private static PKCS8EncodedKeySpec createKeySpec(byte[] keyBytes, String password) throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException { if (Strings.isNullOrEmpty(password)) { return new PKCS8EncodedKeySpec(keyBytes); } final EncryptedPrivateKeyInfo pkInfo = new EncryptedPrivateKeyInfo(keyBytes); final SecretKeyFactory kf = SecretKeyFactory.getInstance(pkInfo.getAlgName()); final PBEKeySpec keySpec = new PBEKeySpec(password.toCharArray()); final SecretKey secretKey = kf.generateSecret(keySpec); @SuppressWarnings("InsecureCryptoUsage") final Cipher cipher = Cipher.getInstance(pkInfo.getAlgName()); cipher.init(Cipher.DECRYPT_MODE, secretKey, pkInfo.getAlgParameters()); return pkInfo.getKeySpec(cipher); }
Cipher cipher = Cipher.getInstance(algName, provider); if (algParameters == null) { cipher.init(Cipher.DECRYPT_MODE, decryptKey); } else { cipher.init(Cipher.DECRYPT_MODE, decryptKey, algParameters); byte[] decryptedData = cipher.doFinal(encryptedData); ASN1PrivateKeyInfo.verify(decryptedData); } catch (IOException e1) { throw invalidKey(); return new PKCS8EncodedKeySpec(decryptedData); } catch (NoSuchPaddingException e) { throw new NoSuchAlgorithmException(e.getMessage()); } catch (InvalidAlgorithmParameterException e) { throw new NoSuchAlgorithmException(e.getMessage()); } catch (IllegalStateException e) { throw new InvalidKeyException(e.getMessage());
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); SecretKeyFactory keyFac = SecretKeyFactory.getInstance(MYPBEALG); SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec); pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec); byte[] ciphertext = pbeCipher.doFinal(encodedprivkey); EncryptedPrivateKeyInfo encinfo = new EncryptedPrivateKeyInfo(algparms, ciphertext); byte[] encryptedPkcs8 = encinfo.getEncoded();
PBEKeySpec pbeKeySpec = new PBEKeySpec(password); byte[] salt = new byte[8]; SecretKeyFactory keyFac = SecretKeyFactory.getInstance(PKCS5_PBSE1_ALGO); SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec); Cipher pbeCipher = Cipher.getInstance(PKCS5_PBSE1_ALGO); pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec); byte[] encryptedPrivKey = pbeCipher.doFinal(privkey.getEncoded()); EncryptedPrivateKeyInfo result = new EncryptedPrivateKeyInfo(algo, encryptedPrivKey);
File f = new File(keyFile); FileInputStream fis = new FileInputStream(f); DataInputStream dis = new DataInputStream(fis); byte[] keyBytes = new byte[(int)f.length()]; dis.readFully(keyBytes); dis.close(); EncryptedPrivateKeyInfo encryptPKInfo = new EncryptedPrivateKeyInfo(keyBytes); Cipher cipher = Cipher.getInstance(encryptPKInfo.getAlgName()); PBEKeySpec pbeKeySpec = new PBEKeySpec(passwd.toCharArray()); SecretKeyFactory secFac = SecretKeyFactory.getInstance(encryptPKInfo.getAlgName()); Key pbeKey = secFac.generateSecret(pbeKeySpec); AlgorithmParameters algParams = encryptPKInfo.getAlgParameters(); cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams); KeySpec pkcs8KeySpec = encryptPKInfo.getKeySpec(cipher); KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePrivate(pkcs8KeySpec);
public static PrivateKey stringToPrivateKey(String privateKeyString, String password) throws KapuaCertificateException { try { byte[] pkcs8Data = Base64.getDecoder().decode(getBytesOnly(privateKeyString)); KeyFactory keyFactory; PKCS8EncodedKeySpec pkcs8EncodedKeySpec; if (StringUtils.isNotEmpty(password)) { PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(pkcs8Data); SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()); Key secretKey = secretKeyFactory.generateSecret(pbeKeySpec); pkcs8EncodedKeySpec = encryptedPrivateKeyInfo.getKeySpec(secretKey); } else { pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(pkcs8Data); } keyFactory = KeyFactory.getInstance("RSA"); return keyFactory.generatePrivate(pkcs8EncodedKeySpec); } catch (NoSuchAlgorithmException | InvalidKeySpecException | IOException | InvalidKeyException e) { throw new KapuaCertificateException(KapuaCertificateErrorCodes.PRIVATE_KEY_ERROR, e); } }
String procType = properties.get("proc-type"); String dekInfo = properties.get("dek-info"); decryptedKey = generateOpenSSLCipher(procType, dekInfo, password).doFinal(encodedKey); } catch (BadPaddingException e) { return new PKCS8EncodedKeySpec(encodedKey); case "ENCRYPTED PRIVATE KEY": if (password != null) { try { EncryptedPrivateKeyInfo privateKeyInfo = new EncryptedPrivateKeyInfo(encodedKey); Key decryptKey = new SecretKeySpec(new String(password).getBytes(Charset.defaultCharset()), algorithmName(privateKeyInfo)); return privateKeyInfo.getKeySpec(decryptKey); } catch (NoSuchAlgorithmException e) { throw (UnrecoverableKeyException) new UnrecoverableKeyException("unsupported key encryption algorithm").initCause(e);
.replace("-----END ENCRYPTED PRIVATE KEY-----", ""); byte[] encryptedBytes = decodeString(base64Encoded); EncryptedPrivateKeyInfo encryptedKeyInfo = new EncryptedPrivateKeyInfo(encryptedBytes) ; SecretKeyFactory passwordFactory = SecretKeyFactory.getInstance(PASSWORD_ENCODING_TYPE); PBEKeySpec passwordSpec = new PBEKeySpec(password); SecretKey passwordKey = passwordFactory.generateSecret(passwordSpec); passwordSpec.clearPassword(); PKCS8EncodedKeySpec pkcs8KeySpec = encryptedKeyInfo.getKeySpec(passwordKey) ; KeyFactory keyFactory = KeyFactory.getInstance(ASYMMETRIC_KEY_TYPE); PrivateKey result = keyFactory.generatePrivate(pkcs8KeySpec);
public PrivateKey decryptKey(byte[] pkcs8Data, char[] password) throws Exception { PBEKeySpec pbeSpec = new PBEKeySpec(password); EncryptedPrivateKeyInfo pkinfo = new EncryptedPrivateKeyInfo(pkcs8Data); SecretKeyFactory skf = SecretKeyFactory.getInstance(pkinfo.getAlgName()); Key secret = skf.generateSecret(pbeSpec); PKCS8EncodedKeySpec keySpec = pkinfo.getKeySpec(secret); KeyFactory kf = KeyFactory.getInstance("RSA"); return kf.generatePrivate(keySpec); }
} catch (InvalidKeySpecException e) { return new PKCS8EncodedKeySpec(keyMaterial); EncryptedPrivateKeyInfo privateKeyInfo = new EncryptedPrivateKeyInfo(keyMaterial); Key decryptKey = new SecretKeySpec(new String(password).getBytes(Charset.defaultCharset()), algorithmName(privateKeyInfo)); return privateKeyInfo.getKeySpec(decryptKey); } catch (IOException e) { return new PKCS8EncodedKeySpec(keyMaterial); } catch (InvalidKeyException e) { throw (UnrecoverableKeyException) new UnrecoverableKeyException("bad password").initCause(e);
/** * Reads the key encryption algorithm from the encrypted PKCS #8 encrypted private key info structure. */ private static String algorithmName(EncryptedPrivateKeyInfo privateKeyInfo) throws NoSuchAlgorithmException { String algName = privateKeyInfo.getAlgName(); switch (algName) { case "1.2.840.113549.1.5.13": // TODO Can we support this? throw new NoSuchAlgorithmException("PBES2"); default: return algName; } }
/** * Set the encrypted private key for this advertisement. The private key * is provided as a BASE64 String of a DER encoded PKCS8 * EncrpytePrivateKeyInfo. * * @param newPriv a BASE64 String of a DER encoded PKCS8 * EncrpytePrivateKeyInfo. * @param algorithm The public key algorithm used by this private key. * Currently only "RSA" is supported. */ public void setEncryptedPrivateKey(String newPriv, String algorithm) { try { byte[] key_der = PSEUtils.base64Decode(new StringReader(newPriv)); EncryptedPrivateKeyInfo newEncryptedPriv = new EncryptedPrivateKeyInfo(key_der); setEncryptedPrivateKey(newEncryptedPriv, algorithm); } catch (Exception failed) { if (Logging.SHOW_SEVERE && LOG.isLoggable(Level.SEVERE)) { LOG.log(Level.SEVERE, "Failed to process private key", failed); } IllegalArgumentException failure = new IllegalArgumentException("Failed to process private key"); failure.initCause(failed); throw failure; } }
try { logger.debug("Transforming the password into a secret key..."); SecretKeyFactory passwordFactory = SecretKeyFactory.getInstance(PASSWORD_ENCODING_TYPE); PBEKeySpec passwordSpec = new PBEKeySpec(password); SecretKey passwordKey = passwordFactory.generateSecret(passwordSpec); passwordSpec.clearPassword(); Cipher cipher = Cipher.getInstance(PASSWORD_ENCODING_TYPE); cipher.init(Cipher.ENCRYPT_MODE, passwordKey); keyBytes = key.getEncoded(); byte[] encryptedBytes = cipher.doFinal(keyBytes); AlgorithmParameters params = cipher.getParameters(); EncryptedPrivateKeyInfo encryptedKeyInfo = new EncryptedPrivateKeyInfo(params, encryptedBytes) ; try { passwordKey.destroy(); } catch (DestroyFailedException e) {} StringBuilder buffer = new StringBuilder(); buffer.append(indentation).append("-----BEGIN ENCRYPTED PRIVATE KEY-----\n"); buffer.append(encodeBytes(encryptedKeyInfo.getEncoded(), indentation)); buffer.append("\n").append(indentation).append("-----END ENCRYPTED PRIVATE KEY-----"); String result = buffer.toString();
PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); SecretKeyFactory keyFac = SecretKeyFactory.getInstance(encAlg, "BC"); SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec); pbeCipher.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParamSpec); byte[] ciphertext = pbeCipher.doFinal(encodedprivkey); EncryptedPrivateKeyInfo encinfo = new EncryptedPrivateKeyInfo(algparms, ciphertext); byte[] encryptedPkcs8 = encinfo.getEncoded();
EncryptedPrivateKeyInfo ePKInfo = new EncryptedPrivateKeyInfo( encryptedPKInfo); char[] password = { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' }; Cipher cipher = Cipher.getInstance(ePKInfo.getAlgName()); PBEKeySpec pbeKeySpec = new PBEKeySpec(password); .getAlgName()); Key pbeKey = skFac.generateSecret(pbeKeySpec); AlgorithmParameters algParams = ePKInfo.getAlgParameters(); cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams); KeySpec pkcs8KeySpec = ePKInfo.getKeySpec(cipher);
if (password != null && password.length > 0) EncryptedPrivateKeyInfo encInfo = new EncryptedPrivateKeyInfo(keyData); PBEKeySpec keySpec = new PBEKeySpec(password); String alg = encInfo.getAlgName(); SecretKeyFactory secFactory = SecretKeyFactory.getInstance(alg, CryptoExtensions.getJCEProviderName()); SecretKey secKey = secFactory.generateSecret(keySpec); keysp = encInfo.getKeySpec(secKey, CryptoExtensions.getJCEProviderName()); keysp = new PKCS8EncodedKeySpec ( keyData );
private static PKCS8EncodedKeySpec generateKeySpec(char[] password, byte[] key) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException { if (password == null) { return new PKCS8EncodedKeySpec(key); } EncryptedPrivateKeyInfo encryptedPrivateKeyInfo = new EncryptedPrivateKeyInfo(key); SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(encryptedPrivateKeyInfo.getAlgName()); PBEKeySpec pbeKeySpec = new PBEKeySpec(password); SecretKey pbeKey = keyFactory.generateSecret(pbeKeySpec); Cipher cipher = Cipher.getInstance(encryptedPrivateKeyInfo.getAlgName()); cipher.init(Cipher.DECRYPT_MODE, pbeKey, encryptedPrivateKeyInfo.getAlgParameters()); return encryptedPrivateKeyInfo.getKeySpec(cipher); }
Cipher cipher = Cipher.getInstance(algName); if (algParameters == null) { cipher.init(Cipher.DECRYPT_MODE, decryptKey); } else { cipher.init(Cipher.DECRYPT_MODE, decryptKey, algParameters); byte[] decryptedData = cipher.doFinal(encryptedData); ASN1PrivateKeyInfo.verify(decryptedData); } catch (IOException e1) { throw invalidKey(); return new PKCS8EncodedKeySpec(decryptedData); } catch (NoSuchPaddingException e) { throw new NoSuchAlgorithmException(e.getMessage()); } catch (InvalidAlgorithmParameterException e) { throw new NoSuchAlgorithmException(e.getMessage()); } catch (IllegalStateException e) { throw new InvalidKeyException(e.getMessage());
SecretKeyFactory keyFact = SecretKeyFactory.getInstance(pbeType.jce()); PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); SecretKey pbeKey = keyFact.generateSecret(pbeKeySpec); Cipher cipher = Cipher.getInstance(pbeType.jce()); cipher.init(Cipher.ENCRYPT_MODE, pbeKey, params); byte[] encPkcs8 = cipher.doFinal(pkcs8); EncryptedPrivateKeyInfo encPrivateKeyInfo = new EncryptedPrivateKeyInfo(params, encPkcs8); return encPrivateKeyInfo.getEncoded(); } catch (GeneralSecurityException ex) { throw new CryptoException("NoEncryptPkcs8PrivateKey.exception.message", ex);
EncryptedPrivateKeyInfo ePKInfo = new EncryptedPrivateKeyInfo(encodedprivkey); Cipher cipher = Cipher.getInstance(ePKInfo.getAlgName()); PBEKeySpec pbeKeySpec = new PBEKeySpec(password.toCharArray()); .getAlgName()); Key pbeKey = skFac.generateSecret(pbeKeySpec); AlgorithmParameters algParams = ePKInfo.getAlgParameters(); cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams); KeySpec pkcs8KeySpec = ePKInfo.getKeySpec(cipher);