Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 4367cbc

Browse filesBrowse files
yue9944882yue9944882
committed
adding utilities functions for reading/loading private key
1 parent 2c9b25d commit 4367cbc
Copy full SHA for 4367cbc

File tree

Expand file treeCollapse file tree

4 files changed

+95
-17
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

4 files changed

+95
-17
lines changed
Open diff view settings
Collapse file

‎util/src/main/java/io/kubernetes/client/util/SSLUtils.java‎

Copy file name to clipboardExpand all lines: util/src/main/java/io/kubernetes/client/util/SSLUtils.java
+35-8Lines changed: 35 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,7 @@
1212
*/
1313
package io.kubernetes.client.util;
1414

15-
import java.io.BufferedReader;
16-
import java.io.ByteArrayInputStream;
17-
import java.io.File;
18-
import java.io.FileInputStream;
19-
import java.io.IOException;
20-
import java.io.InputStream;
21-
import java.io.InputStreamReader;
15+
import java.io.*;
2216
import java.math.BigInteger;
2317
import java.security.KeyFactory;
2418
import java.security.KeyStore;
@@ -38,7 +32,9 @@
3832
import org.apache.commons.codec.binary.Base64;
3933
import org.bouncycastle.openssl.PEMKeyPair;
4034
import org.bouncycastle.openssl.PEMParser;
35+
import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
4136
import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
37+
import org.bouncycastle.util.io.pem.PemWriter;
4238

4339
public class SSLUtils {
4440
static {
@@ -91,7 +87,38 @@ public static KeyStore createKeyStore(
9187
}
9288
}
9389

94-
private static PrivateKey loadKey(InputStream keyInputStream, String clientKeyAlgo)
90+
public static byte[] dumpKey(PrivateKey privateKey) throws IOException {
91+
StringWriter writer = new StringWriter();
92+
PemWriter pemWriter = new PemWriter(writer);
93+
pemWriter.writeObject(new JcaMiscPEMGenerator(privateKey));
94+
pemWriter.flush();
95+
return writer.toString().getBytes();
96+
}
97+
98+
public static String recognizePrivateKeyAlgo(byte[] privateKeyBytes) {
99+
String dataString = new String(privateKeyBytes);
100+
String algo = ""; // PKCS#8
101+
if (dataString.contains("BEGIN EC PRIVATE KEY")) {
102+
algo = "EC"; // PKCS#1 - EC
103+
}
104+
if (dataString.contains("BEGIN RSA PRIVATE KEY")) {
105+
algo = "RSA"; // PKCS#1 - RSA
106+
}
107+
return algo;
108+
}
109+
110+
public static PrivateKey loadKey(byte[] privateKeyBytes)
111+
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
112+
return loadKey(
113+
new ByteArrayInputStream(privateKeyBytes), recognizePrivateKeyAlgo(privateKeyBytes));
114+
}
115+
116+
public static PrivateKey loadKey(byte[] pemPrivateKeyBytes, String algo)
117+
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
118+
return loadKey(new ByteArrayInputStream(pemPrivateKeyBytes), algo);
119+
}
120+
121+
public static PrivateKey loadKey(InputStream keyInputStream, String clientKeyAlgo)
95122
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
96123

97124
// Try PKCS7 / EC
Collapse file

‎util/src/main/java/io/kubernetes/client/util/credentials/ClientCertificateAuthentication.java‎

Copy file name to clipboardExpand all lines: util/src/main/java/io/kubernetes/client/util/credentials/ClientCertificateAuthentication.java
+1-8Lines changed: 1 addition & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -37,14 +37,7 @@ public ClientCertificateAuthentication(final byte[] certificate, final byte[] ke
3737

3838
@Override
3939
public void provide(ApiClient client) {
40-
String dataString = new String(key);
41-
String algo = "";
42-
if (dataString.indexOf("BEGIN EC PRIVATE KEY") != -1) {
43-
algo = "EC";
44-
}
45-
if (dataString.indexOf("BEGIN RSA PRIVATE KEY") != -1) {
46-
algo = "RSA";
47-
}
40+
String algo = SSLUtils.recognizePrivateKeyAlgo(key);
4841
try {
4942
final KeyManager[] keyManagers = SSLUtils.keyManagers(certificate, key, algo, "", null, null);
5043
client.setKeyManagers(keyManagers);
Collapse file

‎util/src/test/java/io/kubernetes/client/util/SSLUtilsTest.java‎

Copy file name to clipboard
+58Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
/*
2+
Copyright 2020 The Kubernetes Authors.
3+
Licensed under the Apache License, Version 2.0 (the "License");
4+
you may not use this file except in compliance with the License.
5+
You may obtain a copy of the License at
6+
http://www.apache.org/licenses/LICENSE-2.0
7+
Unless required by applicable law or agreed to in writing, software
8+
distributed under the License is distributed on an "AS IS" BASIS,
9+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10+
See the License for the specific language governing permissions and
11+
limitations under the License.
12+
*/
13+
package io.kubernetes.client.util;
14+
15+
import com.google.common.io.Resources;
16+
import java.io.IOException;
17+
import java.nio.file.Files;
18+
import java.nio.file.Paths;
19+
import java.security.NoSuchAlgorithmException;
20+
import java.security.PrivateKey;
21+
import java.security.spec.InvalidKeySpecException;
22+
import junit.framework.TestCase;
23+
24+
public class SSLUtilsTest extends TestCase {
25+
26+
private static final String CLIENT_KEY_PATH = Resources.getResource("clientauth.key").getPath();
27+
private static final String CLIENT_KEY_RSA_PATH =
28+
Resources.getResource("clientauth-rsa.key").getPath();
29+
private static final String CLIENT_KEY_EC_PATH =
30+
Resources.getResource("clientauth-ec.key").getPath();
31+
32+
public void testPKCS8KeyLoadDump()
33+
throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
34+
byte[] loaded = Files.readAllBytes(Paths.get(CLIENT_KEY_PATH));
35+
PrivateKey privateKey = SSLUtils.loadKey(loaded);
36+
byte[] dumped = SSLUtils.dumpKey(privateKey);
37+
PrivateKey reloaded = SSLUtils.loadKey(dumped);
38+
assertEquals(privateKey, reloaded);
39+
}
40+
41+
public void testPKCS1RSAKeyLoadDump()
42+
throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
43+
byte[] loaded = Files.readAllBytes(Paths.get(CLIENT_KEY_RSA_PATH));
44+
PrivateKey privateKey = SSLUtils.loadKey(loaded);
45+
byte[] dumped = SSLUtils.dumpKey(privateKey);
46+
PrivateKey reloaded = SSLUtils.loadKey(dumped);
47+
assertEquals(privateKey, reloaded);
48+
}
49+
50+
public void testPKCS1ECKeyLoadDump()
51+
throws IOException, InvalidKeySpecException, NoSuchAlgorithmException {
52+
byte[] loaded = Files.readAllBytes(Paths.get(CLIENT_KEY_EC_PATH));
53+
PrivateKey privateKey = SSLUtils.loadKey(loaded);
54+
byte[] dumped = SSLUtils.dumpKey(privateKey);
55+
PrivateKey reloaded = SSLUtils.loadKey(dumped);
56+
assertEquals(privateKey, reloaded);
57+
}
58+
}
Collapse file

‎util/src/test/resources/clientauth-ec.key‎

Copy file name to clipboardExpand all lines: util/src/test/resources/clientauth-ec.key
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,4 @@
22
MHcCAQEEIAPhomYs9rdnNgEtr2FIB1rBDYnuKqV4QVAYBX4yRqAEoAoGCCqGSM49
33
AwEHoUQDQgAEUHBg7OvKkSprAljQcCcpXFns/pMNDkQJZuooj97A0063ipBrZzbd
44
xTcuVcBjFNJC/Tn2keNSQP+m9QbQmQfmMw==
5-
-----END EC PRIVATE KEY-----
5+
-----END EC PRIVATE KEY-----

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.