Bouncy Castle : PEMReader => PEMParser

Question

With a PEM certificate like

-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: AES-256-CBC,B9846B5D1803E..... 

using BC 1.46, I extract the keypair with the following code :

int myFunc(String pemString, char [] password) {      ByteArrayInputStream tube = new ByteArrayInputStream(pemString.getBytes());      Reader fRd = new BufferedReader(new InputStreamReader(tube));      PEMReader pr = new PEMReader(fRd, new Password (password), "BC");       try {             Object o = pr.readObject();             if (o instanceof KeyPair)     ..... 

Now I just installed BC 1.48, and they tell me that PEMReader is deprecated and must be replaced by PEMParser.

My problem is, AFAIK, there is no place for a password in PEMParser.

Could someone give me an example how to migrate my code to a PEMParser version ?

Answer 1

I just needed to solve the same problem and found no answer. So I spent some time studying BC API and found a solution which works for me. I needed to read the private key from file so there is privateKeyFileName parameter instead pemString parameter in the myFunc method.

Using BC 1.48 and PEMParser:

int myFunc(String privateKeyFileName, char [] password) {      File privateKeyFile = new File(privateKeyFileName); // private key file in PEM format      PEMParser pemParser = new PEMParser(new FileReader(privateKeyFile));      Object object = pemParser.readObject();      PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().build(password);      JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");      KeyPair kp;      if (object instanceof PEMEncryptedKeyPair) {         System.out.println("Encrypted key - we will use provided password");         kp = converter.getKeyPair(((PEMEncryptedKeyPair) object).decryptKeyPair(decProv));     } else {         System.out.println("Unencrypted key - no password needed");         kp = converter.getKeyPair((PEMKeyPair) object);     } }