diff options
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/util/PFXUtils.java')
-rw-r--r-- | pki/base/common/src/com/netscape/cmscore/util/PFXUtils.java | 77 |
1 files changed, 33 insertions, 44 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/util/PFXUtils.java b/pki/base/common/src/com/netscape/cmscore/util/PFXUtils.java index 7cde72cce..80912d7a9 100644 --- a/pki/base/common/src/com/netscape/cmscore/util/PFXUtils.java +++ b/pki/base/common/src/com/netscape/cmscore/util/PFXUtils.java @@ -17,7 +17,6 @@ // --- END COPYRIGHT BLOCK --- package com.netscape.cmscore.util; - import java.io.ByteArrayOutputStream; import java.security.MessageDigest; import java.security.cert.X509Certificate; @@ -40,71 +39,61 @@ import org.mozilla.jss.pkix.primitive.PrivateKeyInfo; import com.netscape.certsrv.apps.CMS; import com.netscape.certsrv.base.EBaseException; - public class PFXUtils { /** * Creates a PKCS12 package. */ - public static byte[] createPFX(String pwd, X509Certificate x509cert, - byte privateKeyInfo[]) throws EBaseException { + public static byte[] createPFX(String pwd, X509Certificate x509cert, + byte privateKeyInfo[]) throws EBaseException { try { // add certificate SEQUENCE encSafeContents = new SEQUENCE(); - ASN1Value cert = new OCTET_STRING( - x509cert.getEncoded()); + ASN1Value cert = new OCTET_STRING(x509cert.getEncoded()); byte localKeyId[] = createLocalKeyId(x509cert); - SET certAttrs = createBagAttrs( - x509cert.getSubjectDN().toString(), localKeyId); + SET certAttrs = createBagAttrs(x509cert.getSubjectDN().toString(), + localKeyId); // attributes: user friendly name, Local Key ID - SafeBag certBag = new SafeBag(SafeBag.CERT_BAG, - new CertBag(CertBag.X509_CERT_TYPE, cert), - certAttrs); + SafeBag certBag = new SafeBag(SafeBag.CERT_BAG, new CertBag( + CertBag.X509_CERT_TYPE, cert), certAttrs); encSafeContents.addElement(certBag); // add key - org.mozilla.jss.util.Password pass = new - org.mozilla.jss.util.Password( + org.mozilla.jss.util.Password pass = new org.mozilla.jss.util.Password( pwd.toCharArray()); SEQUENCE safeContents = new SEQUENCE(); - PasswordConverter passConverter = new - PasswordConverter(); + PasswordConverter passConverter = new PasswordConverter(); // XXX - should generate salt - byte salt[] = {0x01, 0x01, 0x01, 0x01}; - PrivateKeyInfo pki = (PrivateKeyInfo) - ASN1Util.decode(PrivateKeyInfo.getTemplate(), - privateKeyInfo); + byte salt[] = { 0x01, 0x01, 0x01, 0x01 }; + PrivateKeyInfo pki = (PrivateKeyInfo) ASN1Util.decode( + PrivateKeyInfo.getTemplate(), privateKeyInfo); ASN1Value key = EncryptedPrivateKeyInfo.createPBE( - PBEAlgorithm.PBE_SHA1_DES3_CBC, - pass, salt, 1, passConverter, pki); - SET keyAttrs = createBagAttrs( - x509cert.getSubjectDN().toString(), + PBEAlgorithm.PBE_SHA1_DES3_CBC, pass, salt, 1, + passConverter, pki); + SET keyAttrs = createBagAttrs(x509cert.getSubjectDN().toString(), localKeyId); - SafeBag keyBag = new SafeBag( - SafeBag.PKCS8_SHROUDED_KEY_BAG, key, + SafeBag keyBag = new SafeBag(SafeBag.PKCS8_SHROUDED_KEY_BAG, key, keyAttrs); // ?? safeContents.addElement(keyBag); // build contents - AuthenticatedSafes authSafes = new - AuthenticatedSafes(); + AuthenticatedSafes authSafes = new AuthenticatedSafes(); authSafes.addSafeContents(safeContents); authSafes.addSafeContents(encSafeContents); - // authSafes.addEncryptedSafeContents( - // authSafes.DEFAULT_KEY_GEN_ALG, - // pass, null, 1, - // encSafeContents); + // authSafes.addEncryptedSafeContents( + // authSafes.DEFAULT_KEY_GEN_ALG, + // pass, null, 1, + // encSafeContents); PFX pfx = new PFX(authSafes); pfx.computeMacData(pass, null, 5); // ?? - ByteArrayOutputStream fos = new - ByteArrayOutputStream(); + ByteArrayOutputStream fos = new ByteArrayOutputStream(); pfx.encode(fos); pass.clear(); @@ -112,9 +101,9 @@ public class PFXUtils { // put final PKCS12 into volatile request return fos.toByteArray(); } catch (Exception e) { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", - "Failed to create PKCS12 - " + e.toString())); + throw new EBaseException(CMS.getUserMessage( + "CMS_BASE_INTERNAL_ERROR", + "Failed to create PKCS12 - " + e.toString())); } } @@ -122,7 +111,7 @@ public class PFXUtils { * Creates local key identifier. */ public static byte[] createLocalKeyId(X509Certificate cert) - throws EBaseException { + throws EBaseException { try { byte certDer[] = cert.getEncoded(); MessageDigest md = MessageDigest.getInstance("SHA"); @@ -130,9 +119,9 @@ public class PFXUtils { md.update(certDer); return md.digest(); } catch (Exception e) { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", - "Failed to create Key ID - " + e.toString())); + throw new EBaseException(CMS.getUserMessage( + "CMS_BASE_INTERNAL_ERROR", + "Failed to create Key ID - " + e.toString())); } } @@ -140,7 +129,7 @@ public class PFXUtils { * Creates bag attributes. */ public static SET createBagAttrs(String nickName, byte localKeyId[]) - throws EBaseException { + throws EBaseException { try { SET attrs = new SET(); SEQUENCE nickNameAttr = new SEQUENCE(); @@ -161,9 +150,9 @@ public class PFXUtils { attrs.addElement(localKeyAttr); return attrs; } catch (Exception e) { - throw new EBaseException( - CMS.getUserMessage("CMS_BASE_INTERNAL_ERROR", - "Failed to create Key Bag - " + e.toString())); + throw new EBaseException(CMS.getUserMessage( + "CMS_BASE_INTERNAL_ERROR", "Failed to create Key Bag - " + + e.toString())); } } } |