blob: f822cba100b2a403f0d7aa4baa12a8fdbdce9e83 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
package org.bouncycastle.openssl;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.operator.OutputEncryptor;
import org.bouncycastle.util.io.pem.PemGenerationException;
import org.bouncycastle.util.io.pem.PemObject;
import org.bouncycastle.util.io.pem.PemObjectGenerator;
public class PKCS8Generator
implements PemObjectGenerator
{
public static final ASN1ObjectIdentifier AES_128_CBC = NISTObjectIdentifiers.id_aes128_CBC;
public static final ASN1ObjectIdentifier AES_192_CBC = NISTObjectIdentifiers.id_aes192_CBC;
public static final ASN1ObjectIdentifier AES_256_CBC = NISTObjectIdentifiers.id_aes256_CBC;
public static final ASN1ObjectIdentifier DES3_CBC = PKCSObjectIdentifiers.des_EDE3_CBC;
public static final ASN1ObjectIdentifier PBE_SHA1_RC4_128 = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4;
public static final ASN1ObjectIdentifier PBE_SHA1_RC4_40 = PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4;
public static final ASN1ObjectIdentifier PBE_SHA1_3DES = PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC;
public static final ASN1ObjectIdentifier PBE_SHA1_2DES = PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC;
public static final ASN1ObjectIdentifier PBE_SHA1_RC2_128 = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC;
public static final ASN1ObjectIdentifier PBE_SHA1_RC2_40 = PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC;
private PrivateKeyInfo key;
private OutputEncryptor outputEncryptor;
/**
* Base constructor.
*/
public PKCS8Generator(PrivateKeyInfo key, OutputEncryptor outputEncryptor)
{
this.key = key;
this.outputEncryptor = outputEncryptor;
}
public PemObject generate()
throws PemGenerationException
{
if (outputEncryptor != null)
{
return generate(key, outputEncryptor);
}
else
{
return generate(key, null);
}
}
private PemObject generate(PrivateKeyInfo key, OutputEncryptor encryptor)
throws PemGenerationException
{
try
{
byte[] keyData = key.getEncoded();
if (encryptor == null)
{
return new PemObject("PRIVATE KEY", keyData);
}
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
OutputStream cOut = encryptor.getOutputStream(bOut);
cOut.write(key.getEncoded());
cOut.close();
EncryptedPrivateKeyInfo info = new EncryptedPrivateKeyInfo(encryptor.getAlgorithmIdentifier(), bOut.toByteArray());
return new PemObject("ENCRYPTED PRIVATE KEY", info.getEncoded());
}
catch (IOException e)
{
throw new PemGenerationException("unable to process encoded key data: " + e.getMessage(), e);
}
}
}
|