diff options
author | Abhishek Koneru <akoneru@redhat.com> | 2014-07-24 11:20:12 -0400 |
---|---|---|
committer | Abhishek Koneru <akoneru@redhat.com> | 2014-08-27 01:15:35 -0400 |
commit | 6444287caa2ad171086d0ce9d93761a897247e06 (patch) | |
tree | 86e13cafc3f7b866be86b21cf0d96e401d0b9f01 /base/java-tools/src | |
parent | 8e464b6ba5d83d7915978db5841967f20672dfd0 (diff) | |
download | pki-6444287caa2ad171086d0ce9d93761a897247e06.tar.gz pki-6444287caa2ad171086d0ce9d93761a897247e06.tar.xz pki-6444287caa2ad171086d0ce9d93761a897247e06.zip |
Generate asymmetric keys in the DRM.
Adds methods to key client to generate asymmetric keys using
algorithms RSA and DSA for a valid key sizes of 512, 1024, 2048,4096.
The generated keys are archived in the database.
Using the CLI, the public key(base64 encoded) can be retrieved by using
the key-show command.
The private key(base64 encoded) can be retrieved using the key-retrieve
command.
Ticket #1023
Diffstat (limited to 'base/java-tools/src')
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java | 12 | ||||
-rw-r--r-- | base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java | 47 |
2 files changed, 52 insertions, 7 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java index 1b8ae64b5..82235d278 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyCLI.java @@ -93,6 +93,18 @@ public class KeyCLI extends CLI { if (info.getAlgorithm() != null) System.out.println(" Algorithm: "+info.getAlgorithm()); if (info.getSize() != null) System.out.println(" Size: "+info.getSize()); if (info.getOwnerName() != null) System.out.println(" Owner: "+info.getOwnerName()); + if (info.getPublicKey() != null) { + // Print out the Base64 encoded public key in the form of a blob, + // where the max line length is 64. + System.out.println(" Public Key: \n"); + String publicKey = info.getPublicKey(); + int i = 0; + for(i=0;i<publicKey.length()/64;i++){ + System.out.println(publicKey.substring(i*64, i*64 + 64)); + } + System.out.println(publicKey.substring(i*64)); + System.out.println(); + } } public static void printKeyRequestInfo(KeyRequestInfo info) { diff --git a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java index a551d61f3..c8608731e 100644 --- a/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java +++ b/base/java-tools/src/com/netscape/cmstools/key/KeyGenerateCLI.java @@ -28,7 +28,7 @@ public class KeyGenerateCLI extends CLI { public void createOptions() { Option option = new Option(null, "key-algorithm", true, - "Algorithm to be used to create a key.\nValid values: AES, DES, DES3, RC2, RC4, DESede."); + "Algorithm to be used to create a key.\nValid values: AES, DES, DES3, RC2, RC4, DESede, RSA, DSA"); option.setArgName("algorithm"); option.setRequired(true); options.addOption(option); @@ -38,12 +38,14 @@ public class KeyGenerateCLI extends CLI { "key-size", true, "Size of the key to be generated.\nThis is required for AES, RC2 and RC4.\n" - + "Valid values for AES: 128, 192. 256.\nValid values for RC2: 8-128.\n Valid values for RC4: Any positive integer."); + + "Valid values for AES: 128, 192. 256.\nValid values for RC2: 8-128.\n Valid values for RC4: Any positive integer." + + "\n Valid values for DSA: 512, 768, 1024.\nValid values for RSA: 256 + (16*n), n= [0-496]"); option.setArgName("size"); options.addOption(option); option = new Option(null, "usages", true, "Comma separated list of usages." - + "\nValid values: wrap, unwrap, sign, verify, encrypt, decrypt."); + + "\nValid values: wrap, unwrap, sign, verify, encrypt, decrypt." + + "\nAdditional usages for RSA and DSA type keys: derive, sign_recover, verify_recover."); option.setArgName("list of usages"); options.addOption(option); } @@ -91,6 +93,8 @@ public class KeyGenerateCLI extends CLI { case KeyRequestResource.RC4_ALGORITHM: case KeyRequestResource.AES_ALGORITHM: case KeyRequestResource.RC2_ALGORITHM: + case KeyRequestResource.RSA_ALGORITHM: + case KeyRequestResource.DSA_ALGORITHM: System.err.println("Error: Key size must be specified for the algorithm used."); printHelp(); System.exit(-1); @@ -100,16 +104,45 @@ public class KeyGenerateCLI extends CLI { System.exit(-1); } } + + int size = 0; + try { + size = Integer.parseInt(keySize); + } catch (NumberFormatException e) { + System.err.println("Error: Key size must be an integer."); + printHelp(); + System.exit(-1); + } List<String> usages = null; String givenUsages = cmd.getOptionValue("usages"); if (givenUsages != null) { usages = Arrays.asList(givenUsages.split(",")); } - KeyRequestResponse response = keyCLI.keyClient.generateSymmetricKey(clientKeyId, keyAlgorithm, - Integer.parseInt(keySize), - usages, null); - + KeyRequestResponse response = null; + switch (keyAlgorithm) { + case KeyRequestResource.DES3_ALGORITHM: + case KeyRequestResource.DESEDE_ALGORITHM: + case KeyRequestResource.DES_ALGORITHM: + case KeyRequestResource.RC4_ALGORITHM: + case KeyRequestResource.AES_ALGORITHM: + case KeyRequestResource.RC2_ALGORITHM: + response = keyCLI.keyClient.generateSymmetricKey(clientKeyId, keyAlgorithm, + size, + usages, null); + break; + case KeyRequestResource.RSA_ALGORITHM: + case KeyRequestResource.DSA_ALGORITHM: + response = keyCLI.keyClient.generateAsymmetricKey(clientKeyId, keyAlgorithm, + size, + usages, null); + break; + default: + System.err.println("Error: Algorithm not supported."); + printHelp(); + System.exit(-1); + } MainCLI.printMessage("Key generation request info"); KeyCLI.printKeyRequestInfo(response.getRequestInfo()); } + } |