Package org.globus.gsi

Class OpenSSLKey

  • All Implemented Interfaces:
    java.io.Serializable
    Direct Known Subclasses:
    BouncyCastleOpenSSLKey
    public abstract class OpenSSLKey
extends java.lang.Object
implements java.io.Serializable
    Represents a OpenSSL-style PEM-formatted private key. It supports encryption and decryption of the key. Currently, only RSA keys are supported, and only TripleDES encryption is supported.

    This is based on work done by Ming Yung at DSTC.

    Since:
    1.0
    Version:
    ${version}
    See Also:
    Serialized Form

    • Constructor Summary

      Constructors 
      Constructor Description
      OpenSSLKey​(java.io.InputStream is)
      Reads a OpenSSL private key from the specified input stream.
      OpenSSLKey​(java.lang.String file)
      Reads a OpenSSL private key from the specified file.
      OpenSSLKey​(java.lang.String algorithm, byte[] data)
      Initializes the OpenSSL key from raw byte array.
      OpenSSLKey​(java.security.PrivateKey key)
      Converts a RSAPrivateCrtKey into OpenSSL key.

    • Method Summary

      All Methods Instance Methods Abstract Methods Concrete Methods 
      Modifier and Type Method Description
      void decrypt​(byte[] password)
      Decrypts the private key with given password.
      void decrypt​(java.lang.String password)
      Decrypts the private key with given password.
      void encrypt​(byte[] password)
      Encrypts the private key with given password.
      void encrypt​(java.lang.String password)
      Encrypts the private key with given password.
      boolean equals​(java.lang.Object other)  
      protected byte[] getEncoded()  
      protected abstract byte[] getEncoded​(java.security.PrivateKey key)  
      protected abstract java.security.PrivateKey getKey​(java.lang.String alg, byte[] data)  
      java.security.PrivateKey getPrivateKey()
      Returns the JCE (RSAPrivateCrtKey) key.
      protected java.lang.String getProvider()  
      int hashCode()  
      boolean isEncrypted()
      Check if the key was encrypted or not.
      void setEncryptionAlgorithm​(java.lang.String alg)
      Sets algorithm for encryption.
      void writeTo​(java.io.OutputStream output)
      Writes the private key to the specified output stream in PEM format.
      void writeTo​(java.io.Writer w)
      Writes the private key to the specified writer in PEM format.
      void writeTo​(java.lang.String file)
      Writes the private key to the specified file in PEM format.

      • Methods inherited from class java.lang.Object

        clone, finalize, getClass, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • OpenSSLKey

        public OpenSSLKey​(java.io.InputStream is)
           throws java.io.IOException,
                  java.security.GeneralSecurityException
        Reads a OpenSSL private key from the specified input stream. The private key must be PEM encoded and can be encrypted.
        Parameters:
        is - input stream with OpenSSL key in PEM format.
        Throws:
        java.io.IOException - if I/O problems.
        java.security.GeneralSecurityException - if problems with the key

      • OpenSSLKey

        public OpenSSLKey​(java.lang.String file)
           throws java.io.IOException,
                  java.security.GeneralSecurityException
        Reads a OpenSSL private key from the specified file. The private key must be PEM encoded and can be encrypted.
        Parameters:
        file - file containing the OpenSSL key in PEM format.
        Throws:
        java.io.IOException - if I/O problems.
        java.security.GeneralSecurityException - if problems with the key

      • OpenSSLKey

        public OpenSSLKey​(java.security.PrivateKey key)
        Converts a RSAPrivateCrtKey into OpenSSL key.
        Parameters:
        key - private key - must be a RSAPrivateCrtKey

      • OpenSSLKey

        public OpenSSLKey​(java.lang.String algorithm,
                  byte[] data)
           throws java.security.GeneralSecurityException
        Initializes the OpenSSL key from raw byte array.
        Parameters:
        algorithm - the algorithm of the key. Currently only RSA algorithm is supported.
        data - the DER encoded key data. If RSA algorithm, the key must be in PKCS#1 format.
        Throws:
        java.security.GeneralSecurityException - if any security problems.

    • Method Detail

      • getEncoded

        protected byte[] getEncoded()

      • isEncrypted

        public boolean isEncrypted()
        Check if the key was encrypted or not.
        Returns:
        true if the key is encrypted, false otherwise.

      • decrypt

        public void decrypt​(java.lang.String password)
             throws java.security.GeneralSecurityException
        Decrypts the private key with given password. Does nothing if the key is not encrypted.
        Parameters:
        password - password to decrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during decryption.

      • decrypt

        public void decrypt​(byte[] password)
             throws java.security.GeneralSecurityException
        Decrypts the private key with given password. Does nothing if the key is not encrypted.
        Parameters:
        password - password to decrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during decryption.

      • encrypt

        public void encrypt​(java.lang.String password)
             throws java.security.GeneralSecurityException
        Encrypts the private key with given password. Does nothing if the key is encrypted already.
        Parameters:
        password - password to encrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during encryption.

      • encrypt

        public void encrypt​(byte[] password)
             throws java.security.GeneralSecurityException
        Encrypts the private key with given password. Does nothing if the key is encrypted already.
        Parameters:
        password - password to encrypt the key with.
        Throws:
        java.security.GeneralSecurityException - whenever an error occurs during encryption.

      • setEncryptionAlgorithm

        public void setEncryptionAlgorithm​(java.lang.String alg)
                            throws java.security.GeneralSecurityException
        Sets algorithm for encryption.
        Parameters:
        alg - algorithm for encryption
        Throws:
        java.security.GeneralSecurityException - if algorithm is not supported

      • getPrivateKey

        public java.security.PrivateKey getPrivateKey()
        Returns the JCE (RSAPrivateCrtKey) key.
        Returns:
        the private key, null if the key was not decrypted yet.

      • writeTo

        public void writeTo​(java.io.OutputStream output)
             throws java.io.IOException
        Writes the private key to the specified output stream in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        output - output stream to write the key to.
        Throws:
        java.io.IOException - if I/O problems writing the key

      • writeTo

        public void writeTo​(java.io.Writer w)
             throws java.io.IOException
        Writes the private key to the specified writer in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        w - writer to output the key to.
        Throws:
        java.io.IOException - if I/O problems writing the key

      • writeTo

        public void writeTo​(java.lang.String file)
             throws java.io.IOException
        Writes the private key to the specified file in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        file - file to write the key to.
        Throws:
        java.io.IOException - if I/O problems writing the key

      • getEncoded

        protected abstract byte[] getEncoded​(java.security.PrivateKey key)

      • getKey

        protected abstract java.security.PrivateKey getKey​(java.lang.String alg,
                                                   byte[] data)
                                            throws java.security.GeneralSecurityException
        Throws:
        java.security.GeneralSecurityException

      • getProvider

        protected java.lang.String getProvider()

      • equals

        public boolean equals​(java.lang.Object other)
        Overrides:
        equals in class java.lang.Object

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class java.lang.Object