Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

tools.codec.pkcs
Class ExtKeyTool

java.lang.Object
  extended bytools.codec.pkcs.ExtKeyTool
public class ExtKeyTool
extends Object

Extension utility for use alongside Sun's keytool program. Performs useful functions not found in original.

Author:
Walter Hoehn

Nested Class Summary
private  class ExtKeyTool.ByteContainer
          Auto-enlarging container for bytes.
protected  class ExtKeyTool.ExtKeyToolException
          Signals that an error was encounted while using ExtKeyTool functions.
protected  class ExtKeyTool.InvalidCertificateChainException
          Signals that an error occurred while trying to constuct a certificate chain.
 
Field Summary
protected static boolean debug_
           
 
Constructor Summary
ExtKeyTool()
           
 
Method Summary
 void exportKey(String provider, PrintStream outStream, InputStream keyStoreStream, String storeType, char[] keyStorePassword, String keyAlias, char[] keyPassword, boolean rfc)
          Retrieves a private key from a java keystore and writes it to an PrintStream
 ByteArrayOutputStream importKey(String provider, String keyAlgorithm, InputStream keyStream, InputStream chainStream, InputStream keyStoreInStream, String storeType, String keyAlias, char[] keyStorePassword, char[] keyPassword)
          Given a java keystore, private key, and matching certificate chain; creates a new keystore containing the union of these objects
protected  String initProvider(Properties arguments)
          Ensures that providers specified on the command line are in fact loaded into the current environment.
protected  boolean isMatchingKey(String algorithm, PublicKey pubKey, PrivateKey privKey)
          Boolean indication of whether a given private key and public key form a valid keypair.
protected  X509Certificate[] linkChain(String keyAlgorithm, X509Certificate[] untestedCerts, PrivateKey privKey)
          Converts an array of certificates into an ordered chain.
protected  KeyStore loadKeyStore(String provider, InputStream keyStoreStream, String storeType, char[] keyStorePassword)
          Creates and initializes a java KeyStore
protected static void log(String str)
           
static void main(String[] args)
           
private static Properties parseArguments(String[] args)
          Tries to decipher command line arguments.
private static void printUsage(PrintStream out)
           
protected  PrivateKey readPrivateKey(String provider, InputStream keyStream, String algorithm)
          Attempts to unmarshall a private key from a given stream.
protected  char[] resolveKeyPass(String keyPass, char[] storePass)
          Decides what password to use for storing/retrieving keys from the keystore.
protected  File resolveKeyStore(String keyStoreLocation)
          Determines the location of the keystore to use when performing the action
private  void run(Properties arguments)
          Based on on a set of properties, executes ExtKeyTool actions.
protected  void walkChain(X509Certificate[] chainSource, ArrayList chainDest)
          Given an ArrayList containing a base certificate and an array of unordered certificates, populates the ArrayList with an ordered certificate chain, based on subject and issuer.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

debug_

protected static boolean debug_
Constructor Detail

ExtKeyTool

public ExtKeyTool()
Method Detail

log

protected static void log(String str)

loadKeyStore

protected KeyStore loadKeyStore(String provider,
                                InputStream keyStoreStream,
                                String storeType,
                                char[] keyStorePassword)
                         throws ExtKeyTool.ExtKeyToolException
Creates and initializes a java KeyStore

Parameters:
provider - name of the jce provider to use in loading the keystore
keyStoreStream - stream used to retrieve the keystore
storeType - the type of the keystore
keyStorePassword - password used to verify the integrity of the keystore
Throws:
ExtKeyTool.ExtKeyToolException - if a problem is encountered loading the keystore

exportKey

public void exportKey(String provider,
                      PrintStream outStream,
                      InputStream keyStoreStream,
                      String storeType,
                      char[] keyStorePassword,
                      String keyAlias,
                      char[] keyPassword,
                      boolean rfc)
               throws ExtKeyTool.ExtKeyToolException
Retrieves a private key from a java keystore and writes it to an PrintStream

Parameters:
provider - name of the jce provider to use in retrieving the key
outStream - stream that should be used to output the retrieved key
keyStoreStream - stream used to retrieve the keystore
storeType - the type of the keystore
keyStorePassword - password used to verify the integrity of the keystore
keyAlias - the alias under which the key is stored
keyPassword - the password for recovering the key
rfc - boolean indicator of whether the key should be Base64 encoded before being written to the stream
Throws:
ExtKeyTool.ExtKeyToolException - if there a problem retrieving or writing the key

isMatchingKey

protected boolean isMatchingKey(String algorithm,
                                PublicKey pubKey,
                                PrivateKey privKey)
Boolean indication of whether a given private key and public key form a valid keypair.

Parameters:
pubKey - the public key
privKey - the private key

readPrivateKey

protected PrivateKey readPrivateKey(String provider,
                                    InputStream keyStream,
                                    String algorithm)
                             throws ExtKeyTool.ExtKeyToolException
Attempts to unmarshall a private key from a given stream.

Parameters:
keyStream - the InputStream suppying the key
algorithm - the key algorithm
Throws:
ExtKeyTool.ExtKeyToolException - if there a problem unmarshalling the key

linkChain

protected X509Certificate[] linkChain(String keyAlgorithm,
                                      X509Certificate[] untestedCerts,
                                      PrivateKey privKey)
                               throws ExtKeyTool.InvalidCertificateChainException
Converts an array of certificates into an ordered chain. A certificate that matches the specified private key will be returned first and the root certificate will be returned last.

Parameters:
untestedCerts - array of certificates
privKey - the private key used to determine the first cert in the chain
Throws:
ExtKeyTool.InvalidCertificateChainException - thrown if a chain cannot be constructed from the specified elements

walkChain

protected void walkChain(X509Certificate[] chainSource,
                         ArrayList chainDest)
                  throws ExtKeyTool.InvalidCertificateChainException
Given an ArrayList containing a base certificate and an array of unordered certificates, populates the ArrayList with an ordered certificate chain, based on subject and issuer.

Parameters:
chainSource - array of certificates to pull from
chainDest - ArrayList containing base certificate
Throws:
ExtKeyTool.InvalidCertificateChainException - thrown if a chain cannot be constructed from the specified elements

importKey

public ByteArrayOutputStream importKey(String provider,
                                       String keyAlgorithm,
                                       InputStream keyStream,
                                       InputStream chainStream,
                                       InputStream keyStoreInStream,
                                       String storeType,
                                       String keyAlias,
                                       char[] keyStorePassword,
                                       char[] keyPassword)
                                throws ExtKeyTool.ExtKeyToolException
Given a java keystore, private key, and matching certificate chain; creates a new keystore containing the union of these objects

Parameters:
provider - the name of the jce provider to use
keyAlgorithm - the algorithm of the key to be added, defaults to RSA if null
keyStream - strema used to retrieve the private key, can contain a PEM encoded or pkcs8 encoded key
chainStream - stream used to retrieve certificates, can contain a series of PEM encoded certs or a pkcs7 chain
keyStoreInStream - stream used to retrieve the initial keystore
storeType - the type of the keystore
keyAlias - the alias under which the key/chain should be saved
keyStorePassword - password used to verify the integrity of the old keystore and save the new keystore
keyPassword - the password for saving the key
Returns:
an OutputStream containing the new keystore
Throws:
ExtKeyTool.ExtKeyToolException - if there a problem importing the key

parseArguments

private static Properties parseArguments(String[] args)
                                  throws IllegalArgumentException
Tries to decipher command line arguments.

Throws:
IllegalArgumentException - if arguments are not properly formatted

initProvider

protected String initProvider(Properties arguments)
Ensures that providers specified on the command line are in fact loaded into the current environment.

Returns:
the name of the provider add, null if no provider was added

main

public static void main(String[] args)

run

private void run(Properties arguments)
          throws ExtKeyTool.ExtKeyToolException
Based on on a set of properties, executes ExtKeyTool actions.

Parameters:
arguments - runtime parameters specified on the command line
Throws:
ExtKeyTool.ExtKeyToolException

resolveKeyStore

protected File resolveKeyStore(String keyStoreLocation)
                        throws ExtKeyTool.ExtKeyToolException,
                               FileNotFoundException
Determines the location of the keystore to use when performing the action

Returns:
the File representation of the selected keystore
Throws:
ExtKeyTool.ExtKeyToolException
FileNotFoundException

resolveKeyPass

protected char[] resolveKeyPass(String keyPass,
                                char[] storePass)
Decides what password to use for storing/retrieving keys from the keystore. NOTE: Possible terminal interaction with the user.

Returns:
a char array containing the password

printUsage

private static void printUsage(PrintStream out)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD
Copyright © Fraunhofer Gesellschaft. All Rights Reserved.