本文整理汇总了Java中org.bouncycastle.openssl.PEMDecryptorProvider类的典型用法代码示例。如果您正苦于以下问题:Java PEMDecryptorProvider类的具体用法?Java PEMDecryptorProvider怎么用?Java PEMDecryptorProvider使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
PEMDecryptorProvider类属于org.bouncycastle.openssl包,在下文中一共展示了PEMDecryptorProvider类的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: build
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
public PEMDecryptorProvider build(final char[] password)
{
return new PEMDecryptorProvider()
{
public PEMDecryptor get(final String dekAlgName)
{
return new PEMDecryptor()
{
public byte[] decrypt(byte[] keyBytes, byte[] iv)
throws PEMException
{
if (password == null)
{
throw new PasswordException("Password is null, but a password is required");
}
return PEMUtilities.crypt(false, helper, keyBytes, password, dekAlgName, iv);
}
};
}
};
}
示例2: convertKey
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private static KeyPair convertKey(PEMEncryptedKeyPair pemObject, String resource, PasswordCallback password)
throws IOException {
PEMKeyPair pemKeyPair = null;
Throwable passwordException = null;
while (pemKeyPair == null) {
char[] passwordChars = password.queryPassword(resource);
if (passwordChars == null) {
throw new PasswordRequiredException(resource, passwordException);
}
PEMDecryptorProvider pemDecryptorProvider = PEM_DECRYPTOR_PROVIDER_BUILDER.build(passwordChars);
try {
pemKeyPair = pemObject.decryptKeyPair(pemDecryptorProvider);
} catch (EncryptionException e) {
passwordException = e;
}
}
return convertKey(pemKeyPair);
}
示例3: readPrivateKey
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private PrivateKey readPrivateKey(String privateKeyPath, String keyPassword) throws IOException {
FileReader fileReader = new FileReader(privateKeyPath);
PEMParser keyReader = new PEMParser(fileReader);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(keyPassword.toCharArray());
Object keyPair = keyReader.readObject();
PrivateKeyInfo keyInfo;
if (keyPair instanceof PEMEncryptedKeyPair) {
PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptionProv);
keyInfo = decryptedKeyPair.getPrivateKeyInfo();
} else {
keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo();
}
keyReader.close();
return converter.getPrivateKey(keyInfo);
}
示例4: doOpenSslTestFile
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private void doOpenSslTestFile(
String fileName,
Class expectedPrivKeyClass)
throws IOException
{
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build("changeit".toCharArray());
PEMParser pr = openPEMResource("data/" + fileName);
Object o = pr.readObject();
if (o == null || !((o instanceof PEMKeyPair) || (o instanceof PEMEncryptedKeyPair)))
{
fail("Didn't find OpenSSL key");
}
KeyPair kp = (o instanceof PEMEncryptedKeyPair) ?
converter.getKeyPair(((PEMEncryptedKeyPair)o).decryptKeyPair(decProv)) : converter.getKeyPair((PEMKeyPair)o);
PrivateKey privKey = kp.getPrivate();
if (!expectedPrivKeyClass.isInstance(privKey))
{
fail("Returned key not of correct type");
}
}
示例5: doDudPasswordTest
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private void doDudPasswordTest(String password, int index, String message)
{
// illegal state exception check - in this case the wrong password will
// cause an underlying class cast exception.
try
{
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build(password.toCharArray());
PEMParser pemRd = openPEMResource("test.pem");
Object o;
while ((o = pemRd.readObject()) != null)
{
if (o instanceof PEMEncryptedKeyPair)
{
((PEMEncryptedKeyPair)o).decryptKeyPair(decProv);
}
}
fail("issue not detected: " + index);
}
catch (IOException e)
{
// ignore
}
}
示例6: createAndInitKeyManagerFactory
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private KeyManagerFactory createAndInitKeyManagerFactory() throws Exception {
X509Certificate certHolder = certificateConverter.getCertificate((X509CertificateHolder) readPEMFile(cert));
Object keyObject = readPEMFile(privateKey);
char[] passwordCharArray = "".toCharArray();
if (!StringUtils.isEmpty(password)) {
passwordCharArray = password.toCharArray();
}
JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair key;
if (keyObject instanceof PEMEncryptedKeyPair) {
PEMDecryptorProvider provider = new JcePEMDecryptorProviderBuilder().build(passwordCharArray);
key = keyConverter.getKeyPair(((PEMEncryptedKeyPair) keyObject).decryptKeyPair(provider));
} else {
key = keyConverter.getKeyPair((PEMKeyPair) keyObject);
}
KeyStore clientKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
clientKeyStore.load(null, null);
clientKeyStore.setCertificateEntry("cert", certHolder);
clientKeyStore.setKeyEntry("private-key", key.getPrivate(), passwordCharArray, new Certificate[] { certHolder });
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(clientKeyStore, passwordCharArray);
return keyManagerFactory;
}
示例7: createAndInitKeyManagerFactory
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private KeyManagerFactory createAndInitKeyManagerFactory() throws Exception {
X509Certificate certHolder;
Object keyObject;
if (certFileName != null && privateKeyFileName != null) {
certHolder = readCertFile(cert);
keyObject = readPrivateKeyFile(privateKey);
} else {
certHolder = certificateConverter.getCertificate((X509CertificateHolder) readPEMFile(cert));
keyObject = readPEMFile(privateKey);
}
char[] passwordCharArray = "".toCharArray();
if (!StringUtils.isEmpty(password)) {
passwordCharArray = password.toCharArray();
}
JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair key;
if (keyObject instanceof PEMEncryptedKeyPair) {
PEMDecryptorProvider provider = new JcePEMDecryptorProviderBuilder().build(passwordCharArray);
key = keyConverter.getKeyPair(((PEMEncryptedKeyPair) keyObject).decryptKeyPair(provider));
} else {
key = keyConverter.getKeyPair((PEMKeyPair) keyObject);
}
KeyStore clientKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
clientKeyStore.load(null, null);
clientKeyStore.setCertificateEntry("cert", certHolder);
clientKeyStore.setKeyEntry("private-key",
key.getPrivate(),
passwordCharArray,
new Certificate[]{certHolder});
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(clientKeyStore, passwordCharArray);
return keyManagerFactory;
}
示例8: getEncryptionCredential
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private Credential getEncryptionCredential(final WsFederationConfiguration config) {
try {
// This will need to contain the private keypair in PEM format
final BufferedReader br = new BufferedReader(new InputStreamReader(config.getEncryptionPrivateKey().getInputStream()));
Security.addProvider(new BouncyCastleProvider());
final PEMParser pemParser = new PEMParser(br);
final Object privateKeyPemObject = pemParser.readObject();
final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());
final KeyPair kp;
if (privateKeyPemObject instanceof PEMEncryptedKeyPair) {
final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyPemObject;
final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
.build(config.getEncryptionPrivateKeyPassword().toCharArray());
kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
} else {
kp = converter.getKeyPair((PEMKeyPair) privateKeyPemObject);
}
final X509CertParser certParser = new X509CertParser();
// This is the certificate shared with ADFS in DER format, i.e certificate.crt
certParser.engineInit(config.getEncryptionCertificate().getInputStream());
final X509CertificateObject cert = (X509CertificateObject) certParser.engineRead();
return new BasicX509Credential(cert, kp.getPrivate());
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例9: decodePemEncodedPrivateKey
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
@Override
public PrivateKey decodePemEncodedPrivateKey(Reader privateKeyReader, String password) {
try {
PEMParser pemParser = new PEMParser(privateKeyReader);
Object keyPair = pemParser.readObject();
// retrieve the PrivateKeyInfo from the returned keyPair object. if the key is encrypted, it needs to be
// decrypted using the specified password first.
PrivateKeyInfo keyInfo;
if (keyPair instanceof PEMEncryptedKeyPair) {
if (password == null) {
throw new ImportException("Unable to import private key. Key is encrypted, but no password was provided.");
}
PEMDecryptorProvider decryptor = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());
PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptor);
keyInfo = decryptedKeyPair.getPrivateKeyInfo();
} else {
keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo();
}
return new JcaPEMKeyConverter().getPrivateKey(keyInfo);
} catch (IOException e) {
throw new ImportException("Unable to read PEM-encoded PrivateKey", e);
}
}
示例10: doDudPasswordTest
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private void doDudPasswordTest(String password, int index, String message)
{
// illegal state exception check - in this case the wrong password will
// cause an underlying class cast exception.
try
{
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build(password.toCharArray());
PEMParser pemRd = openPEMResource("test.pem");
Object o;
while ((o = pemRd.readObject()) != null)
{
if (o instanceof PEMEncryptedKeyPair)
{
((PEMEncryptedKeyPair)o).decryptKeyPair(decProv);
}
}
fail("issue not detected: " + index);
}
catch (IOException e)
{
if (e.getCause() != null && !e.getCause().getMessage().endsWith(message))
{
fail("issue " + index + " exception thrown, but wrong message");
}
else if (e.getCause() == null && !e.getMessage().equals(message))
{
e.printStackTrace();
fail("issue " + index + " exception thrown, but wrong message");
}
}
}
示例11: getEncryptionCredential
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
private static Credential getEncryptionCredential(final WsFederationConfiguration config) {
try {
// This will need to contain the private keypair in PEM format
LOGGER.debug("Locating encryption credential private key [{}]", config.getEncryptionPrivateKey());
final BufferedReader br = new BufferedReader(new InputStreamReader(
config.getEncryptionPrivateKey().getInputStream(), StandardCharsets.UTF_8));
Security.addProvider(new BouncyCastleProvider());
LOGGER.debug("Parsing credential private key");
final PEMParser pemParser = new PEMParser(br);
final Object privateKeyPemObject = pemParser.readObject();
final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());
final KeyPair kp;
if (privateKeyPemObject instanceof PEMEncryptedKeyPair) {
LOGGER.debug("Encryption private key is an encrypted keypair");
final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyPemObject;
final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
.build(config.getEncryptionPrivateKeyPassword().toCharArray());
LOGGER.debug("Attempting to decrypt the encrypted keypair based on the provided encryption private key password");
kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
} else {
LOGGER.debug("Extracting a keypair from the private key");
kp = converter.getKeyPair((PEMKeyPair) privateKeyPemObject);
}
final X509CertParser certParser = new X509CertParser();
// This is the certificate shared with ADFS in DER format, i.e certificate.crt
LOGGER.debug("Locating encryption certificate [{}]", config.getEncryptionCertificate());
certParser.engineInit(config.getEncryptionCertificate().getInputStream());
LOGGER.debug("Invoking certificate engine to parse the certificate [{}]", config.getEncryptionCertificate());
final X509CertificateObject cert = (X509CertificateObject) certParser.engineRead();
LOGGER.debug("Creating final credential based on the certificate [{}] and the private key", cert.getIssuerDN());
return new BasicX509Credential(cert, kp.getPrivate());
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例12: getSocketFactory
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
public static SSLSocketFactory getSocketFactory(String caCrtFile,
String crtFile, String keyFile, String password) throws Exception {
char[] passwordCharArray = password == null ? new char[0] : password
.toCharArray();
Security.addProvider(new BouncyCastleProvider());
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509Certificate caCert = (X509Certificate) cf
.generateCertificate(new ByteArrayInputStream(Files
.readAllBytes(Paths.get(caCrtFile))));
X509Certificate cert = (X509Certificate) cf
.generateCertificate(new ByteArrayInputStream(Files
.readAllBytes(Paths.get(crtFile))));
File privateKeyFile = new File(keyFile);
PEMParser pemParser = new PEMParser(new FileReader(privateKeyFile));
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
.build(passwordCharArray);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter()
.setProvider("BC");
Object object = pemParser.readObject();
KeyPair kp;
if (object instanceof PEMEncryptedKeyPair) {
kp = converter.getKeyPair(((PEMEncryptedKeyPair) object)
.decryptKeyPair(decProv));
} else {
kp = converter.getKeyPair((PEMKeyPair) object);
}
pemParser.close();
KeyStore caKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
caKeyStore.load(null, null);
caKeyStore.setCertificateEntry("ca-certificate", caCert);
TrustManagerFactory trustManagerFactory = TrustManagerFactory
.getInstance(TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(caKeyStore);
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
keyStore.setCertificateEntry("certificate", cert);
keyStore.setKeyEntry("private-key", kp.getPrivate(), passwordCharArray,
new java.security.cert.Certificate[] { cert });
KeyManagerFactory keyManagerFactory = KeyManagerFactory
.getInstance(KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, passwordCharArray);
SSLContext context = SSLContext.getInstance("TLSv1");
context.init(keyManagerFactory.getKeyManagers(),
trustManagerFactory.getTrustManagers(), null);
return context.getSocketFactory();
}
示例13: registerUser
import org.bouncycastle.openssl.PEMDecryptorProvider; //导入依赖的package包/类
/**
* Register a new user
*
* @param user User to register.
* @return Private key in base 64 format
*/
public String registerUser(User user) throws RegistrationException {
try {
HttpClient client = new DefaultHttpClient();
HttpGet rootRequest = new HttpGet(getRootUrl());
HttpResponse response = client.execute(rootRequest);
String responseJson = EntityUtils.toString(response.getEntity());
ObjectMapper mapper = new ObjectMapper();
mapper.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
mapper.enable(SerializationFeature.WRAP_ROOT_VALUE);
HalRoot root = mapper.readValue(responseJson, HalRoot.class);
String usersUrl = root.getUsersLink();
String requestJson = mapper.writeValueAsString(user);
HttpPost userPost = new HttpPost(usersUrl);
userPost.addHeader("Content-Type", "application/json");
userPost.setEntity(new StringEntity(requestJson));
response = client.execute(userPost);
responseJson = EntityUtils.toString(response.getEntity());
if (response.getStatusLine().getStatusCode() == 422) {
HalErrors errors = mapper.readValue(responseJson, HalErrors.class);
throw new RegistrationException(errors.getErrors());
}
User loadedUser = mapper.readValue(responseJson, User.class);
ByteArrayInputStream tube = new ByteArrayInputStream(loadedUser.getPrivateKey().getBytes());
Reader stringReader = new BufferedReader(new InputStreamReader(tube));
PEMParser pemParser = new PEMParser(stringReader);
Object object = pemParser.readObject();
PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().
build(User.hashPasswordForPrivateKey(user).toCharArray());
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
KeyPair keyPair = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));
String base64PrivateKey = Base64.encodeToString(keyPair.getPrivate().getEncoded(), Base64.NO_WRAP);
return base64PrivateKey;
} catch (IOException e) {
e.printStackTrace();
}
return null;
}