Class OpenSSLKey

  • All Implemented Interfaces:
    java.io.Serializable
    Direct Known Subclasses:
    BouncyCastleOpenSSLKey

    public abstract class OpenSSLKey
    extends java.lang.Object
    implements java.io.Serializable
    Represents a OpenSSL-style PEM-formatted private key. It supports encryption and decryption of the key. Currently, only RSA keys are supported, and only TripleDES encryption is supported.

    This is based on work done by Ming Yung at DSTC.

    Since:
    1.0
    Version:
    ${version}
    See Also:
    Serialized Form
    • Constructor Summary

      Constructors 
      Constructor Description
      OpenSSLKey​(java.io.InputStream is)
      Reads a OpenSSL private key from the specified input stream.
      OpenSSLKey​(java.lang.String file)
      Reads a OpenSSL private key from the specified file.
      OpenSSLKey​(java.lang.String algorithm, byte[] data)
      Initializes the OpenSSL key from raw byte array.
      OpenSSLKey​(java.security.PrivateKey key)
      Converts a RSAPrivateCrtKey into OpenSSL key.
    • Method Summary

      All Methods Static Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      void decrypt​(byte[] password)
      Decrypts the private key with given password.
      void decrypt​(java.lang.String password)
      Decrypts the private key with given password.
      void encrypt​(byte[] password)
      Encrypts the private key with given password.
      void encrypt​(java.lang.String password)
      Encrypts the private key with given password.
      boolean equals​(java.lang.Object other)  
      private java.lang.String extractEncryptionInfo​(java.io.BufferedReader in)  
      private java.lang.String extractKey​(java.io.BufferedReader in)  
      private void generateIV()  
      private javax.crypto.Cipher getCipher()  
      protected byte[] getEncoded()  
      protected abstract byte[] getEncoded​(java.security.PrivateKey key)  
      protected abstract java.security.PrivateKey getKey​(java.lang.String alg, byte[] data)  
      private java.lang.String getKeyAlgorithm​(java.lang.String line)  
      java.security.PrivateKey getPrivateKey()
      Returns the JCE (RSAPrivateCrtKey) key.
      protected java.lang.String getProvider()  
      private javax.crypto.spec.SecretKeySpec getSecretKey​(byte[] pwd, byte[] keyInitializationVector)  
      int hashCode()  
      boolean isEncrypted()
      Check if the key was encrypted or not.
      private static boolean objectsEquals​(java.lang.Object a, java.lang.Object b)  
      private void parseEncryptionInfo​(java.lang.String line)  
      private void parseKeyAlgorithm​(java.io.BufferedReader in)  
      private void readObject​(java.io.ObjectInputStream s)  
      private void readPEM​(java.io.Reader rd)  
      private void setAlgorithmSettings​(java.lang.String alg)  
      void setEncryptionAlgorithm​(java.lang.String alg)
      Sets algorithm for encryption.
      private void setIV​(byte[] data)  
      private void setIV​(java.lang.String s)  
      private java.lang.String toPEM()  
      void writeTo​(java.io.OutputStream output)
      Writes the private key to the specified output stream in PEM format.
      void writeTo​(java.io.Writer w)
      Writes the private key to the specified writer in PEM format.
      void writeTo​(java.lang.String file)
      Writes the private key to the specified file in PEM format.
      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait
    • Field Detail

      • keyAlg

        private java.lang.String keyAlg
      • isEncrypted

        private boolean isEncrypted
      • encodedKey

        private byte[] encodedKey
      • intKey

        private java.security.PrivateKey intKey
      • ivData

        private byte[] ivData
      • initializationVector

        private transient javax.crypto.spec.IvParameterSpec initializationVector
      • encAlgStr

        private java.lang.String encAlgStr
      • encAlg

        private java.lang.String encAlg
      • keyLength

        private int keyLength
      • ivLength

        private int ivLength
      • keyData

        private byte[] keyData
    • Constructor Detail

      • OpenSSLKey

        public OpenSSLKey​(java.io.InputStream is)
                   throws java.io.IOException,
                          java.security.GeneralSecurityException
        Reads a OpenSSL private key from the specified input stream. The private key must be PEM encoded and can be encrypted.
        Parameters:
        is - input stream with OpenSSL key in PEM format.
        Throws:
        java.io.IOException - if I/O problems.
        java.security.GeneralSecurityException - if problems with the key
      • OpenSSLKey

        public OpenSSLKey​(java.lang.String file)
                   throws java.io.IOException,
                          java.security.GeneralSecurityException
        Reads a OpenSSL private key from the specified file. The private key must be PEM encoded and can be encrypted.
        Parameters:
        file - file containing the OpenSSL key in PEM format.
        Throws:
        java.io.IOException - if I/O problems.
        java.security.GeneralSecurityException - if problems with the key
      • OpenSSLKey

        public OpenSSLKey​(java.security.PrivateKey key)
        Converts a RSAPrivateCrtKey into OpenSSL key.
        Parameters:
        key - private key - must be a RSAPrivateCrtKey
      • OpenSSLKey

        public OpenSSLKey​(java.lang.String algorithm,
                          byte[] data)
                   throws java.security.GeneralSecurityException
        Initializes the OpenSSL key from raw byte array.
        Parameters:
        algorithm - the algorithm of the key. Currently only RSA algorithm is supported.
        data - the DER encoded key data. If RSA algorithm, the key must be in PKCS#1 format.
        Throws:
        java.security.GeneralSecurityException - if any security problems.
    • Method Detail

      • getEncoded

        protected byte[] getEncoded()
      • readPEM

        private void readPEM​(java.io.Reader rd)
                      throws java.io.IOException,
                             java.security.GeneralSecurityException
        Throws:
        java.io.IOException
        java.security.GeneralSecurityException
      • extractKey

        private java.lang.String extractKey​(java.io.BufferedReader in)
                                     throws java.io.IOException
        Throws:
        java.io.IOException
      • extractEncryptionInfo

        private java.lang.String extractEncryptionInfo​(java.io.BufferedReader in)
                                                throws java.io.IOException,
                                                       java.security.GeneralSecurityException
        Throws:
        java.io.IOException
        java.security.GeneralSecurityException
      • parseKeyAlgorithm

        private void parseKeyAlgorithm​(java.io.BufferedReader in)
                                throws java.io.IOException,
                                       java.security.InvalidKeyException
        Throws:
        java.io.IOException
        java.security.InvalidKeyException
      • isEncrypted

        public boolean isEncrypted()
        Check if the key was encrypted or not.
        Returns:
        true if the key is encrypted, false otherwise.
      • decrypt

        public void decrypt​(java.lang.String password)
                     throws java.security.GeneralSecurityException
        Decrypts the private key with given password. Does nothing if the key is not encrypted.
        Parameters:
        password - password to decrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during decryption.
      • decrypt

        public void decrypt​(byte[] password)
                     throws java.security.GeneralSecurityException
        Decrypts the private key with given password. Does nothing if the key is not encrypted.
        Parameters:
        password - password to decrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during decryption.
      • encrypt

        public void encrypt​(java.lang.String password)
                     throws java.security.GeneralSecurityException
        Encrypts the private key with given password. Does nothing if the key is encrypted already.
        Parameters:
        password - password to encrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during encryption.
      • encrypt

        public void encrypt​(byte[] password)
                     throws java.security.GeneralSecurityException
        Encrypts the private key with given password. Does nothing if the key is encrypted already.
        Parameters:
        password - password to encrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during encryption.
      • setEncryptionAlgorithm

        public void setEncryptionAlgorithm​(java.lang.String alg)
                                    throws java.security.GeneralSecurityException
        Sets algorithm for encryption.
        Parameters:
        alg - algorithm for encryption
        Throws:
        java.security.GeneralSecurityException - if algorithm is not supported
      • getPrivateKey

        public java.security.PrivateKey getPrivateKey()
        Returns the JCE (RSAPrivateCrtKey) key.
        Returns:
        the private key, null if the key was not decrypted yet.
      • writeTo

        public void writeTo​(java.io.OutputStream output)
                     throws java.io.IOException
        Writes the private key to the specified output stream in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        output - output stream to write the key to.
        Throws:
        java.io.IOException - if I/O problems writing the key
      • writeTo

        public void writeTo​(java.io.Writer w)
                     throws java.io.IOException
        Writes the private key to the specified writer in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        w - writer to output the key to.
        Throws:
        java.io.IOException - if I/O problems writing the key
      • writeTo

        public void writeTo​(java.lang.String file)
                     throws java.io.IOException
        Writes the private key to the specified file in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        file - file to write the key to.
        Throws:
        java.io.IOException - if I/O problems writing the key
      • getEncoded

        protected abstract byte[] getEncoded​(java.security.PrivateKey key)
      • getKey

        protected abstract java.security.PrivateKey getKey​(java.lang.String alg,
                                                           byte[] data)
                                                    throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • getProvider

        protected java.lang.String getProvider()
      • getCipher

        private javax.crypto.Cipher getCipher()
                                       throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • getKeyAlgorithm

        private java.lang.String getKeyAlgorithm​(java.lang.String line)
      • parseEncryptionInfo

        private void parseEncryptionInfo​(java.lang.String line)
                                  throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • setAlgorithmSettings

        private void setAlgorithmSettings​(java.lang.String alg)
                                   throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • setIV

        private void setIV​(java.lang.String s)
                    throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • generateIV

        private void generateIV()
      • setIV

        private void setIV​(byte[] data)
      • getSecretKey

        private javax.crypto.spec.SecretKeySpec getSecretKey​(byte[] pwd,
                                                             byte[] keyInitializationVector)
                                                      throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException
      • toPEM

        private java.lang.String toPEM()
      • readObject

        private void readObject​(java.io.ObjectInputStream s)
                         throws java.io.IOException,
                                java.lang.ClassNotFoundException
        Throws:
        java.io.IOException
        java.lang.ClassNotFoundException
      • equals

        public boolean equals​(java.lang.Object other)
        Overrides:
        equals in class java.lang.Object
      • objectsEquals

        private static boolean objectsEquals​(java.lang.Object a,
                                             java.lang.Object b)
      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object