Package org.graylog2.shared.security.tls

Class PemKeyStore

java.lang.Object

org.graylog2.shared.security.tls.PemKeyStore

public final class PemKeyStore
extends Object

Constructor Summary

Constructors

Constructor	Description
PemKeyStore()

Method Summary

Modifier and Type	Method	Description
static KeyStore	buildKeyStore(Path certChainFile, Path keyFile, char[] keyPasswordChars)	Generates a new KeyStore.
protected static PKCS8EncodedKeySpec	generateKeySpec(char[] password, byte[] key)	Generates a key specification for an (encrypted) private key.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

PemKeyStore

public PemKeyStore()

Method Details

generateKeySpec

protected static PKCS8EncodedKeySpec generateKeySpec(char[] password,
 byte[] key)
                                              throws IOException,
org.bouncycastle.pkcs.PKCSException,
org.bouncycastle.operator.OperatorCreationException

Generates a key specification for an (encrypted) private key.

Parameters:

password - characters, if null or empty an unencrypted key is assumed

key - bytes of the DER encoded private key

Returns:

a key specification

Throws:

IOException - if parsing key fails

org.bouncycastle.pkcs.PKCSException - if the decryption key based on password cannot be used to decrypt key

org.bouncycastle.operator.OperatorCreationException - if the decryption algorithm parameters are somehow faulty

buildKeyStore

public static KeyStore buildKeyStore(Path certChainFile,
 Path keyFile,
 char[] keyPasswordChars)
                              throws GeneralSecurityException

Generates a new KeyStore.

Parameters:

certChainFile - a X.509 certificate chain file in PEM format,

keyFile - a PKCS#8 private key file in PEM format,

keyPasswordChars - the password of the keyFile. null if it's not password-protected.

Returns:

generated KeyStore.

Throws:

GeneralSecurityException - on any error regarding key generation