summaryrefslogtreecommitdiffstats
path: root/src/main/java/com/gitblit/utils/X509Utils.java
diff options
context:
space:
mode:
Diffstat (limited to 'src/main/java/com/gitblit/utils/X509Utils.java')
-rw-r--r--src/main/java/com/gitblit/utils/X509Utils.java10
1 files changed, 8 insertions, 2 deletions
diff --git a/src/main/java/com/gitblit/utils/X509Utils.java b/src/main/java/com/gitblit/utils/X509Utils.java
index f0c1b9df..fc0b797d 100644
--- a/src/main/java/com/gitblit/utils/X509Utils.java
+++ b/src/main/java/com/gitblit/utils/X509Utils.java
@@ -80,7 +80,10 @@ import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.bouncycastle.jce.PrincipalUtil;
import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import org.bouncycastle.openssl.PEMEncryptor;
import org.bouncycastle.openssl.PEMWriter;
+import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
+import org.bouncycastle.openssl.jcajce.JcePEMEncryptorBuilder;
import org.bouncycastle.operator.ContentSigner;
import org.bouncycastle.operator.OperatorCreationException;
import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
@@ -883,8 +886,11 @@ public class X509Utils {
if (pemFile.exists()) {
pemFile.delete();
}
- PEMWriter pemWriter = new PEMWriter(new FileWriter(pemFile));
- pemWriter.writeObject(pair.getPrivate(), "DES-EDE3-CBC", clientMetadata.password.toCharArray(), new SecureRandom());
+ JcePEMEncryptorBuilder builder = new JcePEMEncryptorBuilder("DES-EDE3-CBC");
+ builder.setSecureRandom(new SecureRandom());
+ PEMEncryptor pemEncryptor = builder.build(clientMetadata.password.toCharArray());
+ JcaPEMWriter pemWriter = new JcaPEMWriter(new FileWriter(pemFile));
+ pemWriter.writeObject(pair.getPrivate(), pemEncryptor);
pemWriter.writeObject(userCert);
pemWriter.writeObject(caCert);
pemWriter.flush();
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-06 21:51:53 +0000