY + "\n"); final StringReader reader = new StringReader(pem.toString()); final PEMParser pemParser = new PEMParser(reader); final KeyPair kp = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemParser.readObject()); pemParser.close(); return kp; }
From source file:com.gitblit.transport.ssh.FileKeyPairProvider.java
License:Apache License
protected KeyPair doLoadKey(String file) { try {/*from w ww .j av a 2 s. c o m*/ PEMParser r = new PEMParser(new InputStreamReader(new FileInputStream(file))); try { Object o = r.readObject(); JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter(); pemConverter.setProvider("BC"); if (passwordFinder != null && o instanceof PEMEncryptedKeyPair) { JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder(); PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(passwordFinder.getPassword()); o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor)); } if (o instanceof PEMKeyPair) { o = pemConverter.getKeyPair((PEMKeyPair) o); return (KeyPair) o; } else if (o instanceof KeyPair) { return (KeyPair) o; } } finally { r.close(); } } catch (Exception e) { log.warn("Unable to read key " + file, e); } return null; }