Java RSA getPemKeyStore(File file)

Here you can find the source of getPemKeyStore(File file)

Description

get Pem Key Store

License

Apache License

Declaration

private static KeyStore getPemKeyStore(File file) throws KeyStoreException, IOException,
            InvalidKeySpecException, NoSuchAlgorithmException, CertificateException 

Method Source Code


//package com.java2s;
//License from project: Apache License 

import java.io.ByteArrayInputStream;
import java.io.File;

import java.io.IOException;
import java.nio.file.Files;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.xml.bind.DatatypeConverter;

public class Main {
    public static final String PEM_PWD = "changeit";

    private static KeyStore getPemKeyStore(File file) throws KeyStoreException, IOException,
            InvalidKeySpecException, NoSuchAlgorithmException, CertificateException {
        KeyStore store = KeyStore.getInstance(KeyStore.getDefaultType());
        store.load(null);/*ww w.  j av  a2 s. c o m*/

        if (file != null) {
            byte[] certAndKey = Files.readAllBytes(file.toPath());

            byte[] certBytes = parseDERFromPEM(certAndKey, "-----BEGIN .*CERTIFICATE-----",
                    "-----END .*CERTIFICATE-----");
            byte[] pvtKeyBytes = parseDERFromPEM(certAndKey, "-----BEGIN .*PRIVATE KEY-----",
                    "-----END .*PRIVATE KEY-----");
            byte[] pubKeyBytes = parseDERFromPEM(certAndKey, "-----BEGIN .*PUBLIC KEY-----",
                    "-----END .*PUBLIC KEY-----");

            X509Certificate cert = null;
            if (certBytes != null) {
                cert = generateCertFromDER(certBytes);
                String alias = cert.getSubjectX500Principal().getName();
                store.setCertificateEntry(alias, cert);
            }

            Certificate[] chain = cert == null ? new Certificate[] {} : new Certificate[] { cert };

            if (pvtKeyBytes != null) {
                RSAPrivateKey key = generatePvtKeyFromDER(pvtKeyBytes);
                store.setKeyEntry("key-alias", key, PEM_PWD.toCharArray(), chain);
            }

            if (pubKeyBytes != null) {
                RSAPublicKey key = generatePubKeyFromDER(pubKeyBytes);
                store.setKeyEntry("pubkey-alias", key, PEM_PWD.toCharArray(), null);
            }
        }
        return store;
    }

    protected static byte[] parseDERFromPEM(byte[] pem, String beginDelimiter, String endDelimiter) {
        String data = new String(pem);
        String[] tokens = data.split(beginDelimiter);
        if (tokens.length < 2) { // no results found!
            return null;
        }
        tokens = tokens[1].split(endDelimiter);
        if (tokens.length < 2) { // no results found!
            return null;
        }
        return DatatypeConverter.parseBase64Binary(tokens[0]);
    }

    protected static X509Certificate generateCertFromDER(byte[] certBytes) throws CertificateException {
        CertificateFactory factory = CertificateFactory.getInstance("X.509");
        return (X509Certificate) factory.generateCertificate(new ByteArrayInputStream(certBytes));
    }

    protected static RSAPrivateKey generatePvtKeyFromDER(byte[] keyBytes)
            throws InvalidKeySpecException, NoSuchAlgorithmException {
        PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(keyBytes);
        KeyFactory factory = KeyFactory.getInstance("RSA");
        return (RSAPrivateKey) factory.generatePrivate(spec);
    }

    protected static RSAPublicKey generatePubKeyFromDER(byte[] keyBytes)
            throws InvalidKeySpecException, NoSuchAlgorithmException {
        X509EncodedKeySpec spec = new X509EncodedKeySpec(keyBytes);
        KeyFactory factory = KeyFactory.getInstance("RSA");
        return (RSAPublicKey) factory.generatePublic(spec);
    }
}

Related

  1. generateRSAKeypairAndKeystore(String fullyQualifiedDN, Date endDate, String keystoreLocation, String keyPairAlias, String keypairPassword, String keystorePassword)
  2. generateRsaPublicKey(BigInteger modulus, BigInteger publicExponent)
  3. generateRSAPublicKey(final BigInteger modulus, final BigInteger publicExponent)
  4. generateRSASHA1Signature(PrivateKey privateKey, String data)
  5. generateSaltedHMAC(String accessKey, String userSalt, Mac mac)