/NIS

Honours Project by Keegan White, Stuart Mesham, Luc Hayward and Jared Shapiro focusing on cryptography and key validation/authenticity.

Primary LanguageJava

NIS Assignment

Honours Project by Keegan White, Stuart Mesham, Luc Hayward and Jared Shapiro

Description

The objective of the practical is get experience with crypto functions, and in particular to validate key authenticity and to simulate / replicate the message confidentiality and authentication aspects of PGP (see slides Part 5, Slide 5 “PGP Cryptographic Functions” as a guide). The Certification Authority role required is more X.509-like than PGP-like.

Usage

  1. Initially, the keys and certificate for the certificate authority (CA) need to be generated by running the GenerateCertificateAuthorityCert main method.
  2. Run a server (listening client) by running the Main class with <port number> as an argument.
  3. Enter the username and password for the user running the server. (if the user does not exist, a new certificate and keypair will be generated and signed for them)
  4. Run a client which connects to that server by running the Main class with <server port number> <server ip> as arguments.
  5. Enter the username and password of the user running the client.
  6. On both instances, the user can now type a message and press enter to send

Libraries

JDK14 version of Bouncy Castle 1.51

Certificate Format

X509 v3 certificates

Using der encoding when saving certificates to files. See here for an explanation. The contents of a der encoded certificate can be viewed using:

openssl x509 -in uct.der -inform der -text -noout

Note that we never actually use the .der file because we store all certificates in .p12 files as well. The .der files are simply for debugging purposes, allowing easy inspection of the generated certificates.

Private key storage

Private keys are stored in PKCS12 (.p12) files.