当前位置: 首页>>代码示例>>Java>>正文


Java JcePEMDecryptorProviderBuilder类代码示例

本文整理汇总了Java中org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder的典型用法代码示例。如果您正苦于以下问题:Java JcePEMDecryptorProviderBuilder类的具体用法?Java JcePEMDecryptorProviderBuilder怎么用?Java JcePEMDecryptorProviderBuilder使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


JcePEMDecryptorProviderBuilder类属于org.bouncycastle.openssl.jcajce包,在下文中一共展示了JcePEMDecryptorProviderBuilder类的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: readPrivateKey

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private PrivateKey readPrivateKey(String privateKeyPath, String keyPassword) throws IOException {

        FileReader fileReader = new FileReader(privateKeyPath);
        PEMParser keyReader = new PEMParser(fileReader);

        JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
        PEMDecryptorProvider decryptionProv = new JcePEMDecryptorProviderBuilder().build(keyPassword.toCharArray());

        Object keyPair = keyReader.readObject();
        PrivateKeyInfo keyInfo;

        if (keyPair instanceof PEMEncryptedKeyPair) {
            PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptionProv);
            keyInfo = decryptedKeyPair.getPrivateKeyInfo();
        } else {
            keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo();
        }

        keyReader.close();
        return converter.getPrivateKey(keyInfo);
    }
 
开发者ID:abbaspour,项目名称:urmia,代码行数:22,代码来源:HttpSigner.java

示例2: doOpenSslTestFile

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private void doOpenSslTestFile(
    String  fileName,
    Class   expectedPrivKeyClass)
    throws IOException
{
    JcaPEMKeyConverter   converter = new JcaPEMKeyConverter().setProvider("BC");
    PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build("changeit".toCharArray());
    PEMParser pr = openPEMResource("data/" + fileName);
    Object o = pr.readObject();

    if (o == null || !((o instanceof PEMKeyPair) || (o instanceof PEMEncryptedKeyPair)))
    {
        fail("Didn't find OpenSSL key");
    }

    KeyPair kp = (o instanceof PEMEncryptedKeyPair) ?
        converter.getKeyPair(((PEMEncryptedKeyPair)o).decryptKeyPair(decProv)) : converter.getKeyPair((PEMKeyPair)o);

    PrivateKey privKey = kp.getPrivate();

    if (!expectedPrivKeyClass.isInstance(privKey))
    {
        fail("Returned key not of correct type");
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:26,代码来源:ParserTest.java

示例3: doDudPasswordTest

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private void doDudPasswordTest(String password, int index, String message)
{
    // illegal state exception check - in this case the wrong password will
    // cause an underlying class cast exception.
    try
    {
        PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build(password.toCharArray());

        PEMParser pemRd = openPEMResource("test.pem");
        Object o;

        while ((o = pemRd.readObject()) != null)
        {
            if (o instanceof PEMEncryptedKeyPair)
            {
                ((PEMEncryptedKeyPair)o).decryptKeyPair(decProv);
            }
        }

        fail("issue not detected: " + index);
    }
    catch (IOException e)
    {
        // ignore
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:27,代码来源:ParserTest.java

示例4: createAndInitKeyManagerFactory

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private KeyManagerFactory createAndInitKeyManagerFactory() throws Exception {
  X509Certificate certHolder = certificateConverter.getCertificate((X509CertificateHolder) readPEMFile(cert));

  Object keyObject = readPEMFile(privateKey);

  char[] passwordCharArray = "".toCharArray();
  if (!StringUtils.isEmpty(password)) {
    passwordCharArray = password.toCharArray();
  }

  JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider("BC");

  KeyPair key;
  if (keyObject instanceof PEMEncryptedKeyPair) {
    PEMDecryptorProvider provider = new JcePEMDecryptorProviderBuilder().build(passwordCharArray);
    key = keyConverter.getKeyPair(((PEMEncryptedKeyPair) keyObject).decryptKeyPair(provider));
  } else {
    key = keyConverter.getKeyPair((PEMKeyPair) keyObject);
  }

  KeyStore clientKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
  clientKeyStore.load(null, null);
  clientKeyStore.setCertificateEntry("cert", certHolder);
  clientKeyStore.setKeyEntry("private-key", key.getPrivate(), passwordCharArray, new Certificate[] { certHolder });

  KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  keyManagerFactory.init(clientKeyStore, passwordCharArray);
  return keyManagerFactory;
}
 
开发者ID:osswangxining,项目名称:iot-edge-greengrass,代码行数:30,代码来源:CertPemClientCredentials.java

示例5: createAndInitKeyManagerFactory

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private KeyManagerFactory createAndInitKeyManagerFactory() throws Exception {
    X509Certificate certHolder;
    Object keyObject;
    if (certFileName != null && privateKeyFileName != null) {
        certHolder = readCertFile(cert);
        keyObject = readPrivateKeyFile(privateKey);
    } else {
        certHolder = certificateConverter.getCertificate((X509CertificateHolder) readPEMFile(cert));
        keyObject = readPEMFile(privateKey);
    }

    char[] passwordCharArray = "".toCharArray();
    if (!StringUtils.isEmpty(password)) {
        passwordCharArray = password.toCharArray();
    }

    JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter().setProvider("BC");

    KeyPair key;
    if (keyObject instanceof PEMEncryptedKeyPair) {
        PEMDecryptorProvider provider = new JcePEMDecryptorProviderBuilder().build(passwordCharArray);
        key = keyConverter.getKeyPair(((PEMEncryptedKeyPair) keyObject).decryptKeyPair(provider));
    } else {
        key = keyConverter.getKeyPair((PEMKeyPair) keyObject);
    }

    KeyStore clientKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    clientKeyStore.load(null, null);
    clientKeyStore.setCertificateEntry("cert", certHolder);
    clientKeyStore.setKeyEntry("private-key",
            key.getPrivate(),
            passwordCharArray,
            new Certificate[]{certHolder});

    KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
    keyManagerFactory.init(clientKeyStore, passwordCharArray);
    return keyManagerFactory;
}
 
开发者ID:thingsboard,项目名称:thingsboard-gateway,代码行数:39,代码来源:CertPemClientCredentials.java

示例6: getEncryptionCredential

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private Credential getEncryptionCredential(final WsFederationConfiguration config) {
    try {
        // This will need to contain the private keypair in PEM format
        final BufferedReader br = new BufferedReader(new InputStreamReader(config.getEncryptionPrivateKey().getInputStream()));
        Security.addProvider(new BouncyCastleProvider());
        final PEMParser pemParser = new PEMParser(br);

        final Object privateKeyPemObject = pemParser.readObject();
        final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());

        final KeyPair kp;
        if (privateKeyPemObject instanceof PEMEncryptedKeyPair) {
            final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyPemObject;
            final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
                    .build(config.getEncryptionPrivateKeyPassword().toCharArray());
            kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
        } else {
            kp = converter.getKeyPair((PEMKeyPair) privateKeyPemObject);
        }

        final X509CertParser certParser = new X509CertParser();
        // This is the certificate shared with ADFS in DER format, i.e certificate.crt
        certParser.engineInit(config.getEncryptionCertificate().getInputStream());
        final X509CertificateObject cert = (X509CertificateObject) certParser.engineRead();
        return new BasicX509Credential(cert, kp.getPrivate());
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
 
开发者ID:hsj-xiaokang,项目名称:springboot-shiro-cas-mybatis,代码行数:30,代码来源:WsFederationHelper.java

示例7: decodePemEncodedPrivateKey

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
@Override
public PrivateKey decodePemEncodedPrivateKey(Reader privateKeyReader, String password) {
    try {
        PEMParser pemParser = new PEMParser(privateKeyReader);
        Object keyPair = pemParser.readObject();

        // retrieve the PrivateKeyInfo from the returned keyPair object. if the key is encrypted, it needs to be
        // decrypted using the specified password first.
        PrivateKeyInfo keyInfo;
        if (keyPair instanceof PEMEncryptedKeyPair) {
            if (password == null) {
                throw new ImportException("Unable to import private key. Key is encrypted, but no password was provided.");
            }

            PEMDecryptorProvider decryptor = new JcePEMDecryptorProviderBuilder().build(password.toCharArray());

            PEMKeyPair decryptedKeyPair = ((PEMEncryptedKeyPair) keyPair).decryptKeyPair(decryptor);

            keyInfo = decryptedKeyPair.getPrivateKeyInfo();
        } else {
            keyInfo = ((PEMKeyPair) keyPair).getPrivateKeyInfo();
        }

        return new JcaPEMKeyConverter().getPrivateKey(keyInfo);
    } catch (IOException e) {
        throw new ImportException("Unable to read PEM-encoded PrivateKey", e);
    }
}
 
开发者ID:misakuo,项目名称:Dream-Catcher,代码行数:29,代码来源:BouncyCastleSecurityProviderTool.java

示例8: doDudPasswordTest

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private void doDudPasswordTest(String password, int index, String message)
{
    // illegal state exception check - in this case the wrong password will
    // cause an underlying class cast exception.
    try
    {
        PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build(password.toCharArray());

        PEMParser pemRd = openPEMResource("test.pem");
        Object o;

        while ((o = pemRd.readObject()) != null)
        {
            if (o instanceof PEMEncryptedKeyPair)
            {
                ((PEMEncryptedKeyPair)o).decryptKeyPair(decProv);
            }
        }

        fail("issue not detected: " + index);
    }
    catch (IOException e)
    {
        if (e.getCause() != null && !e.getCause().getMessage().endsWith(message))
        {
           fail("issue " + index + " exception thrown, but wrong message");
        }
        else if (e.getCause() == null && !e.getMessage().equals(message))
        {
                           e.printStackTrace();
           fail("issue " + index + " exception thrown, but wrong message");
        }
    }
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:35,代码来源:ParserTest.java

示例9: getEncryptionCredential

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
private static Credential getEncryptionCredential(final WsFederationConfiguration config) {
    try {
        // This will need to contain the private keypair in PEM format
        LOGGER.debug("Locating encryption credential private key [{}]", config.getEncryptionPrivateKey());
        final BufferedReader br = new BufferedReader(new InputStreamReader(
                config.getEncryptionPrivateKey().getInputStream(), StandardCharsets.UTF_8));
        Security.addProvider(new BouncyCastleProvider());

        LOGGER.debug("Parsing credential private key");
        final PEMParser pemParser = new PEMParser(br);
        final Object privateKeyPemObject = pemParser.readObject();
        
        final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());

        final KeyPair kp;
        if (privateKeyPemObject instanceof PEMEncryptedKeyPair) {
            LOGGER.debug("Encryption private key is an encrypted keypair");
            final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyPemObject;
            final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
                    .build(config.getEncryptionPrivateKeyPassword().toCharArray());

            LOGGER.debug("Attempting to decrypt the encrypted keypair based on the provided encryption private key password");
            kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
        } else {
            LOGGER.debug("Extracting a keypair from the private key");
            kp = converter.getKeyPair((PEMKeyPair) privateKeyPemObject);
        }

        final X509CertParser certParser = new X509CertParser();
        // This is the certificate shared with ADFS in DER format, i.e certificate.crt
        LOGGER.debug("Locating encryption certificate [{}]", config.getEncryptionCertificate());
        certParser.engineInit(config.getEncryptionCertificate().getInputStream());

        LOGGER.debug("Invoking certificate engine to parse the certificate [{}]", config.getEncryptionCertificate());
        final X509CertificateObject cert = (X509CertificateObject) certParser.engineRead();
        LOGGER.debug("Creating final credential based on the certificate [{}] and the private key", cert.getIssuerDN());
        return new BasicX509Credential(cert, kp.getPrivate());
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
 
开发者ID:mrluo735,项目名称:cas-5.1.0,代码行数:42,代码来源:WsFederationHelper.java

示例10: parsePrivateKey

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
/**
 * Parses a PrivateKey instance from a PEM representation.
 *
 * When the provided key is encrypted, the provided pass phrase is applied.
 *
 * @param pemRepresentation a PEM representation of a private key (cannot be null or empty)
 * @param passPhrase optional pass phrase (must be present if the private key is encrypted).
 * @return a PrivateKey instance (never null)
 */
public static PrivateKey parsePrivateKey(InputStream pemRepresentation, String passPhrase) throws IOException {

    if ( passPhrase == null ) {
        passPhrase = "";
    }
    try (Reader reader = new InputStreamReader(pemRepresentation); //
            PEMParser pemParser = new PEMParser(reader)) {

        final Object object = pemParser.readObject();
        final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider( "BC" );

        final KeyPair kp;

        if ( object instanceof PEMEncryptedKeyPair )
        {
            // Encrypted key - we will use provided password
            final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build( passPhrase.toCharArray() );
            kp = converter.getKeyPair( ( (PEMEncryptedKeyPair) object ).decryptKeyPair( decProv ) );
        }
        else if ( object instanceof PKCS8EncryptedPrivateKeyInfo )
        {
            // Encrypted key - we will use provided password
            try
            {
                final PKCS8EncryptedPrivateKeyInfo encryptedInfo = (PKCS8EncryptedPrivateKeyInfo) object;
                final InputDecryptorProvider provider = new JceOpenSSLPKCS8DecryptorProviderBuilder().build( passPhrase.toCharArray() );
                final PrivateKeyInfo privateKeyInfo = encryptedInfo.decryptPrivateKeyInfo( provider );
                return converter.getPrivateKey( privateKeyInfo );
            }
            catch ( PKCSException | OperatorCreationException e )
            {
                throw new IOException( "Unable to decrypt private key.", e );
            }
        }
        else if ( object instanceof PrivateKeyInfo )
        {
            return converter.getPrivateKey( (PrivateKeyInfo) object );
        }
        else
        {
            // Unencrypted key - no password needed
            kp = converter.getKeyPair( (PEMKeyPair) object );
        }
        return kp.getPrivate();
    }
}
 
开发者ID:igniterealtime,项目名称:Openfire,代码行数:56,代码来源:CertificateManager.java

示例11: getSocketFactory

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
public static SSLSocketFactory getSocketFactory(String caCrtFile,
		String crtFile, String keyFile, String password) throws Exception {

	char[] passwordCharArray = password == null ? new char[0] : password
			.toCharArray();

	Security.addProvider(new BouncyCastleProvider());
	CertificateFactory cf = CertificateFactory.getInstance("X.509");

	X509Certificate caCert = (X509Certificate) cf
			.generateCertificate(new ByteArrayInputStream(Files
					.readAllBytes(Paths.get(caCrtFile))));

	X509Certificate cert = (X509Certificate) cf
			.generateCertificate(new ByteArrayInputStream(Files
					.readAllBytes(Paths.get(crtFile))));

	File privateKeyFile = new File(keyFile);
	PEMParser pemParser = new PEMParser(new FileReader(privateKeyFile));
	PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
			.build(passwordCharArray);
	JcaPEMKeyConverter converter = new JcaPEMKeyConverter()
			.setProvider("BC");

	Object object = pemParser.readObject();
	KeyPair kp;

	if (object instanceof PEMEncryptedKeyPair) {
		kp = converter.getKeyPair(((PEMEncryptedKeyPair) object)
				.decryptKeyPair(decProv));
	} else {
		kp = converter.getKeyPair((PEMKeyPair) object);
	}

	pemParser.close();

	KeyStore caKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
	caKeyStore.load(null, null);
	caKeyStore.setCertificateEntry("ca-certificate", caCert);
	TrustManagerFactory trustManagerFactory = TrustManagerFactory
			.getInstance(TrustManagerFactory.getDefaultAlgorithm());
	trustManagerFactory.init(caKeyStore);

	KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
	keyStore.load(null, null);
	keyStore.setCertificateEntry("certificate", cert);
	keyStore.setKeyEntry("private-key", kp.getPrivate(), passwordCharArray,
			new java.security.cert.Certificate[] { cert });
	KeyManagerFactory keyManagerFactory = KeyManagerFactory
			.getInstance(KeyManagerFactory.getDefaultAlgorithm());
	keyManagerFactory.init(keyStore, passwordCharArray);

	SSLContext context = SSLContext.getInstance("TLSv1");
	context.init(keyManagerFactory.getKeyManagers(),
			trustManagerFactory.getTrustManagers(), null);

	return context.getSocketFactory();

}
 
开发者ID:RuckusWirelessIL,项目名称:pentaho-mqtt-producer,代码行数:60,代码来源:SSLSocketFactoryGenerator.java

示例12: registerUser

import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder; //导入依赖的package包/类
/**
 * Register a new user
 *
 * @param user User to register.
 * @return Private key in base 64 format
 */
public String registerUser(User user) throws RegistrationException {
    try {
        HttpClient client = new DefaultHttpClient();
        HttpGet rootRequest = new HttpGet(getRootUrl());
        HttpResponse response = client.execute(rootRequest);

        String responseJson = EntityUtils.toString(response.getEntity());

        ObjectMapper mapper = new ObjectMapper();
        mapper.disable(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES);
        mapper.enable(SerializationFeature.WRAP_ROOT_VALUE);

        HalRoot root = mapper.readValue(responseJson, HalRoot.class);

        String usersUrl = root.getUsersLink();
        String requestJson = mapper.writeValueAsString(user);

        HttpPost userPost = new HttpPost(usersUrl);
        userPost.addHeader("Content-Type", "application/json");
        userPost.setEntity(new StringEntity(requestJson));

        response = client.execute(userPost);
        responseJson = EntityUtils.toString(response.getEntity());

        if (response.getStatusLine().getStatusCode() == 422) {
            HalErrors errors = mapper.readValue(responseJson, HalErrors.class);
            throw new RegistrationException(errors.getErrors());
        }

        User loadedUser = mapper.readValue(responseJson, User.class);

        ByteArrayInputStream tube = new ByteArrayInputStream(loadedUser.getPrivateKey().getBytes());
        Reader stringReader = new BufferedReader(new InputStreamReader(tube));
        PEMParser pemParser = new PEMParser(stringReader);
        Object object = pemParser.readObject();

        PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().
                build(User.hashPasswordForPrivateKey(user).toCharArray());
        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");

        KeyPair keyPair = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));

        String base64PrivateKey = Base64.encodeToString(keyPair.getPrivate().getEncoded(), Base64.NO_WRAP);

        return base64PrivateKey;
    } catch (IOException e) {
        e.printStackTrace();
    }

    return null;
}
 
开发者ID:smartlogic,项目名称:smartchat-android,代码行数:58,代码来源:ApiClient.java


注:本文中的org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。