001// Copyright (C) 2002 IAIK 002// https://sic.tech/ 003// 004// Copyright (C) 2003 - 2025 Stiftung Secure Information and 005// Communication Technologies SIC 006// https://sic.tech/ 007// 008// All rights reserved. 009// 010// This source is provided for inspection purposes and recompilation only, 011// unless specified differently in a contract with IAIK. This source has to 012// be kept in strict confidence and must not be disclosed to any third party 013// under any circumstances. Redistribution in source and binary forms, with 014// or without modification, are <not> permitted in any case! 015// 016// THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 017// ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 018// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 019// ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 020// FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 021// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 022// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 023// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 024// LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 025// OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 026// SUCH DAMAGE. 027// 028// $Header: /IAIK-CMS/current/src/demo/cms/ecc/keystore/CMSEccKeyStore.java 26 12.02.25 17:58 Dbratko $ 029// $Revision: 26 $ 030// 031 032package demo.cms.ecc.keystore; 033 034import java.io.File; 035import java.io.FileInputStream; 036import java.security.KeyStore; 037import java.security.PrivateKey; 038import java.util.HashMap; 039 040import demo.keystore.CMSKeyStore; 041import iaik.cms.SecurityProvider; 042import iaik.utils.Util; 043import iaik.x509.X509Certificate; 044 045/** 046 * Keystore for the ECC demos of IAIK-CMS. 047 */ 048public class CMSEccKeyStore implements CMSEccKeyStoreConstants { 049 050 /** 051 * Certificates. 052 */ 053 static Object[][] certificates = new Object[2][22]; 054 /** 055 * Keys. 056 */ 057 static PrivateKey[][] keys = new PrivateKey[2][22]; 058 /** 059 * Ca certificate. 060 */ 061 static X509Certificate ca_certificate; 062 /** 063 * Ca key. 064 */ 065 static PrivateKey ca_key; 066 067 /** 068 * Repository holding keys by their corresponding (certificate) ids. 069 */ 070 private static HashMap recipientKeys_ = new HashMap(); 071 072 /** 073 * Repository holding certs by their corresponding (certificate) ids. 074 */ 075 private static HashMap recipientCerts_ = new HashMap(); 076 077 public final static int ECDSA = 0; 078 public final static int ECDH = 1; 079 080 // signing keys 081 public final static int SZ_192_SIGN = 0; 082 public final static int SZ_224_SIGN = 1; 083 public final static int SZ_256_SIGN = 2; 084 public final static int SZ_384_SIGN = 3; 085 public final static int SZ_521_SIGN = 4; 086 public final static int SZ_ED25519 = 5; 087 public final static int SZ_ED448 = 6; 088 public final static int SZ_192_BRAINPOOL_SIGN = 7; 089 public final static int SZ_224_BRAINPOOL_SIGN = 8; 090 public final static int SZ_256_BRAINPOOL_SIGN = 9; 091 public final static int SZ_384_BRAINPOOL_SIGN = 10; 092 public final static int SZ_512_BRAINPOOL_SIGN = 11; 093 094 // encryption / key agreement keys 095 public final static int SZ_192_CRYPT_1 = 0; 096 public final static int SZ_192_CRYPT_2 = 1; 097 public final static int SZ_224_CRYPT_1 = 2; 098 public final static int SZ_224_CRYPT_2 = 3; 099 public final static int SZ_256_CRYPT_1 = 4; 100 public final static int SZ_256_CRYPT_2 = 5; 101 public final static int SZ_384_CRYPT_1 = 6; 102 public final static int SZ_384_CRYPT_2 = 7; 103 public final static int SZ_521_CRYPT_1 = 8; 104 public final static int SZ_521_CRYPT_2 = 9; 105 public final static int SZ_X25519 = 10; 106 public final static int SZ_X448 = 11; 107 public final static int SZ_192_BRAINPOOL_CRYPT_1 = 12; 108 public final static int SZ_192_BRAINPOOL_CRYPT_2 = 13; 109 public final static int SZ_224_BRAINPOOL_CRYPT_1 = 14; 110 public final static int SZ_224_BRAINPOOL_CRYPT_2 = 15; 111 public final static int SZ_256_BRAINPOOL_CRYPT_1 = 16; 112 public final static int SZ_256_BRAINPOOL_CRYPT_2 = 17; 113 public final static int SZ_384_BRAINPOOL_CRYPT_1 = 18; 114 public final static int SZ_384_BRAINPOOL_CRYPT_2 = 19; 115 public final static int SZ_512_BRAINPOOL_CRYPT_1 = 20; 116 public final static int SZ_512_BRAINPOOL_CRYPT_2 = 21; 117 118 /** 119 * Keystore. 120 */ 121 static KeyStore key_store; 122 123 /** 124 * Loads and inits keystore. 125 */ 126 static { 127 System.out.println("initializing KeyStore..."); 128 loadKeyStore(); 129 initKeyStore(); 130 } 131 132 /** 133 * Loads the keystore from the file ("cmsecc.keystore"). 134 */ 135 private static void loadKeyStore() { 136 boolean createKeyStore = false; 137 // try to locate the KeyStore 138 // first check the current working directory 139 File ks = new File(KS_DIRECTORY, KS_FILENAME); 140 if (!ks.exists()) { 141 createKeyStore = true; 142 // called from demo batch file (try parent directory) 143 File ksDir = new File(KS_DIRECTORY); 144 if (ksDir.exists()) { 145 String parentDir = ksDir.getParent(); 146 String pDir = parentDir.toLowerCase(); 147 if ((pDir.endsWith("cms")) || (pDir.endsWith("smime"))) { 148 File ksParent = new File(parentDir, KS_FILENAME); 149 if (ksParent.exists()) { 150 ks = ksParent; 151 createKeyStore = false; 152 } 153 } 154 } 155 if (createKeyStore) { 156 // keystore does not exist ==> create new one 157 System.out.println(); 158 System.out.println(); 159 System.out.println("Can not find the KeyStore " + KS_FILENAME + " in directory:"); 160 System.out.println(ks.getAbsolutePath()); 161 System.out.println("Generating key store!"); 162 try { 163 SetupCMSEccKeyStore.main(new String[] {}); 164 } catch (Exception ex) { 165 System.out.println("Unable to create KeyStore!"); 166 ex.printStackTrace(); 167 demo.DemoUtil.waitKey(); 168 System.exit(1); 169 } 170 } 171 } 172 173 FileInputStream fis = null; 174 // now try to create and load the KeyStore 175 try { 176 fis = new FileInputStream(ks); 177 key_store = SecurityProvider.getSecurityProvider().getKeyStore("IAIKKeyStore"); 178 key_store.load(fis, KS_PASSWORD); 179 fis.close(); 180 } catch (Exception ex) { 181 System.out.println("Unable to load KeyStore!"); 182 ex.printStackTrace(); 183 if (fis != null) { 184 try { 185 fis.close(); 186 } catch (Exception e) { 187 // ignore 188 } 189 } 190 demo.DemoUtil.waitKey(); 191 System.exit(1); 192 } 193 } 194 195 /** 196 * Initializes the keystore. 197 */ 198 private static void initKeyStore() { 199 try { 200 ca_certificate = Util.convertCertificateChain(key_store.getCertificateChain(CA_ECDSA))[0]; 201 ca_key = (PrivateKey)key_store.getKey(CA_ECDSA, KS_PASSWORD); 202 203 certificates[ECDSA][SZ_192_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_192)); 204 keys[ECDSA][SZ_192_SIGN] = (PrivateKey)key_store.getKey(ECDSA_192, KS_PASSWORD); 205 certificates[ECDSA][SZ_224_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_224)); 206 keys[ECDSA][SZ_224_SIGN] = (PrivateKey)key_store.getKey(ECDSA_224, KS_PASSWORD); 207 certificates[ECDSA][SZ_256_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_256)); 208 keys[ECDSA][SZ_256_SIGN] = (PrivateKey)key_store.getKey(ECDSA_256, KS_PASSWORD); 209 certificates[ECDSA][SZ_384_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_384)); 210 keys[ECDSA][SZ_384_SIGN] = (PrivateKey)key_store.getKey(ECDSA_384, KS_PASSWORD); 211 certificates[ECDSA][SZ_521_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_521)); 212 keys[ECDSA][SZ_521_SIGN] = (PrivateKey)key_store.getKey(ECDSA_521, KS_PASSWORD); 213 214 } catch (Exception ex) { 215 System.out.println("Unable to get ECDSA certificates from KeyStore."); 216 ex.printStackTrace(); 217 } 218 219 try { 220 certificates[ECDH][SZ_192_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_192_1)); 221 keys[ECDH][SZ_192_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_192_1, KS_PASSWORD); 222 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_192_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_192_CRYPT_1])); 223 certificates[ECDH][SZ_192_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_192_2)); 224 keys[ECDH][SZ_192_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_192_2, KS_PASSWORD); 225 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_192_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_192_CRYPT_2])); 226 certificates[ECDH][SZ_224_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_224_1)); 227 keys[ECDH][SZ_224_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_224_1, KS_PASSWORD); 228 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_224_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_224_CRYPT_1])); 229 certificates[ECDH][SZ_224_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_224_2)); 230 keys[ECDH][SZ_224_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_224_2, KS_PASSWORD); 231 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_224_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_224_CRYPT_2])); 232 certificates[ECDH][SZ_256_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_256_1)); 233 keys[ECDH][SZ_256_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_256_1, KS_PASSWORD); 234 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_256_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_256_CRYPT_1])); 235 certificates[ECDH][SZ_256_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_256_2)); 236 keys[ECDH][SZ_256_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_256_2, KS_PASSWORD); 237 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_256_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_256_CRYPT_2])); 238 certificates[ECDH][SZ_384_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_384_1)); 239 keys[ECDH][SZ_384_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_384_1, KS_PASSWORD); 240 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_384_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_384_CRYPT_1])); 241 certificates[ECDH][SZ_384_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_384_2)); 242 keys[ECDH][SZ_384_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_384_2, KS_PASSWORD); 243 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_384_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_384_CRYPT_2])); 244 certificates[ECDH][SZ_521_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_521_1)); 245 keys[ECDH][SZ_521_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_521_1, KS_PASSWORD); 246 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_521_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_521_CRYPT_1])); 247 certificates[ECDH][SZ_521_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_521_2)); 248 keys[ECDH][SZ_521_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_521_2, KS_PASSWORD); 249 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_521_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_521_CRYPT_2])); 250 } catch (Exception ex) { 251 System.out.println("Unable to get ECDH certificates from KeyStore."); 252 ex.printStackTrace(); 253 } 254 255 try { 256 certificates[ECDSA][SZ_ED25519] = Util.convertCertificateChain(key_store.getCertificateChain(EDDSA_ED25519)); 257 keys[ECDSA][SZ_ED25519] = (PrivateKey)key_store.getKey(EDDSA_ED25519, KS_PASSWORD); 258 certificates[ECDSA][SZ_ED448] = Util.convertCertificateChain(key_store.getCertificateChain(EDDSA_ED448)); 259 keys[ECDSA][SZ_ED448] = (PrivateKey)key_store.getKey(EDDSA_ED448, KS_PASSWORD); 260 } catch (Exception ex) { 261 System.out.println("Unable to get EdDSA certificate from KeyStore."); 262 ex.printStackTrace(); 263 } 264 265 try { 266 certificates[ECDH][SZ_X25519] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_X25519)); 267 keys[ECDH][SZ_X25519] = (PrivateKey)key_store.getKey(ECDH_X25519, KS_PASSWORD); 268 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_X25519], ((X509Certificate[])certificates[ECDH][SZ_X25519])); 269 certificates[ECDH][SZ_X448] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_X448)); 270 keys[ECDH][SZ_X448] = (PrivateKey)key_store.getKey(ECDH_X448, KS_PASSWORD); 271 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_X448], ((X509Certificate[])certificates[ECDH][SZ_X448])); 272 } catch (Exception ex) { 273 System.out.println("Unable to get ECDH x25519, x448 certificate from KeyStore."); 274 ex.printStackTrace(); 275 } 276 277 try { 278 certificates[ECDSA][SZ_192_BRAINPOOL_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_BRAINPOOL_192)); 279 keys[ECDSA][SZ_192_BRAINPOOL_SIGN] = (PrivateKey)key_store.getKey(ECDSA_BRAINPOOL_192, KS_PASSWORD); 280 certificates[ECDSA][SZ_224_BRAINPOOL_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_BRAINPOOL_224)); 281 keys[ECDSA][SZ_224_BRAINPOOL_SIGN] = (PrivateKey)key_store.getKey(ECDSA_BRAINPOOL_224, KS_PASSWORD); 282 certificates[ECDSA][SZ_256_BRAINPOOL_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_BRAINPOOL_256)); 283 keys[ECDSA][SZ_256_BRAINPOOL_SIGN] = (PrivateKey)key_store.getKey(ECDSA_BRAINPOOL_256, KS_PASSWORD); 284 certificates[ECDSA][SZ_384_BRAINPOOL_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_BRAINPOOL_384)); 285 keys[ECDSA][SZ_384_BRAINPOOL_SIGN] = (PrivateKey)key_store.getKey(ECDSA_BRAINPOOL_384, KS_PASSWORD); 286 certificates[ECDSA][SZ_512_BRAINPOOL_SIGN] = Util.convertCertificateChain(key_store.getCertificateChain(ECDSA_BRAINPOOL_512)); 287 keys[ECDSA][SZ_512_BRAINPOOL_SIGN] = (PrivateKey)key_store.getKey(ECDSA_BRAINPOOL_512, KS_PASSWORD); 288 289 } catch (Exception ex) { 290 System.out.println("Unable to get ECDSA Brainpool certificates from KeyStore."); 291 ex.printStackTrace(); 292 } 293 294 try { 295 certificates[ECDH][SZ_192_BRAINPOOL_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_192_1)); 296 keys[ECDH][SZ_192_BRAINPOOL_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_192_1, KS_PASSWORD); 297 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_192_BRAINPOOL_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_192_BRAINPOOL_CRYPT_1])); 298 certificates[ECDH][SZ_192_BRAINPOOL_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_192_2)); 299 keys[ECDH][SZ_192_BRAINPOOL_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_192_2, KS_PASSWORD); 300 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_192_BRAINPOOL_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_192_BRAINPOOL_CRYPT_2])); 301 certificates[ECDH][SZ_224_BRAINPOOL_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_224_1)); 302 keys[ECDH][SZ_224_BRAINPOOL_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_224_1, KS_PASSWORD); 303 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_224_BRAINPOOL_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_224_BRAINPOOL_CRYPT_1])); 304 certificates[ECDH][SZ_224_BRAINPOOL_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_224_2)); 305 keys[ECDH][SZ_224_BRAINPOOL_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_224_2, KS_PASSWORD); 306 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_224_BRAINPOOL_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_224_BRAINPOOL_CRYPT_2])); 307 certificates[ECDH][SZ_256_BRAINPOOL_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_256_1)); 308 keys[ECDH][SZ_256_BRAINPOOL_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_256_1, KS_PASSWORD); 309 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_256_BRAINPOOL_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_256_BRAINPOOL_CRYPT_1])); 310 certificates[ECDH][SZ_256_BRAINPOOL_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_256_2)); 311 keys[ECDH][SZ_256_BRAINPOOL_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_256_2, KS_PASSWORD); 312 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_256_BRAINPOOL_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_256_BRAINPOOL_CRYPT_2])); 313 certificates[ECDH][SZ_384_BRAINPOOL_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_384_1)); 314 keys[ECDH][SZ_384_BRAINPOOL_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_384_1, KS_PASSWORD); 315 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_384_BRAINPOOL_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_384_BRAINPOOL_CRYPT_1])); 316 certificates[ECDH][SZ_384_BRAINPOOL_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_384_2)); 317 keys[ECDH][SZ_384_BRAINPOOL_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_384_2, KS_PASSWORD); 318 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_384_BRAINPOOL_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_384_BRAINPOOL_CRYPT_2])); 319 certificates[ECDH][SZ_512_BRAINPOOL_CRYPT_1] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_512_1)); 320 keys[ECDH][SZ_512_BRAINPOOL_CRYPT_1] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_512_1, KS_PASSWORD); 321 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_512_BRAINPOOL_CRYPT_1], ((X509Certificate[])certificates[ECDH][SZ_512_BRAINPOOL_CRYPT_1])); 322 certificates[ECDH][SZ_512_BRAINPOOL_CRYPT_2] = Util.convertCertificateChain(key_store.getCertificateChain(ECDH_BRAINPOOL_512_2)); 323 keys[ECDH][SZ_512_BRAINPOOL_CRYPT_2] = (PrivateKey)key_store.getKey(ECDH_BRAINPOOL_512_2, KS_PASSWORD); 324 CMSKeyStore.addRecipientKey(keys[ECDH][SZ_512_BRAINPOOL_CRYPT_2], ((X509Certificate[])certificates[ECDH][SZ_512_BRAINPOOL_CRYPT_2])); 325 } catch (Exception ex) { 326 System.out.println("Unable to get ECDH Brainpool certificates from KeyStore."); 327 ex.printStackTrace(); 328 } 329 330 331 } 332 333 /** 334 * Returns the private key of a CA certificate. 335 * 336 * @param type {@link #ECDSA ECDSA} or {@link #ECDH ECDH} 337 * @param size the key size 338 * 339 * @return the key 340 */ 341 public static PrivateKey getPrivateKey(int type, int size) { 342 try { 343 return keys[type][size]; 344 } catch (ArrayIndexOutOfBoundsException ex) { 345 throw new RuntimeException("Wrong type or size!"); 346 } 347 } 348 349 /** 350 * Returns a demo user certificate. 351 * 352 * @param type {@link #ECDSA ECDSA} or {@link #ECDH ECDH} 353 * @param size the size of the corresponding key 354 * 355 * @return the certificate chain 356 */ 357 public static X509Certificate[] getCertificateChain(int type, int size) { 358 try { 359 return (X509Certificate[])certificates[type][size]; 360 } catch (ArrayIndexOutOfBoundsException ex) { 361 throw new RuntimeException("Wrong type or size!"); 362 } 363 } 364 365 /** 366 * Returns the private key of a CA certificate. 367 * 368 * @return the private key of the ca 369 */ 370 public static PrivateKey getCaPrivateKey() { 371 return ca_key; 372 } 373 374 /** 375 * Returns the demo CA certificate. 376 * 377 * @return the demo CA certificate 378 */ 379 public static X509Certificate getCaCertificate() { 380 return ca_certificate; 381 } 382}