本文整理汇总了Java中org.bouncycastle.openssl.PEMParser类的典型用法代码示例。如果您正苦于以下问题:Java PEMParser类的具体用法?Java PEMParser怎么用?Java PEMParser使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
PEMParser类属于org.bouncycastle.openssl包,在下文中一共展示了PEMParser类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: setUp
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
@Before
public void setUp() throws Exception {
// TODO should do this in @BeforeClass. Need to find out how to get to
// files from static junit method
BufferedInputStream bis = new BufferedInputStream(this.getClass().getResourceAsStream("/ca.crt"));
testCACert = cf.generateCertificate(bis);
bis.close();
crypto.addCACertificateToTrustStore(testCACert, "ca");
bis = new BufferedInputStream(this.getClass().getResourceAsStream("/keypair-signed.crt"));
Certificate cert = cf.generateCertificate(bis);
bis.close();
// TODO: get PEM file without dropping down to BouncyCastle ?
PEMParser pem = new PEMParser(new FileReader(this.getClass().getResource("/keypair-signed.key").getFile()));
PEMKeyPair bcKeyPair = (PEMKeyPair) pem.readObject();
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(bcKeyPair.getPrivateKeyInfo().getEncoded());
PrivateKey key = kf.generatePrivate(keySpec);
Certificate[] certificates = new Certificate[] {cert, testCACert};
crypto.getTrustStore().setKeyEntry("key", key, "123456".toCharArray(), certificates);
pem.close();
}
示例2: createCertificateChain
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* Utility method to decode a certificate chain PEM encoded string value to an array of
* X509Certificate certificate instances.
* @param certChainPEM
* - a certificate chain (one or more certificates) PEM encoded string value.
* @return - decoded array of X509Certificate certificate instances.
* @throws RuntimeException
* if a certificate can't be decoded to X509Certificate type certificate.
*/
public static X509Certificate[] createCertificateChain(String certChainPEM) {
AssertUtil.assertNotNull(certChainPEM, "certChainPEM should not be null.");
List<X509Certificate> chain = new ArrayList<>();
try (PEMParser parser = new PEMParser(new StringReader(certChainPEM))) {
JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
X509CertificateHolder certificateHolder;
while ((certificateHolder = (X509CertificateHolder) parser.readObject()) != null) {
chain.add(converter.getCertificate(certificateHolder));
}
} catch (IOException | CertificateException e) {
throw new RuntimeException("Failed to create certificate: " + certChainPEM, e);
}
if (chain.isEmpty()) {
throw new RuntimeException("A valid certificate was not found: " + certChainPEM);
}
return chain.toArray(new X509Certificate[chain.size()]);
}
示例3: createTrustStore
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* "ca.pem" from Reader
*/
public static KeyStore createTrustStore(final Reader certReader) throws IOException, CertificateException,
KeyStoreException, NoSuchAlgorithmException {
try (PEMParser pemParser = new PEMParser(certReader)) {
X509CertificateHolder certificateHolder = (X509CertificateHolder) pemParser.readObject();
Certificate caCertificate = new JcaX509CertificateConverter()
.setProvider("BC")
.getCertificate(certificateHolder);
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(null);
trustStore.setCertificateEntry("ca", caCertificate);
return trustStore;
}
}
示例4: getPKCS10CertRequest
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
public static PKCS10CertificationRequest getPKCS10CertRequest(String csr) {
if (csr == null || csr.isEmpty()) {
LOG.error("getPKCS10CertRequest: CSR is null or empty");
throw new CryptoException("CSR is null or empty");
}
try {
Reader csrReader = new StringReader(csr);
try (PEMParser pemParser = new PEMParser(csrReader)) {
Object pemObj = pemParser.readObject();
if (pemObj instanceof PKCS10CertificationRequest) {
return (PKCS10CertificationRequest) pemObj;
}
}
} catch (IOException ex) {
LOG.error("getPKCS10CertRequest: unable to parse csr: " + ex.getMessage());
throw new CryptoException(ex);
}
return null;
}
示例5: verifyUserSig
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
@Override
public boolean verifyUserSig(String identifier, String sig)throws QCloudException {
try {
Security.addProvider(new BouncyCastleProvider());
//DeBaseUrl64 urlSig to json
Base64 decoder = new Base64();
byte [] compressBytes = Base64Url.base64DecodeUrl(sig.getBytes(Charset.forName("UTF-8")));
//Decompression
Inflater decompression = new Inflater();
decompression.setInput(compressBytes, 0, compressBytes.length);
byte [] decompressBytes = new byte [1024];
int decompressLength = decompression.inflate(decompressBytes);
decompression.end();
String jsonString = new String(Arrays.copyOfRange(decompressBytes, 0, decompressLength));
//Get TLS.Sig from json
JSONObject jsonObject= JSON.parseObject(jsonString);
String sigTLS = jsonObject.getString("TLS.sig");
//debase64 TLS.Sig to get serailString
byte[] signatureBytes = decoder.decode(sigTLS.getBytes(Charset.forName("UTF-8")));
String strSdkAppid = jsonObject.getString("TLS.sdk_appid");
String sigTime = jsonObject.getString("TLS.time");
String sigExpire = jsonObject.getString("TLS.expire_after");
if (!imConfig.getSdkAppId().equals(strSdkAppid))
{
return false;
}
if ( System.currentTimeMillis()/1000 - Long.parseLong(sigTime) > Long.parseLong(sigExpire)) {
return false;
}
//Get Serial String from json
String SerialString =
"TLS.appid_at_3rd:" + 0 + "\n" +
"TLS.account_type:" + 0 + "\n" +
"TLS.identifier:" + identifier + "\n" +
"TLS.sdk_appid:" + imConfig.getSdkAppId() + "\n" +
"TLS.time:" + sigTime + "\n" +
"TLS.expire_after:" + sigExpire + "\n";
Reader reader = new CharArrayReader(imConfig.getPublicKey().toCharArray());
PEMParser parser = new PEMParser(reader);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
Object obj = parser.readObject();
parser.close();
PublicKey pubKeyStruct = converter.getPublicKey((SubjectPublicKeyInfo) obj);
Signature signature = Signature.getInstance("SHA256withECDSA","BC");
signature.initVerify(pubKeyStruct);
signature.update(SerialString.getBytes(Charset.forName("UTF-8")));
return signature.verify(signatureBytes);
}catch (Exception e) {
throw new QCloudException(e);
}
}
示例6: generate
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
static PrivateKey generate(Path path) throws IOException {
try (Reader in = Files.newBufferedReader(path, StandardCharsets.UTF_8)) {
PEMParser parser = new PEMParser(in);
Object keyPair = parser.readObject();
if (!(keyPair instanceof PEMKeyPair)) {
throw new IllegalStateException(String.format("%s contains an artifact that is not a key pair: %s", path, keyPair));
}
PrivateKeyInfo privateKeyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo();
if (privateKeyInfo == null) {
throw new IllegalStateException(String.format("%s does not contain a private key", path));
}
return CONVERTER.getPrivateKey(privateKeyInfo);
}
}
示例7: generate
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
static List<X509Certificate> generate(Path path) throws IOException, CertificateException {
List<X509Certificate> certificates = new ArrayList<>();
try (Reader in = Files.newBufferedReader(path, StandardCharsets.UTF_8)) {
PEMParser parser = new PEMParser(in);
Object certificate;
while ((certificate = parser.readObject()) != null) {
if (!(certificate instanceof X509CertificateHolder)) {
throw new IllegalStateException(String.format("%s contains an artifact that is not a certificate: %s", path, certificate));
}
certificates.add(CONVERTER.getCertificate((X509CertificateHolder) certificate));
}
}
return certificates;
}
示例8: createKeyPair
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* Utility method to decode a PEM encoded private key string to a PrivateKey instance
* @param key
* - a PEM encoded private key string
* @return - decoded PrivateKey instance
*/
public static KeyPair createKeyPair(String key) {
AssertUtil.assertNotNull(key, "key");
String decryptedKey = EncryptionUtils.decrypt(key);
try (PEMParser parser = new PEMParser(new StringReader(decryptedKey))) {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PEMKeyPair keyPair = (PEMKeyPair) parser.readObject();
if (keyPair == null) {
throw new RuntimeException("A valid key pair was not found");
}
return converter.getKeyPair(keyPair);
} catch (IOException e) {
throw new RuntimeException("Failed to create key pair", e);
}
}
示例9: loadCSR
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* Load a CSR from the specified URL.
*
* @param url The URL to load CSR from
* @return The CSR
* @throws CryptoException Problem encountered while loading the CSR
* @throws FileNotFoundException If the CSR file does not exist, is a directory rather than a regular file, or for
* some other reason cannot be opened for reading
* @throws IOException An I/O error occurred
*/
public static PKCS10CertificationRequest loadCSR(URL url)
throws CryptoException, IOException
{
// TODO: handle DER encoded requests too?
try (PEMParser pr = new PEMParser(new InputStreamReader(NetUtil.openGetStream(url))))
{
PKCS10CertificationRequest csr = (PKCS10CertificationRequest) pr.readObject();
ContentVerifierProvider prov = new JcaContentVerifierProviderBuilder().build(csr.getSubjectPublicKeyInfo());
if (!csr.isSignatureValid(prov))
{
throw new CryptoException(RB.getString("NoVerifyCsr.exception.message"));
}
return csr;
}
catch (ClassCastException | OperatorCreationException | PKCSException ex)
{
throw new CryptoException(RB.getString("NoLoadCsr.exception.message"), ex);
}
}
示例10: readPrivateKey
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* Reads a base64-format PEM key and returns a Java PrivateKey for it.
* @param privateKey PEM-encoded private key
*/
public static PrivateKey readPrivateKey(String privateKey) {
try (StringReader keyReader = new StringReader(privateKey);
PEMParser pemReader = new PEMParser(keyReader)) {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
Object keyPair = pemReader.readObject();
if (keyPair instanceof PrivateKeyInfo) {
return converter.getPrivateKey((PrivateKeyInfo) keyPair);
} else {
return converter.getPrivateKey(((PEMKeyPair) keyPair).getPrivateKeyInfo());
}
} catch (IOException x) {
// Shouldn't occur, since we're only reading from strings
throw new RuntimeException(x);
}
}
示例11: getPrivateKeyFromPEM
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
private static PrivateKey getPrivateKeyFromPEM(final Reader keyReader)
throws IOException {
final JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
final PEMParser pem = new PEMParser(keyReader);
PrivateKey key;
Object pemContent = pem.readObject();
if(pemContent instanceof PEMKeyPair) {
PEMKeyPair pemKeyPair = (PEMKeyPair)pemContent;
KeyPair keyPair = jcaPEMKeyConverter.getKeyPair(pemKeyPair);
key = keyPair.getPrivate();
} else if (pemContent instanceof PrivateKeyInfo) {
PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) pemContent;
key = jcaPEMKeyConverter.getPrivateKey(privateKeyInfo);
} else {
throw new IllegalArgumentException("Unsupported private key format '" + pemContent.getClass().getSimpleName() + '"');
}
pem.close();
return key;
}
示例12: createTrustStore
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
private static KeyStore createTrustStore(final Reader certReader)
throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
PEMParser parser = new PEMParser(certReader);
KeyStore ks = KeyStore.getInstance(DEFAULT_TYPE);
ks.load(null);
int i = 0;
X509Certificate certificate;
while ((certificate = parseCert(parser)) != null) {
ks.setCertificateEntry(format("alias%d", i), certificate);
i += 1;
}
parser.close();
return ks;
}
示例13: readVapidKeys
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* Read the VAPID key from the .pem file in the resources folder.
*
* @return
* @throws IOException
*/
public static KeyPair readVapidKeys() throws IOException {
try (InputStreamReader inputStreamReader = new InputStreamReader(TestUtils.class.getResourceAsStream("/vapid.pem"))) {
PEMParser pemParser = new PEMParser(inputStreamReader);
PEMKeyPair pemKeyPair = (PEMKeyPair) pemParser.readObject();
return new JcaPEMKeyConverter().getKeyPair(pemKeyPair);
} catch (IOException e) {
throw new IOException("The private key could not be decrypted", e);
}
}
示例14: rebuildKeyPair
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
/**
* Rebuild the {@link KeyPair} associated with the submitted {@link PrivateKey}.
*
* @param privateKey The {@link PrivateKey} to rebuild the {@link KeyPair} for.
* @return The rebuild {@link KeyPair}.
* @throws IOException if an I/O error occurs during the rebuild.
*/
public static KeyPair rebuildKeyPair(PrivateKey privateKey) throws IOException {
StringWriter stringWriter = new StringWriter();
try (JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) {
pemWriter.writeObject(privateKey);
pemWriter.flush();
}
StringReader stringReader = new StringReader(stringWriter.toString());
Object pemObject;
try (PEMParser pemParser = new PEMParser(stringReader)) {
pemObject = pemParser.readObject();
}
if (!(pemObject instanceof PEMKeyPair)) {
throw new IOException("Unexpected pem object: " + pemObject);
}
PEMKeyPair pemKeyPair = (PEMKeyPair) pemObject;
return PEM_KEY_CONVERTER.getKeyPair(pemKeyPair);
}
示例15: dwimKey
import org.bouncycastle.openssl.PEMParser; //导入依赖的package包/类
static Key dwimKey(String v) {
File f = new File(v);
if (f.isFile()) {
try (PEMParser pem = new PEMParser(Files.newBufferedReader(f.toPath(), StandardCharsets.UTF_8))) {
Object x = pem.readObject();
if (x instanceof PEMKeyPair) {
PEMKeyPair kp = (PEMKeyPair) x;
// Make a private key
return new JcaPEMKeyConverter().getPrivateKey(kp.getPrivateKeyInfo());
} else {
fail("-key only supports plain PEM keypairs");
return null; // Static code analyzer
}
} catch (IOException e) {
throw new IllegalArgumentException("Could not parse key: " + e.getMessage(), e);
}
} else {
// Assume it is an AES key
// TODO: check for validity before
return new SecretKeySpec(HexUtils.stringToBin(v), "AES");
}
}