CryptoUtils.java

  1. /*
  2.  * CryptoUtils
  3.  *
  4.  * $Id$
  5.  * $URL$
  6.  */
  7. package gov.usgs.util;

  9. import java.io.ByteArrayInputStream;
  10. import java.io.ByteArrayOutputStream;
  11. import java.io.IOException;
  12. import java.io.InputStream;
  13. import java.io.OutputStream;
  14. import java.math.BigInteger;
  15. import java.nio.ByteBuffer;
  16. import java.security.Key;
  17. import java.security.PublicKey;
  18. import java.security.PrivateKey;
  19. import java.security.cert.Certificate;
  20. import java.security.cert.CertificateException;
  21. import java.security.cert.CertificateFactory;
  22. import java.security.interfaces.DSAPrivateKey;
  23. import java.security.interfaces.DSAPublicKey;
  24. import java.security.interfaces.RSAPrivateKey;
  25. import java.security.interfaces.RSAPublicKey;
  26. import java.security.spec.DSAPublicKeySpec;
  27. import java.security.spec.DSAPrivateKeySpec;
  28. import java.security.spec.InvalidKeySpecException;
  29. import java.security.spec.MGF1ParameterSpec;
  30. import java.security.spec.PKCS8EncodedKeySpec;
  31. import java.security.spec.PSSParameterSpec;
  32. import java.security.spec.RSAPublicKeySpec;
  33. import java.security.spec.RSAPrivateKeySpec;
  34. import java.security.spec.X509EncodedKeySpec;
  35. import java.security.KeyFactory;
  36. import java.security.KeyPair;
  37. import java.security.KeyPairGenerator;
  38. import java.security.Signature;
  39. import java.security.SignatureException;
  40. import java.security.InvalidAlgorithmParameterException;
  41. import java.security.InvalidKeyException;
  42. import java.security.NoSuchAlgorithmException;
  43. import java.util.Base64;
  44. import java.util.LinkedList;
  45. import java.util.List;

  47. import javax.crypto.Cipher;
  48. import javax.crypto.CipherOutputStream;
  49. import javax.crypto.KeyGenerator;
  50. import javax.crypto.NoSuchPaddingException;

  52. import ch.ethz.ssh2.crypto.PEMDecoder;

  54. /**
  55.  * Encryption and signing utilities.
  56.  */
  57. public class CryptoUtils {

  59.     /** Algorithm used by AES keys and ciphers. */
  60.     public static final String AES_ALGORITHM = "AES";
  61.     /** Number of bits for AES 128 bit key. */
  62.     public static final int AES_128 = 128;
  63.     /** Number of bits for AES 256 bit key. */
  64.     public static final int AES_256 = 256;

  66.     /** Algorithm used by DSA keys. */
  67.     public static final String DSA_ALGORITHM = "DSA";
  68.     /** Algorithm used for signature with DSA key. */
  69.     public static final String DSA_SIGNATURE_ALGORITHM = "SHA1withDSA";
  70.     /** Number of bits for DSA 1024 bit key. */
  71.     public static final int DSA_1024 = 1024;

  73.     /** Algorithm used by RSA keys and ciphers. */
  74.     public static final String RSA_ALGORITHM = "RSA";
  75.     /** Algorithm used for signature with RSA key. */
  76.     public static final String RSA_SIGNATURE_ALGORITHM = "SHA1withRSA";
  77.     /** Number of bits for RSA 2048 bit key. */
  78.     public static final int RSA_2048 = 2048;
  79.     /** Number of bits for RSA 4096 bit key. */
  80.     public static final int RSA_4096 = 4096;

  82.     /** Signature versions. */
  83.     public enum Version {
  84.         /** Signature enum for v1 */
  85.         SIGNATURE_V1("v1"),
  86.         /** Signature enum for v2 */
  87.         SIGNATURE_V2("v2");

  89.         private String value;

  91.         Version(final String value) {
  92.             this.value = value;
  93.         }

  95.         public String toString() {
  96.             return this.value;
  97.         }

  99.         /**
  100.          * @param value to get a signature from
  101.          * @return a version
  102.          * @throws IllegalArgumentException if unknown version.
  103.          */
  104.         public static Version fromString(final String value) {
  105.             if (SIGNATURE_V1.value.equals(value)) {
  106.                 return SIGNATURE_V1;
  107.             } else if (SIGNATURE_V2.value.equals(value)) {
  108.                 return SIGNATURE_V2;
  109.             } else {
  110.                 throw new IllegalArgumentException("Invalid signature version");
  111.             }
  112.         }
  113.     }

  115.     /** v2 Algorithm for DSA signature */
  116.     public static final String SIGNATURE_V2_DSA_ALGORITHM = "SHA256withDSA";
  117.     /** v2 Algorithm for RSA signature */
  118.     public static final String SIGNATURE_V2_RSA_ALGORITHM = "RSASSA-PSS";

  120.     /**
  121.      * Process a data stream using a cipher.
  122.      *
  123.      * If cipher is initialized to ENCRYPT_MODE, the input stream will be
  124.      * encrypted. If cipher is initialized to DECRYPT_MODE, the input stream
  125.      * will be decrypted.
  126.      *
  127.      * @param cipher
  128.      *            an initialized cipher.
  129.      * @param in
  130.      *            the data to encrypt.
  131.      * @param out
  132.      *            where encrypted data is written.
  133.      * @throws NoSuchAlgorithmException if invalid encrypt/decrypt algorithm
  134.      * @throws NoSuchPaddingException on padding error
  135.      * @throws InvalidKeyException if key is not RSA or DSA.
  136.      * @throws IOException if IO error occurs
  137.      */
  138.     public static void processCipherStream(final Cipher cipher,
  139.             final InputStream in, final OutputStream out)
  140.             throws NoSuchAlgorithmException, NoSuchPaddingException,
  141.             InvalidKeyException, IOException {
  142.         CipherOutputStream cos = new CipherOutputStream(out, cipher);
  143.         StreamUtils.transferStream(in, cos);
  144.     }

  146.     /**
  147.      * Create and initialize an encrypting cipher using key.getAlgorithm() as
  148.      * transformation.
  149.      *
  150.      * @param key
  151.      *            the key used to encrypt.
  152.      * @return a cipher used to encrypt.
  153.      * @throws NoSuchAlgorithmException on invalid algorithm
  154.      * @throws NoSuchPaddingException on invalid padding
  155.      * @throws InvalidKeyException if key is not RSA or DSA.
  156.      */
  157.     public static Cipher getEncryptCipher(final Key key)
  158.             throws NoSuchAlgorithmException, NoSuchPaddingException,
  159.             InvalidKeyException {
  160.         Cipher cipher = Cipher.getInstance(key.getAlgorithm());
  161.         cipher.init(Cipher.ENCRYPT_MODE, key);
  162.         return cipher;
  163.     }

  165.     /**
  166.      * Create and initialize a decrypting cipher using key.getAlgorithm as
  167.      * transformation.
  168.      *
  169.      * @param key
  170.      *            the key used to decrypt.
  171.      * @return a cipher used to decrypt.
  172.      * @throws NoSuchAlgorithmException on invalid algorithm
  173.      * @throws NoSuchPaddingException on invalid padding
  174.      * @throws InvalidKeyException if key is not RSA or DSA.
  175.      */
  176.     public static Cipher getDecryptCipher(final Key key)
  177.             throws NoSuchAlgorithmException, NoSuchPaddingException,
  178.             InvalidKeyException {
  179.         Cipher cipher = Cipher.getInstance(key.getAlgorithm());
  180.         cipher.init(Cipher.DECRYPT_MODE, key);
  181.         return cipher;
  182.     }

  184.     /**
  185.      * Create and configure a signature object based on key type.
  186.      *
  187.      * @param key
  188.      *     Key used to sign/verify.
  189.      * @param version
  190.      *     SIGNATURE_V1 or SIGNATURE_V2
  191.      * @return
  192.      *     Configured Signature object
  193.      * @throws InvalidKeyException
  194.      *     if key is not RSA or DSA.
  195.      * @throws NoSuchAlgorithmException
  196.      *     on invalid algorithm
  197.      * @throws SignatureException
  198.      *     on signature error
  199.      */
  200.     public static Signature getSignature(final Key key, final Version version)
  201.             throws InvalidKeyException, NoSuchAlgorithmException,
  202.                     SignatureException {
  203.         Signature signature = null;
  204.         if (version == Version.SIGNATURE_V1) {
  205.             if (key instanceof DSAPrivateKey || key instanceof DSAPublicKey) {
  206.                 signature = Signature.getInstance(DSA_SIGNATURE_ALGORITHM);
  207.             } else if (key instanceof RSAPrivateKey || key instanceof RSAPublicKey) {
  208.                 signature = Signature.getInstance(RSA_SIGNATURE_ALGORITHM);
  209.             }
  210.         } else if (version == Version.SIGNATURE_V2) {
  211.             if (key instanceof DSAPrivateKey || key instanceof DSAPublicKey) {
  212.                 signature = Signature.getInstance(SIGNATURE_V2_DSA_ALGORITHM);
  213.             } else if (key instanceof RSAPrivateKey || key instanceof RSAPublicKey) {
  214.                 signature = Signature.getInstance(SIGNATURE_V2_RSA_ALGORITHM);
  215.             }
  216.         } else {
  217.             throw new IllegalArgumentException("Unexpected signature version " + version);
  218.         }
  219.         if (signature == null) {
  220.             throw new InvalidKeyException("Expected DSA or RSA key");
  221.         }
  222.         return signature;
  223.     }

  225.     /**
  226.      *
  227.      * @param key Key used to sign/verify.
  228.      * @param version SIGNATURE_V1 or SIGNATURE_V2
  229.      * @param signature A signature
  230.      * @throws InvalidAlgorithmParameterException
  231.      *     on invalid or inappropriate algorithm parameters
  232.      */
  233.     public static void configureSignature(final Key key, final Version version,
  234.             final Signature signature) throws InvalidAlgorithmParameterException {
  235.         if (version == Version.SIGNATURE_V2
  236.                 && (key instanceof RSAPrivateKey || key instanceof RSAPublicKey)) {
  237.             int keySize;
  238.             if (key instanceof RSAPrivateKey) {
  239.                 keySize = ((RSAPrivateKey)key).getModulus().bitLength();
  240.             } else {
  241.                 keySize = ((RSAPublicKey)key).getModulus().bitLength();
  242.             }
  243.             // match python cryptography calculation:
  244.             // https://github.com/pyca/cryptography/blob/b16561670320c65a18cce41d0db0c42ab68350a9/src/cryptography/hazmat/primitives/asymmetric/padding.py#L73
  245.             // 32 = (sha)256 / 8
  246.             int maxSaltLength = ((keySize + 6) / 8) - 32 - 2;
  247.             signature.setParameter(
  248.                     new PSSParameterSpec("SHA-256", "MGF1",
  249.                             MGF1ParameterSpec.SHA256, maxSaltLength, 1));
  250.         }
  251.     }

  253.     /**
  254.      * A convenience method that chooses a signature algorithm based on the key
  255.      * type. Works with DSA and RSA keys.
  256.      *
  257.      * @param privateKey a private key
  258.      * @param data data to sign
  259.      * @return signature as hex encoded string
  260.      * @throws InvalidAlgorithmParameterException
  261.      *     on invalid or inappropriate algorithm parameters
  262.      * @throws InvalidKeyException
  263.      *     if key is not RSA or DSA.
  264.      * @throws NoSuchAlgorithmException
  265.      *     on invalid algorithm
  266.      * @throws SignatureException
  267.      *     on signature error
  268.      */
  269.     public static String sign(final PrivateKey privateKey, final byte[] data)
  270.             throws InvalidAlgorithmParameterException, InvalidKeyException,
  271.             NoSuchAlgorithmException, SignatureException {
  272.         // use v1 by default
  273.         return sign(privateKey, data, Version.SIGNATURE_V1);
  274.     }

  276.     /**
  277.      * Generate a signature.
  278.      *
  279.      * @param privateKey
  280.      *            private key to use, should be acceptable by signature
  281.      *            instance.
  282.      * @param data
  283.      *            data/hash to sign.
  284.      * @param version
  285.      *            the signature version.
  286.      * @return signature as hex encoded string.
  287.      * @throws InvalidAlgorithmParameterException
  288.      *            on invalid or inappropriate algorithm parameters
  289.      * @throws NoSuchAlgorithmException
  290.      *            on invalid algorithm
  291.      * @throws InvalidKeyException
  292.      *            if key is not RSA or DSA.
  293.      * @throws SignatureException
  294.      *            on signature error
  295.      */
  296.     public static String sign(final PrivateKey privateKey, final byte[] data,
  297.             final Version version) throws InvalidAlgorithmParameterException,
  298.             InvalidKeyException, NoSuchAlgorithmException, SignatureException {
  299.         final Signature signature = getSignature(privateKey, version);
  300.         signature.initSign(privateKey);
  301.         configureSignature(privateKey, version, signature);
  302.         signature.update(data);
  303.         return Base64.getEncoder().encodeToString(signature.sign());
  304.     }

  306.     /**
  307.      * A convenience method that chooses a signature algorithm based on the key
  308.      * type. Works with DSA and RSA keys.
  309.      *
  310.      * @param publicKey
  311.      *            public key corresponding to private key that generated
  312.      *            signature.
  313.      * @param data
  314.      *            data/hash to verify
  315.      * @param allegedSignature
  316.      *            to try and verify with
  317.      * @return boolean
  318.      * @throws InvalidAlgorithmParameterException
  319.      *            on invalid or inappropriate algorithm parameters
  320.      * @throws InvalidKeyException
  321.      *            if key is not RSA or DSA.
  322.      * @throws NoSuchAlgorithmException
  323.      *            on invalid algorithm
  324.      * @throws SignatureException
  325.      *            on signature error
  326.      */
  327.     public static boolean verify(final PublicKey publicKey, final byte[] data,
  328.             final String allegedSignature)
  329.             throws InvalidAlgorithmParameterException, InvalidKeyException,
  330.             NoSuchAlgorithmException, SignatureException {
  331.         return verify(publicKey, data, allegedSignature, Version.SIGNATURE_V1);
  332.     }

  334.     /**
  335.      * Verify a signature.
  336.      *
  337.      * @param publicKey
  338.      *            public key corresponding to private key that generated
  339.      *            signature.
  340.      * @param data
  341.      *            the data/hash that was signed.
  342.      * @param allegedSignature
  343.      *            the signature being verified.
  344.      * @param version
  345.      *            signature version.
  346.      * @return true if computed signature matches allegedSignature.
  347.      * @throws InvalidAlgorithmParameterException
  348.      *            on invalid or inappropriate algorithm parameters
  349.      * @throws NoSuchAlgorithmException
  350.      *            on invalid algorithm
  351.      * @throws InvalidKeyException
  352.      *            if key is not RSA or DSA.
  353.      * @throws SignatureException
  354.      *            on signature error
  355.      */
  356.     public static boolean verify(final PublicKey publicKey, final byte[] data,
  357.             final String allegedSignature, final Version version)
  358.             throws InvalidAlgorithmParameterException, InvalidKeyException,
  359.             NoSuchAlgorithmException, SignatureException {
  360.         final Signature signature = getSignature(publicKey, version);
  361.         signature.initVerify(publicKey);
  362.         configureSignature(publicKey, version, signature);
  363.         signature.update(data);
  364.         return signature.verify(Base64.getDecoder().decode(allegedSignature));
  365.     }

  367.     /**
  368.      * A convenience method to encrypt a byte array.
  369.      *
  370.      * @param key
  371.      *            a key that can be used to encrypt.
  372.      * @param toEncrypt
  373.      *            the data to encrypt.
  374.      * @return encrypted byte array.
  375.      * @throws InvalidKeyException
  376.      *            if key is not RSA or DSA.
  377.      * @throws NoSuchAlgorithmException
  378.      *            on invalid algorithm
  379.      * @throws NoSuchPaddingException
  380.      *            on invalid padding
  381.      * @throws IllegalArgumentException
  382.      *            on illegal args passed to function
  383.      * @throws IOException
  384.      *            on IO error
  385.      */
  386.     public static byte[] encrypt(final Key key, final byte[] toEncrypt)
  387.             throws InvalidKeyException, NoSuchAlgorithmException,
  388.             NoSuchPaddingException, IllegalArgumentException, IOException {
  389.         ByteArrayOutputStream baos = new ByteArrayOutputStream();
  390.         processCipherStream(getEncryptCipher(key),
  391.                 StreamUtils.getInputStream(toEncrypt), baos);
  392.         return baos.toByteArray();
  393.     }

  395.     /**
  396.      * A convenience method to decrypt a byte array.
  397.      *
  398.      * @param key
  399.      *            a key that can be used to decrypt.
  400.      * @param toDecrypt
  401.      *            the data to decrypt.
  402.      * @return decrypted byte array.
  403.      * @throws InvalidKeyException
  404.      *            if key is not RSA or DSA.
  405.      * @throws NoSuchAlgorithmException
  406.      *            on invalid algorithm
  407.      * @throws NoSuchPaddingException
  408.      *            on invalid padding
  409.      * @throws IllegalArgumentException
  410.      *            on illegal args passed to function
  411.      * @throws IOException
  412.      *            on IO error
  413.      */
  414.     public static byte[] decrypt(final Key key, final byte[] toDecrypt)
  415.             throws InvalidKeyException, NoSuchAlgorithmException,
  416.             NoSuchPaddingException, IllegalArgumentException, IOException {
  417.         ByteArrayOutputStream baos = new ByteArrayOutputStream();
  418.         processCipherStream(getDecryptCipher(key),
  419.                 StreamUtils.getInputStream(toDecrypt), baos);
  420.         return baos.toByteArray();
  421.     }

  423.     /**
  424.      * Generate a new symmetric encryption key.
  425.      *
  426.      * @param bits
  427.      *            how many bits. This should be AES_128 or AES256.
  428.      * @return generated AES key.
  429.      * @throws NoSuchAlgorithmException
  430.      *            on invalid algorithm
  431.      */
  432.     public static Key generateAESKey(final int bits)
  433.             throws NoSuchAlgorithmException {
  434.         KeyGenerator gen = KeyGenerator.getInstance(AES_ALGORITHM);
  435.         gen.init(bits);
  436.         return gen.generateKey();
  437.     }

  439.     /**
  440.      * Generate a new asymmetric encryption key pair.
  441.      *
  442.      * @param bits
  443.      *            how many bits. Must be a valid RSA size.
  444.      * @return generated RSA key pair.
  445.      * @throws NoSuchAlgorithmException
  446.      *            on invalid algorithm
  447.      */
  448.     public static KeyPair generateRSAKeyPair(final int bits)
  449.             throws NoSuchAlgorithmException {
  450.         KeyPairGenerator gen = KeyPairGenerator.getInstance(RSA_ALGORITHM);
  451.         gen.initialize(bits);
  452.         return gen.generateKeyPair();
  453.     }

  455.     /**
  456.      * Generate a new asymmetric signature key pair.
  457.      *
  458.      * @param bits
  459.      *            how many bits. Must be a valid DSA size.
  460.      * @return generated DSA key pair.
  461.      * @throws NoSuchAlgorithmException
  462.      *            on invalid algorithm
  463.      */
  464.     public static KeyPair generateDSAKeyPair(final int bits)
  465.             throws NoSuchAlgorithmException {
  466.         KeyPairGenerator gen = KeyPairGenerator.getInstance(DSA_ALGORITHM);
  467.         gen.initialize(bits);
  468.         return gen.generateKeyPair();
  469.     }

  471.     /**
  472.      * Read a X509 encoded certificate. May be DER or PEM encoded.
  473.      *
  474.      * @param bytes
  475.      *            the certificate data as a byte array.
  476.      * @return parsed certificate.
  477.      * @throws CertificateException
  478.      *            on certificate issue
  479.      * @throws IOException
  480.      *            on IO error
  481.      */
  482.     public static Certificate readCertificate(final byte[] bytes)
  483.             throws CertificateException, IOException {
  484.         byte[] data = bytes;
  485.         if (((char) data[0]) == '-') {
  486.             data = convertPEMToDER(new String(data));
  487.         }
  488.         Certificate certificate = CertificateFactory.getInstance("X.509")
  489.                 .generateCertificate(new ByteArrayInputStream(data));
  490.         return certificate;
  491.     }

  493.     /**
  494.      * Read a X509 encoded public key. May be DER or PEM encoded.
  495.      *
  496.      * @param bytes
  497.      *            the key data as a byte array.
  498.      * @return parsed public key.
  499.      * @throws IOException
  500.      *            on IO error
  501.      * @throws NoSuchAlgorithmException
  502.      *            on invalid algorithm
  503.      */
  504.     public static PublicKey readPublicKey(final byte[] bytes)
  505.             throws IOException, NoSuchAlgorithmException {
  506.         byte[] data = bytes;
  507.         // decode from PEM format
  508.         if (((char) data[0]) == '-') {
  509.             data = convertPEMToDER(new String(data));
  510.         }
  511.         X509EncodedKeySpec spec = new X509EncodedKeySpec(data);

  513.         try {
  514.             return KeyFactory.getInstance(DSA_ALGORITHM).generatePublic(spec);
  515.         } catch (InvalidKeySpecException e) {
  516.             try {
  517.                 return KeyFactory.getInstance(RSA_ALGORITHM).generatePublic(
  518.                         spec);
  519.             } catch (InvalidKeySpecException e2) {
  520.                 // ignore
  521.             }
  522.         }

  524.         return null;
  525.     }

  527.     /**
  528.      * Read a PKCS#8 encoded private key. May be DER or PEM encoded.
  529.      *
  530.      * @param bytes
  531.      *            the key data as a byte array.
  532.      * @return parsed private key.
  533.      * @throws IOException
  534.      *            on IO error
  535.      * @throws NoSuchAlgorithmException
  536.      *            on invalid algorithm
  537.      */
  538.     public static PrivateKey readPrivateKey(final byte[] bytes)
  539.             throws IOException, NoSuchAlgorithmException {
  540.         byte[] data = bytes;
  541.         // decode from PEM format
  542.         if (((char) data[0]) == '-') {
  543.             data = convertPEMToDER(new String(data));
  544.         }
  545.         PKCS8EncodedKeySpec spec = new PKCS8EncodedKeySpec(data);

  547.         try {
  548.             return KeyFactory.getInstance(DSA_ALGORITHM).generatePrivate(spec);
  549.         } catch (InvalidKeySpecException e) {
  550.             try {
  551.                 return KeyFactory.getInstance(RSA_ALGORITHM).generatePrivate(
  552.                         spec);
  553.             } catch (InvalidKeySpecException e2) {
  554.                 // ignore
  555.             }
  556.         }

  558.         return null;
  559.     }

  561.     /**
  562.      * Read an OpenSSH private key from a stream.
  563.      *
  564.      * @param bytes
  565.      *            the byte array containing an OpenSSH private key.
  566.      * @param password
  567.      *            password if the key is encrypted.
  568.      * @return decoded PrivateKey.
  569.      * @throws IOException
  570.      *            on IO error
  571.      * @throws InvalidKeySpecException
  572.      *            when key has invalid specifications
  573.      * @throws NoSuchAlgorithmException
  574.      *            on invalid algorithm
  575.      */
  576.     public static PrivateKey readOpenSSHPrivateKey(final byte[] bytes,
  577.             final String password) throws IOException,
  578.             NoSuchAlgorithmException, InvalidKeySpecException {
  579.         PrivateKey key = null;

  581.         // this returns an ethz DSAPrivateKey or RSAPrivateKey
  582.         Object obj = PEMDecoder.decode(new String(bytes).toCharArray(),
  583.                 password);

  585.         if (obj instanceof ch.ethz.ssh2.signature.DSAPrivateKey) {
  586.             ch.ethz.ssh2.signature.DSAPrivateKey ethzDSAKey = (ch.ethz.ssh2.signature.DSAPrivateKey) obj;
  587.             key = (DSAPrivateKey) KeyFactory.getInstance("DSA")
  588.                     .generatePrivate(
  589.                             new DSAPrivateKeySpec(ethzDSAKey.getX(), ethzDSAKey
  590.                                     .getP(), ethzDSAKey.getQ(), ethzDSAKey
  591.                                     .getG()));
  592.         } else if (obj instanceof ch.ethz.ssh2.signature.RSAPrivateKey) {
  593.             ch.ethz.ssh2.signature.RSAPrivateKey ethzRSAKey = (ch.ethz.ssh2.signature.RSAPrivateKey) obj;
  594.             key = (RSAPrivateKey) KeyFactory.getInstance("RSA")
  595.                     .generatePrivate(
  596.                             new RSAPrivateKeySpec(ethzRSAKey.getN(), ethzRSAKey
  597.                                     .getD()));
  598.         }

  600.         return key;
  601.     }

  603.     /**
  604.      * Read an OpenSSH PublicKey from a stream.
  605.      *
  606.      * @param bytes
  607.      *            bytes to read.
  608.      * @return a publicKey
  609.      * @throws IOException
  610.      *            on IO error
  611.      * @throws NoSuchAlgorithmException
  612.      *            on invalid algorithm
  613.      * @throws InvalidKeySpecException
  614.      *            when key has invalid specifications
  615.      */
  616.     public static PublicKey readOpenSSHPublicKey(final byte[] bytes)
  617.             throws IOException, InvalidKeySpecException,
  618.             NoSuchAlgorithmException {

  620.         // format is <type><space><base64data><space><comment>
  621.         String[] line = new String(bytes).trim().split(" ", 3);
  622.         String type = line[0];
  623.         String content = line[1];
  624.         // String comment = line[2];

  626.         ByteBuffer buf = ByteBuffer.wrap(Base64.getDecoder().decode(content));

  628.         // format of decoded content is: <type><keyparams>
  629.         // where type and each param is a DER string
  630.         String decodedType = new String(readDERString(buf));
  631.         if (!decodedType.equals(type)) {
  632.             throw new IllegalArgumentException("expected " + type + ", got "
  633.                     + decodedType);
  634.         }
  635.         if (type.equals("ssh-dss")) {
  636.             // dsa key params are p, q, g, y
  637.             BigInteger p = new BigInteger(readDERString(buf));
  638.             BigInteger q = new BigInteger(readDERString(buf));
  639.             BigInteger g = new BigInteger(readDERString(buf));
  640.             BigInteger y = new BigInteger(readDERString(buf));
  641.             return KeyFactory.getInstance(DSA_ALGORITHM).generatePublic(
  642.                     new DSAPublicKeySpec(y, p, q, g));
  643.         } else if (type.equals("ssh-rsa")) {
  644.             // rsa key params are e, y
  645.             BigInteger e = new BigInteger(readDERString(buf));
  646.             BigInteger y = new BigInteger(readDERString(buf));
  647.             return KeyFactory.getInstance(RSA_ALGORITHM).generatePublic(
  648.                     new RSAPublicKeySpec(y, e));
  649.         } else {
  650.             throw new InvalidKeySpecException("Unknown key type '" + type + "'");
  651.         }
  652.     }

  654.     /**
  655.      * This method reads a DER encoded byte string from a ByteBuffer.
  656.      *
  657.      * A DER encoded string has
  658.      *
  659.      * length = 4 bytes big-endian integer<br>
  660.      * string = length bytes
  661.      *
  662.      * @param buf
  663.      *            buffer containing DER encoded bytes.
  664.      * @return bytes the decoded bytes.
  665.      */
  666.     public static byte[] readDERString(ByteBuffer buf) {
  667.         int length = buf.getInt();
  668.         if (length > 8192) {
  669.             throw new IllegalArgumentException("DER String Length " + length
  670.                     + " > 8192");
  671.         }
  672.         byte[] bytes = new byte[length];
  673.         buf.get(bytes);
  674.         return bytes;
  675.     }

  677.     /**
  678.      * Read a PEM format.
  679.      *
  680.      * This does not currently support encrypted PEM formats.
  681.      *
  682.      * @param string
  683.      *            string containing PEM formatted data.
  684.      * @return DER formatted data.
  685.      * @throws IOException
  686.      *            on IO error
  687.      */
  688.     public static byte[] convertPEMToDER(final String string)
  689.             throws IOException {
  690.         List<String> lines = StringUtils.split(string, "\n");
  691.         String header = lines.remove(0);
  692.         String footer = lines.remove(lines.size() - 1);
  693.         String type;

  695.         if (header.startsWith("-----BEGIN ") && header.endsWith("-----")) {
  696.             type = header;
  697.             type = type.replace("-----BEGIN ", "");
  698.             type = type.replace("-----", "");

  700.             if (type.contains("ENCRYPTED")) {
  701.                 throw new IllegalArgumentException(
  702.                         "Encrypted keys are not supported.");
  703.             }

  705.             if (footer.equals("-----END " + type + "-----")) {
  706.                 // expected match
  707.                 return Base64.getMimeDecoder().decode(
  708.                         StringUtils.join(new LinkedList<Object>(lines), "\n"));
  709.             } else {
  710.                 throw new IllegalArgumentException("Unexpected PEM footer '"
  711.                         + footer + "'");
  712.             }
  713.         } else {
  714.             throw new IllegalArgumentException("Unexpected PEM header '"
  715.                     + header + "'");
  716.         }
  717.     }

  719. }
Created with JaCoCo 0.8.8.202204050719