11package org .mockserver .socket .tls ;
22
33import org .bouncycastle .asn1 .pkcs .PrivateKeyInfo ;
4+ import org .bouncycastle .openssl .PEMKeyPair ;
45import org .bouncycastle .openssl .PEMParser ;
56import org .bouncycastle .openssl .jcajce .JcaPEMKeyConverter ;
67import org .mockserver .file .FileReader ;
78
89import java .io .ByteArrayInputStream ;
910import java .io .InputStream ;
1011import java .io .StringReader ;
11- import java .security .KeyFactory ;
12+ import java .security .PrivateKey ;
1213import java .security .cert .CertificateEncodingException ;
1314import java .security .cert .CertificateFactory ;
1415import java .security .cert .X509Certificate ;
15- import java .security .PrivateKey ;
1616import java .security .spec .KeySpec ;
1717import java .security .spec .PKCS8EncodedKeySpec ;
1818import java .util .Base64 ;
1919import java .util .List ;
20+ import java .util .regex .Pattern ;
2021import java .util .stream .Collectors ;
2122
2223import static org .apache .commons .lang3 .StringUtils .EMPTY ;
@@ -28,12 +29,27 @@ public class PEMToFile {
2829 private static final String END_CERTIFICATE = "-----END CERTIFICATE-----" ;
2930
3031 private static final String BEGIN_PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----" ;
31- private static final String BEGIN_RSA_PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----" ;
3232 private static final String END_PRIVATE_KEY = "-----END PRIVATE KEY-----" ;
33+ private static final String BEGIN_RSA_PRIVATE_KEY = "-----BEGIN RSA PRIVATE KEY-----" ;
3334 private static final String END_RSA_PRIVATE_KEY = "-----END RSA PRIVATE KEY-----" ;
34-
35- public static String privateKeyToPEM (final byte [] privateKey ) {
36- return toPEM (privateKey , BEGIN_PRIVATE_KEY , END_PRIVATE_KEY );
35+ private static final String BEGIN_EC_PRIVATE_KEY = "-----BEGIN EC PRIVATE KEY-----" ;
36+ private static final String END_EC_PRIVATE_KEY = "-----END EC PRIVATE KEY-----" ;
37+ private static final Pattern BEGIN_PATTERN = Pattern .compile ("-----BEGIN ([A-Z ]+)-----" );
38+ private static final Pattern END_PATTERN = Pattern .compile ("-----END ([A-Z ]+)-----" );
39+
40+ public static String privateKeyToPEM (final PrivateKey privateKey ) {
41+ switch (privateKey .getAlgorithm ()) {
42+ case "ES256" :
43+ case "ES384" :
44+ case "ES512" :
45+ return toPEM (privateKey .getEncoded (), BEGIN_EC_PRIVATE_KEY , END_EC_PRIVATE_KEY );
46+ case "RS256" :
47+ case "RS384" :
48+ case "RS512" :
49+ return toPEM (privateKey .getEncoded (), BEGIN_RSA_PRIVATE_KEY , END_RSA_PRIVATE_KEY );
50+ default :
51+ throw new IllegalArgumentException ("Error invalid algorithm has been provided" );
52+ }
3753 }
3854
3955 public static String certToPEM (final X509Certificate ... x509Certificates ) throws CertificateEncodingException {
@@ -68,8 +84,10 @@ public static byte[] privateKeyBytesFromPEM(final String pem) {
6884 pem
6985 .replaceFirst (BEGIN_PRIVATE_KEY , EMPTY )
7086 .replaceFirst (BEGIN_RSA_PRIVATE_KEY , EMPTY )
87+ .replaceFirst (BEGIN_EC_PRIVATE_KEY , EMPTY )
7188 .replaceFirst (END_PRIVATE_KEY , EMPTY )
7289 .replaceFirst (END_RSA_PRIVATE_KEY , EMPTY )
90+ .replaceFirst (END_EC_PRIVATE_KEY , EMPTY )
7391 );
7492 }
7593
@@ -87,10 +105,15 @@ public static PrivateKey privateKeyFromPEMFile(String filename) {
87105
88106 public static PrivateKey privateKeyFromPEM (String pem ) {
89107 try {
90-
91108 PEMParser pemParser = new PEMParser (new StringReader (pem ));
92- JcaPEMKeyConverter converter = new JcaPEMKeyConverter ();
93- return converter .getPrivateKey (PrivateKeyInfo .getInstance (pemParser .readObject ()));
109+ JcaPEMKeyConverter converter = new JcaPEMKeyConverter ().setProvider ("BC" );
110+
111+ Object readObject = pemParser .readObject ();
112+ if (readObject instanceof PEMKeyPair ) {
113+ return converter .getKeyPair ((PEMKeyPair ) readObject ).getPrivate ();
114+ } else {
115+ return converter .getPrivateKey (PrivateKeyInfo .getInstance (readObject ));
116+ }
94117 } catch (Exception e ) {
95118 throw new RuntimeException ("Exception reading private key from PEM file" , e );
96119 }
0 commit comments