Package com.iizix.security

Class GenerateKeystore

  • public class GenerateKeystore
extends java.lang.Object
    Class used to generate a keystore for use with e.g. IIZI applications that are signed using a developer's code signing certificate.
    Author:
    Christopher Mindus

    • Method Summary

      All Methods Static Methods Concrete Methods 
      Modifier and TypeMethodDescription
      static java.security.KeyStorecreateCodeSigningCertificateKeystore​(javax.security.auth.x500.X500Principal owner, java.lang.String alias, char[] password, java.security.KeyStore issuerKeyStore, java.lang.String issuerAlias, char[] issuerPassword)
      Generates a 4096 bit RSA code signing certificate keystore.
      static java.security.KeyStoregenerateSelfSignedX509Certificate​(javax.security.auth.x500.X500Principal owner, java.lang.String alias, char[] password)
      Generate a self signed X.509 certificate version 3 with an RSA key length of 2048, signed with SHA256.
      static voidinitialize()
      Initialize routine for Bouncy Castle provider.

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    • Constructor Detail

      • GenerateKeystore

        public GenerateKeystore()

    • Method Detail

      • initialize

        public static void initialize()
        Initialize routine for Bouncy Castle provider.

      • generateSelfSignedX509Certificate

        public static java.security.KeyStore generateSelfSignedX509Certificate​(javax.security.auth.x500.X500Principal owner,
                                                                       java.lang.String alias,
                                                                       char[] password)
                                                                throws java.security.NoSuchAlgorithmException,
                                                                       java.security.NoSuchProviderException,
                                                                       java.security.InvalidKeyException,
                                                                       java.lang.IllegalStateException,
                                                                       java.security.SignatureException,
                                                                       java.security.KeyStoreException,
                                                                       java.security.cert.CertificateException,
                                                                       java.io.IOException
        Generate a self signed X.509 certificate version 3 with an RSA key length of 2048, signed with SHA256. It is valid 10000 days starting yesterday (i.e. for over 27 years).
        Parameters:
        owner - The owner of the certificate.
        alias - The keystore alias.
        password - The keystore and key password (the same).
        Returns:
        The new keystore.
        Throws:
        java.security.NoSuchProviderException - If no provider is found.
        java.security.NoSuchAlgorithmException - If no algorithm is found.
        java.security.SignatureException - If the signature is in error.
        java.lang.IllegalStateException - If the state is invalid.
        java.security.InvalidKeyException - If the key in invalid.
        java.security.KeyStoreException - Key stores exceptions.
        java.io.IOException - General I/O exception.
        java.security.cert.CertificateException - Errors reading certificates.

      • createCodeSigningCertificateKeystore

        public static java.security.KeyStore createCodeSigningCertificateKeystore​(javax.security.auth.x500.X500Principal owner,
                                                                          java.lang.String alias,
                                                                          char[] password,
                                                                          java.security.KeyStore issuerKeyStore,
                                                                          java.lang.String issuerAlias,
                                                                          char[] issuerPassword)
                                                                   throws java.security.NoSuchAlgorithmException,
                                                                          java.security.NoSuchProviderException,
                                                                          org.bouncycastle.cert.CertIOException,
                                                                          java.io.IOException,
                                                                          org.bouncycastle.operator.OperatorCreationException,
                                                                          java.security.cert.CertificateException,
                                                                          java.security.KeyStoreException,
                                                                          java.security.UnrecoverableKeyException
        Generates a 4096 bit RSA code signing certificate keystore.
        Parameters:
        owner - The owner principal of the code signer certificate to create.
        alias - The alias of the certificate chain in the returned keystore.
        password - The password for the private key in the returned keystore.
        issuerKeyStore - The issuer keystore, or null for self-signed.
        issuerAlias - Alias for the issuer keystore, null for self-signed.
        issuerPassword - Password for the issuer certificate chainof the alias, null for self-signed.
        Returns:
        The keystore.
        Throws:
        java.security.NoSuchProviderException - If no provider is found.
        java.security.NoSuchAlgorithmException - If no algorithm is found.
        org.bouncycastle.cert.CertIOException - I/O exception when reading a certificate.
        java.lang.IllegalStateException - If the state is invalid.
        java.security.KeyStoreException - Key stores exceptions.
        java.io.IOException - General I/O exception.
        java.security.cert.CertificateException - Errors reading certificates.
        org.bouncycastle.operator.OperatorCreationException
        java.security.UnrecoverableKeyException