Package com.iizix.security
Class GenerateKeystore
java.lang.Object
com.iizix.security.GenerateKeystore
Class used to generate a keystore for use with e.g. IIZI applications that are signed using a developer's code signing certificate.
- Author:
- Christopher Mindus
Constructor Summary
Method Summary
Modifier and TypeMethodDescriptionstatic KeyStore
createCodeSigningCertificateKeystore
(X500Principal owner, String alias, char[] password, KeyStore issuerKeyStore, String issuerAlias, char[] issuerPassword) Generates a 4096 bit RSA code signing certificate keystore.static KeyStore
generateSelfSignedX509Certificate
(X500Principal owner, String alias, char[] password) Generate a self signed X.509 certificate version 3 with an RSA key length of 2048, signed with SHA256.static void
Initialize routine for Bouncy Castle provider.
Constructor Details
GenerateKeystore
public GenerateKeystore()
Method Details
initialize
public static void initialize()Initialize routine for Bouncy Castle provider.generateSelfSignedX509Certificate
public static KeyStore generateSelfSignedX509Certificate(X500Principal owner, String alias, char[] password) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IllegalStateException, SignatureException, KeyStoreException, CertificateException, IOException Generate a self signed X.509 certificate version 3 with an RSA key length of 2048, signed with SHA256. It is valid 10000 days starting yesterday (i.e. for over 27 years).- Parameters:
owner
- The owner of the certificate.alias
- The keystore alias.password
- The keystore and key password (the same).- Returns:
- The new keystore.
- Throws:
NoSuchProviderException
- If no provider is found.NoSuchAlgorithmException
- If no algorithm is found.SignatureException
- If the signature is in error.IllegalStateException
- If the state is invalid.InvalidKeyException
- If the key in invalid.KeyStoreException
- Key stores exceptions.IOException
- General I/O exception.CertificateException
- Errors reading certificates.
createCodeSigningCertificateKeystore
public static KeyStore createCodeSigningCertificateKeystore(X500Principal owner, String alias, char[] password, KeyStore issuerKeyStore, String issuerAlias, char[] issuerPassword) throws NoSuchAlgorithmException, NoSuchProviderException, org.bouncycastle.cert.CertIOException, IOException, org.bouncycastle.operator.OperatorCreationException, CertificateException, KeyStoreException, UnrecoverableKeyException Generates a 4096 bit RSA code signing certificate keystore.- Parameters:
owner
- The owner principal of the code signer certificate to create.alias
- The alias of the certificate chain in the returned keystore.password
- The password for the private key in the returned keystore.issuerKeyStore
- The issuer keystore, or null for self-signed.issuerAlias
- Alias for the issuer keystore, null for self-signed.issuerPassword
- Password for the issuer certificate chainof the alias, null for self-signed.- Returns:
- The keystore.
- Throws:
NoSuchProviderException
- If no provider is found.NoSuchAlgorithmException
- If no algorithm is found.org.bouncycastle.cert.CertIOException
- I/O exception when reading a certificate.IllegalStateException
- If the state is invalid.KeyStoreException
- Key stores exceptions.IOException
- General I/O exception.CertificateException
- Errors reading certificates.org.bouncycastle.operator.OperatorCreationException
UnrecoverableKeyException