package chapter4;import java.io.File;import java.io.FileNotFoundException;

1. package chapter4;
2.  
3. import java.io.File;
4. import java.io.FileNotFoundException;
5. import java.io.FileOutputStream;
6. import java.io.IOException;
7. import java.math.BigInteger;
8. import java.security.InvalidKeyException;
9. import java.security.KeyPair;
10. import java.security.KeyPairGenerator;
11. import java.security.KeyStore;
12. import java.security.KeyStoreException;
13. import java.security.NoSuchAlgorithmException;
14. import java.security.PublicKey;
15. import java.security.SecureRandom;
16. import java.security.SignatureException;
17. import java.security.cert.CertificateException;
18. import java.security.cert.X509Certificate;
19. import java.util.Date;
20.  
21. import org.bouncycastle.jce.X509Principal;
22. import org.bouncycastle.x509.X509V3CertificateGenerator;
23.  
24. class CertGenerator {
25. public static void main(String[] args) throws NoSuchAlgorithmException,
26. InvalidKeyException, SecurityException, SignatureException,
27. KeyStoreException, CertificateException, FileNotFoundException,
28. IOException {
29. CertGenerator d = new CertGenerator();
30. KeyPair caPair = d.generateKeyPair();
31. X509Certificate generateCertWithKeypair = d
32. .generateCertWithKeypair(caPair);
33. storeTheFileWithKeyStore(generateCertWithKeypair, caPair);
34. }
35.  
36. private static void storeTheFileWithKeyStore(X509Certificate cert,
37. KeyPair caPair) throws KeyStoreException, NoSuchAlgorithmException,
38. CertificateException, FileNotFoundException, IOException {
39. KeyStore keyStore = KeyStore.getInstance("RSA");
40. keyStore.load(null, null);
41. keyStore.setKeyEntry("certificatename", caPair.getPrivate(),
42. "mysecretpassword".toCharArray(),
43. new java.security.cert.Certificate[] { cert });
44. File file = new File(".", "keystore.test");
45. keyStore.store(new FileOutputStream(file),
46. "mysecretpassword".toCharArray());
47.  
48. }
49.  
50. KeyPair generateKeyPair() throws NoSuchAlgorithmException {
51.  
52. KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
53. keyPairGenerator.initialize(2048, new SecureRandom());
54. KeyPair keyPair = keyPairGenerator.generateKeyPair();
55. return keyPair;
56. }
57.  
58. public X509Certificate generateCertWithKeypair(KeyPair caPair)
59. throws InvalidKeyException, SecurityException, SignatureException {
60. X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
61. v3CertGen
62. .setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
63. v3CertGen
64. .setIssuerDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
65. v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60
66. * 60 * 24));
67. v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
68. + (1000L * 60 * 60 * 24 * 365 * 10)));
69. v3CertGen
70. .setSubjectDN(new X509Principal("CN=cn, O=o, L=L, ST=il, C= c"));
71. v3CertGen.setPublicKey(caPair.getPublic());
72. v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
73. X509Certificate generateX509Certificate = v3CertGen
74. .generateX509Certificate(caPair.getPrivate());
75. return generateX509Certificate;
76. }
77.  
78. }