Add decryption of AES-encrypted private keys #26
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Pesa
requested changes
Dec 6, 2019
|
|
||
| /** | ||
| * A TpmPrivateKey holds an in-memory private key and provides cryptographic | ||
| * operations such as for signing by the in-memory TPM. | ||
| */ | ||
| public class TpmPrivateKey { | ||
| static { | ||
| Security.insertProviderAt(new org.spongycastle.jce.provider.BouncyCastleProvider(), 1); | ||
| } |
| @@ -108,6 +108,7 @@ public Error(String message) | |||
|
|
|||
| if (key == null) | |||
| return new Blob(); | |||
|
|
|||
Comment on lines
158
to
161
| byte[] encodingBytes = new byte[10]; | ||
| encodingBytes = new byte[encoding.remaining()]; | ||
| encoding.get(encodingBytes, 0, encodingBytes.length); | ||
| encoding.clear(); | ||
| encodingBytes = new byte[encoding.capacity()]; | ||
| encoding.get(encodingBytes, 0, encodingBytes.length); |
There was a problem hiding this comment.
I'm not following this code, why do you need to do all this? encodingBytes is allocated 3 times?
| * This replaces any existing private key in this object. | ||
| * @param encoding The byte buffer with the private key encoding. | ||
| * @param password The password for decrypting the private key, which should | ||
| * have characters in the range of 1 to 127. |
There was a problem hiding this comment.
where does this limitation come from?
There was a problem hiding this comment.
That's leftover from the code I replaced. I'll remove it.
| } catch (IOException | OperatorCreationException | PKCSException ex) { | ||
| throw new TpmPrivateKey.Error | ||
| ("loadEncryptedPkcs8: Error parsing PrivateKey info: " + ex); | ||
| } |
| try { | ||
| SafeBag safebag = new SafeBag(testKey); | ||
| fixture_.keyChain_.importSafeBag(safebag, password.buf()); | ||
| } catch (Throwable ex) { |
jrandallclark
changed the title
|
You should squash the two commits together and force-push to the branch in order to properly update the PR. |
jrandallclark
force-pushed
the
AESPrivateKeys
branch
from
8427626
to
acf5d1b
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for AES encrypted private keys exported by ndn-cxx.