Win a copy of Succeeding with AI this week in the Artificial Intelligence and Machine Learning forum!

J Krem

Greenhorn
+ Follow
since Sep 14, 2004
Cows and Likes
Cows
Total received
0
In last 30 days
0
Total given
0
Likes
Total received
0
Received in last 30 days
0
Total given
0
Given in last 30 days
0
Forums and Threads
Scavenger Hunt
expand Ranch Hand Scavenger Hunt
expand Greenhorn Scavenger Hunt

Recent posts by J Krem

Can i timestamp the data out of internet explorer to be sent from server to host?
15 years ago
Hi guys, say for example i want to capture application data from for example msn messenger using sockets, is there a way to extract the destination ip address and port from the packets?
15 years ago
Good day all,
I would like to know the difference between digital signatures and hashing. For example, if i make a hash of a certificate using the message digest class and then encrypt the result.... would this be a signature?
Does the following method describe a signature? :

At sending end:
Hash generated certificate
Encrypt hashed value using private key
Send certificate, encrypted hash value over connection

At receiving end:
Receive certificate and encrypted hash value
Using the public key of certificate, decrypt and obtain the hash value....(A)
Make a hash of the received certificate using the same algorithm from the sending end, and compare this hashed value with the hash in line (A)
If they are equal ..and so on

Does the above represent a digital signature? Or do i have to use the signature class to accomplish authenticity? Another question, a generated certificate using the bouncycastle library, does it contain a signature?What is a signature? From my knowledge, I think a signature is the hashed value of the certificate encrypted using an algorithm. Am i correct? If this is true then the above method i described should suffice.....?

Thanks
15 years ago
Hi, i'll look into the objectstream..thanks
Also, i wanted to find out if i can use keymanagerfactory and trustmanagerfactory with normal sockets or do i HAVE to use SSL sockets?
You see i want to manage keys and certificates across a normal socket connection..not using ssl..what is the best course of action?
Thank you
Okay,
I want to connect to another machine (using a simple socket connection), and then I want to setup my in/out streams so I can send objects over the wire (and also receive them). Can i do this with simple socket connections?
For example, I want to send certificate objects through the connection..
(i cannot use SSL)

Am i doing it right
Thanks for the help, I had read in the documentation about keystore types..jks is a keystore type and it comes with the default SUN provider package...? Can you elaborate? is the sun-jce-provider.jar file sufficient???
15 years ago
i had tried the try catch statement on the line of code, but that didn't seem to work. What exactly do you mean by let the method throw the exception?
15 years ago
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.*;
import java.security.spec.*;
import javax.net.ssl.*;
import java.io.*;
import java.util.*;
import java.math.*;
import org.bouncycastle.jce.X509V3CertificateGenerator;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;

public class Certify{
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
MessageDigest digester;
String keyPairStore = "keyPairKS";
String trustedStore = "trustedKS";
KeyStore keyPairKS = KeyStore.getInstance("JKS"); ....-> This line gives
me an exception....

I do not understand why. I get the following:
java.security.KeyStoreException; not declared or thrown

what does this mean??
15 years ago
PKI
Yup it is.. I am using the bouncycastle package and this is my code, well i am generating a keystore now :

import org.bouncycastle.jce.X509V3CertificateGenerator;
import org.bouncycastle.jce.X509Principal;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.*;
import java.security.spec.*;
import javax.net.ssl.*;
import java.io.*;
import java.util.*;
import java.math.*;

//must create a certificate
public class keyys {

X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
//v3CertGen.setSerialNumber(BigInteger.valueOf(1));
MessageDigest digester;
String keyPairStore = "keyKS";
String trustedStore = "trustKS";
KeyStore keyKS= KeyStore.getInstance("jks");
}
when i compile this code, i get an error saying

unreported exception java.security.KeyStoreException; must be caught or declared to be thrown
KeyStore keyKS= KeyStore.getInstance("jks");

Also the line in comments give me an error that package v3certGen not found...i am a bit confused..can you help me?
15 years ago
unreported exception java.security.KeyStoreException; must be caught or declared to be thrown
KeyStore keyPairKS= KeyStore.getInstance("jks");

Can anyone help me with this problem? I get an error on the following line above
15 years ago
PKI
I am doing a project at an institution in san angelo, I need some help to build a PKI. Can you all give me some help please? Firstly, I want to use bouncycastle libraries since they would prove useful. I would need to generate a keystore,public/private key and generate certificates programatically for each peer. Next I would need to listen on a port or send out a request for a connection, does it need to be SSL? Next comes the verification and authentication process, I am assuming that both parties trust each other already so we do not need a CA to be directly invovled which sorts of not complicate things.
After client verification and authentication, I would need to encrypt and decrypt any data between the two parties.I would like very much to build a CRL. Any ideas on how to begin? If anyone has advice or any code to help me, please do.
15 years ago