org.objectweb.proactive.ext.security
Class KeyTools

java.lang.Object
  extended byorg.objectweb.proactive.ext.security.KeyTools

public class KeyTools
extends java.lang.Object

Tools to handle common key and keystore operations.

Version:
$Id: KeyTools.java,v 1.3 2004/09/04 14:50:44 jbroccol Exp $

Method Summary
static java.security.KeyStore createJKS(java.lang.String alias, java.security.PrivateKey privKey, java.lang.String password, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] cachain)
          Creates JKS-file that can be used with JDK.
static java.security.KeyStore createP12(java.lang.String alias, java.security.PrivateKey privKey, java.security.cert.X509Certificate cert, java.security.cert.Certificate[] cachain)
          Creates PKCS12-file that can be imported in IE or Netscape.
static java.security.KeyStore createP12(java.lang.String alias, java.security.PrivateKey privKey, java.security.cert.X509Certificate cert, java.util.Collection cacerts)
          Creates PKCS12-file that can be imported in IE or Netscape.
static java.security.KeyStore createP12(java.lang.String alias, java.security.PrivateKey privKey, java.security.cert.X509Certificate cert, java.security.cert.X509Certificate cacert)
          Creates PKCS12-file that can be imported in IE or Netscape.
static org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyId(java.security.PublicKey pubKey)
          create the subject key identifier.
static java.security.KeyPair genKeys(int keysize)
          Generates a keypair
static java.security.cert.Certificate[] getCertChain(java.security.KeyStore keyStore, java.lang.String privateKeyAlias)
          Retrieves the certificate chain from a keystore.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Method Detail

genKeys

public static java.security.KeyPair genKeys(int keysize)
                                     throws java.security.NoSuchAlgorithmException,
                                            java.security.NoSuchProviderException
Generates a keypair

Parameters:
keysize - size of keys to generate, typical value is 1024 for RSA keys
Returns:
KeyPair the generated keypair
Throws:
java.security.NoSuchAlgorithmException
java.security.NoSuchProviderException

createP12

public static java.security.KeyStore createP12(java.lang.String alias,
                                               java.security.PrivateKey privKey,
                                               java.security.cert.X509Certificate cert,
                                               java.security.cert.X509Certificate cacert)
                                        throws java.lang.Exception
Creates PKCS12-file that can be imported in IE or Netscape. The alias for the private key is set to 'privateKey' and the private key password is null.

Parameters:
alias - the alias used for the key entry
privKey - RSA private key
cert - user certificate
cacert - CA-certificate or null if only one cert in chain, in that case use 'cert'.
Returns:
KeyStore containing PKCS12-keystore
Throws:
java.lang.Exception - if input parameters are not OK or certificate generation fails

createP12

public static java.security.KeyStore createP12(java.lang.String alias,
                                               java.security.PrivateKey privKey,
                                               java.security.cert.X509Certificate cert,
                                               java.util.Collection cacerts)
                                        throws java.lang.Exception
Creates PKCS12-file that can be imported in IE or Netscape. The alias for the private key is set to 'privateKey' and the private key password is null.

Parameters:
alias - the alias used for the key entry
privKey - RSA private key
cert - user certificate
cacerts - Collection of X509Certificate, or null if only one cert in chain, in that case use 'cert'.
Returns:
KeyStore containing PKCS12-keystore
Throws:
java.lang.Exception - if input parameters are not OK or certificate generation fails

createP12

public static java.security.KeyStore createP12(java.lang.String alias,
                                               java.security.PrivateKey privKey,
                                               java.security.cert.X509Certificate cert,
                                               java.security.cert.Certificate[] cachain)
                                        throws java.lang.Exception
Creates PKCS12-file that can be imported in IE or Netscape. The alias for the private key is set to 'privateKey' and the private key password is null.

Parameters:
alias - the alias used for the key entry
privKey - RSA private key
cert - user certificate
cachain - CA-certificate chain or null if only one cert in chain, in that case use 'cert'.
Returns:
KeyStore containing PKCS12-keystore
Throws:
java.lang.Exception - if input parameters are not OK or certificate generation fails

createJKS

public static java.security.KeyStore createJKS(java.lang.String alias,
                                               java.security.PrivateKey privKey,
                                               java.lang.String password,
                                               java.security.cert.X509Certificate cert,
                                               java.security.cert.Certificate[] cachain)
                                        throws java.lang.Exception
Creates JKS-file that can be used with JDK. The alias for the private key is set to 'privateKey' and the private key password is null.

Parameters:
alias - the alias used for the key entry
privKey - RSA private key
password - user's password
cert - user certificate
cachain - CA-certificate chain or null if only one cert in chain, in that case use 'cert'.
Returns:
KeyStore containing JKS-keystore
Throws:
java.lang.Exception - if input parameters are not OK or certificate generation fails

getCertChain

public static java.security.cert.Certificate[] getCertChain(java.security.KeyStore keyStore,
                                                            java.lang.String privateKeyAlias)
                                                     throws java.security.KeyStoreException
Retrieves the certificate chain from a keystore.

Parameters:
keyStore - the keystore, which has been loaded and opened.
privateKeyAlias - the alias of the privatekey for which the certchain belongs.
Returns:
array of Certificate, length of array is 0 if no certificates are found.
Throws:
java.security.KeyStoreException

createSubjectKeyId

public static org.bouncycastle.asn1.x509.SubjectKeyIdentifier createSubjectKeyId(java.security.PublicKey pubKey)
create the subject key identifier.

Parameters:
pubKey - the public key
Returns:
SubjectKeyIdentifer asn.1 structure


Copyright ? April 2005 INRIA All Rights Reserved.