List of usage examples for org.bouncycastle.openssl PEMParser readObject
public Object readObject() throws IOException
From source file:co.lqnt.lockbox.key.KeyFactory.java
License:Open Source License
/** * Parses PEM data and returns a specialized object. * * @param input The PEM data to read.//from w w w .ja v a 2 s . c om * * @return The specialized object. * @throws PEMException If the PEM data is invalid. */ protected Object parsePemObject(final InputStream input) throws PEMException { PEMParser parser = this.pemParserFactory.create(input); Object pemObject; try { pemObject = parser.readObject(); } catch (IOException e) { throw new PEMException("Unable to read PEM stream.", e); } if (null == pemObject) { throw new PEMException("No PEM data found."); } return pemObject; }
From source file:com.amazonaws.services.iot.demo.danbo.rpi.SslUtil.java
License:Open Source License
public static SSLSocketFactory getSslSocketFactory(final String caCrtFile, final String crtFile, final String keyFile, final String password) throws InvalidPathException, IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException, UnrecoverableKeyException, KeyManagementException, Exception { Security.addProvider(new BouncyCastleProvider()); // load CA certificate PEMParser parser = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(caCrtFile))))); X509CertificateHolder caCert = (X509CertificateHolder) parser.readObject(); parser.close();/*w ww.ja v a 2 s . c o m*/ // load client certificate parser = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(crtFile))))); X509CertificateHolder cert = (X509CertificateHolder) parser.readObject(); parser.close(); // load client private key parser = new PEMParser( new InputStreamReader(new ByteArrayInputStream(Files.readAllBytes(Paths.get(keyFile))))); Object obj = parser.readObject(); KeyPair key = null; JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC"); if (obj instanceof PEMEncryptedKeyPair) { PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password.toCharArray()); converter = new JcaPEMKeyConverter().setProvider("BC"); key = converter.getKeyPair(((PEMEncryptedKeyPair) obj).decryptKeyPair(decProv)); } else { key = converter.getKeyPair((PEMKeyPair) obj); } parser.close(); JcaX509CertificateConverter certConverter = new JcaX509CertificateConverter(); certConverter.setProvider("BC"); // CA certificate is used to authenticate server KeyStore caKs = KeyStore.getInstance(KeyStore.getDefaultType()); caKs.load(null, null); caKs.setCertificateEntry("ca-certificate", certConverter.getCertificate(caCert)); TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); tmf.init(caKs); // Client key and certificates are sent to server so it can authenticate // us KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType()); ks.load(null, null); ks.setCertificateEntry("certificate", certConverter.getCertificate(cert)); ks.setKeyEntry("private-key", key.getPrivate(), password.toCharArray(), new java.security.cert.Certificate[] { certConverter.getCertificate(cert) }); KeyManagerFactory kmf = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()); kmf.init(ks, password.toCharArray()); // Finally, create SSL socket factory SSLContext context = SSLContext.getInstance("TLSv1.2"); context.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null); return context.getSocketFactory(); }
From source file:com.appdynamics.monitors.mongo.MongoDBMonitor.java
License:Apache License
private SSLSocketFactory getSocketFactoryFromPEM(String filePath) throws Exception { Security.addProvider(new BouncyCastleProvider()); PEMParser pemParser = new PEMParser(new FileReader(getConfigFilename(filePath))); pemParser.readObject(); PemObject pemObject = pemParser.readPemObject(); pemParser.close();//from w w w .j a v a2 s . c o m X509CertificateHolder holder = new X509CertificateHolder(pemObject.getContent()); X509Certificate bc = new JcaX509CertificateConverter().setProvider("BC").getCertificate(holder); KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, null); keyStore.setCertificateEntry("ca", bc); TrustManager trustManager = TrustManagerUtils.getDefaultTrustManager(keyStore); SSLContext sslContext = SSLContextUtils.createSSLContext("TLS", null, trustManager); return sslContext.getSocketFactory(); }
From source file:com.aqnote.shared.cryptology.cert.io.PKCSReader.java
License:Open Source License
private static Object readFile(InputStream istream) throws Exception { if (istream == null) return null; PEMParser pemParser = new PEMParser(new InputStreamReader(istream)); Object object = pemParser.readObject(); pemParser.close();/*from w ww. j av a2 s . c o m*/ return object; }
From source file:com.brienwheeler.apps.tomcat.TomcatBean.java
License:Open Source License
private RSAPrivateKey readKeyFile() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException { String parse[] = readPEMFile(sslKeyFile, KEY_PATTERN, 2); if (parse == null) throw new IllegalArgumentException("invalid key file contents"); if (parse[0].length() == 0) { // BEGIN PRIVATE KEY KeyFactory keyFactory = KeyFactory.getInstance("RSA"); return (RSAPrivateKey) keyFactory.generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(parse[1]))); }// www. j av a 2 s.c o m if (parse[0].contains("RSA")) { // BEGIN RSA PRIVATE KEY Security.addProvider(new BouncyCastleProvider()); PEMParser pemParser = new PEMParser(new FileReader(sslKeyFile)); Object parsedObject = pemParser.readObject(); if (!(parsedObject instanceof PEMKeyPair)) throw new IllegalArgumentException("invalid key file contents"); PEMKeyPair keyPair = (PEMKeyPair) parsedObject; RSAPrivateKey privateKey = (RSAPrivateKey) BouncyCastleProvider .getPrivateKey(keyPair.getPrivateKeyInfo()); if (privateKey == null) throw new IllegalArgumentException("invalid key file contents"); return privateKey; } throw new IllegalArgumentException("invalid key file contents"); }
From source file:com.enioka.jqm.pki.JpaCa.java
License:Open Source License
public static CertificateRequest initCa(EntityManager em) { // result field CertificateRequest cr = new CertificateRequest(); // Get the alias of the private key to use String caAlias = null;/*from ww w . java2 s .c o m*/ try { caAlias = em .createQuery("SELECT p FROM GlobalParameter p WHERE p.key = 'keyAlias'", GlobalParameter.class) .getSingleResult().getValue(); } catch (NoResultException e) { caAlias = Constants.CA_DEFAULT_PRETTY_NAME; } // Create the CA if it does not already exist PKI pki = null; try { pki = em.createQuery("SELECT p FROM PKI p WHERE p.prettyName = :pn", PKI.class) .setParameter("pn", caAlias).getSingleResult(); } catch (NoResultException e) { // Create the CA certificate and PK cr = new CertificateRequest(); cr.generateCA(caAlias); // Store pki = new PKI(); pki.setPemPK(cr.writePemPrivateToString()); pki.setPemCert(cr.writePemPublicToString()); pki.setPrettyName(caAlias); em.getTransaction().begin(); em.persist(pki); em.getTransaction().commit(); } try { // Public (X509 certificate) String pemCert = pki.getPemCert(); StringReader sr = new StringReader(pemCert); PemReader pr = new PemReader(sr); cr.holder = new X509CertificateHolder(pr.readPemObject().getContent()); pr.close(); // Private key String pemPrivate = pki.getPemPK(); sr = new StringReader(pemPrivate); PEMParser pp = new PEMParser(sr); PEMKeyPair caKeyPair = (PEMKeyPair) pp.readObject(); pp.close(); byte[] encodedPrivateKey = caKeyPair.getPrivateKeyInfo().getEncoded(); KeyFactory keyFactory = KeyFactory.getInstance(Constants.KEY_ALGORITHM); PKCS8EncodedKeySpec privateKeySpec = new PKCS8EncodedKeySpec(encodedPrivateKey); cr.privateKey = keyFactory.generatePrivate(privateKeySpec); } catch (Exception e) { throw new PkiException(e); } // Done return cr; }
From source file:com.facebook.delegatedrecovery.DelegatedRecoveryUtils.java
License:Open Source License
/** * Loads a private key on the P-256 curve from a PEM file of the type created * by openssl ecparam -name prime256v1 -genkey -noout -out filename * //from ww w.ja v a2 s. co m * @param filename The filename of the pem file * @return an EC key pair * @throws Exception If the file fails to read or parse. */ public static KeyPair keyPairFromPEMFile(final String filename) throws Exception { final Reader reader = new InputStreamReader(new FileInputStream(filename), StandardCharsets.UTF_8); final PEMParser pemParser = new PEMParser(reader); final KeyPair kp = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemParser.readObject()); pemParser.close(); return kp; }
From source file:com.facebook.delegatedrecovery.DelegatedRecoveryUtils.java
License:Open Source License
/** * As keyPairFromPEMFile but with a string instead of a file * //from w w w.jav a2 s . c o m * @param key The key from a PEM file as a string * @return an EC key pair * @throws Exception If the string failes to parse. */ public static KeyPair keyPairFromPEMString(final String key) throws Exception { final StringBuilder pem = new StringBuilder(300); pem.append(BEGIN_EC_PRIVATE_KEY + "\n"); for (int i = 0; i < key.length(); i++) { pem.append(key.charAt(i)); if ((i + 1) % 64 == 0) { pem.append("\n"); } } pem.append("\n" + END_EC_PRIVATE_KEY + "\n"); final StringReader reader = new StringReader(pem.toString()); final PEMParser pemParser = new PEMParser(reader); final KeyPair kp = new JcaPEMKeyConverter().getKeyPair((PEMKeyPair) pemParser.readObject()); pemParser.close(); return kp; }
From source file:com.gitblit.transport.ssh.FileKeyPairProvider.java
License:Apache License
protected KeyPair doLoadKey(String file) { try {/*w w w .j a v a 2s . c o m*/ PEMParser r = new PEMParser(new InputStreamReader(new FileInputStream(file))); try { Object o = r.readObject(); JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter(); pemConverter.setProvider("BC"); if (passwordFinder != null && o instanceof PEMEncryptedKeyPair) { JcePEMDecryptorProviderBuilder decryptorBuilder = new JcePEMDecryptorProviderBuilder(); PEMDecryptorProvider pemDecryptor = decryptorBuilder.build(passwordFinder.getPassword()); o = pemConverter.getKeyPair(((PEMEncryptedKeyPair) o).decryptKeyPair(pemDecryptor)); } if (o instanceof PEMKeyPair) { o = pemConverter.getKeyPair((PEMKeyPair) o); return (KeyPair) o; } else if (o instanceof KeyPair) { return (KeyPair) o; } } finally { r.close(); } } catch (Exception e) { log.warn("Unable to read key " + file, e); } return null; }
From source file:com.github.ibole.infrastructure.security.jwt.auth0.Auth0Utils.java
License:Apache License
private PrivateKey decryptPrivateKey(JWTEncryptionPreferences preferences) throws TokenHandlingException { PrivateKey decryptedPrivateKey; try {/* w w w . ja v a2 s . c o m*/ PEMParser keyReader = new PEMParser(new StringReader(preferences.getPrivateKey())); Object keyPair = keyReader.readObject(); keyReader.close(); if (keyPair instanceof PEMEncryptedKeyPair) { JcePEMDecryptorProviderBuilder builder = new JcePEMDecryptorProviderBuilder(); PEMDecryptorProvider decryptionProvider = builder .build(preferences.getPrivateKeyPassword().toCharArray()); keyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptionProvider); } PrivateKeyInfo keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo(); decryptedPrivateKey = (new JcaPEMKeyConverter()).getPrivateKey(keyInfo); } catch (IOException e) { throw new TokenHandlingException("Error parsing private key for Box Developer Edition.", e); } return decryptedPrivateKey; }