/** * Tests the given encoded input and converts it to PEM if it is detected, stripping out any header/footer data in the * process. * * @param input Encoded data that may be PEM encoded. * * @return Decoded data if PEM encoding detected, otherwise original data. */ protected byte[] tryConvertPem(final byte[] input) { if (PemUtil.isPem(input)) { return PemUtil.decode(input); } return input; }
/** * Decodes a PEM-encoded cryptographic object into the raw bytes of its ASN.1 encoding. Header/footer data and * metadata info, e.g. Proc-Type, are ignored. * * @param pem Bytes of PEM-encoded data to decode. * * @return ASN.1 encoded bytes. */ public static byte[] decode(final byte[] pem) { return decode(new String(pem, ByteUtil.ASCII_CHARSET)); }
/** * Sets the PEM-encoded public key data. * * @param pemEncodedKey PEM-encoded public key data. */ public void setEncodedKey(final String pemEncodedKey) { if (!PemUtil.isPem(ByteUtil.toBytes(pemEncodedKey))) { throw new IllegalArgumentException("Data is not PEM encoded."); } this.encodedKey = pemEncodedKey; }
/** * Determines whether the data in the given byte array is base64-encoded data of PEM encoding. The determination is * made using as little data from the given array as necessary to make a reasonable determination about encoding. * * @param data Data to test for PEM encoding * * @return True if data appears to be PEM encoded, false otherwise. */ public static boolean isPem(final byte[] data) { final String start = new String(data, 0, 10, ByteUtil.ASCII_CHARSET).trim(); if (!start.startsWith(HEADER_BEGIN) && !start.startsWith(PROC_TYPE)) { // Check all bytes in first line to make sure they are in the range // of base64 character set encoding for (int i = 0; i < LINE_LENGTH; i++) { if (!isBase64Char(data[i])) { // Last two bytes may be padding character '=' (61) if (i > LINE_LENGTH - 3) { if (data[i] != 61) { return false; } } else { return false; } } } } return true; }
@Override public PrivateKey newInstance() throws EncodingException { return KeyPairUtil.decodePrivateKey(PemUtil.decode(encodedKey)); } }
/** * Sets the PEM-encoded private key data. * * @param pemEncodedKey PEM-encoded private key data. */ public void setEncodedKey(final String pemEncodedKey) { if (!PemUtil.isPem(ByteUtil.toBytes(pemEncodedKey))) { throw new IllegalArgumentException("Data is not PEM encoded."); } this.encodedKey = pemEncodedKey; }
@Override public AsymmetricKeyParameter decode(final byte[] encoded, final Object... args) { try { if (PemUtil.isPem(encoded)) { return PublicKeyFactory.createKey(PemUtil.decode(encoded)); } return PublicKeyFactory.createKey(new ASN1InputStream(encoded).readObject().getEncoded()); } catch (IOException e) { throw new EncodingException("ASN.1 decoding error", e); } } }
@Override public PublicKey newInstance() throws EncodingException { return KeyPairUtil.decodePublicKey(PemUtil.decode(encodedKey)); } }
@Override protected byte[] decryptKey(final byte[] encrypted, final char[] password) { final String pem = new String(encrypted, ByteUtil.ASCII_CHARSET); final int start = pem.indexOf(PemUtil.DEK_INFO); final int eol = pem.indexOf('\n', start); final String[] dekInfo = pem.substring(start + 10, eol).split(","); final String alg = dekInfo[0]; final byte[] iv = CodecUtil.hex(dekInfo[1]); final byte[] bytes = PemUtil.decode(encrypted); return new OpenSSLEncryptionScheme(OpenSSLAlgorithm.fromAlgorithmId(alg), iv, password).decrypt(bytes); }