Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

se.entra.phantom.server.ssl.jsse
Class CertificateUtils

java.lang.Object
  extended by se.entra.phantom.server.ssl.jsse.CertificateUtils

public class CertificateUtils
extends Object

This class serves as utility resource when generating certificates. It depends on two external SW packages: 1. JCE Java Cryptography Extension (+ keytool utility) 2 Bouncy Castle's Utility API href="http://www.bouncycastle.org/">External Link).

Constructor Summary
CertificateUtils()
          Default constructor.
 
Method Summary
 boolean addCertificate(String certificateFile)
          Add a new certificate to include.
 boolean createCertificate(String cn, String c, String l, String o, String ou, String st, int validityDays, String exportFile, String exportPassword, boolean selfsign, boolean generateSingle)
          Create a PKCS12 certificate file based on the supplied parameters.
 boolean createCertificationRequest(String cn, String c, String l, String o, String ou, String st, int validityDays, String requestFile, String keyFile, String exportPassword)
          Create certificate request and key files based on the supplied parameters.
 boolean createIdentity(Vector certFiles, String keyFile, String p12File, String exportPassword, boolean usePKCS8)
          Creates an PKCS12 identity file from a key a list of certificates.
 void externalCall(String[] commandArray, VirtualSessionManager vsm)
          Utility function that calls an external command.
 void initCAFromFiles(String certFile, String keyFile)
          Method to initialise the CA certificates to use when generating certificates.
 void initCAFromP12(String caFile, String caPassword)
          Method to initialise the CA certificates to use when generating certificates.
 void setStrength(int newStrength)
          Set the cipher strength to use.
 void setUseDSA(boolean useDSA)
          Set whether DSA cipher should be used or not.
 boolean signCertificationRequest(String requestFile, String keyFile, String certFile, String exportPassword)
          Create certificate (X509) file and key files based on the supplied parameters.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

CertificateUtils

public CertificateUtils()
Default constructor.

Method Detail

setUseDSA

public void setUseDSA(boolean useDSA)
Set whether DSA cipher should be used or not. Not allowed for the time being.

Parameters:
useDSA - true means to use DSA

setStrength

public void setStrength(int newStrength)
Set the cipher strength to use.

Parameters:
newStrength - - allowed values 1024 and 512, default is 1024

addCertificate

public boolean addCertificate(String certificateFile)
Add a new certificate to include. This method must be called after any call to add CA certificates

Parameters:
certificateFile - - name of the file holding the certificate.

initCAFromP12

public void initCAFromP12(String caFile,
                          String caPassword)
                   throws KeyStoreException,
                          NoSuchAlgorithmException,
                          CertificateException,
                          FileNotFoundException,
                          IOException,
                          UnrecoverableKeyException,
                          InvalidKeyException,
                          NoSuchProviderException,
                          SignatureException
Method to initialise the CA certificates to use when generating certificates. The key and the certificate (chain) are read from a PKCS#12 file. This because the certificate order is significant.

Parameters:
caFile - name of file that contains the PKCS#10 file
caPassword - password to load the PKCS#10 file
Throws:
KeyStoreException
NoSuchAlgorithmException
CertificateException
FileNotFoundException
IOException
UnrecoverableKeyException
InvalidKeyException
NoSuchProviderException
SignatureException

initCAFromFiles

public void initCAFromFiles(String certFile,
                            String keyFile)
                     throws KeyStoreException,
                            NoSuchAlgorithmException,
                            CertificateException,
                            FileNotFoundException,
                            IOException,
                            UnrecoverableKeyException,
                            InvalidKeyException,
                            InvalidKeySpecException,
                            NoSuchProviderException,
                            SignatureException
Method to initialise the CA certificates to use when generating certificates. The certificate and key are read from separate files. Note that this method must be called before any call to addCertificate. This because the certificate order is significant.

Parameters:
certFile - file containing BER encoded X509 certificate
keyFile - file containing PKCS#8 encoded key
Throws:
KeyStoreException
NoSuchAlgorithmException
CertificateException
FileNotFoundException
IOException
UnrecoverableKeyException
InvalidKeyException
NoSuchProviderException
SignatureException
InvalidKeySpecException

externalCall

public void externalCall(String[] commandArray,
                         VirtualSessionManager vsm)
                  throws IOException
Utility function that calls an external command.

Parameters:
commandArray - - the array describing what command to execute.
Throws:
IOException

createCertificate

public boolean createCertificate(String cn,
                                 String c,
                                 String l,
                                 String o,
                                 String ou,
                                 String st,
                                 int validityDays,
                                 String exportFile,
                                 String exportPassword,
                                 boolean selfsign,
                                 boolean generateSingle)
                          throws IOException,
                                 InvalidKeyException,
                                 SecurityException,
                                 SignatureException,
                                 NoSuchAlgorithmException,
                                 DataLengthException,
                                 CryptoException,
                                 KeyStoreException,
                                 NoSuchProviderException,
                                 CertificateException,
                                 InvalidKeySpecException
Create a PKCS12 certificate file based on the supplied parameters.

Parameters:
cn - Common Name
c - Country
l - Locality
o - Organisation
ou - Organisation Unit
st - State
validityDays - default one year
exportFile - output file
exportPassword - password to secure file with
selfsign - certificate self signed?
Returns:
Throws:
IOException
InvalidKeyException
SecurityException
SignatureException
NoSuchAlgorithmException
DataLengthException
CryptoException
KeyStoreException
NoSuchProviderException
CertificateException
InvalidKeySpecException

createIdentity

public boolean createIdentity(Vector certFiles,
                              String keyFile,
                              String p12File,
                              String exportPassword,
                              boolean usePKCS8)
                       throws FileNotFoundException,
                              IOException,
                              NoSuchAlgorithmException,
                              InvalidKeySpecException,
                              UnrecoverableKeyException,
                              CertificateException,
                              KeyStoreException,
                              InvalidKeyException,
                              NoSuchProviderException,
                              SignatureException,
                              Exception
Creates an PKCS12 identity file from a key a list of certificates.

Parameters:
certFiles - an ordered list of certificate files
keyFile - a PKCS8 or PKCS12 encoded file holding the identity key
p12File - the output file
usePKCS8 - the key file format to use (throws exception if mismatch with actual file)
Throws:
FileNotFoundException
IOException
NoSuchAlgorithmException
InvalidKeySpecException
UnrecoverableKeyException
CertificateException
KeyStoreException
InvalidKeyException
NoSuchProviderException
SignatureException
Exception

createCertificationRequest

public boolean createCertificationRequest(String cn,
                                          String c,
                                          String l,
                                          String o,
                                          String ou,
                                          String st,
                                          int validityDays,
                                          String requestFile,
                                          String keyFile,
                                          String exportPassword)
                                   throws IOException,
                                          InvalidKeyException,
                                          SecurityException,
                                          SignatureException,
                                          NoSuchAlgorithmException,
                                          DataLengthException,
                                          CryptoException,
                                          KeyStoreException,
                                          NoSuchProviderException,
                                          CertificateException,
                                          InvalidKeySpecException
Create certificate request and key files based on the supplied parameters.

Parameters:
cn - Common Name
c - Country
l - Locality
o - Organisation
ou - Organisation Unit
st - State
validityDays - default one year
requestFile - output PKCS10 request file
keyFile - output PKCS8 key file
exportPassword - password to secure file with
Returns:
Throws:
IOException
InvalidKeyException
SecurityException
SignatureException
NoSuchAlgorithmException
DataLengthException
CryptoException
KeyStoreException
NoSuchProviderException
CertificateException
InvalidKeySpecException

signCertificationRequest

public boolean signCertificationRequest(String requestFile,
                                        String keyFile,
                                        String certFile,
                                        String exportPassword)
                                 throws IOException,
                                        InvalidKeyException,
                                        SecurityException,
                                        SignatureException,
                                        NoSuchAlgorithmException,
                                        DataLengthException,
                                        CryptoException,
                                        KeyStoreException,
                                        NoSuchProviderException,
                                        CertificateException,
                                        InvalidKeySpecException
Create certificate (X509) file and key files based on the supplied parameters.

Parameters:
requestFile - input PKCS10 request file
keyFile - in PKCS8 key file
certfile - output X509 certificate file
exportPassword - password to secure file with
Returns:
Throws:
IOException
InvalidKeyException
SecurityException
SignatureException
NoSuchAlgorithmException
DataLengthException
CryptoException
KeyStoreException
NoSuchProviderException
CertificateException
InvalidKeySpecException
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Phantom® and NetPhantom® are registered trademarks of Codectica Systems SARL.
© Copyright Codectica Systems SARL, 2008. All rights reserved.