CertificateUtils (NetPhantom(R) 6.5 Java API documentation)

java.lang.Object
- se.entra.phantom.server.ssl.jsse.CertificateUtils

```
public class CertificateUtils
extends Object
```
This class serves as utility resource when generating certificates. It depends on two external SW packages: 1. JCE Java Cryptography Extension (+ keytool utility) 2 Bouncy Castle's Utility API href="http://www.bouncycastle.org/">External Link).

Constructor Summary

Constructors
Constructor and Description

CertificateUtils()
Default constructor.

Constructors
Constructor and Description
`CertificateUtils()` Default constructor.

Method Summary

Methods
Modifier and Type	Method and Description
`boolean`	`addCertificate(String certificateFile)` Add a new certificate to include.
`boolean`	`createCertificate(String cn, String c, String l, String o, String ou, String st, int validityDays, String exportFile, String exportPassword, boolean selfsign, boolean generateSingle)` Create a PKCS12 certificate file based on the supplied parameters.
`boolean`	`createCertificationRequest(String cn, String c, String l, String o, String ou, String st, int validityDays, String requestFile, String keyFile, String exportPassword)` Create certificate request and key files based on the supplied parameters.
`boolean`	`createIdentity(Vector<String> certFiles, String keyFile, String p12File, String exportPassword, boolean usePKCS8)` Creates an PKCS12 identity file from a key a list of certificates.
`void`	`externalCall(String[] commandArray, VirtualSessionManager vsm)` Utility function that calls an external command.
`void`	`initCAFromFiles(String certFile, String keyFile)` Method to initialize the CA certificates to use when generating certificates.
`void`	`initCAFromP12(String caFile, String caPassword)` Method to initialize the CA certificates to use when generating certificates.
`void`	`setStrength(int newStrength)` Set the cipher strength to use.
`void`	`setUseDSA(boolean useDSA)` Set whether DSA cipher should be used or not.
`boolean`	`signCertificationRequest(String requestFile, String keyFile, String certFile, String exportPassword)` Create certificate (X509) file and key files based on the supplied parameters.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- CertificateUtils
```
public CertificateUtils()
```
  Default constructor.

Method Detail

setUseDSA
```
public void setUseDSA(boolean useDSA)
```
Set whether DSA cipher should be used or not. Not allowed for the time being.

Parameters:
useDSA - true means to use DSA

setStrength
```
public void setStrength(int newStrength)
```
Set the cipher strength to use.

Parameters:
newStrength - - allowed values 1024 and 512, default is 1024

addCertificate
```
public boolean addCertificate(String certificateFile)
```
Add a new certificate to include. This method must be called after any call to add CA certificates

Parameters:
certificateFile - - name of the file holding the certificate.

initCAFromP12

public void initCAFromP12(String caFile,
                 String caPassword)
                   throws KeyStoreException,
                          NoSuchAlgorithmException,
                          CertificateException,
                          FileNotFoundException,
                          IOException,
                          UnrecoverableKeyException,
                          InvalidKeyException,
                          NoSuchProviderException,
                          SignatureException

Method to initialize the CA certificates to use when generating certificates. The key and the certificate (chain) are read from a PKCS#12 file. This because the certificate order is significant.

Parameters:: caFile - name of file that contains the PKCS#10 file; caPassword - password to load the PKCS#10 file
Throws:: KeyStoreException; NoSuchAlgorithmException; CertificateException; FileNotFoundException; IOException; UnrecoverableKeyException; InvalidKeyException; NoSuchProviderException; SignatureException

initCAFromFiles

public void initCAFromFiles(String certFile,
                   String keyFile)
                     throws KeyStoreException,
                            NoSuchAlgorithmException,
                            CertificateException,
                            FileNotFoundException,
                            IOException,
                            UnrecoverableKeyException,
                            InvalidKeyException,
                            InvalidKeySpecException,
                            NoSuchProviderException,
                            SignatureException

Method to initialize the CA certificates to use when generating certificates. The certificate and key are read from separate files. Note that this method must be called before any call to addCertificate. This because the certificate order is significant.

Parameters:: certFile - file containing BER encoded X509 certificate; keyFile - file containing PKCS#8 encoded key
Throws:: KeyStoreException; NoSuchAlgorithmException; CertificateException; FileNotFoundException; IOException; UnrecoverableKeyException; InvalidKeyException; NoSuchProviderException; SignatureException; InvalidKeySpecException

externalCall
```
public void externalCall(String[] commandArray,
                VirtualSessionManager vsm)
                  throws IOException
```
Utility function that calls an external command.

Parameters:
commandArray - - the array describing what command to execute.

Throws:

IOException

createCertificate

public boolean createCertificate(String cn,
                        String c,
                        String l,
                        String o,
                        String ou,
                        String st,
                        int validityDays,
                        String exportFile,
                        String exportPassword,
                        boolean selfsign,
                        boolean generateSingle)
                          throws IOException,
                                 InvalidKeyException,
                                 SecurityException,
                                 SignatureException,
                                 NoSuchAlgorithmException,
                                 org.bouncycastle.crypto.DataLengthException,
                                 org.bouncycastle.crypto.CryptoException,
                                 KeyStoreException,
                                 NoSuchProviderException,
                                 CertificateException,
                                 InvalidKeySpecException

Create a PKCS12 certificate file based on the supplied parameters.

Parameters:: cn - Common Name; c - Country; l - Locality; o - Organisation; ou - Organisation Unit; st - State; validityDays - default one year; exportFile - output file; exportPassword - password to secure file with; selfsign - certificate self signed?
Returns:
Throws:: IOException; InvalidKeyException; SecurityException; SignatureException; NoSuchAlgorithmException; org.bouncycastle.crypto.DataLengthException; org.bouncycastle.crypto.CryptoException; KeyStoreException; NoSuchProviderException; CertificateException; InvalidKeySpecException

createIdentity

public boolean createIdentity(Vector<String> certFiles,
                     String keyFile,
                     String p12File,
                     String exportPassword,
                     boolean usePKCS8)
                       throws FileNotFoundException,
                              IOException,
                              NoSuchAlgorithmException,
                              InvalidKeySpecException,
                              UnrecoverableKeyException,
                              CertificateException,
                              KeyStoreException,
                              InvalidKeyException,
                              NoSuchProviderException,
                              SignatureException,
                              Exception

Creates an PKCS12 identity file from a key a list of certificates.

Parameters:: certFiles - an ordered list of certificate files; keyFile - a PKCS8 or PKCS12 encoded file holding the identity key; p12File - the output file; usePKCS8 - the key file format to use (throws exception if mismatch with actual file)
Throws:: FileNotFoundException; IOException; NoSuchAlgorithmException; InvalidKeySpecException; UnrecoverableKeyException; CertificateException; KeyStoreException; InvalidKeyException; NoSuchProviderException; SignatureException; Exception

createCertificationRequest

public boolean createCertificationRequest(String cn,
                                 String c,
                                 String l,
                                 String o,
                                 String ou,
                                 String st,
                                 int validityDays,
                                 String requestFile,
                                 String keyFile,
                                 String exportPassword)
                                   throws IOException,
                                          InvalidKeyException,
                                          SecurityException,
                                          SignatureException,
                                          NoSuchAlgorithmException,
                                          org.bouncycastle.crypto.DataLengthException,
                                          org.bouncycastle.crypto.CryptoException,
                                          KeyStoreException,
                                          NoSuchProviderException,
                                          CertificateException,
                                          InvalidKeySpecException

Create certificate request and key files based on the supplied parameters.

Parameters:: cn - Common Name; c - Country; l - Locality; o - Organisation; ou - Organisation Unit; st - State; validityDays - default one year; requestFile - output PKCS10 request file; keyFile - output PKCS8 key file; exportPassword - password to secure file with
Returns:
Throws:: IOException; InvalidKeyException; SecurityException; SignatureException; NoSuchAlgorithmException; org.bouncycastle.crypto.DataLengthException; org.bouncycastle.crypto.CryptoException; KeyStoreException; NoSuchProviderException; CertificateException; InvalidKeySpecException

signCertificationRequest

public boolean signCertificationRequest(String requestFile,
                               String keyFile,
                               String certFile,
                               String exportPassword)
                                 throws IOException,
                                        InvalidKeyException,
                                        SecurityException,
                                        SignatureException,
                                        NoSuchAlgorithmException,
                                        org.bouncycastle.crypto.DataLengthException,
                                        org.bouncycastle.crypto.CryptoException,
                                        KeyStoreException,
                                        NoSuchProviderException,
                                        CertificateException,
                                        InvalidKeySpecException

Create certificate (X509) file and key files based on the supplied parameters.

Parameters:: requestFile - input PKCS10 request file; keyFile - in PKCS8 key file; certfile - output X509 certificate file; exportPassword - password to secure file with
Returns:
Throws:: IOException; InvalidKeyException; SecurityException; SignatureException; NoSuchAlgorithmException; org.bouncycastle.crypto.DataLengthException; org.bouncycastle.crypto.CryptoException; KeyStoreException; NoSuchProviderException; CertificateException; InvalidKeySpecException

Class CertificateUtils

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CertificateUtils

Method Detail

setUseDSA

setStrength

addCertificate