Skip to content

Commit dae4c28

Browse files
ic0nsic0ns
committed
added pem format option to certificatedelegate
1 parent 766b826 commit dae4c28

File tree

1 file changed

+35
-1
lines changed

1 file changed

+35
-1
lines changed

TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/delegate/CertificateDelegate.java

Lines changed: 35 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,11 +11,15 @@
1111
import com.beust.jcommander.Parameter;
1212
import com.beust.jcommander.ParameterException;
1313
import de.rub.nds.tlsattacker.core.certificate.CertificateKeyPair;
14+
import de.rub.nds.tlsattacker.core.certificate.PemUtil;
1415
import de.rub.nds.tlsattacker.core.config.Config;
16+
import de.rub.nds.tlsattacker.core.crypto.keys.CustomPrivateKey;
1517
import de.rub.nds.tlsattacker.core.exceptions.ConfigurationException;
18+
import de.rub.nds.tlsattacker.core.util.CertificateUtils;
1619
import de.rub.nds.tlsattacker.core.util.JKSLoader;
1720
import de.rub.nds.tlsattacker.transport.ConnectionEndType;
1821
import de.rub.nds.tlsattacker.util.KeystoreHandler;
22+
import java.io.File;
1923
import java.io.IOException;
2024
import java.security.KeyStore;
2125
import java.security.KeyStoreException;
@@ -32,6 +36,12 @@
3236

3337
public class CertificateDelegate extends Delegate {
3438

39+
@Parameter(names = "-cert", description = "PEM encoded certificate file")
40+
private String certificate = null;
41+
42+
@Parameter(names = "-key", description = "PEM encoded private key")
43+
private String key = null;
44+
3545
@Parameter(names = "-keystore", description = "Java Key Store (JKS) file to use as a certificate")
3646
private String keystore = null;
3747

@@ -86,6 +96,31 @@ public void applyDelegate(Config config) {
8696
throw new ParameterException("The following parameters are required for loading a" + " keystore: "
8797
+ join(mandatoryParameters.keySet()));
8898
}
99+
PrivateKey privateKey = null;
100+
if (key != null) {
101+
try {
102+
privateKey = PemUtil.readPrivateKey(new File(key));
103+
CustomPrivateKey customPrivateKey = CertificateUtils.parseCustomPrivateKey(privateKey);
104+
customPrivateKey.adjustInConfig(config, ConnectionEndType.CLIENT);
105+
customPrivateKey.adjustInConfig(config, ConnectionEndType.SERVER);
106+
107+
} catch (IOException ex) {
108+
LOGGER.warn("Could not read private key", ex);
109+
}
110+
}
111+
if (certificate != null) {
112+
try {
113+
Certificate cert = PemUtil.readCertificate(new File(certificate));
114+
if (privateKey != null) {
115+
config.setDefaultExplicitCertificateKeyPair(new CertificateKeyPair(cert, privateKey));
116+
} else {
117+
config.setDefaultExplicitCertificateKeyPair(new CertificateKeyPair(cert));
118+
}
119+
config.setAutoSelectCertificate(false);
120+
} catch (Exception ex) {
121+
LOGGER.warn("Could not read certificate", ex);
122+
}
123+
}
89124
try {
90125
ConnectionEndType type;
91126
switch (config.getDefaultRunningMode()) {
@@ -102,7 +137,6 @@ public void applyDelegate(Config config) {
102137
}
103138
KeyStore store = KeystoreHandler.loadKeyStore(keystore, password);
104139
Certificate cert = JKSLoader.loadTLSCertificate(store, alias);
105-
PrivateKey privateKey = null;
106140
privateKey = (PrivateKey) store.getKey(alias, password.toCharArray());
107141
CertificateKeyPair pair = new CertificateKeyPair(cert, privateKey);
108142
pair.adjustInConfig(config, type);

0 commit comments

Comments
 (0)