Examples with SecureFileOutputStream net.i2p.util.SecureFileOutputStream used on opensource projects

Example 26 with SecureFileOutputStream

use of net.i2p.util.SecureFileOutputStream in project i2p.i2p by i2p.

the class TrustedUpdate method genKeysCLI.

/**
 * @return success
 */
private static final boolean genKeysCLI(String publicKeyFile, String privateKeyFile) {
    File pubFile = new File(publicKeyFile);
    File privFile = new File(privateKeyFile);
    if (pubFile.exists()) {
        System.out.println("Error: Not overwriting file " + publicKeyFile);
        return false;
    }
    if (privFile.exists()) {
        System.out.println("Error: Not overwriting file " + privateKeyFile);
        return false;
    }
    FileOutputStream fileOutputStream = null;
    I2PAppContext context = I2PAppContext.getGlobalContext();
    try {
        Object[] signingKeypair = context.keyGenerator().generateSigningKeypair();
        SigningPublicKey signingPublicKey = (SigningPublicKey) signingKeypair[0];
        SigningPrivateKey signingPrivateKey = (SigningPrivateKey) signingKeypair[1];
        fileOutputStream = new SecureFileOutputStream(pubFile);
        signingPublicKey.writeBytes(fileOutputStream);
        fileOutputStream.close();
        fileOutputStream = null;
        fileOutputStream = new SecureFileOutputStream(privFile);
        signingPrivateKey.writeBytes(fileOutputStream);
        System.out.println("\r\nPrivate key written to: " + privateKeyFile);
        System.out.println("Public key written to: " + publicKeyFile);
        System.out.println("\r\nPublic key: " + signingPublicKey.toBase64() + "\r\n");
    } catch (IOException e) {
        System.err.println("Error writing keys:");
        e.printStackTrace();
        return false;
    } catch (DataFormatException e) {
        System.err.println("Error writing keys:");
        e.printStackTrace();
        return false;
    } finally {
        if (fileOutputStream != null)
            try {
                fileOutputStream.close();
            } catch (IOException ioe) {
            }
    }
    return true;
}

Example 27 with SecureFileOutputStream

use of net.i2p.util.SecureFileOutputStream in project i2p.i2p by i2p.

the class SU3File method genKeysCLI.

/**
 *  Writes Java-encoded keys (X.509 for public and PKCS#8 for private)
 *
 *  @param crlFile may be null; non-null to save
 *  @return success
 *  @since 0.9.9
 */
private static final boolean genKeysCLI(SigType type, String publicKeyFile, String privateKeyFile, String crlFile, String alias, String kspass) {
    File pubFile = new File(publicKeyFile);
    if (pubFile.exists()) {
        System.out.println("Error: Not overwriting file " + publicKeyFile);
        return false;
    }
    File ksFile = new File(privateKeyFile);
    String keypw = "";
    try {
        while (alias.length() == 0) {
            System.out.print("Enter key name (example@mail.i2p): ");
            alias = DataHelper.readLine(System.in);
            if (alias == null) {
                System.out.println("\nEOF reading key name");
                return false;
            }
            alias = alias.trim();
        }
        while (keypw.length() < 6) {
            System.out.print("Enter new key password: ");
            keypw = DataHelper.readLine(System.in);
            if (keypw == null) {
                System.out.println("\nEOF reading password");
                return false;
            }
            keypw = keypw.trim();
            if (keypw.length() > 0 && keypw.length() < 6)
                System.out.println("Key password must be at least 6 characters");
        }
    } catch (IOException ioe) {
        return false;
    }
    OutputStream out = null;
    try {
        Object[] rv = KeyStoreUtil.createKeysAndCRL(ksFile, kspass, alias, alias, "I2P", 3652, type, keypw);
        X509Certificate cert = (X509Certificate) rv[2];
        out = new SecureFileOutputStream(publicKeyFile);
        CertUtil.exportCert(cert, out);
        if (crlFile != null) {
            out.close();
            X509CRL crl = (X509CRL) rv[3];
            out = new SecureFileOutputStream(crlFile);
            CertUtil.exportCRL(crl, out);
        }
    } catch (GeneralSecurityException gse) {
        System.err.println("Error creating keys for " + alias);
        gse.printStackTrace();
        return false;
    } catch (IOException ioe) {
        System.err.println("Error creating keys for " + alias);
        ioe.printStackTrace();
        return false;
    } finally {
        if (out != null)
            try {
                out.close();
            } catch (IOException ioe) {
            }
    }
    return true;
}

Example 28 with SecureFileOutputStream

use of net.i2p.util.SecureFileOutputStream in project i2p.i2p by i2p.

the class KeyStoreUtil method createKeyStore.

/**
 *  Create a new KeyStore object, and load it from ksFile if it is
 *  non-null and it exists.
 *  If ksFile is non-null and it does not exist, create a new empty
 *  keystore file.
 *
 *  @param ksFile may be null
 *  @param password may be null
 *  @return success
 */
public static KeyStore createKeyStore(File ksFile, String password) throws GeneralSecurityException, IOException {
    boolean exists = ksFile != null && ksFile.exists();
    char[] pwchars = password != null ? password.toCharArray() : null;
    KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
    if (exists) {
        InputStream fis = null;
        try {
            fis = new FileInputStream(ksFile);
            ks.load(fis, pwchars);
        } finally {
            if (fis != null)
                try {
                    fis.close();
                } catch (IOException ioe) {
                }
        }
    }
    if (ksFile != null && !exists) {
        OutputStream fos = null;
        try {
            // must be initted
            ks.load(null, DEFAULT_KEYSTORE_PASSWORD.toCharArray());
            fos = new SecureFileOutputStream(ksFile);
            ks.store(fos, pwchars);
        } finally {
            if (fos != null)
                try {
                    fos.close();
                } catch (IOException ioe) {
                }
        }
    }
    return ks;
}

Example 29 with SecureFileOutputStream

use of net.i2p.util.SecureFileOutputStream in project i2p.i2p by i2p.

the class KeyStoreUtil method renewPrivateKeyCertificate.

/**
 *  Renew the the private key certificate in a keystore.
 *  Closes the input and output streams. Throws on all errors.
 *
 *  @param ks path to the keystore
 *  @param ksPW the keystore password, may be null
 *  @param alias the name of the key, or null to get the first one in keystore
 *  @param keyPW the key password, must be at least 6 characters
 *  @param validDays new cert to expire this many days from now
 *  @return the new certificate
 *  @since 0.9.34
 */
public static X509Certificate renewPrivateKeyCertificate(File ks, String ksPW, String alias, String keyPW, int validDays) throws GeneralSecurityException, IOException {
    InputStream fis = null;
    OutputStream fos = null;
    try {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        fis = new FileInputStream(ks);
        char[] pwchars = ksPW != null ? ksPW.toCharArray() : null;
        keyStore.load(fis, pwchars);
        try {
            fis.close();
        } catch (IOException ioe) {
        }
        fis = null;
        char[] keypwchars = keyPW.toCharArray();
        if (alias == null) {
            for (Enumeration<String> e = keyStore.aliases(); e.hasMoreElements(); ) {
                alias = e.nextElement();
                break;
            }
            if (alias == null)
                throw new GeneralSecurityException("no private keys found");
        }
        PrivateKey pk = (PrivateKey) keyStore.getKey(alias, keypwchars);
        if (pk == null)
            throw new GeneralSecurityException("private key not found: " + alias);
        Certificate[] certs = keyStore.getCertificateChain(alias);
        if (certs.length != 1)
            throw new GeneralSecurityException("Bad cert chain length");
        X509Certificate cert = (X509Certificate) certs[0];
        Object[] rv = SelfSignedGenerator.renew(cert, pk, validDays);
        cert = (X509Certificate) rv[2];
        certs[0] = cert;
        keyStore.setKeyEntry(alias, pk, keypwchars, certs);
        fos = new SecureFileOutputStream(ks);
        keyStore.store(fos, pwchars);
        return cert;
    } finally {
        if (fis != null)
            try {
                fis.close();
            } catch (IOException ioe) {
            }
        if (fos != null)
            try {
                fos.close();
            } catch (IOException ioe) {
            }
    }
}

Example 30 with SecureFileOutputStream

use of net.i2p.util.SecureFileOutputStream in project i2p.i2p by i2p.

the class KeyStoreUtil method storePrivateKey.

/**
 *  Import the private key and certificate chain to a keystore.
 *  Keystore will be created if it does not exist.
 *  Private key MUST be first in the stream.
 *  Closes the stream. Throws on all errors.
 *
 *  @param ks path to the keystore
 *  @param ksPW the keystore password, may be null
 *  @param alias the name of the key, non-null.
 *  @param keyPW the key password, must be at least 6 characters
 *  @since 0.9.25
 */
public static void storePrivateKey(File ks, String ksPW, String alias, String keyPW, PrivateKey pk, List<X509Certificate> certs) throws GeneralSecurityException, IOException {
    OutputStream fos = null;
    try {
        KeyStore keyStore = createKeyStore(ks, ksPW);
        keyStore.setKeyEntry(alias, pk, keyPW.toCharArray(), certs.toArray(new Certificate[certs.size()]));
        char[] pwchars = ksPW != null ? ksPW.toCharArray() : null;
        fos = new SecureFileOutputStream(ks);
        keyStore.store(fos, pwchars);
    } finally {
        if (fos != null)
            try {
                fos.close();
            } catch (IOException ioe) {
            }
    }
}