Example 6 with DNSException
use of org.nhindirect.dns.DNSException in project nhin-d by DirectProject.
the class CertUtils method pkcs12ToStrippedPkcs12.
/**
* Takes a PKCS12 byte stream and returns a PKCS12 byte stream with the pass phrase protection and encryption removed.
* @param bytes The PKCS12 byte stream that will be stripped.
* @param passphrase The pass phrase of the PKCS12 byte stream. This is used to decrypt the PKCS12 stream.
* @return A PKCS12 byte stream representation of the original PKCS12 stream with the pass phrase protection and encryption removed.
*/
public static byte[] pkcs12ToStrippedPkcs12(byte[] bytes, String passphrase) throws DNSException {
if (bytes == null || bytes.length == 0)
throw new IllegalArgumentException("Pkcs byte stream cannot be null or empty.");
if (passphrase == null)
throw new IllegalArgumentException("Passphrase cannot be null.");
byte[] retVal = null;
final ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
final ByteArrayOutputStream outStr = new ByteArrayOutputStream();
// lets try this a as a PKCS12 data stream first
try {
final KeyStore localKeyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
localKeyStore.load(bais, passphrase.toCharArray());
final Enumeration<String> aliases = localKeyStore.aliases();
// we are really expecting only one alias
if (aliases.hasMoreElements()) {
final String alias = aliases.nextElement();
X509Certificate cert = (X509Certificate) localKeyStore.getCertificate(alias);
// check if there is private key
final Key key = localKeyStore.getKey(alias, "".toCharArray());
if (key != null && key instanceof PrivateKey) {
// now convert to a pcks12 format without the passphrase
final char[] emptyPass = "".toCharArray();
localKeyStore.setKeyEntry("privCert", key, emptyPass, new java.security.cert.Certificate[] { cert });
localKeyStore.store(outStr, emptyPass);
retVal = outStr.toByteArray();
}
}
} catch (Exception e) {
throw new DNSException("Failed to strip encryption for PKCS stream.");
} finally {
try {
bais.close();
} catch (Exception e) {
/* no-op */
}
try {
outStr.close();
} catch (Exception e) {
/* no-op */
}
}
return retVal;
}
Also used :
PrivateKey(java.security.PrivateKey)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
IOException(java.io.IOException)
DNSException(org.nhindirect.dns.DNSException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
DNSException(org.nhindirect.dns.DNSException)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
Example 7 with DNSException
use of org.nhindirect.dns.DNSException in project nhin-d by DirectProject.
the class SimpleServiceRunner method startAndRun.
/*
* Creates, intializes, and runs the server.
*/
private static void startAndRun() {
StringBuffer buffer = new StringBuffer("Starting DNS server. Settings:");
buffer.append("\r\n\tBind Addresses: ").append(bind);
buffer.append("\r\n\tListen Port: ").append(port);
buffer.append("\r\n\tService URL: ").append(servURL.toString());
LOGGER.info(buffer.toString() + "\n");
DNSServerService server = null;
try {
DNSServerSettings settings = new DNSServerSettings();
settings.setPort(port);
settings.setBindAddress(bind);
server = new DNSServerService(servURL, settings);
} catch (DNSException e) {
LOGGER.error("Server failed to start: " + e.getMessage(), e);
return;
}
if (mode.equalsIgnoreCase(MODE_STANDALONE)) {
LOGGER.info("\r\nServer running.... Press Enter or Return to stop.");
InputStreamReader input = new InputStreamReader(System.in);
BufferedReader reader = new BufferedReader(input);
try {
reader.readLine();
LOGGER.info("Shutting down server. Wait 5 seconds for cleanup.");
server.stopService();
Thread.sleep(5000);
LOGGER.info("Server stopped");
} catch (Exception e) {
}
} else
LOGGER.info("\r\nServer running.");
}
Also used :
InputStreamReader(java.io.InputStreamReader)
DNSException(org.nhindirect.dns.DNSException)
BufferedReader(java.io.BufferedReader)
DNSServerSettings(org.nhindirect.dns.DNSServerSettings)
DNSException(org.nhindirect.dns.DNSException)
Example 8 with DNSException
use of org.nhindirect.dns.DNSException in project nhin-d by DirectProject.
the class CertUtils method toX509Certificate.
/**
* Converts a byte stream to an X509Certificate. The byte stream can either be an encoded X509Certificate or a PKCS12 byte stream.
* <p>
* If the stream is a PKCS12 representation, then the pass phrase is used to decrypt the stream. In addition the resulting X509Certificate
* implementation will contain the private key.
* @param data The byte stream representation to convert.
* @param passPhrase If the byte stream is a PKCS12 representation, then the then the pass phrase is used to decrypt the stream. Can be
* null if the stream is an encoded X509Certificate and not a PKCS12 byte stream.
* @return An X509Certificate representation of the byte stream.
*/
public static X509Certificate toX509Certificate(byte[] data, String passPhrase) throws DNSException {
if (data == null || data.length == 0)
throw new IllegalArgumentException("Byte stream cannot be null or empty.");
// do not use a null pass phrase
if (passPhrase == null)
passPhrase = "";
X509Certificate retVal = null;
ByteArrayInputStream bais = new ByteArrayInputStream(data);
try {
// lets try this a as a PKCS12 data stream first
try {
KeyStore localKeyStore = KeyStore.getInstance("PKCS12", CryptoExtensions.getJCEProviderName());
localKeyStore.load(bais, passPhrase.toCharArray());
Enumeration<String> aliases = localKeyStore.aliases();
// we are really expecting only one alias
if (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
X509Certificate cert = (X509Certificate) localKeyStore.getCertificate(alias);
// check if there is private key
Key key = localKeyStore.getKey(alias, passPhrase.toCharArray());
if (key != null && key instanceof PrivateKey) {
retVal = X509CertificateEx.fromX509Certificate(cert, (PrivateKey) key);
}
}
} catch (Exception e) {
// must not be a PKCS12 stream, try next step
}
if (retVal == null) {
//try X509 certificate factory next
bais.reset();
bais = new ByteArrayInputStream(data);
retVal = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(bais);
}
} catch (Exception e) {
throw new DNSException("Failed to convert byte stream to a certificate.");
} finally {
try {
bais.close();
} catch (IOException ex) {
}
}
return retVal;
}
Also used :
PrivateKey(java.security.PrivateKey)
ByteArrayInputStream(java.io.ByteArrayInputStream)
DNSException(org.nhindirect.dns.DNSException)
IOException(java.io.IOException)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
IOException(java.io.IOException)
DNSException(org.nhindirect.dns.DNSException)
Aggregations
DNSException (org.nhindirect.dns.DNSException)8
IOException (java.io.IOException)6
KeyStore (java.security.KeyStore)6
X509Certificate (java.security.cert.X509Certificate)5
ByteArrayInputStream (java.io.ByteArrayInputStream)4
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
Key (java.security.Key)4
PrivateKey (java.security.PrivateKey)4
X509CertificateEx (org.nhindirect.stagent.cert.X509CertificateEx)2
BufferedReader (java.io.BufferedReader)1
InputStreamReader (java.io.InputStreamReader)1
URL (java.net.URL)1
DNSServerSettings (org.nhindirect.dns.DNSServerSettings)1
