use newly introduced PKCS1 and PKCS8 support for pem files (#2)

Signed-off-by: Andreas Schmid <[email protected]>

Author: aaschmid

src/main/java/de/aaschmid/taskwarrior/client/KeyStoreBuilder.java

@@ -5,6 +5,7 @@
 import java.io.FileInputStream;
 import java.io.IOException;
 import java.math.BigInteger;
+import java.nio.charset.StandardCharsets;
 import java.nio.file.Files;
 import java.security.KeyFactory;
 import java.security.KeyStore;
@@ -25,6 +26,8 @@
 import java.util.Base64;
 import java.util.List;
 import java.util.concurrent.atomic.AtomicInteger;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 import static java.util.Objects.requireNonNull;
 
@@ -33,6 +36,9 @@ class KeyStoreBuilder {
     private static final String TYPE_CERTIFICATE = "X.509";
     private static final String ALGORITHM_PRIVATE_KEY = "RSA";
 
+    private static final Pattern PATTERN_PKCS1_PEM = Pattern.compile("-----BEGIN RSA PRIVATE KEY-----(.*)-----END RSA PRIVATE KEY-----");
+    private static final Pattern PATTERN_PKCS8_PEM = Pattern.compile("-----BEGIN PRIVATE KEY-----(.*)-----END PRIVATE KEY-----");
+
     private ProtectionParameter keyStoreProtection;
     private File caCertFile;
     private File privateKeyCertFile;
@@ -65,17 +71,6 @@ KeyStoreBuilder withPrivateKeyCertFile(File privateKeyCertFile) {
         return this;
     }
 
-    /**
-     * Provide the private key file to use. It must be in {@code *.DER} format. If you have a *.PME private key, you can create it using
-     * {@code openssl}.
-     * <p>
-     * The required command looks like following:<br>
-     * <code>$ openssl pkcs8 -topk8 -nocrypt -in key.pem -inform PEM -out key.der -outform DER</code>
-     * </p>
-     *
-     * @param privateKeyFile private key file in {@code *.DER} format (must not be {@code null}
-     * @return the {@link KeyStore} builder itself
-     */
     KeyStoreBuilder withPrivateKeyFile(File privateKeyFile) {
         requireNonNull(privateKeyFile, "'privateKeyFile' must not be null.");
         if (!privateKeyFile.exists()) {
@@ -132,6 +127,21 @@ private List<Certificate> createCertificatesFor(File certFile) {
     private PrivateKey createPrivateKeyFor(File privateKeyFile) {
         try {
             byte[] bytes = Files.readAllBytes(privateKeyFile.toPath());
+            if (privateKeyFile.getName().endsWith("pem")) {
+                String content = new String(bytes, StandardCharsets.UTF_8).replaceAll("\\n", "");
+
+                Matcher pkcs1Matcher = PATTERN_PKCS1_PEM.matcher(content);
+                if (pkcs1Matcher.find()) {
+                    return createPrivateKeyFromPemPkcs1(pkcs1Matcher.group(1));
+                }
+
+                Matcher pkcs8Matcher = PATTERN_PKCS8_PEM.matcher(content);
+                if (pkcs8Matcher.find()) {
+                    return createPrivateKeyFromPemPkcs8(pkcs8Matcher.group(1));
+                }
+
+                throw new TaskwarriorKeyStoreException("Could not detect key algorithm for '%s'.", privateKeyFile);
+            }
             return createPrivateKeyFromPkcs8Der(bytes);
         } catch (IOException e) {
             throw new TaskwarriorKeyStoreException(e, "Could not read private key of '%s' via input stream.", privateKeyFile);

src/test/java/de/aaschmid/taskwarrior/TaskwarriorClientIntegrationTest.java

@@ -7,7 +7,6 @@
 import de.aaschmid.taskwarrior.message.TaskwarriorMessage;
 import de.aaschmid.taskwarrior.message.TaskwarriorRequestHeader;
 import de.aaschmid.taskwarrior.test.IntegrationTest;
-import org.junit.jupiter.api.Test;
 import org.junit.jupiter.params.ParameterizedTest;
 import org.junit.jupiter.params.provider.Arguments;
 import org.junit.jupiter.params.provider.MethodSource;
@@ -24,8 +23,7 @@ class TaskwarriorClientIntegrationTest {
     private static final String SYNC_KEY = "f92d5c8d-4cf9-4cf5-b72f-1f4a70cf9b20";
 
     static Stream<Arguments> configs() {
-        return Stream.of("pkcs8-der")
-//        return Stream.of("pkcs1", "pkcs8", "pkcs8-der") // TODO use to test all key type to be supported
+        return Stream.of("pkcs1", "pkcs8", "pkcs8-der")
                 .map(keyType -> format("/taskwarrior.%s.properties", keyType))
                 .map(TaskwarriorClientIntegrationTest.class::getResource)
                 .map(TaskwarriorConfiguration::taskwarriorPropertiesConfiguration)