/** * Takes a PKCS12 byte stream and returns a PKCS12 byte stream with the pass phrase protection and encryption removed. * @param bytes The PKCS12 byte stream that will be stripped. * @param passphrase The pass phrase of the PKCS12 byte stream. This is used to decrypt the PKCS12 stream. * @return A PKCS12 byte stream representation of the original PKCS12 stream with the pass phrase protection and encryption removed. */ public static byte[] pkcs12ToStrippedPkcs12(byte[] bytes, String passphrase) { return changePkcs12Protection(bytes, passphrase.toCharArray(), passphrase.toCharArray(), "".toCharArray(), "".toCharArray()); }
final byte[] data = CertUtils.changePkcs12Protection(cert.getData(), oldKeystorePassPhrase.toCharArray(), oldPrivateKeyPassPhrase.toCharArray(), emptyProtection, emptyProtection);
final String newPrivateKeyPassPhrase = new String(kspMgr.getPrivateKeyProtectionKey().getEncoded()); cert.setRawData(CertUtils.changePkcs12Protection(cert.getData(), "".toCharArray(), "".toCharArray(), newKeystorePassPhrase.toCharArray(), newPrivateKeyPassPhrase.toCharArray()));
@Test public void testSetData_setWithProtectedData() throws Exception { final byte[] certData = CertificateDaoTest.loadPkcs12FromCertAndKey("gm2552.der", "gm2552Key.der"); final byte[] protectedCertData = CertUtils.changePkcs12Protection(certData, "".toCharArray(), "".toCharArray(), "12345".toCharArray(), "67890".toCharArray()); Certificate cert = new Certificate(); cert.setData(protectedCertData); // just make sure an exception didn't happen here }