Examples of iaik.utils.KeyAndCertificate

• iaik.utils.KeyAndCertificate

    dhparam = new DHParameterSpec(p, g);

    // set the DH parameter for empherial and anon cipher suites
    serverContext.setDHParameter(dhparam);

    KeyAndCertificate kac;
    EncryptedPrivateKeyInfo epki;
    String password = getPassword("Certificate password");

    try {
      kac = new KeyAndCertificate(certDir + "/serverRSA1024.pem");
      epki = (EncryptedPrivateKeyInfo)kac.getPrivateKey();
      epki.decrypt(password);
      serverContext.setRSACertificate(kac.getCertificateChain(), (RSAPrivateKey)epki.getPrivateKeyInfo());
    } catch (Exception ex) {
      System.out.println("Unable to set RSA server certificate.");
      System.out.println("RSA cipher-suites can not be used. " + ex);
    }

    try {
        // set the DSA certificate/private key for DSA cipher suites
      kac = new KeyAndCertificate(certDir + "/serverDSA1024.pem");
      epki = (EncryptedPrivateKeyInfo)kac.getPrivateKey();
      epki.decrypt(password);
      serverContext.setDSACertificate(kac.getCertificateChain(), epki.getPrivateKeyInfo());
    } catch (Exception ex) {
      System.out.println("Unable to set DSA server certificate.");
      System.out.println("DSA cipher-suites can not be used. " + ex);
    }

    try {
        // set the DH certificate/private key for DH cipher suites
      kac = new KeyAndCertificate(certDir + "/serverDH1024.pem");
      epki = (EncryptedPrivateKeyInfo)kac.getPrivateKey();
      epki.decrypt(password);
      serverContext.setDHCertificate(kac.getCertificateChain(), epki.getPrivateKeyInfo());
    } catch (Exception ex) {
      System.out.println("Unable to set Diffie-Hellman server certificate.");
      System.out.println("Diffie-Hellman cipher-suites can not be used. " + ex);
    }

  // Temporarily start at seconds since 1/1/99
  serialNo = System.currentTimeMillis()/1000 - 915177600;
  System.out.println("Starting serialno: " + serialNo);
  needID = (server.props.getProperty(prefix + "id") != null);
  Security.addProvider(new IAIK());
  KeyAndCertificate kac;

  /*
   * read the certificate from a file
   */

  try {
      kac = new KeyAndCertificate(cert);
  } catch (IOException e) {
      System.out.println("Oops: " + e);
      e.printStackTrace();
      return false;
  }
  serverChain = kac.getCertificateChain();
  System.out.println("SERVER CHAIN ---------------------------");
  for (int i = 0; i<serverChain.length;i++) {
      System.out.println("Cert:\n" + serverChain[i].toString(true));
  }
  System.out.println("END SERVER CHAIN ---------------------------");

  /*
   * Prompt the user for the password, and decrypt the key
   */

  EncryptedPrivateKeyInfo epk =
      (EncryptedPrivateKeyInfo) kac.getPrivateKey();
  System.out.println("CaHandler Key: " + epk);
  String passwd = getPassword(cert);
  try {
      serverKey = epk.decrypt(passwd);
  } catch (Exception e) {  // stupid exceptions get thrown with bad keys

      EncryptedPrivateKeyInfo epki = new EncryptedPrivateKeyInfo(
        (PrivateKeyInfo)kp.getPrivate());
      epki.encrypt(getPassword("Certificate password"),
        AlgorithmID.pbeWithMD5AndDES_CBC, null);
      new KeyAndCertificate(epki, chain).saveTo(args[0], ASN1.PEM);
  } catch (Exception e) {
      System.out.println("OOPS: " + e);
      e.printStackTrace();
  }
  System.out.println("Saved server CA test certificate to: " + args[0]);

    fileName = fileName + ( saveFormat == ASN1.DER ? ".der" : ".pem" );
    System.out.println( "save private key and certificate chain to file "
                      + fileName
                      + "..."
                      );
    new KeyAndCertificate( epki, chain ).saveTo( fileName, saveFormat );
  }

  {
    boolean           caFound    = false;
    boolean           selfSigned = false;
    String            userName   = null;
    String            caName     = null;
    KeyAndCertificate caKAC;
    PrivateKey        caRSA      = null;
    X509Certificate   caCert     = null;
    X509Certificate   cert;
    KeyPair           clientRSA;
    KeyPair           serverRSA;
    iaik.pkcs.pkcs8.EncryptedPrivateKeyInfo epki;

    if ( arg.length == 3 ) {
      caFound = true;
      if ( arg[ 0 ].equals ( "-ca" )) {
        caName = arg[ 1 ]; userName = arg[ 2 ];
      } else if ( arg[ 1 ].equals ( "-ca" )) {
        System.out.println ( "caFound at 1" );
        caName = arg[ 2 ]; userName = arg[ 0 ];
      } else {
        System.out.println ( "caNotFound" );
        System.out.println ( "Usage: CerttificatesManager [-ca caName] userName" );
        return;
      }
    } else if ( arg.length != 1 ) {
      System.out.println ( "bad # params" );
      System.out.println ( "Usage: CertificatesManager [-ca caName] userName" );
      return;
    } else {
      userName = arg[ 0 ];
      selfSigned = true;
    }

    try {
      IAIK.addAsProvider();

      File certsDir         = new File( "certs" );
      String caKeyAndCertFileName = null;
      if ( certsDir.exists ()) {
        if ( caFound ) {
          caKeyAndCertFileName  = "certs/"
                                + caName
                                + "KeyAndCert"
                                + ".pem";
          caKAC  = new KeyAndCertificate ( caKeyAndCertFileName );
          epki   = ( EncryptedPrivateKeyInfo ) caKAC.getPrivateKey ();
          epki.decrypt ( pass_phrase );
          caRSA  = epki.getPrivateKeyInfo ();
          caCert = caKAC.getCertificateChain ()[ 0 ];
        }
      } else if ( caName  != null ) {
        System.out.println ( "No certificate file "
                           + caKeyAndCertFileName
                           );