Example usage for java.security.cert CertificateFactory generateCertificate

List of usage examples for java.security.cert CertificateFactory generateCertificate

  1. HOME
  2. Java
  3. java
  4. java.security.cert.*
  5. CertificateFactory
  6. generateCertificate

Introduction

In this page you can find the example usage for java.security.cert CertificateFactory generateCertificate.

Prototype

public final Certificate generateCertificate(InputStream inStream) throws CertificateException

Source Link

Document

Generates a certificate object and initializes it with the data read from the input stream inStream .

Usage

From source file:org.panbox.core.pairing.PAKCorePairingHandler.java

@Override
public void runOperation(Cipher cipher, SecretKeySpec spec) throws Exception {

    CertificateFactory certificateFactory = CertificateFactory.getInstance(KeyConstants.CERTIFICATE_ENCODING);

    String sendbase64;//w  ww. j  a  va 2s.c o  m

    switch (pairingType) {
    case MASTER:
        logger.debug("PAKCorePairingHandler : runOperation : Started to handle MASTER pairing");
        cipher.init(Cipher.ENCRYPT_MODE, spec);

        // master transmission
        logger.debug("PAKCorePairingHandler : runOperation : Will now send master/slave information...");

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(
                PairingType.MASTER.toString().getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        // email, firstname, lastname, devicename transmission
        logger.debug("PAKCorePairingHandler : runOperation : Will now send personal information...");

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(eMail.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(firstName.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(lastName.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(deviceName.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        // owner privatekeys + password
        logger.debug("PAKCorePairingHandler : runOperation : Will now send owner privatekeys...");

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(Utils.toBytes(keyPassword)));
        Arrays.fill(keyPassword, '\u0000');
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(new PKCS8EncodedKeySpec(ownerKeyEnc.getEncoded()).getEncoded()));
        // This code can be inserted once Java 8 implements destroy-Method
        // in order to remove key material securely from JVM memory
        // try {
        // Destroyable destroyEncKey = ownerKeyEnc;
        // destroyEncKey.destroy();
        // } catch (DestroyFailedException e1) {
        // logger.warn(
        // "PAKCorePairingHandler : runOperation : Could not destroy private enc key after pairing: ",
        // e1);
        // }
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(new PKCS8EncodedKeySpec(ownerKeySign.getEncoded()).getEncoded()));
        // This code can be inserted once Java 8 implements destroy-Method
        // in order to remove key material securely from JVM memory
        // try {
        // Destroyable destroySignKey = ownerKeySign;
        // destroySignKey.destroy();
        // } catch (DestroyFailedException e1) {
        // logger.warn(
        // "PAKCorePairingHandler : runOperation : Could not destroy private sign key after pairing: ",
        // e1);
        // }
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        logger.debug("PAKCorePairingHandler : runOperation : Will now send known devices...");

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(Integer.toString(knownDevices.size())
                .getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent numOfDevices: " + sendbase64);

        for (Map.Entry<String, X509Certificate> entry : knownDevices.entrySet()) {

            sendbase64 = Base64.encodeBase64String(
                    cipher.doFinal(entry.getKey().getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
            dataOutputStream.writeObject(sendbase64);
            dataOutputStream.flush();
            logger.debug("PAKCorePairingHandler : runOperation : Sent devicename: " + sendbase64);

            sendbase64 = Base64.encodeBase64String(cipher.doFinal(entry.getValue().getEncoded()));
            dataOutputStream.writeObject(sendbase64);
            dataOutputStream.flush();
            logger.debug("PAKCorePairingHandler : runOperation : Sent devicecert: " + sendbase64);
        }

        logger.debug("PAKCorePairingHandler : runOperation : Will now send known contacts...");

        File vcardFile = File.createTempFile("panbox-pairing-temp", null);
        AbstractAddressbookManager.exportContacts(knownContacts, vcardFile);

        sendbase64 = Base64
                .encodeBase64String(cipher.doFinal(Files.readAllBytes(Paths.get(vcardFile.getAbsolutePath()))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent vcards: " + sendbase64);

        vcardFile.delete();

        // transmission of devicetype and devicekey

        cipher.init(Cipher.DECRYPT_MODE, spec);

        String base64encRecDevType = (String) dataInputStream.readObject();
        String base64encRecDevCert = (String) dataInputStream.readObject();
        logger.debug("PAKCorePairingHandler : runOperation : Received devType: " + base64encRecDevType);
        logger.debug("PAKCorePairingHandler : runOperation : Received devCert: " + base64encRecDevCert);

        devType = DeviceType.valueOf(new String(cipher.doFinal(Base64.decodeBase64(base64encRecDevType))));

        InputStream is = new ByteArrayInputStream(cipher.doFinal(Base64.decodeBase64(base64encRecDevCert)));
        devCert = (X509Certificate) certificateFactory.generateCertificate(is);

        break;
    case SLAVE:
        logger.debug("PAKCorePairingHandler : runOperation : Started to handle SLAVE pairing");
        cipher.init(Cipher.ENCRYPT_MODE, spec);

        // slave transmission
        logger.debug("PAKCorePairingHandler : runOperation : Will now send master/slave information...");

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(
                PairingType.SLAVE.toString().getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        // email, firstname, lastname, devicename transmission
        logger.debug("PAKCorePairingHandler : runOperation : Will now send personal information...");

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(eMail.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(firstName.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(lastName.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(
                cipher.doFinal(deviceName.getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        // owner certs
        logger.debug("PAKCorePairingHandler : runOperation : Will now send owner certificates...");

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(ownerCertEnc.getEncoded()));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(ownerCertSign.getEncoded()));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent: " + sendbase64);

        logger.debug(
                "PAKCorePairingHandler : runOperation : Will now receive device information for device manager...");

        logger.debug("PAKCorePairingHandler : runOperation : Will now send known devices...");

        sendbase64 = Base64.encodeBase64String(cipher.doFinal(Integer.toString(knownDevices.size())
                .getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent numOfDevices: " + sendbase64);

        for (Map.Entry<String, X509Certificate> entry : knownDevices.entrySet()) {

            sendbase64 = Base64.encodeBase64String(
                    cipher.doFinal(entry.getKey().getBytes(Charset.forName(PanboxConstants.STANDARD_CHARSET))));
            dataOutputStream.writeObject(sendbase64);
            dataOutputStream.flush();
            logger.debug("PAKCorePairingHandler : runOperation : Sent devicename: " + sendbase64);

            sendbase64 = Base64.encodeBase64String(cipher.doFinal(entry.getValue().getEncoded()));
            dataOutputStream.writeObject(sendbase64);
            dataOutputStream.flush();
            logger.debug("PAKCorePairingHandler : runOperation : Sent devicecert: " + sendbase64);
        }

        logger.debug("PAKCorePairingHandler : runOperation : Will now send known contacts...");

        vcardFile = File.createTempFile("panbox-pairing-temp", null);
        AbstractAddressbookManager.exportContacts(knownContacts, vcardFile);

        sendbase64 = Base64
                .encodeBase64String(cipher.doFinal(Files.readAllBytes(Paths.get(vcardFile.getAbsolutePath()))));
        dataOutputStream.writeObject(sendbase64);
        dataOutputStream.flush();
        logger.debug("PAKCorePairingHandler : runOperation : Sent vcards: " + sendbase64);

        vcardFile.delete();

        cipher.init(Cipher.DECRYPT_MODE, spec);

        // transmission of devicetype and devicekey
        base64encRecDevType = (String) dataInputStream.readObject();
        base64encRecDevCert = (String) dataInputStream.readObject();
        logger.debug("PAKCorePairingHandler : runOperation : Received devType: " + base64encRecDevType);
        logger.debug("PAKCorePairingHandler : runOperation : Received devCert: " + base64encRecDevCert);

        devType = DeviceType.valueOf(new String(cipher.doFinal(Base64.decodeBase64(base64encRecDevType))));

        is = new ByteArrayInputStream(cipher.doFinal(Base64.decodeBase64(base64encRecDevCert)));
        devCert = (X509Certificate) certificateFactory.generateCertificate(is);
        break;
    default:
    }

    logger.debug("PAKCorePairingHandler : runOperation : Pairing finished. Will terminate session now.");

    closeConnection();
}