NIS Assignment

Usage

1. Initially, the keys and certificate for the certificate authority (CA) need to be generated by running the GenerateCertificateAuthorityCert main method.
2. Run a server (listening client) by running the Main class with <port number> as an argument.
3. Enter the username and password for the user running the server. (if the user does not exist, a new certificate and keypair will be generated and signed for them)
4. Run a client which connects to that server by running the Main class with <server port number> <server ip> as arguments.
5. Enter the username and password of the user running the client.
6. On both instances, the user can now type a message and press enter to send

Libraries

JDK14 version of Bouncy Castle 1.51

Certificate Format

X509 v3 certificates

Using der encoding when saving certificates to files. See here for an explanation. The contents of a der encoded certificate can be viewed using:

openssl x509 -in uct.der -inform der -text -noout

Note that we never actually use the .der file because we store all certificates in .p12 files as well. The .der files are simply for debugging purposes, allowing easy inspection of the generated certificates.

Private key storage

Private keys are stored in PKCS12 (.p12) files.