Class GenerateKeystore


  • public class GenerateKeystore
    extends java.lang.Object
    Class used to generate a keystore for use with e.g. IIZI applications that are signed using a developer's code signing certificate.
    Author:
    Christopher Mindus
    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and Type Method Description
      static java.security.KeyStore createCodeSigningCertificateKeystore​(javax.security.auth.x500.X500Principal owner, java.lang.String alias, char[] password, java.security.KeyStore issuerKeyStore, java.lang.String issuerAlias, char[] issuerPassword)
      Generates a 4096 bit RSA code signing certificate keystore.
      static java.security.KeyStore generateSelfSignedX509Certificate​(javax.security.auth.x500.X500Principal owner, java.lang.String alias, char[] password)
      Generate a self signed X.509 certificate version 3 with an RSA key length of 2048, signed with SHA256.
      static void initialize()
      Initialize routine for Bouncy Castle provider.
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
    • Constructor Detail

      • GenerateKeystore

        public GenerateKeystore()
    • Method Detail

      • initialize

        public static void initialize()
        Initialize routine for Bouncy Castle provider.
      • generateSelfSignedX509Certificate

        public static java.security.KeyStore generateSelfSignedX509Certificate​(javax.security.auth.x500.X500Principal owner,
                                                                               java.lang.String alias,
                                                                               char[] password)
                                                                        throws java.security.NoSuchAlgorithmException,
                                                                               java.security.NoSuchProviderException,
                                                                               java.security.InvalidKeyException,
                                                                               java.lang.IllegalStateException,
                                                                               java.security.SignatureException,
                                                                               java.security.KeyStoreException,
                                                                               java.security.cert.CertificateException,
                                                                               java.io.IOException
        Generate a self signed X.509 certificate version 3 with an RSA key length of 2048, signed with SHA256. It is valid 10000 days starting yesterday (i.e. for over 27 years).
        Parameters:
        owner - The owner of the certificate.
        alias - The keystore alias.
        password - The keystore and key password (the same).
        Returns:
        The new keystore.
        Throws:
        java.security.NoSuchProviderException - If no provider is found.
        java.security.NoSuchAlgorithmException - If no algorithm is found.
        java.security.SignatureException - If the signature is in error.
        java.lang.IllegalStateException - If the state is invalid.
        java.security.InvalidKeyException - If the key in invalid.
        java.security.KeyStoreException - Key stores exceptions.
        java.io.IOException - General I/O exception.
        java.security.cert.CertificateException - Errors reading certificates.
      • createCodeSigningCertificateKeystore

        public static java.security.KeyStore createCodeSigningCertificateKeystore​(javax.security.auth.x500.X500Principal owner,
                                                                                  java.lang.String alias,
                                                                                  char[] password,
                                                                                  java.security.KeyStore issuerKeyStore,
                                                                                  java.lang.String issuerAlias,
                                                                                  char[] issuerPassword)
                                                                           throws java.security.NoSuchAlgorithmException,
                                                                                  java.security.NoSuchProviderException,
                                                                                  org.bouncycastle.cert.CertIOException,
                                                                                  java.io.IOException,
                                                                                  org.bouncycastle.operator.OperatorCreationException,
                                                                                  java.security.cert.CertificateException,
                                                                                  java.security.KeyStoreException,
                                                                                  java.security.UnrecoverableKeyException
        Generates a 4096 bit RSA code signing certificate keystore.
        Parameters:
        owner - The owner principal of the code signer certificate to create.
        alias - The alias of the certificate chain in the returned keystore.
        password - The password for the private key in the returned keystore.
        issuerKeyStore - The issuer keystore, or null for self-signed.
        issuerAlias - Alias for the issuer keystore, null for self-signed.
        issuerPassword - Password for the issuer certificate chainof the alias, null for self-signed.
        Returns:
        The keystore.
        Throws:
        java.security.NoSuchProviderException - If no provider is found.
        java.security.NoSuchAlgorithmException - If no algorithm is found.
        org.bouncycastle.cert.CertIOException - I/O exception when reading a certificate.
        java.lang.IllegalStateException - If the state is invalid.
        java.security.KeyStoreException - Key stores exceptions.
        java.io.IOException - General I/O exception.
        java.security.cert.CertificateException - Errors reading certificates.
        org.bouncycastle.operator.OperatorCreationException
        java.security.UnrecoverableKeyException