List of usage examples for org.bouncycastle.openssl PEMParser PEMParser
public PEMParser(Reader reader)
From source file:com.github.ibole.infrastructure.security.jwt.auth0.Auth0Utils.java
License:Apache License
private PrivateKey decryptPrivateKey(JWTEncryptionPreferences preferences) throws TokenHandlingException { PrivateKey decryptedPrivateKey; try {/*www. jav a 2s .co m*/ PEMParser keyReader = new PEMParser(new StringReader(preferences.getPrivateKey())); Object keyPair = keyReader.readObject(); keyReader.close(); if (keyPair instanceof PEMEncryptedKeyPair) { JcePEMDecryptorProviderBuilder builder = new JcePEMDecryptorProviderBuilder(); PEMDecryptorProvider decryptionProvider = builder .build(preferences.getPrivateKeyPassword().toCharArray()); keyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptionProvider); } PrivateKeyInfo keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo(); decryptedPrivateKey = (new JcaPEMKeyConverter()).getPrivateKey(keyInfo); } catch (IOException e) { throw new TokenHandlingException("Error parsing private key for Box Developer Edition.", e); } return decryptedPrivateKey; }
From source file:com.github.khazrak.jdocker.ssl.KeyStoreUtil.java
License:Apache License
static <T> T loadPEM(String keyPath) throws IOException { try (BufferedReader reader = new BufferedReader(new FileReader(keyPath))) { PEMParser parser = new PEMParser(reader); return (T) parser.readObject(); }//ww w. jav a 2s. c o m }
From source file:com.google.examples.JOSEToolBase.java
License:Apache License
public static PrivateKey decodePrivateKey(String privateKeyString, String password) throws KeyParseException { try {/*from w ww. j a v a 2 s. c om*/ JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); privateKeyString = reformIndents(privateKeyString); PEMParser pemParser = new PEMParser(new StringReader(privateKeyString)); Object object = pemParser.readObject(); if (object == null) { throw new KeyParseException("unable to read anything when decoding private key"); } KeyPair kp = null; //LOGGER.info(String.format("decodePrivateKey, %s", object.getClass().getName())); if (object instanceof PKCS8EncryptedPrivateKeyInfo) { // produced by "openssl genpkey" or the series of commands reqd to sign an ec key //LOGGER.info("decodePrivateKey, encrypted PrivateKeyInfo"); PKCS8EncryptedPrivateKeyInfo pkcs8EncryptedPrivateKeyInfo = (PKCS8EncryptedPrivateKeyInfo) object; JceOpenSSLPKCS8DecryptorProviderBuilder decryptorProviderBuilder = new JceOpenSSLPKCS8DecryptorProviderBuilder(); InputDecryptorProvider decryptorProvider = decryptorProviderBuilder.build(password.toCharArray()); PrivateKeyInfo privateKeyInfo = pkcs8EncryptedPrivateKeyInfo .decryptPrivateKeyInfo(decryptorProvider); return (PrivateKey) converter.getPrivateKey(privateKeyInfo); } if (object instanceof PrivateKeyInfo) { // produced by openssl genpkey without encryption return (PrivateKey) converter.getPrivateKey((PrivateKeyInfo) object); } if (object instanceof PEMEncryptedKeyPair) { // produced by "openssl genrsa" or "openssl ec -genkey" // LOGGER.info("decodePrivateKey, encrypted keypair"); PEMEncryptedKeyPair encryptedKeyPair = (PEMEncryptedKeyPair) object; PEMDecryptorProvider decryptorProvider = new JcePEMDecryptorProviderBuilder() .build(password.toCharArray()); kp = converter.getKeyPair(encryptedKeyPair.decryptKeyPair(decryptorProvider)); } else if (object instanceof PEMKeyPair) { //LOGGER.info("decodePrivateKey, un-encrypted keypair"); PEMKeyPair unencryptedKeyPair = (PEMKeyPair) object; kp = converter.getKeyPair(unencryptedKeyPair); } else { //LOGGER.error("decodePrivateKey, unknown object type {}", object.getClass().getName()); throw new KeyParseException("unknown object type when decoding private key"); } return (PrivateKey) kp.getPrivate(); } catch (KeyParseException exc0) { throw exc0; } catch (Exception exc1) { throw new KeyParseException("cannot instantiate private key", exc1); } }
From source file:com.google.examples.JOSEToolBase.java
License:Apache License
public static PublicKey decodePublicKey(String publicKeyString) throws KeyParseException { try {//from w ww .j a va 2 s. c o m JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); publicKeyString = reformIndents(publicKeyString); PEMParser pemParser = new PEMParser(new StringReader(publicKeyString)); Object object = pemParser.readObject(); if (object == null) { throw new KeyParseException("unable to read anything when decoding public key"); } return converter.getPublicKey((org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) object); } catch (KeyParseException exc0) { throw exc0; } catch (Exception exc1) { throw new KeyParseException("cannot instantiate public key", exc1); } }
From source file:com.hurence.logisland.connect.opc.ua.OpcUaSourceTask.java
License:Apache License
private PrivateKey decodePemPrivateKey(String privateKey) { try {/*from ww w. j av a2 s . c o m*/ PEMParser pemParser = new PEMParser(new StringReader(privateKey)); Object object = pemParser.readObject(); JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); if (object instanceof PEMEncryptedKeyPair) { throw new UnsupportedOperationException("Encrypted keys are not yet supported"); } PEMKeyPair ukp = (PEMKeyPair) object; KeyPair keyPair = converter.getKeyPair(ukp); return keyPair.getPrivate(); } catch (Exception e) { throw new IllegalArgumentException("Unable to decode private key", e); } }
From source file:com.hypersocket.certs.X509CertificateUtils.java
License:Open Source License
public static X509Certificate[] loadCertificateChainFromPEM(InputStream certfile) throws IOException, CertificateException, FileFormatException { List<X509Certificate> certs = new ArrayList<X509Certificate>(); PEMParser parser = new PEMParser(new InputStreamReader(certfile)); try {//from w w w .j a v a 2 s. c o m Object obj = null; while ((obj = parser.readObject()) != null) { if (obj instanceof X509CertificateHolder) { certs.add(new JcaX509CertificateConverter().setProvider("BC") .getCertificate((X509CertificateHolder) obj)); } else { throw new FileFormatException("Failed to read X509Certificate from InputStream provided"); } } return certs.toArray(new X509Certificate[0]); } finally { parser.close(); } }
From source file:com.hypersocket.certs.X509CertificateUtils.java
License:Open Source License
public static X509Certificate loadCertificateFromPEM(InputStream certfile) throws IOException, CertificateException, FileFormatException { PEMParser parser = new PEMParser(new InputStreamReader(certfile)); try {//from w ww . ja v a 2 s .c om Object obj = parser.readObject(); if (obj instanceof X509CertificateHolder) { return new JcaX509CertificateConverter().setProvider("BC") .getCertificate((X509CertificateHolder) obj); } else { throw new FileFormatException("Failed to read X509Certificate from InputStream provided"); } } finally { parser.close(); } }
From source file:com.hypersocket.certs.X509CertificateUtils.java
License:Open Source License
public static KeyPair loadKeyPairFromPEM(InputStream keyfile, char[] passphrase) throws InvalidPassphraseException, CertificateException, FileFormatException { PEMParser parser = new PEMParser(new InputStreamReader(keyfile)); JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); try {//from w w w. ja va2s . co m Object privatekey = parser.readObject(); if (privatekey instanceof PEMEncryptedKeyPair) { try { privatekey = ((PEMEncryptedKeyPair) privatekey) .decryptKeyPair(new JcePEMDecryptorProviderBuilder().build(passphrase)); } catch (Exception e) { throw new InvalidPassphraseException(e); } } else if (privatekey instanceof PKCS8EncryptedPrivateKeyInfo) { try { privatekey = converter .getPrivateKey(((PKCS8EncryptedPrivateKeyInfo) privatekey).decryptPrivateKeyInfo( new JceOpenSSLPKCS8DecryptorProviderBuilder().build(passphrase))); } catch (Exception e) { throw new InvalidPassphraseException(e); } } if (privatekey instanceof PEMKeyPair) { return loadKeyPair((PEMKeyPair) privatekey); } else if (privatekey instanceof RSAPrivateCrtKey) { return loadKeyPair((RSAPrivateCrtKey) privatekey); } else if (privatekey instanceof PrivateKeyInfo) { PrivateKeyInfo i = (PrivateKeyInfo) privatekey; PrivateKey prv = converter.getPrivateKey(i); if (prv instanceof RSAPrivateCrtKey) { return loadKeyPair((RSAPrivateCrtKey) prv); } else { throw new FileFormatException("Unsupported private key type"); } } else { throw new FileFormatException( "The file doesn't seem to have any supported key types obj=" + privatekey); } } catch (IOException ex) { throw new CertificateException("Failed to read from key file", ex); } finally { try { parser.close(); } catch (IOException e) { } } }
From source file:com.jcs_java_sdk.Utils.java
License:Open Source License
public static PrivateKey readPrivateKey(String privateKeyPath, String keyPassword) throws IOException { FileReader fileReader = new FileReader(privateKeyPath); PEMParser keyReader = new PEMParser(fileReader); JcaPEMKeyConverter converter = new JcaPEMKeyConverter(); PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(keyPassword.toCharArray()); Object keyPair = keyReader.readObject(); PrivateKeyInfo keyInfo;// w w w . ja v a2 s. co m if (keyPair instanceof PEMEncryptedKeyPair) { PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptionProv); keyInfo = decryptedKeyPair.getPrivateKeyInfo(); } else { keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo(); } keyReader.close(); return converter.getPrivateKey(keyInfo); }
From source file:com.joyent.http.signature.KeyPairLoader.java
License:Open Source License
/** * Read KeyPair from an input stream, optionally using password and desired Security Provider. Most implementations * should continue calling the one and two-argument methods * * @param is private key content as a stream * @param password password associated with key * @param provider security provider to use when loading the key * @return public/private keypair object * @throws IOException If unable to read the private key from the string *//*w w w . j a v a 2 s .c o m*/ public static KeyPair getKeyPair(final InputStream is, final char[] password, final DesiredSecurityProvider provider) throws IOException { final Object pemObject; try (InputStreamReader isr = new InputStreamReader(is, StandardCharsets.US_ASCII); BufferedReader br = new BufferedReader(isr); PEMParser pemParser = new PEMParser(br)) { pemObject = pemParser.readObject(); } final PEMKeyPair pemKeyPair; if (pemObject instanceof PEMEncryptedKeyPair) { if (password == null) { throw new KeyLoadException("Loaded key is encrypted but no password was supplied."); } final PEMDecryptorProvider decryptorProvider = new JcePEMDecryptorProviderBuilder().build(password); final PEMEncryptedKeyPair encryptedPemObject = ((PEMEncryptedKeyPair) pemObject); pemKeyPair = encryptedPemObject.decryptKeyPair(decryptorProvider); } else if (pemObject instanceof PEMKeyPair) { if (password != null) { throw new KeyLoadException("Loaded key is not encrypted but a password was supplied."); } pemKeyPair = (PEMKeyPair) pemObject; } else if (pemObject == null) { throw new KeyLoadException("Failed to load PEM object, please verify the input is a private key"); } else { throw new KeyLoadException("Unexpected PEM object loaded: " + pemObject.getClass().getCanonicalName()); } // throw if the user has specifically requested NSS and it is unavailable if (provider != null && provider.equals(DesiredSecurityProvider.NSS) && CONVERTER_PKCS11_NSS == null) { throw new KeyLoadException(PROVIDER_PKCS11_NSS + " provider requested but unavailable. " + "Is java.security configured correctly?"); } // Attempt to load with NSS if it is available and requested (or no provider was specified) final boolean attemptPKCS11NSS = provider == null || provider.equals(DesiredSecurityProvider.NSS); if (CONVERTER_PKCS11_NSS != null && attemptPKCS11NSS) { return CONVERTER_PKCS11_NSS.getKeyPair(pemKeyPair); } return CONVERTER_BOUNCY_CASTLE.getKeyPair(pemKeyPair); }