/**
* Convert to AuthData.xml format
*
* @return String - auth config data
*/
protected String toConfigXML() {
StringBuffer buf = new StringBuffer();
buf.append("<Identity name=\"...\" domain=\"...\">\n");
buf.append(prvKey.toConfigXML());
buf.append("\n");
buf.append(cert.toConfigXML());
buf.append("\n<Certificate name=\"${signer}\" ... />\n");
buf.append("<DHparam>\n<Alpha>");
buf.append(ContentHandler.toBase64(dhParam.alpha));
buf.append("</Alpha>\n<P>");
buf.append(ContentHandler.toBase64(dhParam.p));
buf.append("</P>\n</DHparam>\n</Identity>\n");
return buf.toString();
}
/**
* Write AuthSet data to a Plan9/Inferno keyring file.
*
* @param auth AuthSet - authentication data
* @return StringBuffer - content buffer
*/
public static StringBuffer toKeyringFile(AuthSet auth) {
StringBuffer buf = new StringBuffer();
// Section 1: public key of signer
buf.append(auth.cert.pubSigner.toContent());
// Section 2: Signature
buf.append(auth.cert.toContent());
// Section 3: private key of certificate holder
buf.append(auth.prvKey.toContent());
// Section 4: Diffie-Hellman parameter "alpha"
buf.append(
ContentHandler.createSection(new String[] {ContentHandler.toBase64(auth.dhParam.alpha)}));
// Section 5: Diffie-Hellman parameter "p"
buf.append(
ContentHandler.createSection(new String[] {ContentHandler.toBase64(auth.dhParam.p)}));
return buf;
}
/**
* Read a Plan9/Inferno AuthSet from a keyring file:
*
* <p>The file format is as follows: Each segment starts with a four-character size on a single
* line that denotes the total size of the segment (not including the size field and delimiter).
* If a segment contains multiple entries, the lines are separated with a newline character (also
* the last one!); a single entry is not terminated by newline:
*
* <ul>
* <li>
* <p><b>[Public key of signer]</b>
* <ul>
* <li>Encryption algorithm / key scheme (must be "<b>rsa</b>")
* <li>fully qualified name of signer
* <li>RSA modulus
* <li>RSA public exponent
* </ul>
* <li>
* <p><b>[Signature]</b>
* <ul>
* <li>Encryption algorithm / key scheme (must be "<b>rsa</b>")
* <li>Hashing algorithm (one of "<b>md4</b>", "<b>md5</b>" or "<b>sha1</b>")
* <li>fully qualified name of signer
* <li>Expiration date of certificate
* <li>Signature data
* </ul>
* <li>
* <p><b>[Private/public key of holder]</b>
* <ul>
* <li>Encryption algorithm / key scheme (must be "<b>rsa</b>")
* <li>fully qualified name of holder
* <li>RSA modulus
* <li>RSA public exponent
* <li>------ start of private part
* <li>RSA private exponent
* <li>RSA prime factor p
* <li>RSA prime factor q
* <li>RSA prime exponent pE
* <li>RSA prime exponent qE
* <li>RSA coefficient
* </ul>
* <li><b>[DH alpha]</b>
* <li><b>[DH modulus]</b>
* </ul>
*/
public static AuthSet read(String fName) {
try {
// allocate result
AuthSet res = new AuthSet();
// get an input stream to file
InputStream is = new FileInputStream(fName);
// ---------------------------------------------------------
// Section 1: public key of signer
// ---------------------------------------------------------
String[] content = ContentHandler.getNextSection(is);
PublicKey pubSigner = new PublicKey(content);
// ---------------------------------------------------------
// Section 2: Certificate
// ---------------------------------------------------------
content = ContentHandler.getNextSection(is);
res.cert = new Certificate(content);
if (!res.cert.signer.equals(pubSigner.name)) throw new Exception("Signer names don't match");
res.cert.pubSigner = pubSigner;
// ---------------------------------------------------------
// Section 3: private key of certificate holder
// ---------------------------------------------------------
content = ContentHandler.getNextSection(is);
if (content.length < 5)
// we only have a public key
res.cert.pubHolder = new PublicKey(content);
else {
// we have a complete private key
PrivateKey prv = new PrivateKey(content);
if (!prv.validate()) throw new Exception("Invalid private key");
res.prvKey = prv;
res.cert.pubHolder = prv.getPublicKey();
}
// ---------------------------------------------------------
// Section 4: Diffie-Hellman parameter "alpha"
// ---------------------------------------------------------
content = ContentHandler.getNextSection(is);
BigInteger dhAlpha = ContentHandler.fromBase64(content[0]);
// ---------------------------------------------------------
// Section 5: Diffie-Hellman parameter "p"
// ---------------------------------------------------------
content = ContentHandler.getNextSection(is);
BigInteger dhP = ContentHandler.fromBase64(content[0]);
res.dhParam = new DH_KeyExchange(dhAlpha, dhP);
// return assembled entities
return res;
} catch (Exception e) {
System.err.println("Error reading keyring entry: " + e.getMessage());
return null;
}
}
