From b376b820640ed9f097c3d62011c5e9cf2462304b Mon Sep 17 00:00:00 2001
From: Sean Leonard <meanderingcode@aetherislands.net>
Date: Tue, 13 Aug 2013 14:30:49 -0600
Subject: Use java.security classes to validate string certificates and keys
 from provider

---
 src/se/leap/leapclient/ConfigHelper.java | 31 +++++++++++++++++++++++++++++++
 1 file changed, 31 insertions(+)

(limited to 'src/se/leap/leapclient/ConfigHelper.java')

diff --git a/src/se/leap/leapclient/ConfigHelper.java b/src/se/leap/leapclient/ConfigHelper.java
index e139bf62..fd7e527f 100644
--- a/src/se/leap/leapclient/ConfigHelper.java
+++ b/src/se/leap/leapclient/ConfigHelper.java
@@ -23,12 +23,18 @@ import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.math.BigInteger;
 import java.io.InputStream;
+import java.security.KeyFactory;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
 import java.security.cert.CertificateException;
 import java.security.cert.CertificateFactory;
 import java.security.cert.X509Certificate;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
 
 import org.json.JSONException;
 import org.json.JSONObject;
@@ -315,6 +321,31 @@ public class ConfigHelper {
 		
 		return (X509Certificate) certificate;
 	}
+	
+	protected static RSAPrivateKey parseRsaKeyFromString(String RsaKeyString) {
+		RSAPrivateKey key = null;
+		try {
+			KeyFactory kf = KeyFactory.getInstance("RSA", "BC");
+			
+			RsaKeyString = RsaKeyString.replaceFirst("-----BEGIN RSA PRIVATE KEY-----", "").replaceFirst("-----END RSA PRIVATE KEY-----", "");
+			PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec( Base64.decode(RsaKeyString, Base64.DEFAULT) );
+			key = (RSAPrivateKey) kf.generatePrivate(keySpec);
+		} catch (InvalidKeySpecException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+			return null;
+		} catch (NoSuchAlgorithmException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+			return null;
+		} catch (NoSuchProviderException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+			return null;
+		}
+		
+		return key;
+	}
 
 	/**
 	 * Adds a new X509 certificate given its input stream and its provider name
-- 
cgit v1.2.3