Skip to content

Commit

Permalink
[refactor] PKey read-er methods and return types
Browse files Browse the repository at this point in the history
  • Loading branch information
kares committed Apr 4, 2024
1 parent 585fb89 commit 382a829
Show file tree
Hide file tree
Showing 3 changed files with 27 additions and 42 deletions.
4 changes: 2 additions & 2 deletions src/main/java/org/jruby/ext/openssl/PKey.java
Original file line number Diff line number Diff line change
Expand Up @@ -431,12 +431,12 @@ protected static boolean ttySTDIN(final ThreadContext context) {
catch (RaiseException ex) { return false; }
}

static Object readPrivateKey(final String str, final char[] passwd)
static KeyPair readPrivateKey(final String str, final char[] passwd)
throws PEMInputOutput.PasswordRequiredException, IOException {
return PEMInputOutput.readPrivateKey(new StringReader(str), passwd);
}

static Object readPrivateKey(final RubyString str, final char[] passwd)
static KeyPair readPrivateKey(final RubyString str, final char[] passwd)
throws PEMInputOutput.PasswordRequiredException, IOException {
return readPrivateKey(str.toString(), passwd);
}
Expand Down
45 changes: 15 additions & 30 deletions src/main/java/org/jruby/ext/openssl/impl/PKey.java
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,13 @@
public class PKey {

public static KeyPair readPrivateKey(final byte[] input, final String type)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
return readPrivateKey((ASN1Sequence) new ASN1InputStream(input).readObject(), type);
}

public static KeyPair readPrivateKey(final ASN1Sequence seq, final String type)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
KeySpec pubSpec; KeySpec privSpec;
ASN1Sequence seq = (ASN1Sequence) new ASN1InputStream(input).readObject();
if ( type.equals("RSA") ) {
ASN1Integer mod = (ASN1Integer) seq.getObjectAt(1);
ASN1Integer pubExp = (ASN1Integer) seq.getObjectAt(2);
Expand All @@ -114,7 +118,7 @@ else if ( type.equals("DSA") ) {
pubSpec = new DSAPublicKeySpec(y.getValue(), p.getValue(), q.getValue(), g.getValue());
}
else if ( type.equals("EC") ) {
return readECPrivateKey(input);
return readECPrivateKey(SecurityHelper.getKeyFactory("EC"), seq);
}
else {
throw new IllegalStateException("unsupported type: " + type);
Expand All @@ -123,29 +127,6 @@ else if ( type.equals("EC") ) {
return new KeyPair(fact.generatePublic(pubSpec), fact.generatePrivate(privSpec));
}

// d2i_PrivateKey_bio
public static KeyPair readPrivateKey(byte[] input) throws IOException,
NoSuchAlgorithmException, InvalidKeySpecException {
KeyPair key = null;
try {
key = readRSAPrivateKey(input);
}
catch (NoSuchAlgorithmException e) { throw e; /* should not happen */ }
catch (InvalidKeySpecException e) {
// ignore
}
if (key == null) {
try {
key = readDSAPrivateKey(input);
}
catch (NoSuchAlgorithmException e) { throw e; /* should not happen */ }
catch (InvalidKeySpecException e) {
// ignore
}
}
return key;
}

// d2i_PUBKEY_bio
public static PublicKey readPublicKey(byte[] input) throws IOException,
NoSuchAlgorithmException, InvalidKeySpecException {
Expand Down Expand Up @@ -281,22 +262,26 @@ public static KeyPair readECPrivateKey(final byte[] input)
return readECPrivateKey(SecurityHelper.getKeyFactory("EC"), input);
}

public static KeyPair readECPrivateKey(final KeyFactory ecFactory, final byte[] input)
public static KeyPair readECPrivateKey(final KeyFactory keyFactory, final byte[] input)
throws IOException, InvalidKeySpecException {
return readECPrivateKey(keyFactory, (ASN1Sequence) ASN1Primitive.fromByteArray(input));
}

public static KeyPair readECPrivateKey(final KeyFactory keyFactory, final ASN1Sequence input)
throws IOException, InvalidKeySpecException {
try {
org.bouncycastle.asn1.sec.ECPrivateKey pKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(ASN1Primitive.fromByteArray(input));
org.bouncycastle.asn1.sec.ECPrivateKey pKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(input);
AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParametersObject().toASN1Primitive());
PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey.toASN1Primitive());
SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());
PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(privInfo.getEncoded());
X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
//KeyFactory fact = KeyFactory.getInstance("EC", provider);

ECPrivateKey privateKey = (ECPrivateKey) ecFactory.generatePrivate(privSpec);
ECPrivateKey privateKey = (ECPrivateKey) keyFactory.generatePrivate(privSpec);
if ( algId.getParameters() instanceof ASN1ObjectIdentifier ) {
privateKey = ECPrivateKeyWithName.wrap(privateKey, (ASN1ObjectIdentifier) algId.getParameters());
}
return new KeyPair(ecFactory.generatePublic(pubSpec), privateKey);
return new KeyPair(keyFactory.generatePublic(pubSpec), privateKey);
}
catch (ClassCastException ex) {
throw new IOException("wrong ASN.1 object found in stream", ex);
Expand Down
20 changes: 10 additions & 10 deletions src/main/java/org/jruby/ext/openssl/x509store/PEMInputOutput.java
Original file line number Diff line number Diff line change
Expand Up @@ -1486,23 +1486,23 @@ private static CMSSignedData readPKCS7(BufferedReader in, char[] p, String endMa

public static KeyFactory getKeyFactory(final AlgorithmIdentifier algId)
throws NoSuchAlgorithmException {
return SecurityHelper.getKeyFactory(getPrivateKeyType(algId));
}

private static String getPrivateKeyType(final AlgorithmIdentifier algId) {
final ASN1ObjectIdentifier algIdentifier = algId.getAlgorithm();

String algorithm = null;
if ( X9ObjectIdentifiers.id_ecPublicKey.equals(algIdentifier) ) {
algorithm = "EC";
if (X9ObjectIdentifiers.id_ecPublicKey.equals(algIdentifier)) {
return "EC";
}
else if ( PKCSObjectIdentifiers.rsaEncryption.equals(algIdentifier) ) {
algorithm = "RSA";
if (PKCSObjectIdentifiers.rsaEncryption.equals(algIdentifier)) {
return "RSA";
}
else if ( X9ObjectIdentifiers.id_dsa.equals(algIdentifier) ) {
algorithm = "DSA";
if (X9ObjectIdentifiers.id_dsa.equals(algIdentifier)) {
return "DSA";
}

if ( algorithm == null ) algorithm = algIdentifier.getId();

return SecurityHelper.getKeyFactory(algorithm);
return algIdentifier.getId();
}

private static CertificateFactory getX509CertificateFactory() {
Expand Down

0 comments on commit 382a829

Please sign in to comment.