List of usage examples for org.bouncycastle.openssl PEMParser PEMParser
public PEMParser(Reader reader)
From source file:org.metaeffekt.dcc.commons.pki.KeyUtils.java
License:Apache License
public static PublicKey loadPublicKey(String file) throws IOException { PEMParser parser = new PEMParser(new FileReader(file)); try {//w ww.j av a 2s. c o m SubjectPublicKeyInfo pemObject = (SubjectPublicKeyInfo) parser.readObject(); JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); return converter.getPublicKey(pemObject); } finally { IOUtils.closeQuietly(parser); } }
From source file:org.metaeffekt.dcc.commons.pki.KeyUtils.java
License:Apache License
public static PublicKey loadPublicKeyFromKeyPair(String file) throws IOException { PEMParser parser = new PEMParser(new FileReader(file)); try {// w w w .j av a 2s.c o m PEMKeyPair pemObject = (PEMKeyPair) parser.readObject(); SubjectPublicKeyInfo info = pemObject.getPublicKeyInfo(); JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); return converter.getPublicKey(info); } finally { IOUtils.closeQuietly(parser); } }
From source file:org.onosproject.netconf.ctl.impl.NetconfSessionMinaImpl.java
License:Apache License
@Deprecated private void startSession() throws IOException { final ConnectFuture connectFuture; connectFuture = client.connect(deviceInfo.name(), deviceInfo.ip().toString(), deviceInfo.port()) .verify(connectTimeout, TimeUnit.SECONDS); session = connectFuture.getSession(); //Using the device ssh key if possible if (deviceInfo.getKey() != null) { try (PEMParser pemParser = new PEMParser(new CharArrayReader(deviceInfo.getKey()))) { JcaPEMKeyConverter converter = new JcaPEMKeyConverter() .setProvider(BouncyCastleProvider.PROVIDER_NAME); try { KeyPair kp = converter.getKeyPair((PEMKeyPair) pemParser.readObject()); session.addPublicKeyIdentity(kp); } catch (IOException e) { throw new NetconfException("Failed to authenticate session with device " + deviceInfo + "check key to be a valid key", e); }// w ww .j a v a 2 s . c om } } else { session.addPasswordIdentity(deviceInfo.password()); } session.auth().verify(connectTimeout, TimeUnit.SECONDS); Set<ClientSession.ClientSessionEvent> event = session .waitFor( ImmutableSet.of(ClientSession.ClientSessionEvent.WAIT_AUTH, ClientSession.ClientSessionEvent.CLOSED, ClientSession.ClientSessionEvent.AUTHED), 0); if (!event.contains(ClientSession.ClientSessionEvent.AUTHED)) { log.debug("Session closed {} {}", event, session.isClosed()); throw new NetconfException( "Failed to authenticate session with device " + deviceInfo + "check the user/pwd or key"); } openChannel(); }
From source file:org.opendaylight.snbi.southplugin.CertificateMgmt.java
License:Open Source License
public static X509Certificate getSavedCertificate(String provider, String fileName) { X509Certificate cert = null;// ww w . j a v a 2s. c o m logger.info("Retrieving certificate " + fileName); FileReader fileReader; try { fileReader = new FileReader(fileName); } catch (FileNotFoundException e) { e.printStackTrace(); return null; } PEMParser pemParser = new PEMParser(fileReader); Object privatekey; try { privatekey = pemParser.readObject(); } catch (IOException e) { e.printStackTrace(); return null; } finally { try { pemParser.close(); } catch (IOException e) { e.printStackTrace(); } } if (privatekey == null) return null; X509CertificateHolder certHolder = (X509CertificateHolder) privatekey; try { return new JcaX509CertificateConverter().setProvider(provider).getCertificate(certHolder); } catch (CertificateException e) { e.printStackTrace(); } return cert; }
From source file:org.pepstock.jem.node.security.Crypto.java
License:Open Source License
/** * Loads a private key from a file, using password and file passed ar argument * // w w w . ja v a 2 s.c o m * @param pemKeyFile is the pem file of the RSA private key of the user. * @param password the password of the private key if the private key is * protected by a password, null otherwise * @return the private Key read from pem file * @throws KeyException if any Exception occurs while extracting private key * @throws MessageException if any Exception occurs while extracting private key */ public static Key loadPrivateKeyFromFile(File pemKeyFile, String password) throws MessageException, KeyException { try { // checks if the provider is loaded. // if not, it adds BouncyCastle as provider if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { Security.addProvider(new BouncyCastleProvider()); } // private key file in PEM format, from file PEMParser pemParser = new PEMParser( new InputStreamReader(new FileInputStream(pemKeyFile), CharSet.DEFAULT)); // reads the object and close the parser and input stream Object object = pemParser.readObject(); pemParser.close(); // creates a key converter by BouncyCastle JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME); // gets key pair instance KeyPair kp; // if is a PEM if (object instanceof PEMEncryptedKeyPair) { if (password == null) { throw new MessageException(NodeMessage.JEMC205E); } // uses the PEM decryptor using password PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray()); kp = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv)); } else { // if here, the key it's protected by password LogAppl.getInstance().emit(NodeMessage.JEMC199W); kp = converter.getKeyPair((PEMKeyPair) object); } return kp.getPrivate(); } catch (FileNotFoundException e) { throw new KeyException(e.getMessage(), e); } catch (PEMException e) { throw new KeyException(e.getMessage(), e); } catch (IOException e) { throw new KeyException(e.getMessage(), e); } }
From source file:org.renci.ahab.ndllib.transport.OrcaSMXMLRPCProxy.java
private KeyStore loadX509Data(FileInputStream certIS, FileInputStream keyIS, String keyAlias, String keyPassword) throws Exception { if (Security.getProvider("BC") == null) { Security.addProvider(new BouncyCastleProvider()); }/*from ww w .jav a2 s. c o m*/ /* AccessController.doPrivileged(new PrivilegedAction<Void>() { public Void run() { if (Security.getProvider("BC") == null) { Security.addProvider(new BouncyCastleProvider()); } System.out.println("Currently loaded security providers:"); for (Provider p: Security.getProviders()) { System.out.println("Provider " + p + " - " + p.getName()); } System.out.println("End of security provider list."); return null; } }); */ JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider("BC"); JcaX509CertificateConverter certConverter = new JcaX509CertificateConverter().setProvider("BC"); Object object; PEMParser pemParser = new PEMParser(new BufferedReader(new InputStreamReader(keyIS, "UTF-8"))); PrivateKey privKey = null; while ((object = pemParser.readObject()) != null) { if (object instanceof PKCS8EncryptedPrivateKeyInfo) { InputDecryptorProvider decProv = new JceOpenSSLPKCS8DecryptorProviderBuilder() .build(keyPassword.toCharArray()); privKey = keyConverter .getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) object).decryptPrivateKeyInfo(decProv)); break; } else if (object instanceof PEMEncryptedKeyPair) { PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder() .build(keyPassword.toCharArray()); privKey = keyConverter.getPrivateKey( (((PEMEncryptedKeyPair) object).decryptKeyPair(decProv)).getPrivateKeyInfo()); break; } else if (object instanceof PEMKeyPair) { privKey = keyConverter.getPrivateKey(((PEMKeyPair) object).getPrivateKeyInfo()); break; } } if (privKey == null) throw new Exception("Private key file did not contain a private key."); pemParser = new PEMParser(new BufferedReader(new InputStreamReader(certIS, "UTF-8"))); ArrayList<Certificate> certs = new ArrayList<Certificate>(); while ((object = pemParser.readObject()) != null) { if (object instanceof X509CertificateHolder) { certs.add(certConverter.getCertificate((X509CertificateHolder) object)); } } if (certs.isEmpty()) throw new Exception("Certificate file contained no certificates."); KeyStore ks = KeyStore.getInstance("jks"); ks.load(null); ks.setKeyEntry(keyAlias, privKey, keyPassword.toCharArray(), certs.toArray(new Certificate[certs.size()])); return ks; }
From source file:org.robotbrains.examples.mqtt.subscriber.SslCertificateSubscriberMqttExample.java
License:Apache License
/** * Create an SSL socket factory.//from w w w. ja v a 2 s .c om * * @param credentials * the security credentials * * @return the socket factory. * * @throws Exception * something bad happened */ public static SSLSocketFactory configureSSLSocketFactory(Properties credentials) throws Exception { Security.addProvider(new BouncyCastleProvider()); JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter().setProvider("BC"); String caCrtFile = credentials.getProperty("mqtt.ca.crt"); // load CA certificate PEMParser reader = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(caCrtFile))))); X509Certificate caCert = certificateConverter.getCertificate((X509CertificateHolder) reader.readObject()); reader.close(); // load client certificate String crtFile = credentials.getProperty("mqtt.client.crt"); reader = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(crtFile))))); X509Certificate cert = certificateConverter.getCertificate((X509CertificateHolder) reader.readObject()); reader.close(); // load client private key JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider("BC"); String keyFile = credentials.getProperty("mqtt.client.key"); reader = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(keyFile))))); KeyPair key = keyConverter.getKeyPair((PEMKeyPair) reader.readObject()); reader.close(); // CA certificate is used to authenticate server KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType()); caKs.load(null, null); caKs.setCertificateEntry("ca-certificate", caCert); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(caKs); // client key and certificates are sent to server so it can authenticate // us KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setCertificateEntry("certificate", cert); // This assumes that the client key is not password protected. We need a // password, but it could be anything. char[] password = "password".toCharArray(); ks.setKeyEntry("private-key", key.getPrivate(), password, new java.security.cert.Certificate[] { cert }); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, password); // finally, create SSL socket factory SSLContext context = SSLContext.getInstance("TLS"); context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); return context.getSocketFactory(); }
From source file:org.shredzone.acme4j.util.CertificateUtils.java
License:Apache License
/** * Reads a CSR PEM file.//w w w . java 2s. c om * * @param in * {@link InputStream} to read the CSR from. * @return CSR that was read */ public static PKCS10CertificationRequest readCSR(InputStream in) throws IOException { try (PEMParser pemParser = new PEMParser(new InputStreamReader(in))) { Object parsedObj = pemParser.readObject(); if (!(parsedObj instanceof PKCS10CertificationRequest)) { throw new IOException("Not a PKCS10 CSR"); } return (PKCS10CertificationRequest) parsedObj; } }
From source file:org.shredzone.acme4j.util.CSRBuilderTest.java
License:Apache License
/** * Checks if the {@link CSRBuilder#write(java.io.Writer)} method generates a correct * CSR PEM file./*from w w w .java2s . c om*/ */ private void writerTest(CSRBuilder builder) throws IOException, PEMException { // Write CSR to PEM String pem; try (StringWriter out = new StringWriter()) { builder.write(out); pem = out.toString(); } // Make sure PEM file is properly formatted assertThat(pem, RegexMatchers.matchesPattern("-----BEGIN CERTIFICATE REQUEST-----[\\r\\n]+" + "([a-zA-Z0-9/+=]+[\\r\\n]+)+" + "-----END CERTIFICATE REQUEST-----[\\r\\n]*")); // Read CSR from PEM PKCS10CertificationRequest readCsr; try (PEMParser parser = new PEMParser(new StringReader(pem))) { readCsr = (PKCS10CertificationRequest) parser.readObject(); } // Verify that both keypairs are the same assertThat(builder.getCSR(), not(sameInstance(readCsr))); assertThat(builder.getEncoded(), is(equalTo(readCsr.getEncoded()))); // OutputStream is identical? byte[] pemBytes; try (ByteArrayOutputStream baos = new ByteArrayOutputStream()) { builder.write(baos); pemBytes = baos.toByteArray(); } assertThat(new String(pemBytes, "utf-8"), is(equalTo(pem))); }
From source file:org.shredzone.acme4j.util.KeyPairUtils.java
License:Apache License
/** * Reads a {@link KeyPair} from a PEM file. * * @param r/*from w w w . ja va 2 s . c om*/ * {@link Reader} to read the PEM file from * @return {@link KeyPair} read */ public static KeyPair readKeyPair(Reader r) throws IOException { try (PEMParser parser = new PEMParser(r)) { PEMKeyPair keyPair = (PEMKeyPair) parser.readObject(); return new JcaPEMKeyConverter().getKeyPair(keyPair); } catch (PEMException ex) { throw new IOException("Invalid PEM file", ex); } }