Changeset cc4bf8ea


Ignore:
Timestamp:
Dec 20, 2015 2:28:44 PM (4 years ago)
Author:
zzz <zzz@…>
Branches:
master
Children:
4250f78
Parents:
05b40a2
Message:

CertUtil?: Add methods to export private keys
Unused so far, to be used for family key

File:
1 edited

Legend:

Unmodified
Added
Removed
  • core/java/src/net/i2p/crypto/CertUtil.java

    r05b40a2 rcc4bf8ea  
    99import java.io.PrintWriter;
    1010import java.security.GeneralSecurityException;
     11import java.security.InvalidKeyException;
     12import java.security.PrivateKey;
    1113import java.security.PublicKey;
    1214import java.security.cert.Certificate;
     
    3739
    3840    /**
    39      *  Modified from:
    40      *  http://www.exampledepot.com/egs/java.security.cert/ExportCert.html
    41      *
    42      *  This method writes a certificate to a file in base64 format.
     41     *  Write a certificate to a file in base64 format.
    4342     *
    4443     *  @return success
     
    4746    public static boolean saveCert(Certificate cert, File file) {
    4847        OutputStream os = null;
    49         PrintWriter wr = null;
    5048        try {
    51            // Get the encoded form which is suitable for exporting
    52            byte[] buf = cert.getEncoded();
    5349           os = new SecureFileOutputStream(file);
    54            wr = new PrintWriter(new OutputStreamWriter(os, "UTF-8"));
    55            wr.println("-----BEGIN CERTIFICATE-----");
    56            String b64 = Base64.encode(buf, true);     // true = use standard alphabet
    57            for (int i = 0; i < b64.length(); i += LINE_LENGTH) {
    58                wr.println(b64.substring(i, Math.min(i + LINE_LENGTH, b64.length())));
    59            }
    60            wr.println("-----END CERTIFICATE-----");
    61            wr.flush();
    62            if (wr.checkError())
    63                throw new IOException("Failed write to " + file);
     50           exportCert(cert, os);
    6451           return true;
    6552        } catch (CertificateEncodingException cee) {
     
    7259            try { if (os != null) os.close(); } catch (IOException foo) {}
    7360        }
     61    }
     62
     63    /**
     64     *  Writes the private key and all certs in base64 format.
     65     *  Does NOT close the stream. Throws on all errors.
     66     *
     67     *  @param pk non-null
     68     *  @param certs certificate chain, null or empty to export pk only
     69     *  @throws InvalidKeyException if the key does not support encoding
     70     *  @throws CertificateEncodingException if a cert does not support encoding
     71     *  @since 0.9.24
     72     */
     73    public static void exportPrivateKey(PrivateKey pk, Certificate[] certs, OutputStream out)
     74                                                throws IOException, GeneralSecurityException {
     75        exportPrivateKey(pk, out);
     76        if (certs == null)
     77            return;
     78        for (int i = 0; i < certs.length; i++) {
     79            exportCert(certs[i], out);
     80        }
     81    }
     82
     83    /**
     84     *  Modified from:
     85     *  http://www.exampledepot.com/egs/java.security.cert/ExportCert.html
     86     *
     87     *  Writes a certificate in base64 format.
     88     *  Does NOT close the stream. Throws on all errors.
     89     *
     90     *  @since 0.9.24, pulled out of saveCert()
     91     */
     92    private static void exportCert(Certificate cert, OutputStream out)
     93                                                throws IOException, CertificateEncodingException {
     94        // Get the encoded form which is suitable for exporting
     95        byte[] buf = cert.getEncoded();
     96        PrintWriter wr = new PrintWriter(new OutputStreamWriter(out, "UTF-8"));
     97        wr.println("-----BEGIN CERTIFICATE-----");
     98        String b64 = Base64.encode(buf, true);     // true = use standard alphabet
     99        for (int i = 0; i < b64.length(); i += LINE_LENGTH) {
     100            wr.println(b64.substring(i, Math.min(i + LINE_LENGTH, b64.length())));
     101        }
     102        wr.println("-----END CERTIFICATE-----");
     103        wr.flush();
     104        if (wr.checkError())
     105            throw new IOException("Failed write to " + out);
     106    }
     107
     108    /**
     109     *  Modified from:
     110     *  http://www.exampledepot.com/egs/java.security.cert/ExportCert.html
     111     *
     112     *  Writes a private key in base64 format.
     113     *  Does NOT close the stream. Throws on all errors.
     114     *
     115     *  @throws InvalidKeyException if the key does not support encoding
     116     *  @since 0.9.24
     117     */
     118    private static void exportPrivateKey(PrivateKey pk, OutputStream out)
     119                                                throws IOException, InvalidKeyException {
     120        // Get the encoded form which is suitable for exporting
     121        byte[] buf = pk.getEncoded();
     122        if (buf == null)
     123            throw new InvalidKeyException("encoding unsupported for this key");
     124        PrintWriter wr = new PrintWriter(new OutputStreamWriter(out, "UTF-8"));
     125        wr.println("-----BEGIN PRIVATE KEY-----");
     126        String b64 = Base64.encode(buf, true);     // true = use standard alphabet
     127        for (int i = 0; i < b64.length(); i += LINE_LENGTH) {
     128            wr.println(b64.substring(i, Math.min(i + LINE_LENGTH, b64.length())));
     129        }
     130        wr.println("-----END PRIVATE KEY-----");
     131        wr.flush();
     132        if (wr.checkError())
     133            throw new IOException("Failed write to " + out);
    74134    }
    75135
Note: See TracChangeset for help on using the changeset viewer.