use of org.mozilla.jss.util.AssertionException in project jss by dogtagpki.
the class SafeBag method createEncryptedPrivateKeyBag.
/**
* Creates a SafeBag containing a PKCS-8ShroudedKeyBag, which is
* an EncryptedPrivateKeyInfo. The key will be encrypted using
* a triple-DES PBE algorithm, using the supplied password.
*
* @param privk The PrivateKeyInfo containing the private key.
* @param friendlyName The nickname for the key; should be the same
* as the nickname of the associated cert.
* @param localKeyID The localKeyID for the key; should be the same as
* the localKeyID of the associated cert.
* @param password The password used to encrypt the private key.
*/
public static SafeBag createEncryptedPrivateKeyBag(PrivateKeyInfo privk, String friendlyName, byte[] localKeyID, Password password) throws NotInitializedException, TokenException {
try {
PBEAlgorithm pbeAlg = PBEAlgorithm.PBE_SHA1_DES3_CBC;
final int DEFAULT_ITERATIONS = 1;
byte[] salt = new byte[pbeAlg.getSaltLength()];
JSSSecureRandom rand = CryptoManager.getInstance().getSecureRNG();
rand.nextBytes(salt);
EncryptedPrivateKeyInfo epki = EncryptedPrivateKeyInfo.createPBE(PBEAlgorithm.PBE_SHA1_DES3_CBC, password, salt, DEFAULT_ITERATIONS, new PasswordConverter(), privk);
SET attributes = new SET();
attributes.addElement(new Attribute(FRIENDLY_NAME, new BMPString(friendlyName)));
attributes.addElement(new Attribute(LOCAL_KEY_ID, new OCTET_STRING(localKeyID)));
return new SafeBag(PKCS8_SHROUDED_KEY_BAG, epki, attributes);
} catch (java.security.NoSuchAlgorithmException e) {
throw new AssertionException("Unable to find PBE algorithm: " + e);
} catch (java.security.InvalidKeyException e) {
throw new AssertionException("InvalidKeyException while creating EncryptedContentInfo: " + e);
} catch (java.security.InvalidAlgorithmParameterException e) {
throw new AssertionException("InvalidAlgorithmParameterException while creating" + " EncryptedContentInfo: " + e);
} catch (java.io.CharConversionException e) {
throw new AssertionException("CharConversionException while creating EncryptedContentInfo: " + e);
}
}
use of org.mozilla.jss.util.AssertionException in project jss by dogtagpki.
the class SafeBag method createCertBag.
/**
* Creates a SafeBag that contains an X.509 Certificate.
* The SafeBag will have the given <i>localKeyID</i> attribute,
* and a <i>friendlyName</i>
* attribute equal to the supplied string. This is the way Communicator
* makes a CertBag. The same <i>localKeyID</i> attribute should be stored
* in the matching private key bag.
*
* @param cert A DER-encoded X.509 certificate.
* @param friendlyName Will be stored in the <i>friendlyName</i>
* attribute of the SafeBag. Should be the nickname of the cert.
* @param localKeyID The bytes to used for the localKeyID. These should
* be obtained from the <code>getLocalKeyIDFromCert</code> method.
* @exception InvalidBERException If the cert is not a valid DER encoding.
* @see #getLocalKeyIDFromCert
*/
public static SafeBag createCertBag(byte[] cert, String friendlyName, byte[] localKeyID) throws InvalidBERException {
try {
// create CertBag
CertBag cb = new CertBag(CertBag.X509_CERT_TYPE, new ANY(cert));
// setup attributes
SET attributes = new SET();
// friendly name should be cert nickname
attributes.addElement(new Attribute(FRIENDLY_NAME, new BMPString(friendlyName)));
attributes.addElement(new Attribute(LOCAL_KEY_ID, new OCTET_STRING(localKeyID)));
return new SafeBag(CERT_BAG, cb, attributes);
} catch (CharConversionException e) {
throw new AssertionException("CharConversionException converting" + " Unicode to BMPString");
}
}
Aggregations