本文整理汇总了Java中org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter类的典型用法代码示例。如果您正苦于以下问题:Java JcaPEMKeyConverter类的具体用法?Java JcaPEMKeyConverter怎么用?Java JcaPEMKeyConverter使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
JcaPEMKeyConverter类属于org.bouncycastle.openssl.jcajce包,在下文中一共展示了JcaPEMKeyConverter类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifyUserSig
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
@Override
public boolean verifyUserSig(String identifier, String sig)throws QCloudException {
try {
Security.addProvider(new BouncyCastleProvider());
//DeBaseUrl64 urlSig to json
Base64 decoder = new Base64();
byte [] compressBytes = Base64Url.base64DecodeUrl(sig.getBytes(Charset.forName("UTF-8")));
//Decompression
Inflater decompression = new Inflater();
decompression.setInput(compressBytes, 0, compressBytes.length);
byte [] decompressBytes = new byte [1024];
int decompressLength = decompression.inflate(decompressBytes);
decompression.end();
String jsonString = new String(Arrays.copyOfRange(decompressBytes, 0, decompressLength));
//Get TLS.Sig from json
JSONObject jsonObject= JSON.parseObject(jsonString);
String sigTLS = jsonObject.getString("TLS.sig");
//debase64 TLS.Sig to get serailString
byte[] signatureBytes = decoder.decode(sigTLS.getBytes(Charset.forName("UTF-8")));
String strSdkAppid = jsonObject.getString("TLS.sdk_appid");
String sigTime = jsonObject.getString("TLS.time");
String sigExpire = jsonObject.getString("TLS.expire_after");
if (!imConfig.getSdkAppId().equals(strSdkAppid))
{
return false;
}
if ( System.currentTimeMillis()/1000 - Long.parseLong(sigTime) > Long.parseLong(sigExpire)) {
return false;
}
//Get Serial String from json
String SerialString =
"TLS.appid_at_3rd:" + 0 + "\n" +
"TLS.account_type:" + 0 + "\n" +
"TLS.identifier:" + identifier + "\n" +
"TLS.sdk_appid:" + imConfig.getSdkAppId() + "\n" +
"TLS.time:" + sigTime + "\n" +
"TLS.expire_after:" + sigExpire + "\n";
Reader reader = new CharArrayReader(imConfig.getPublicKey().toCharArray());
PEMParser parser = new PEMParser(reader);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
Object obj = parser.readObject();
parser.close();
PublicKey pubKeyStruct = converter.getPublicKey((SubjectPublicKeyInfo) obj);
Signature signature = Signature.getInstance("SHA256withECDSA","BC");
signature.initVerify(pubKeyStruct);
signature.update(SerialString.getBytes(Charset.forName("UTF-8")));
return signature.verify(signatureBytes);
}catch (Exception e) {
throw new QCloudException(e);
}
}
示例2: createKeyPair
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* Utility method to decode a PEM encoded private key string to a PrivateKey instance
* @param key
* - a PEM encoded private key string
* @return - decoded PrivateKey instance
*/
public static KeyPair createKeyPair(String key) {
AssertUtil.assertNotNull(key, "key");
String decryptedKey = EncryptionUtils.decrypt(key);
try (PEMParser parser = new PEMParser(new StringReader(decryptedKey))) {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PEMKeyPair keyPair = (PEMKeyPair) parser.readObject();
if (keyPair == null) {
throw new RuntimeException("A valid key pair was not found");
}
return converter.getKeyPair(keyPair);
} catch (IOException e) {
throw new RuntimeException("Failed to create key pair", e);
}
}
示例3: readPrivateKey
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* Reads a base64-format PEM key and returns a Java PrivateKey for it.
* @param privateKey PEM-encoded private key
*/
public static PrivateKey readPrivateKey(String privateKey) {
try (StringReader keyReader = new StringReader(privateKey);
PEMParser pemReader = new PEMParser(keyReader)) {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
Object keyPair = pemReader.readObject();
if (keyPair instanceof PrivateKeyInfo) {
return converter.getPrivateKey((PrivateKeyInfo) keyPair);
} else {
return converter.getPrivateKey(((PEMKeyPair) keyPair).getPrivateKeyInfo());
}
} catch (IOException x) {
// Shouldn't occur, since we're only reading from strings
throw new RuntimeException(x);
}
}
示例4: getPrivateKeyFromPEM
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
private static PrivateKey getPrivateKeyFromPEM(final Reader keyReader)
throws IOException {
final JcaPEMKeyConverter jcaPEMKeyConverter = new JcaPEMKeyConverter();
final PEMParser pem = new PEMParser(keyReader);
PrivateKey key;
Object pemContent = pem.readObject();
if(pemContent instanceof PEMKeyPair) {
PEMKeyPair pemKeyPair = (PEMKeyPair)pemContent;
KeyPair keyPair = jcaPEMKeyConverter.getKeyPair(pemKeyPair);
key = keyPair.getPrivate();
} else if (pemContent instanceof PrivateKeyInfo) {
PrivateKeyInfo privateKeyInfo = (PrivateKeyInfo) pemContent;
key = jcaPEMKeyConverter.getPrivateKey(privateKeyInfo);
} else {
throw new IllegalArgumentException("Unsupported private key format '" + pemContent.getClass().getSimpleName() + '"');
}
pem.close();
return key;
}
示例5: readVapidKeys
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* Read the VAPID key from the .pem file in the resources folder.
*
* @return
* @throws IOException
*/
public static KeyPair readVapidKeys() throws IOException {
try (InputStreamReader inputStreamReader = new InputStreamReader(TestUtils.class.getResourceAsStream("/vapid.pem"))) {
PEMParser pemParser = new PEMParser(inputStreamReader);
PEMKeyPair pemKeyPair = (PEMKeyPair) pemParser.readObject();
return new JcaPEMKeyConverter().getKeyPair(pemKeyPair);
} catch (IOException e) {
throw new IOException("The private key could not be decrypted", e);
}
}
示例6: dwimKey
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
static Key dwimKey(String v) {
File f = new File(v);
if (f.isFile()) {
try (PEMParser pem = new PEMParser(Files.newBufferedReader(f.toPath(), StandardCharsets.UTF_8))) {
Object x = pem.readObject();
if (x instanceof PEMKeyPair) {
PEMKeyPair kp = (PEMKeyPair) x;
// Make a private key
return new JcaPEMKeyConverter().getPrivateKey(kp.getPrivateKeyInfo());
} else {
fail("-key only supports plain PEM keypairs");
return null; // Static code analyzer
}
} catch (IOException e) {
throw new IllegalArgumentException("Could not parse key: " + e.getMessage(), e);
}
} else {
// Assume it is an AES key
// TODO: check for validity before
return new SecretKeySpec(HexUtils.stringToBin(v), "AES");
}
}
示例7: loadKeyPair
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
private PrivateKey loadKeyPair() throws IOException {
PEMParser reader = new PEMParser(file);
Object pemObject;
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
//PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(passphrase);
while((pemObject = reader.readObject()) != null) {
logger.debug("PemObject type: " + pemObject.getClass().getName());
if(pemObject instanceof PEMKeyPair) {
logger.debug("it match");
PrivateKeyInfo pki = ((PEMKeyPair) pemObject).getPrivateKeyInfo();
logger.debug("content: " + pki.getEncoded("UTF-8"));
return converter.getPrivateKey(pki);
} else {
logger.debug("Dont match");
}
}
logger.debug("fsdfsfs");
return null;
}
示例8: buildCertificateRequest
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
@Override
public String buildCertificateRequest() {
try {
CompanyInfo companyInfo = wsaaDao.loadActiveCompanyInfo();
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PEMKeyPair pemPrivateKey = fromPem(companyInfo.getPrivateKey());
PrivateKey privateKey = converter.getPrivateKey(pemPrivateKey
.getPrivateKeyInfo());
PEMKeyPair pemPublicKey = fromPem(companyInfo.getPrivateKey());
PublicKey publicKey = converter.getPublicKey(pemPublicKey
.getPublicKeyInfo());
X500Principal subject = new X500Principal(companyInfo.buildSource());
ContentSigner signGen = new JcaContentSignerBuilder(SIGNING_ALGORITHM)
.build(privateKey);
PKCS10CertificationRequest csr = new JcaPKCS10CertificationRequestBuilder(
subject, publicKey).build(signGen);
return toPem(csr);
} catch (IOException | OperatorCreationException e) {
throw Throwables.propagate(e);
}
}
示例9: providePrivateKey
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
@Singleton
@Provides
static PrivateKey providePrivateKey(@Named("pemObjects") ImmutableList<Object> pemObjects) {
JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
Function<PEMKeyPair, PrivateKey> privateKeyConverter =
pemKeyPair -> {
try {
return converter.getKeyPair(pemKeyPair).getPrivate();
} catch (PEMException e) {
logger.severefmt(e, "Error converting private key: %s", pemKeyPair);
throw new RuntimeException(e);
}
};
ImmutableList<PrivateKey> privateKeys =
filterAndConvert(pemObjects, PEMKeyPair.class, privateKeyConverter);
checkState(
privateKeys.size() == 1,
"The pem file must contain exactly one private key, but %s keys are found",
privateKeys.size());
return privateKeys.get(0);
}
示例10: load
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* Load an unencrypted OpenSSL public key from the stream. The encoding of
* the public key may be PEM or DER.
*
* @param is
* Stream to load the unencrypted public key from
* @return The public key
* @throws CryptoException
* Problem encountered while loading the public key
* @throws IOException
* An I/O error occurred
*/
public static PublicKey load(InputStream is) throws CryptoException, IOException {
byte[] streamContents = ReadUtil.readFully(is);
// Check if stream is PEM encoded
PemInfo pemInfo = PemUtil.decode(new ByteArrayInputStream(streamContents));
if (pemInfo != null) {
// It is - get DER from PEM
streamContents = pemInfo.getContent();
}
try {
// DER-encoded subjectPublicKeyInfo structure - the OpenSSL format
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(streamContents);
return new JcaPEMKeyConverter().getPublicKey(publicKeyInfo);
} catch (Exception ex) {
throw new CryptoException(res.getString("NoLoadOpenSslPublicKey.exception.message"), ex);
}
}
示例11: init
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
public JsonWebToken init() throws IOException {
Security.addProvider(new BouncyCastleProvider());
Reader reader;
String keyFile = config.getAppKeyFile();
boolean isOnClasspath = keyFile.startsWith("classpath:");
if (isOnClasspath) {
keyFile = keyFile.substring(10);
reader = new InputStreamReader(this.getClass().getClassLoader().getResourceAsStream(keyFile));
} else {
reader = new FileReader(new File(keyFile));
}
try (PEMParser pp = new PEMParser(reader)) {
PEMKeyPair pemKeyPair = (PEMKeyPair) pp.readObject();
keyPair = new JcaPEMKeyConverter().getKeyPair(pemKeyPair);
}
return this;
}
示例12: readKeyPairFromFile
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* Reads a keypair from a File.
*
* @throws IOException If an error occurs while reading the file.
* @throws InvalidKeySpecException If the key isn't encoded in x509.
*/
public static KeyPair readKeyPairFromFile(File file) throws IOException, InvalidKeySpecException {
PEMParser parser =
new PEMParser(new InputStreamReader(new FileInputStream(file), Constants.charset));
Object obj = parser.readObject();
parser.close();
if (obj instanceof PEMKeyPair) {
PEMKeyPair pem = (PEMKeyPair) obj;
JcaPEMKeyConverter conv = new JcaPEMKeyConverter();
return conv.getKeyPair(pem);
}
return null;
}
示例13: loadPrivateKey
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* Return private key ("key.pem") from Reader
*/
@CheckForNull
public static PrivateKey loadPrivateKey(final Reader reader) throws IOException, NoSuchAlgorithmException,
InvalidKeySpecException {
try (PEMParser pemParser = new PEMParser(reader)) {
Object readObject = pemParser.readObject();
while (readObject != null) {
PrivateKeyInfo privateKeyInfo = getPrivateKeyInfoOrNull(readObject);
if (privateKeyInfo != null) {
return new JcaPEMKeyConverter().getPrivateKey(privateKeyInfo);
}
readObject = pemParser.readObject();
}
}
return null;
}
示例14: readPrivateKey
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
private PrivateKey readPrivateKey(String privateKeyPath, String keyPassword) throws IOException {
FileReader fileReader = new FileReader(privateKeyPath);
PEMParser keyReader = new PEMParser(fileReader);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(keyPassword.toCharArray());
Object keyPair = keyReader.readObject();
PrivateKeyInfo keyInfo;
if (keyPair instanceof PEMEncryptedKeyPair) {
PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptionProv);
keyInfo = decryptedKeyPair.getPrivateKeyInfo();
} else {
keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo();
}
keyReader.close();
return converter.getPrivateKey(keyInfo);
}
示例15: signCertificateRequest
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter; //导入依赖的package包/类
/**
* This method signs a certificate signing request (CSR) using the specified certificate
* authority (CA). This is a convenience method that really should be part of the
* <code>CertificateManagement</code> interface except that it depends on a Bouncy Castle
* class in the signature. The java security framework does not have a similar class so it
* has been left out of the interface.
*
* @param caPrivateKey The private key for the certificate authority.
* @param caCertificate The certificate containing the public key for the certificate authority.
* @param request The certificate signing request (CSR) to be signed.
* @param serialNumber The serial number for the new certificate.
* @param lifetime How long the certificate should be valid.
*
* @return The newly signed certificate.
*/
public X509Certificate signCertificateRequest(PrivateKey caPrivateKey, X509Certificate caCertificate,
PKCS10CertificationRequest request, BigInteger serialNumber, long lifetime) {
try {
logger.entry();
logger.debug("Extract public key and subject from the CSR...");
PublicKey publicKey = new JcaPEMKeyConverter().getPublicKey(request.getSubjectPublicKeyInfo());
String subject = request.getSubject().toString();
logger.debug("Generate and sign the certificate...");
X509Certificate result = createCertificate(caPrivateKey, caCertificate, publicKey, subject, serialNumber, lifetime);
logger.exit();
return result;
} catch (PEMException e) {
RuntimeException exception = new RuntimeException("An unexpected exception occurred while attempting to sign a certificate.", e);
logger.error(exception.toString());
throw exception;
}
}