Package net.i2p.crypto
Class SelfSignedGenerator
- java.lang.Object
-
- net.i2p.crypto.SelfSignedGenerator
-
public final class SelfSignedGenerator extends Object
Generate keys and a selfsigned certificate, suitable for storing in a Keystore with KeyStoreUtil.storePrivateKey(). All done programatically, no keytool, no BC libs, no sun classes. Ref: RFC 2459, RFC 5280 This is coded to create a cert that is similar to what comes out of keytool. NOTE: Recommended use is via KeyStoreUtil.createKeys() and related methods. This API may not be stable.- Since:
- 0.9.25
-
-
Constructor Summary
Constructors Constructor Description SelfSignedGenerator()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static Object[]
generate(String cname, String ou, String o, String l, String st, String c, int validDays, SigType type)
static Object[]
generate(String cname, Set<String> altNames, String ou, String o, String l, String st, String c, int validDays, SigType type)
static X509Certificate
generate(SigningPrivateKey priv, String cname, int validDays)
Create a self-signed certificate for the existing private key.static void
main(String[] args)
Note: For CLI testing, use java -jar i2p.jar su3file keygen pubkey.crt keystore.ks commonNamestatic Object[]
renew(X509Certificate cert, PrivateKey jpriv, int validDays)
-
-
-
Method Detail
-
generate
public static Object[] generate(String cname, String ou, String o, String l, String st, String c, int validDays, SigType type) throws GeneralSecurityException
- Parameters:
cname
- the common name, non-null. Must be a hostname or email address. IP addresses will not be correctly encoded.ou
- The OU (organizational unit) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28o
- The O (organization)in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28l
- The L (city or locality) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28st
- The ST (state or province) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28c
- The C (country) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28- Returns:
- length 4 array: rv[0] is a Java PublicKey rv[1] is a Java PrivateKey rv[2] is a Java X509Certificate rv[3] is a Java X509CRL
- Throws:
GeneralSecurityException
-
generate
public static Object[] generate(String cname, Set<String> altNames, String ou, String o, String l, String st, String c, int validDays, SigType type) throws GeneralSecurityException
- Parameters:
cname
- the common name, non-null. Must be a hostname or email address. IP addresses will not be correctly encoded.altNames
- the Subject Alternative Names. May be null. May contain hostnames and/or IP addresses. cname, localhost, 127.0.0.1, and ::1 will be automatically added.ou
- The OU (organizational unit) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28o
- The O (organization)in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28l
- The L (city or locality) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28st
- The ST (state or province) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28c
- The C (country) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28- Returns:
- length 4 array: rv[0] is a Java PublicKey rv[1] is a Java PrivateKey rv[2] is a Java X509Certificate rv[3] is a Java X509CRL
- Throws:
GeneralSecurityException
- Since:
- 0.9.34 added altNames param
-
generate
public static X509Certificate generate(SigningPrivateKey priv, String cname, int validDays) throws GeneralSecurityException
Create a self-signed certificate for the existing private key.- Parameters:
cname
- the common name, non-null. Must be a hostname or email address. IP addresses will not be correctly encoded.- Returns:
- self-signed certificate
- Throws:
GeneralSecurityException
- Since:
- 0.9.46
-
renew
public static Object[] renew(X509Certificate cert, PrivateKey jpriv, int validDays) throws GeneralSecurityException
- Parameters:
cert
- the old cert to be replacedjpriv
- the private key- Returns:
- length 4 array: rv[0] is a Java PublicKey, from cert as passed in rv[1] is a Java PrivateKey, jpriv as passed in rv[2] is a Java X509Certificate, new one rv[3] is a Java X509CRL, new one
- Throws:
GeneralSecurityException
- Since:
- 0.9.34 added altNames param
-
-