PasswordCallback pwdcb = new PasswordCallback("Enter SSL password:", false);
try {
cbh.handle(new Callback[] {pwdcb});
}
catch (UnsupportedCallbackException ucex) {
error = new PGSQLSimpleException("Could not read password for SSL key file, console is not available", ucex);
return null;
}
try {
PBEKeySpec pbeKeySpec = new PBEKeySpec(pwdcb.getPassword());
// Now create the Key from the PBEKeySpec
SecretKeyFactory skFac = SecretKeyFactory.getInstance(ePKInfo.getAlgName());
Key pbeKey = skFac.generateSecret(pbeKeySpec);
// Extract the iteration count and the salt
AlgorithmParameters algParams = ePKInfo.getAlgParameters();
cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams);
// Decrypt the encryped private key into a PKCS8EncodedKeySpec
KeySpec pkcs8KeySpec = ePKInfo.getKeySpec(cipher);
key = keyFactory.generatePrivate(pkcs8KeySpec);
}
catch (GeneralSecurityException ikex) {
error = new PGSQLSimpleException("Could not decrypt SSL key file " + keyfileName, ikex);
return null;
}
}
}
}
catch (IOException ioex) {
error = new PGSQLSimpleException("Could not read SSL key file " + keyfileName, ioex);
}
catch (NoSuchAlgorithmException ex) {
error = new PGSQLSimpleException("Could not find a java cryptographic algorithm: " + ex.getMessage(), ex);
return null;
}
return key;
}