security
Class KeyUtils

java.lang.Object
  security.KeyUtils

public class KeyUtils
extends java.lang.Object

DocJava, Inc. User: lyon Date: May 20, 2004 Time: 6:35:50 AM

Field Summary

static java.util.ResourceBundle

rb

Constructor Summary

KeyUtils()

Method Summary

static java.security.KeyStore	generateKeyPair() Creates a keystore, then generates a keypair for it.
static void	generateKeyPair(java.security.KeyStore ks) Prompts the user for X.509 certificate information.
static java.security.KeyStore	generateKeyStore() Generate a keystore without reading it from a file.
static java.lang.String	getAlias(java.security.KeyStore keyStore) Given a keystore instance, provide a multiple choice GUI that enables the user to select a certificate alias.
static java.lang.String[]	getAliasArray(java.security.KeyStore keystore) Given a key store, list all the alias elements there.
static java.security.cert.Certificate	getCertificate() get a certificate based on a GUI prompt to the user for a password and an alias.
static java.security.cert.Certificate	getCertificate(java.io.File certF) Use a certificate file to to make a certificate instances.
static java.security.cert.Certificate	getCertificate(java.lang.String alias, java.lang.String password) Given an alias and password, open the default keystore and return the certificate.
static java.io.File	getDefaultKeyStoreFile() Check to make sure this file exists.
static java.security.KeyPair	getKeyPair(java.security.KeyStore keystore, java.lang.String alias, java.lang.String password) get a public and private key, given that a KeyStore exists and a certificate exists that corresponds to the the given alias.
static java.security.KeyStore	getKeyStore()
static java.security.KeyStore	getKeyStore(java.io.File keyStoreFile, java.lang.String password)
static java.security.KeyStore	getKeystore(java.lang.String password) Return a KeyStore assuming that one already exists.
static java.security.KeyStore	getKeyStore(java.lang.String password) Selects the .keystore file in the users home directory.
static java.io.File	getKeystoreFile() Look for the .keystore file in the home directory.
static java.lang.String	getPassword() Prompt the user for a password.
static sun.security.x509.X500Name	getX500Name() Prompt the user for all the details needed to generate a self-signed x500 certificate.
static void	importCertificate() Open the .keystore file.
static boolean	isSelfSigned(java.security.cert.X509Certificate cert)
static void	main(java.lang.String[] args)
static java.io.File	makeKeyStoreFile() Creates the default .keystore file, assuming that it does not already exist.
static void	print(java.security.cert.Certificate[] c)
static void	printKey(java.security.Key key) print out a nicely formatted version of a given key.
static void	printProviders() List the security providers in their order of preference.
static void	printX509Cert(java.security.cert.X509Certificate cert, java.io.PrintStream out) Given an X509 Certificate, print out all the relevant detail.
static void	runImportCertificate() a gui for importing certificates
static void	save(java.io.File ksFile, java.security.KeyStore ks, java.lang.String password) Write our key store instance out to the given file.
static void	testGenerateKeyPair()
static void	testGetAlias()
static void	testX500Name()
static void	verifyCert(java.security.cert.X509Certificate cert) Display exception if certificate cannot be verified.
static void	writeCertReq(java.lang.String alias, java.lang.String keyPass, java.security.KeyStore ks) Ouput a file based on user prompts, that contains the text for a Certificate Request.

Methods inherited from class java.lang.Object

equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

rb

public static final java.util.ResourceBundle rb

Constructor Detail

KeyUtils

public KeyUtils()

Method Detail

main

public static void main(java.lang.String[] args)

runImportCertificate

public static void runImportCertificate()

a gui for importing certificates

testX500Name

public static void testX500Name()

importCertificate

public static void importCertificate()
                              throws java.security.KeyStoreException,
                                     java.security.cert.CertificateException,
                                     java.io.IOException

Open the .keystore file. Prompt the user for an alias. Open the new certificate from the CA. Modify the .keystore file with the new certificate. If files are missing, recover from the error with grace.

Throws:

java.io.FileNotFoundException

java.security.KeyStoreException

java.security.cert.CertificateException

java.io.IOException

isSelfSigned

public static boolean isSelfSigned(java.security.cert.X509Certificate cert)

Parameters:

cert - a self signed certificate

Returns:

true if the subjectDN and issuer are the same.

verifyCert

public static void verifyCert(java.security.cert.X509Certificate cert)

Display exception if certificate cannot be verified. Kill program.

Parameters:

cert - an x509 certificate for verification

getCertificate

public static java.security.cert.Certificate getCertificate(java.io.File certF)
                                                     throws java.security.cert.CertificateException,
                                                            java.io.IOException

Use a certificate file to to make a certificate instances.

Parameters:

certF - a certificate file

Returns:

Throws:

java.security.cert.CertificateException

java.io.FileNotFoundException

java.io.IOException

printProviders

public static void printProviders()

List the security providers in their order of preference.

printKey

public static void printKey(java.security.Key key)

print out a nicely formatted version of a given key.

Parameters:

key -

getCertificate

public static java.security.cert.Certificate getCertificate()

get a certificate based on a GUI prompt to the user for a password and an alias.

Returns:

Certificate

getPassword

public static java.lang.String getPassword()

Prompt the user for a password. Do not echo it on the screen

Returns:

a string containing the password.

getCertificate

public static java.security.cert.Certificate getCertificate(java.lang.String alias,
                                                            java.lang.String password)

Given an alias and password, open the default keystore and return the certificate.

Parameters:

alias - alias from the keystore

password - keystore password

Returns:

a Certificate instance.

getKeystore

public static java.security.KeyStore getKeystore(java.lang.String password)
                                          throws java.security.KeyStoreException,
                                                 java.io.IOException,
                                                 java.security.NoSuchAlgorithmException,
                                                 java.security.cert.CertificateException

Return a KeyStore assuming that one already exists. If the .keystore file does not exist, then offer to create one or look for one.

Parameters:

password - to the keystore

Returns:

KeyStore instance

Throws:

java.security.KeyStoreException

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.cert.CertificateException

testGenerateKeyPair

public static void testGenerateKeyPair()

generateKeyPair

public static java.security.KeyStore generateKeyPair()

Creates a keystore, then generates a keypair for it.

Returns:

KeyStore with keypair in it.

generateKeyStore

public static java.security.KeyStore generateKeyStore()
                                               throws java.security.KeyStoreException,
                                                      java.io.IOException,
                                                      java.security.NoSuchAlgorithmException,
                                                      java.security.cert.CertificateException

Generate a keystore without reading it from a file. Excellent for when no keystore is found.

Returns:

a default type keystore instance

Throws:

java.security.KeyStoreException

java.io.IOException

java.security.NoSuchAlgorithmException

java.security.cert.CertificateException

generateKeyPair

public static void generateKeyPair(java.security.KeyStore ks)
                            throws java.lang.Exception

Prompts the user for X.509 certificate information. Generates a private and public keypair, then add it to the keystore. Uses RSA algorithm with a 1024 bit key size.

Throws:

java.lang.Exception

getKeyPair

public static java.security.KeyPair getKeyPair(java.security.KeyStore keystore,
                                               java.lang.String alias,
                                               java.lang.String password)

get a public and private key, given that a KeyStore exists and a certificate exists that corresponds to the the given alias.

getKeyStore

public static java.security.KeyStore getKeyStore()

getKeyStore

public static java.security.KeyStore getKeyStore(java.lang.String password)

Selects the .keystore file in the users home directory.

Returns:

KeyStore

getKeyStore

public static java.security.KeyStore getKeyStore(java.io.File keyStoreFile,
                                                 java.lang.String password)

getAliasArray

public static java.lang.String[] getAliasArray(java.security.KeyStore keystore)

Given a key store, list all the alias elements there. Certificates are located via the alias.

Parameters:

keystore -

Returns:

An array of alias members.

save

public static void save(java.io.File ksFile,
                        java.security.KeyStore ks,
                        java.lang.String password)

Write our key store instance out to the given file. A GUI prints out exceptions, should they be thrown.

Parameters:

ksFile - a file to be created or overwritten.

ks - the key store to be saved.

password - verifies the file.

getKeystoreFile

public static java.io.File getKeystoreFile()

Look for the .keystore file in the home directory. If it is not there, offer to look for it. If the user does not have it, offer to create one. If you have to create a keystore, offer to create a certificate request, as well.

Returns:

the keystore file

writeCertReq

public static void writeCertReq(java.lang.String alias,
                                java.lang.String keyPass,
                                java.security.KeyStore ks)

Ouput a file based on user prompts, that contains the text for a Certificate Request. This is used with a CA to obtain a signed certificate.

Parameters:

alias - this is the alias from the keystore

keyPass - keystore password

ks - keystore instance

makeKeyStoreFile

public static java.io.File makeKeyStoreFile()

Creates the default .keystore file, assuming that it does not already exist. Prompts the user to create a key pair.

Returns:

keystore file

getDefaultKeyStoreFile

public static java.io.File getDefaultKeyStoreFile()

Check to make sure this file exists.

Returns:

.keystore file in users home.

testGetAlias

public static void testGetAlias()

print

public static void print(java.security.cert.Certificate[] c)

getAlias

public static java.lang.String getAlias(java.security.KeyStore keyStore)

Given a keystore instance, provide a multiple choice GUI that enables the user to select a certificate alias.

Parameters:

keyStore -

Returns:

A string version of the certificate alias

printX509Cert

public static void printX509Cert(java.security.cert.X509Certificate cert,
                                 java.io.PrintStream out)
                          throws java.lang.Exception

Given an X509 Certificate, print out all the relevant detail.

Parameters:

cert - an x509 certificate

out - a printstring for printing the certificate

Throws:

java.lang.Exception

getX500Name

public static sun.security.x509.X500Name getX500Name()
                                              throws java.io.IOException

Prompt the user for all the details needed to generate a self-signed x500 certificate. This is stored in a datastructure called the X500Name

Returns:

the X500 name

Throws:

java.io.IOException - if unable to obtain certificate