diff options
author | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-30 13:28:35 +0200 |
---|---|---|
committer | Jon Marius Venstad <jvenstad@yahoo-inc.com> | 2019-04-30 14:01:33 +0200 |
commit | d57e489f3bfd41a0a66639346dbd39fbd5162ea5 (patch) | |
tree | 1b62a6def684eae638b36266715ff1e3ab82d1ee /security-utils | |
parent | bf44093f3848b5a94b7d7a93b7d1f9da57f3055d (diff) |
Add support for parsing public keys to KeyUtils
Diffstat (limited to 'security-utils')
-rw-r--r-- | security-utils/src/main/java/com/yahoo/security/KeyUtils.java | 27 | ||||
-rw-r--r-- | security-utils/src/test/java/com/yahoo/security/KeyUtilsTest.java | 39 |
2 files changed, 65 insertions, 1 deletions
diff --git a/security-utils/src/main/java/com/yahoo/security/KeyUtils.java b/security-utils/src/main/java/com/yahoo/security/KeyUtils.java index ca99598c1fb..47f625641e1 100644 --- a/security-utils/src/main/java/com/yahoo/security/KeyUtils.java +++ b/security-utils/src/main/java/com/yahoo/security/KeyUtils.java @@ -4,6 +4,7 @@ package com.yahoo.security; import org.bouncycastle.asn1.ASN1Encodable; import org.bouncycastle.asn1.ASN1Primitive; import org.bouncycastle.asn1.pkcs.PrivateKeyInfo; +import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPrivateKey; import org.bouncycastle.jce.spec.ECParameterSpec; import org.bouncycastle.jce.spec.ECPublicKeySpec; @@ -26,8 +27,10 @@ import java.security.KeyPairGenerator; import java.security.PrivateKey; import java.security.PublicKey; import java.security.interfaces.RSAPrivateCrtKey; +import java.security.spec.KeySpec; import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.RSAPublicKeySpec; +import java.security.spec.X509EncodedKeySpec; import java.util.ArrayList; import java.util.List; @@ -109,6 +112,30 @@ public class KeyUtils { } } + public static PublicKey fromPemEncodedPublicKey(String pem) { + try (PEMParser parser = new PEMParser(new StringReader(pem))) { + List<Object> unknownObjects = new ArrayList<>(); + Object pemObject; + while ((pemObject = parser.readObject()) != null) { + SubjectPublicKeyInfo keyInfo; + if (pemObject instanceof SubjectPublicKeyInfo) { + keyInfo = (SubjectPublicKeyInfo) pemObject; + } else if (pemObject instanceof PEMKeyPair) { + PEMKeyPair pemKeypair = (PEMKeyPair) pemObject; + keyInfo = pemKeypair.getPublicKeyInfo(); + } else { + unknownObjects.add(pemObject); + continue; + } + JcaPEMKeyConverter pemConverter = new JcaPEMKeyConverter().setProvider(BouncyCastleProviderHolder.getInstance()); + return pemConverter.getPublicKey(keyInfo); + } + throw new IllegalArgumentException("Expected a public key, but found " + unknownObjects.toString()); + } catch (IOException e) { + throw new UncheckedIOException(e); + } + } + public static String toPem(PrivateKey privateKey) { try (StringWriter stringWriter = new StringWriter(); JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter)) { String algorithm = privateKey.getAlgorithm(); diff --git a/security-utils/src/test/java/com/yahoo/security/KeyUtilsTest.java b/security-utils/src/test/java/com/yahoo/security/KeyUtilsTest.java index 5e786654d7c..6097f075f25 100644 --- a/security-utils/src/test/java/com/yahoo/security/KeyUtilsTest.java +++ b/security-utils/src/test/java/com/yahoo/security/KeyUtilsTest.java @@ -17,6 +17,32 @@ import static org.junit.Assert.assertThat; */ public class KeyUtilsTest { + private static final String rsaPemPublicKey = "-----BEGIN PUBLIC KEY-----\n" + + "MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAsKL8jvIEy2peLtEvyhWW\n" + + "b/O/9RHTfPXjeXahXmVrXE4zY5CJ6Mf1PFkwQ8K8S35YhSbOZM4aYhF9V8F4jwyW\n" + + "nX6qWUMrWVHOuS32fkjdNo0z/KxCbG5nRIWLuv/PkHNuIJqMCbwn6Qud5a+wxeLg\n" + + "LqlroCtUJKAGj4YlZ5i8oMdCqfHKl/DMwcks5XxtIArz6GcM2z8fOB3NRexj32MU\n" + + "LH7ybWhCDx/RSqGQYJ8sWEFIK4HSmYqwqIQpFAm/ixISkeWBL6ikgqchZNMf7xyn\n" + + "yJxjCHgtkxANsQhHj2kgAzLDeBsuM+/WRhBGa+LRvEcuu/zZv9+7eVhpaYJveLVd\n" + + "cwPewW/8liBmKIzj/QPCn7ZlVRk094TZD6TCER4+JFW9mo0vFD8S9o0zhMlckzCF\n" + + "4ZNNgyP9tI8Wecq25A+sUY5/WZNLi+mka/GnfPt97GrhM0YHb1M6t4nh1R437Nwh\n" + + "rUHR/YDazbBvLk5T71GgfQfn44L9SwsqEYaHvdZAfV0IZJBtDo/yCe/yvgtHTymB\n" + + "eBrRMpBU5recPtW8bgEWlHl6Qyduw9EBJjNYxvBpgV/D/tNBcau0aGxmhwpBevet\n" + + "ekV6XA2miC7rWu2Wrq2l5LjXEgZOD5PNN2vQS2Cdet9JHYWbVbK3mBLgoChcC5Xo\n" + + "/QHLU4RydI0i0+Z2/tjGsGsCAwEAAQ==\n" + + "-----END PUBLIC KEY-----\n"; + + private static final String ecPemPublicKey = "-----BEGIN PUBLIC KEY-----\n" + + "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuKVFA8dXk43kVfYKzkUqhEY2rDT9\n" + + "z/4jKSTHwbYR8wdsOSrJGVEUPbS2nguIJ64OJH7gFnxM6sxUVj+Nm2HlXw==\n" + + "-----END PUBLIC KEY-----\n"; + + private static final String ecPemPrivateKey = "-----BEGIN EC PRIVATE KEY-----\n" + + "MHcCAQEEIJUmbIX8YFLHtpRgkwqDDE3igU9RG6JD9cYHWAZii9j7oAoGCCqGSM49\n" + + "AwEHoUQDQgAEuKVFA8dXk43kVfYKzkUqhEY2rDT9z/4jKSTHwbYR8wdsOSrJGVEU\n" + + "PbS2nguIJ64OJH7gFnxM6sxUVj+Nm2HlXw==\n" + + "-----END EC PRIVATE KEY-----\n"; + @Test public void can_extract_public_key_from_rsa_private() { KeyPair keyPair = KeyUtils.generateKeypair(KeyAlgorithm.RSA); @@ -51,4 +77,15 @@ public class KeyUtilsTest { assertEquals(keyPair.getPrivate(), deserializedKey); } -}
\ No newline at end of file + @Test + public void can_deserialize_rsa_publickey_in_pem_format() { + KeyUtils.fromPemEncodedPublicKey(rsaPemPublicKey); + } + + @Test + public void can_deserialize_ec_keys_in_pem_format() { + KeyUtils.fromPemEncodedPublicKey(ecPemPublicKey); + KeyUtils.fromPemEncodedPrivateKey(ecPemPrivateKey); + } + +} |