Login | Register   
LinkedIn
Google+
Twitter
RSS Feed
Download our iPhone app
TODAY'S HEADLINES  |   ARTICLE ARCHIVE  |   FORUMS  |   TIP BANK
Browse DevX
Sign up for e-mail newsletters from DevX


advertisement
 

Implementing Secure Automatic Authentication in ColdFusion  : Page 3

Don't just set a plain-text cookie to match users with stored server data; let users log on automatically and securely by taking advantage of CF's ability to interact with Java.


advertisement

Reading and Writing the Keys
The Java Security API provides the java.security.spec package that implements these standards. You can write to the file system without the assistance of java.security.spec, but reading is a completely different matter, because the key objects implement the serializable interface. Therefore, you need to import two additional packages, java.io and java.security.spec.

      import java.io.*;
      import java.security.spec.*;
After importing those two packages you can create methods to read and write keys using the file system. The code below shows the implementation for reading and writing keys.

      public void writeKeys(String publicURI, String privateURI) 
         throws Exception
      {
         writePublicKey(publicURI);
         writePrivateKey(privateURI);
      }
      
      public void writePublicKey(String URI) throws Exception
      {
         byte[] enckey = publicKey.getEncoded();
         FileOutputStream keyfos = new FileOutputStream(URI);
         keyfos.write(enckey);
         keyfos.close();
      }
      
      public void writePrivateKey(String URI) throws Exception
      {
         byte[] enckey = privateKey.getEncoded();
         FileOutputStream keyfos = new FileOutputStream(URI);
         keyfos.write(enckey);
         keyfos.close();
      }
      
      public void readKeys(String publicURI, String privateURI) 
         throws Exception
      {
         readPublicKey(publicURI);
         readPrivateKey(privateURI);
      }
      
      public void readPublicKey(String URI) throws Exception
      {
         FileInputStream keyfis = new FileInputStream(URI);
         byte[] encKey = new byte[keyfis.available()];
         keyfis.read(encKey);
         keyfis.close();
         X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(encKey);
         KeyFactory keyFactory = KeyFactory.getInstance("DSA");
         publicKey = keyFactory.generatePublic(pubKeySpec);
      }
      
      public void readPrivateKey(String URI) throws Exception
      {
         FileInputStream keyfis = new FileInputStream(URI);
         byte[] encKey = new byte[keyfis.available()];
         keyfis.read(encKey);
         keyfis.close();
         PKCS8EncodedKeySpec privKeySpec = 
           new PKCS8EncodedKeySpec(encKey);
         KeyFactory keyFactory = KeyFactory.getInstance("DSA");
         privateKey = keyFactory.generatePrivate(privKeySpec);
      }


Comment and Contribute

 

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Sitemap
Thanks for your registration, follow us on our social networks to keep up-to-date