net.i2p.crypto.SelfSignedGenerator

public final class SelfSignedGenerator
extends Object

Generate keys and a selfsigned certificate, suitable for storing in a Keystore with KeyStoreUtil.storePrivateKey(). All done programatically, no keytool, no BC libs, no sun classes. Ref: RFC 2459, RFC 5280 This is coded to create a cert that is similar to what comes out of keytool. NOTE: Recommended use is via KeyStoreUtil.createKeys() and related methods. This API may not be stable.

Since:: 0.9.25

Constructor Summary

Constructors

Constructor Description

SelfSignedGenerator()

Method Summary

Modifier and Type	Method	Description
`static Object[]`	`generate(String cname, String ou, String o, String l, String st, String c, int validDays, SigType type)`
`static Object[]`	`generate(String cname, Set<String> altNames, String ou, String o, String l, String st, String c, int validDays, SigType type)`
`static X509Certificate`	`generate(SigningPrivateKey priv, String cname, int validDays)`	Create a self-signed certificate for the existing private key.
`static void`	`main(String[] args)`	Note: For CLI testing, use java -jar i2p.jar su3file keygen pubkey.crt keystore.ks commonName
`static Object[]`	`renew(X509Certificate cert, PrivateKey jpriv, int validDays)`

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- SelfSignedGenerator
  
  public SelfSignedGenerator()
Method Details
- generate
  
  public static Object[] generate(String cname, String ou, String o, String l, String st, String c, int validDays, SigType type) throws GeneralSecurityException
  
  Parameters:
  
  cname - the common name, non-null. Must be a hostname or email address. IP addresses will not be correctly encoded.
  
  ou - The OU (organizational unit) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  o - The O (organization)in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  l - The L (city or locality) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  st - The ST (state or province) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  c - The C (country) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  Returns:
  
  length 4 array: rv[0] is a Java PublicKey rv[1] is a Java PrivateKey rv[2] is a Java X509Certificate rv[3] is a Java X509CRL
  
  Throws:
  
  GeneralSecurityException
- generate
  
  public static Object[] generate(String cname, Set<String> altNames, String ou, String o, String l, String st, String c, int validDays, SigType type) throws GeneralSecurityException
  
  Parameters:
  
  cname - the common name, non-null. Must be a hostname or email address. IP addresses will not be correctly encoded.
  
  altNames - the Subject Alternative Names. May be null. May contain hostnames and/or IP addresses. cname, localhost, 127.0.0.1, and ::1 will be automatically added.
  
  ou - The OU (organizational unit) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  o - The O (organization)in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  l - The L (city or locality) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  st - The ST (state or province) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  c - The C (country) in the distinguished name, non-null before 0.9.28, may be null as of 0.9.28
  
  Returns:
  
  length 4 array: rv[0] is a Java PublicKey rv[1] is a Java PrivateKey rv[2] is a Java X509Certificate rv[3] is a Java X509CRL
  
  Throws:
  
  GeneralSecurityException
  
  Since:
  
  0.9.34 added altNames param
- generate
  
  public static X509Certificate generate(SigningPrivateKey priv, String cname, int validDays) throws GeneralSecurityException
  
  Create a self-signed certificate for the existing private key.
  
  Parameters:
  
  cname - the common name, non-null. Must be a hostname or email address. IP addresses will not be correctly encoded.
  
  Returns:
  
  self-signed certificate
  
  Throws:
  
  GeneralSecurityException
  
  Since:
  
  0.9.46
- renew
  
  public static Object[] renew(X509Certificate cert, PrivateKey jpriv, int validDays) throws GeneralSecurityException
  
  Parameters:
  
  cert - the old cert to be replaced
  
  jpriv - the private key
  
  Returns:
  
  length 4 array: rv[0] is a Java PublicKey, from cert as passed in rv[1] is a Java PrivateKey, jpriv as passed in rv[2] is a Java X509Certificate, new one rv[3] is a Java X509CRL, new one
  
  Throws:
  
  GeneralSecurityException
  
  Since:
  
  0.9.34 added altNames param
- main
  
  public static void main(String[] args) throws Exception
  
  Note: For CLI testing, use java -jar i2p.jar su3file keygen pubkey.crt keystore.ks commonName
  
  Throws:
  
  Exception

Class SelfSignedGenerator

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Details

SelfSignedGenerator

Method Details

generate

generate

generate

renew

main