public static X509Certificate getX509CertificateFromPgpKeyPair( PGPPublicKey pgpPublicKey, PGPSecretKey pgpSecretKey, String secretPwd, String issuer, String subject, Date dateOfIssue, Date dateOfExpiry, BigInteger serial ) throws PGPException, CertificateException, IOException { JcaPGPKeyConverter c = new JcaPGPKeyConverter(); PublicKey publicKey = c.getPublicKey( pgpPublicKey ); PrivateKey privateKey = c.getPrivateKey( pgpSecretKey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider( provider ).build( secretPwd.toCharArray() ) ) ); X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder( new X500Name( issuer ), serial, dateOfIssue, dateOfExpiry, new X500Name( subject ), SubjectPublicKeyInfo.getInstance( publicKey.getEncoded() ) ); byte[] certBytes = certBuilder.build( new JCESigner( privateKey, "SHA256withRSA" ) ).getEncoded(); CertificateFactory certificateFactory = CertificateFactory.getInstance( "X.509" ); return ( X509Certificate ) certificateFactory.generateCertificate( new ByteArrayInputStream( certBytes ) ); }
/** * Return the contained private key. * * @return PrivateKey * @deprecated use a JcaPGPKeyConverter */ public PrivateKey getKey() { if (privateKey != null) { return privateKey; } try { return new JcaPGPKeyConverter().setProvider(PGPUtil.getDefaultProvider()).getPrivateKey(this); } catch (PGPException e) { throw new IllegalStateException("unable to convert key: " + e.toString()); } }
public static final byte[] encrypt(File pubring, long keyid, byte[] in){ if(!pubring.exists() || !pubring.isFile()) return null; try { byte[] ret = null; FileInputStream fis = new FileInputStream(pubring); InputStream is = PGPUtil.getDecoderStream(fis); PGPPublicKeyRingCollection ring = new PGPPublicKeyRingCollection(is); PGPPublicKey pubkey = ring.getPublicKey(keyid); if(pubkey.isMasterKey()) { System.err.println("Tried to use a non-encryption key. This should never happen."); return null; } PublicKey key = new JcaPGPKeyConverter().getPublicKey(pubkey); Cipher cipher = Cipher.getInstance(key.getAlgorithm() + "/ECB/PKCS1Padding"); cipher.init(Cipher.ENCRYPT_MODE, key); ret = cipher.doFinal(in); is.close(); fis.close(); return ret; } catch (Exception e) { System.err.println(e.getLocalizedMessage()); return null; } }
public static final byte[] decrypt(File privring, long keyid, char[] pw, byte[] in){ if(!privring.exists() || !privring.isFile()) return null; try { byte[] ret = null; FileInputStream fis = new FileInputStream(privring); InputStream is = PGPUtil.getDecoderStream(fis); PGPSecretKeyRingCollection ring = new PGPSecretKeyRingCollection(is); PGPSecretKey seckey = ring.getSecretKey(keyid); if(seckey.isMasterKey()) { System.err.println("Someone tried to use a non-encryption key. This should never happen."); return null; } PrivateKey key = new JcaPGPKeyConverter().getPrivateKey( seckey.extractPrivateKey( new JcePBESecretKeyDecryptorBuilder().setProvider("BC").build(pw) ) ); Cipher cipher = Cipher.getInstance(key.getAlgorithm() + "/ECB/PKCS1Padding"); cipher.init(Cipher.DECRYPT_MODE, key); ret = cipher.doFinal(in); is.close(); fis.close(); return ret; } catch (Exception e) { System.err.println(e.getLocalizedMessage()); return null; } }
/** * @deprecated use JcaPGPKeyConverter.getPGPPublicKey() */ public PGPPublicKey( int algorithm, PublicKey pubKey, Date time) throws PGPException { this(new JcaPGPKeyConverter().getPGPPublicKey(algorithm, pubKey, time)); }
private static void ensureKeyConverter() { if (sKeyConverter == null) sKeyConverter = new JcaPGPKeyConverter().setProvider(PGPUtils.PROVIDER); }
private static void ensureKeyConverter() { if (sKeyConverter == null) sKeyConverter = new JcaPGPKeyConverter().setProvider(org.kontalk.xmppserver.Security.PROVIDER); }
/** * Create a PGPPublicKey from the passed in JCA one. * <p> * Note: the time passed in affects the value of the key's keyID, so you probably only want * to do this once for a JCA key, or make sure you keep track of the time you used. * * @param algorithm asymmetric algorithm type representing the public key. * @param pubKey actual public key to associate. * @param time date of creation. * @param provider provider to use for underlying digest calculations. * @throws PGPException on key creation problem. * @throws NoSuchProviderException if the specified provider is required and cannot be found. * @deprecated use JcaPGPKeyConverter.getPGPPublicKey() */ public PGPPublicKey( int algorithm, PublicKey pubKey, Date time, String provider) throws PGPException, NoSuchProviderException { this(new JcaPGPKeyConverter().setProvider(provider).getPGPPublicKey(algorithm, pubKey, time)); }
/** * Return the public key contained in the object. * * @param provider provider to construct the key for. * @return a JCE/JCA public key. * @throws PGPException if the key algorithm is not recognised. * @throws NoSuchProviderException if the provider cannot be found. * @deprecated use a JcaPGPKeyConverter */ public PublicKey getKey( String provider) throws PGPException, NoSuchProviderException { return new JcaPGPKeyConverter().setProvider(provider).getPublicKey(this); }
/** * Return the public key contained in the object. * * @param provider provider to construct the key for. * @return a JCE/JCA public key. * @throws PGPException if the key algorithm is not recognised. * @deprecated use a JcaPGPKeyConverter */ public PublicKey getKey( Provider provider) throws PGPException { return new JcaPGPKeyConverter().setProvider(provider).getPublicKey(this); }