} catch (Exception ex) {
return false;
}
SSLSocket ssl = null;
SSLServerContext serverContext = new SSLServerContext();
boolean generateDHParameters = false; // use pre-generated Diffi-Hellman parameters
DHParameterSpec dhparam = null;
// pre-generated Diffi-Hellman parameters
BigInteger p = new BigInteger("da583c16d9852289d0e4af756f4cca92dd4be533b804fb0fed94ef9c8a4403ed574650d36999db29d776276ba2d3d412e218f4dd1e084cf6d8003e7c4774e833", 16);
BigInteger g = BigInteger.valueOf(2);
dhparam = new DHParameterSpec(p, g);
// set the DH parameter for empherial and anon cipher suites
serverContext.setDHParameter(dhparam);
KeyAndCertificate kac;
EncryptedPrivateKeyInfo epki;
String password = getPassword("Certificate password");
try {
kac = new KeyAndCertificate(certDir + "/serverRSA1024.pem");
epki = (EncryptedPrivateKeyInfo)kac.getPrivateKey();
epki.decrypt(password);
serverContext.setRSACertificate(kac.getCertificateChain(), (RSAPrivateKey)epki.getPrivateKeyInfo());
} catch (Exception ex) {
System.out.println("Unable to set RSA server certificate.");
System.out.println("RSA cipher-suites can not be used. " + ex);
}
try {
// set the DSA certificate/private key for DSA cipher suites
kac = new KeyAndCertificate(certDir + "/serverDSA1024.pem");
epki = (EncryptedPrivateKeyInfo)kac.getPrivateKey();
epki.decrypt(password);
serverContext.setDSACertificate(kac.getCertificateChain(), epki.getPrivateKeyInfo());
} catch (Exception ex) {
System.out.println("Unable to set DSA server certificate.");
System.out.println("DSA cipher-suites can not be used. " + ex);
}
try {
// set the DH certificate/private key for DH cipher suites
kac = new KeyAndCertificate(certDir + "/serverDH1024.pem");
epki = (EncryptedPrivateKeyInfo)kac.getPrivateKey();
epki.decrypt(password);
serverContext.setDHCertificate(kac.getCertificateChain(), epki.getPrivateKeyInfo());
} catch (Exception ex) {
System.out.println("Unable to set Diffie-Hellman server certificate.");
System.out.println("Diffie-Hellman cipher-suites can not be used. " + ex);
}
try {
// set the temporary RSA key pair for RSA_EXPORT cipher suites
RSAPrivateKey tsk = new RSAPrivateKey(new FileInputStream(certDir + "/tempRSAPrivateKey.der"));
PublicKey tpk = tsk.getPublicKey();
KeyPair tempKeyPair = new KeyPair(tpk, tsk);
serverContext.setRSATempKeyPair(tempKeyPair);
} catch (Exception ex) {
System.out.println("Unable to set 512 bit temporary RSA key pair.");
System.out.println("RSA exportable cipher-suites can not be used.");
}
CipherSuite[] enabledCS = serverContext.updateCipherSuites();
ServerTrustDecider trustDecider = (ServerTrustDecider) this;
Vector acceptedCAs = new Vector();
serverContext.setTrustDecider(trustDecider);
if (certRequired) {
Name[] cas = new Name[acceptedCAs.size()];
acceptedCAs.copyInto(cas);
byte[] types = {
ClientTrustDecider.rsa_sign,
ClientTrustDecider.dss_sign
};
serverContext.setRequireClientCertificate(types, cas);
} else {
serverContext.setRequireClientCertificate(null, null);
}
System.out.println(serverContext);
SSLServerSocket listener = null;