demo.x509
Class X509

java.lang.Object
  |
  +--demo.x509.X509

public class X509

extends Object

This class tests the implementation of creating and verifying certificates based on the X509 notation.

As signature algorithms serve MD5withRSA respectively dsaWithSHA.

Version:

File Revision 18

Constructor Summary

X509()

Method Summary

X509Certificate	createCertificate(Name subject, PublicKey pk, Name issuer, PrivateKey sk, AlgorithmID algorithm, boolean extensions) Creates a certificate according to the X.509 Notation.
KeyPair	generateKeyPair(String algorithm, int bits) Generates a Key Pair for the specified public-key algorithm.
static void	main(String[] arg) Performs certificate creation and verification tests.
void	start() Tests the certificate creation and verification process implementation for the MD5withRSA and DSA signature algorithms.
void	testDSACertificates() Tests the certificate creation and verification process implemention using the dsaWithSHA signature algorithm.
void	testRSACertificates() Tests the certificate creation and verification process implemention using the MD5withRSA signature algorithm.
void	verifyCertificate(X509Certificate userCert, X509Certificate caCert) Verifies a certificate.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

X509

public X509()

Method Detail

generateKeyPair

public KeyPair generateKeyPair(String algorithm,
                               int bits)
                        throws Exception

Generates a Key Pair for the specified public-key algorithm.

Parameters:

algorithm - the name of the public-key algorithm

bits - the length of the key (modulus) in bits

Returns:

the KeyPair

verifyCertificate

public void verifyCertificate(X509Certificate userCert,
                              X509Certificate caCert)
                       throws Exception

Verifies a certificate. If the caCert parameter is not specified a self signed certificate will be verified; otherwise a signed certificate will be verified by using the public key of the issuer.

Parameters:

userCert - the certificate to be verified

caCert - the certificate used for verifying the userCert

Returns:

the verification result (true/false)

createCertificate

public X509Certificate createCertificate(Name subject,
                                         PublicKey pk,
                                         Name issuer,
                                         PrivateKey sk,
                                         AlgorithmID algorithm,
                                         boolean extensions)
                                  throws Exception

Creates a certificate according to the X.509 Notation.

Depending on the subject ID either a self-signed CA certificate will be created or a user certificate. If the extensions parameter is set to true, SubjectKeyIdentifier, KeyUsage, and BasicConstraints extensions will be added to the new certifcate.

Parameters:

subject - the user demanding the certificate (may be the certification authority itself)

pk - the subjectīs public key to be certified

issuer - the certification authority that issues the certificate

sk - the issuerīs private key for signing the certificate

algorithm - the ID of the signature algorithm

extensions - a boolean value indicating if there are any extending informations

Returns:

the certificate just created

testRSACertificates

public void testRSACertificates()
                         throws Exception

Tests the certificate creation and verification process implemention using the MD5withRSA signature algorithm.

The method goes to the following steps:

• Generating a CA key pair for self signed certificate
• Generating a user key pair for signed certifications
• Creating a self-signed CA certificate certifying the CAīs public key with the CAīs private key
• Creating a user certificate certifying the userīs public key pair with the CAīs private key
• Verifying the two certificates just created

testDSACertificates

public void testDSACertificates()
                         throws Exception

Tests the certificate creation and verification process implemention using the dsaWithSHA signature algorithm.

The method goes to the following steps:

• Generating a CA key pair for self signed certificate
• Generating a user key pair for signed certifications
• Creating a self-signed CA certificate certifying the CAīs public key with the CAīs private key
• Creating a user certificate certifying the userīs public key pair with the CAīs private key
• Verifying the two certificates just created

start

public void start()

Tests the certificate creation and verification process implementation for the MD5withRSA and DSA signature algorithms.

main

public static void main(String[] arg)
                 throws IOException

Performs certificate creation and verification tests.

Throws:

IOException - if an I/O Error occurs