private static String getPrivateKeyTypeFromObjectId(DERObjectIdentifier oid) {
if (ASN1Registry.obj2nid(oid) == ASN1Registry.NID_rsaEncryption) {
return "RSA";
} else {
return "DSA";
}
}
private static PrivateKey derivePrivateKeyPBES1(
org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo eIn,
AlgorithmIdentifier algId,
char[] password)
throws GeneralSecurityException {
PKCS12PBEParams pkcs12Params = new PKCS12PBEParams((ASN1Sequence) algId.getParameters());
PBEParameterSpec pbeParams =
new PBEParameterSpec(pkcs12Params.getIV(), pkcs12Params.getIterations().intValue());
String algorithm = ASN1Registry.o2a(algId.getAlgorithm());
algorithm = (algorithm.split("-"))[0];
Cipher cipher = OpenSSLReal.getCipherBC(algorithm); // need to use BC for PBEParameterSpec.
SecretKeyFactory fact =
OpenSSLReal.getSecretKeyFactoryBC(algorithm); // need to use BC for PKCS12PBEParams.
SecretKey key = fact.generateSecret(new PBEKeySpec(password));
cipher.init(Cipher.UNWRAP_MODE, key, pbeParams);
// wrappedKeyAlgorithm is unknown ("")
return (PrivateKey) cipher.unwrap(eIn.getEncryptedData(), "", Cipher.PRIVATE_KEY);
}