Package org.globus.gsi

Class OpenSSLKey

  • All Implemented Interfaces:
    Serializable
    Direct Known Subclasses:
    BouncyCastleOpenSSLKey
    public abstract class OpenSSLKey
extends Object
implements Serializable
    Represents a OpenSSL-style PEM-formatted private key. It supports encryption and decryption of the key. Currently, only RSA keys are supported, and only TripleDES encryption is supported.

    This is based on work done by Ming Yung at DSTC.

    Since:
    1.0
    Version:
    ${version}
    See Also:
    Serialized Form

    • Constructor Detail

      • OpenSSLKey

        public OpenSSLKey​(PrivateKey key)
        Converts a RSAPrivateCrtKey into OpenSSL key.
        Parameters:
        key - private key - must be a RSAPrivateCrtKey

      • OpenSSLKey

        public OpenSSLKey​(String algorithm,
                  byte[] data)
           throws GeneralSecurityException
        Initializes the OpenSSL key from raw byte array.
        Parameters:
        algorithm - the algorithm of the key. Currently only RSA algorithm is supported.
        data - the DER encoded key data. If RSA algorithm, the key must be in PKCS#1 format.
        Throws:
        GeneralSecurityException - if any security problems.

    • Method Detail

      • getEncoded

        protected byte[] getEncoded()

      • isEncrypted

        public boolean isEncrypted()
        Check if the key was encrypted or not.
        Returns:
        true if the key is encrypted, false otherwise.

      • decrypt

        public void decrypt​(String password)
             throws GeneralSecurityException
        Decrypts the private key with given password. Does nothing if the key is not encrypted.
        Parameters:
        password - password to decrypt the key with.
        Throws:
        GeneralSecurityException - whenever an error occurs during decryption.

      • decrypt

        public void decrypt​(byte[] password)
             throws GeneralSecurityException
        Decrypts the private key with given password. Does nothing if the key is not encrypted.
        Parameters:
        password - password to decrypt the key with.
        Throws:
        GeneralSecurityException - whenever an error occurs during decryption.

      • encrypt

        public void encrypt​(String password)
             throws GeneralSecurityException
        Encrypts the private key with given password. Does nothing if the key is encrypted already.
        Parameters:
        password - password to encrypt the key with.
        Throws:
        GeneralSecurityException - whenever an error occurs during encryption.

      • encrypt

        public void encrypt​(byte[] password)
             throws GeneralSecurityException
        Encrypts the private key with given password. Does nothing if the key is encrypted already.
        Parameters:
        password - password to encrypt the key with.
        Throws:
        GeneralSecurityException - whenever an error occurs during encryption.

      • getPrivateKey

        public PrivateKey getPrivateKey()
        Returns the JCE (RSAPrivateCrtKey) key.
        Returns:
        the private key, null if the key was not decrypted yet.

      • writeTo

        public void writeTo​(OutputStream output)
             throws IOException
        Writes the private key to the specified output stream in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        output - output stream to write the key to.
        Throws:
        IOException - if I/O problems writing the key

      • writeTo

        public void writeTo​(Writer w)
             throws IOException
        Writes the private key to the specified writer in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        w - writer to output the key to.
        Throws:
        IOException - if I/O problems writing the key

      • writeTo

        public void writeTo​(String file)
             throws IOException
        Writes the private key to the specified file in PEM format. If the key was encrypted it will be encoded as an encrypted RSA key. If not, it will be encoded as a regular RSA key.
        Parameters:
        file - file to write the key to.
        Throws:
        IOException - if I/O problems writing the key

      • getEncoded

        protected abstract byte[] getEncoded​(PrivateKey key)

      • getProvider

        protected String getProvider()

      • hashCode

        public int hashCode()
        Overrides:
        hashCode in class Object