|
|||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
java.lang.Object | +--demo.x509.CertificateExtensions
This class tests the several implemented X509v3 certificate extensions.
The following X509v3 extensions are implemented (and tested by this class):
To avoid the time consuming process of key creation, the issuer certificate
and private key are read in from a keystore "jce.keystore" located
in the current working directory (if it yet not does exist, please run SetupKeyStore for creating it.
| Constructor Summary | |
CertificateExtensions()
|
|
| Method Summary | |
X509Certificate |
createCertificate(Name subject,
PublicKey pk,
Name issuer,
PrivateKey sk,
AlgorithmID algorithm,
String fileName,
int serialNumber,
V3Extension[] extensions)
Creates a certificate according to the X.509 Notation and subsequently saves the certifcate to a specified file. |
static void |
main(String[] argv)
Starts the X509v3 extensions test procedure. |
void |
start()
Creates a new self-signed X509v3 certificate with a lot of extensions. |
void |
start(String fileName)
Creates a new self-signed X509v3 certificate with a lot of extensions. |
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
| Constructor Detail |
public CertificateExtensions()
| Method Detail |
public X509Certificate createCertificate(Name subject,
PublicKey pk,
Name issuer,
PrivateKey sk,
AlgorithmID algorithm,
String fileName,
int serialNumber,
V3Extension[] extensions)
throws Exception
Depending on the subject ID either a self-signed CA certificate will
be created or a user certificate. If the extensions parameter
is set to true, SubjectKeyIdentifier, KeyUsage,
and BasicConstraints extensions will be added to the new certifcate.
subject - the user demanding the certificate (may be the certification authority itself)pk - the subject´s public key to be certifiedissuer - the certification authority that issues the certificatesk - the issuer´s private key for signing the certificatealgorithm - the ID of the signature algorithmextensions - a boolean value indicating if there are any extending informationsfileName - the name of the file to which the certificate shall be savedserialNumber - the serial number of the certifcate to be createdextensions - an array of X509v3 extensions to be added to the certificatepublic void start()
To avoid the time consuming process of key creation, the issuer certificate
and private key are created from a PEM encoded file "caRSA.pem" located in a
"test" directory. Run the CreateCertificates demo for creating
the required structures and saving them to the file requested above, if it yet
not exist.
public void start(String fileName)
To avoid the time consuming process of key creation, the issuer certificate
and private key are created from a PEM encoded file "caRSA.pem" located in a
"test" directory. Run the CreateCertificates demo for creating
the required structures and saving them to the file requested above, if it yet
not exist.
fileName - the name to which to write the certpublic static void main(String[] argv)
|
This Javadoc may contain text parts from Internet Standard specifications (RFC 2459, 3280, 3039, 2560, 1521, 821, 822, 2253, 1319, 1321, ,2630, 2631, 2268, 3058, 2984, 2104, 2144, 2040, 2311, 2279, see copyright note) and RSA Data Security Public-Key Cryptography Standards (PKCS#1,3,5,7,8,9,10,12, see copyright note). | ||||||||
| PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
| SUMMARY: INNER | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD | ||||||||
IAIK-JCE 3.1 with IAIK-JCE CC Core 3.1, (c) 1997-2004 IAIK