RSAKeyPairFactory xref

View Javadoc

1   /********************************************************************************
2    *InternetCafe is a software solution that helps the management of Cybercafes 
3    * according with the ITALIAN DECREE LAW ON ANTI-TERROR MEASURES, 27 JULY 2005.
4    * Copyright (C) 2006  Guido Angelo Ingenito
5   
6    * This program is free software; you can redistribute it and/or
7    * modify it under the terms of the GNU General Public License
8    * as published by the Free Software Foundation; either version 2
9    * of the License, or (at your option) any later version.
10  
11   * This program is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14   * GNU General Public License for more details.
15   * 
16   * You should have received a copy of the GNU General Public License
17   * along with this program; if not, write to the Free Software
18   * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19   *******************************************************************************/
20  package base.jdbs.cryptography.asymmetric;
21  
22  import java.security.InvalidKeyException;
23  import java.security.KeyPair;
24  import java.security.KeyPairGenerator;
25  import java.security.NoSuchAlgorithmException;
26  import java.security.NoSuchProviderException;
27  import java.security.PrivateKey;
28  import java.security.PublicKey;
29  import java.security.SecureRandom;
30  import java.security.Security;
31  import java.security.SignatureException;
32  import java.security.cert.X509Certificate;
33  import java.util.Calendar;
34  import java.util.GregorianCalendar;
35  
36  import org.apache.log4j.Logger;
37  import org.bouncycastle.jce.X509Principal;
38  import org.bouncycastle.jce.provider.BouncyCastleProvider;
39  
40  import base.jdbs.GUIDGenerator;
41  
42  public class RSAKeyPairFactory {
43  
44  	private static final transient Logger logger = Logger
45  			.getLogger(RSAKeyPairFactory.class.getName());
46  
47  	public static base.jdbs.cryptography.asymmetric.KeyPair newKeyPair(
48  			AsymmetricKeyRing asymmetricKeyRing, String description)
49  			throws NoSuchAlgorithmException, NoSuchProviderException,
50  			InvalidKeyException, SecurityException, SignatureException {
51  		KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
52  		SecureRandom secureRandom = SecureRandom.getInstance("SHA1PRNG", "SUN");
53  		keyPairGenerator.initialize(1024, secureRandom);
54  		KeyPair keyPair = keyPairGenerator.generateKeyPair();
55  
56  		PrivateKey privateKey = keyPair.getPrivate();
57  		logger.debug("PrivateKey:\n" + privateKey);
58  
59  		PublicKey publicKey = keyPair.getPublic();
60  		logger.debug("PublicKey:\n" + publicKey);
61  
62  		Security.addProvider(new BouncyCastleProvider());
63  		org.bouncycastle.jce.X509V3CertificateGenerator generator = new org.bouncycastle.jce.X509V3CertificateGenerator();
64  		generator.setSignatureAlgorithm("SHA1WITHRSA");
65  
66  		/* X509V3CertificateGenerator PARAMETER SETTING */
67  
68  		/* Setup the SerialNumber attribute */
69  		generator.setSerialNumber(GUIDGenerator.getInstance().getNumericKey());
70  
71  		/* COMMON PARAMETERS IN SELF-CERTIFICATE */
72  		String CN = "CN=" + asymmetricKeyRing.getOwner().getName();
73  		String OU = "OU=JDBS-OU";
74  		String O = "O=JDBS-O";
75  		String L = "L=" + asymmetricKeyRing.getOwner().getSurname();
76  		String C = "C=SP";
77  
78  		/* Setup the IssuerDomainName attribute */
79  		generator.setIssuerDN(new X509Principal(CN + "," + OU + "," + O + ","
80  				+ L + "," + C));
81  
82  		/* Setup the NotBefore attribute */
83  		long currentTime = System.currentTimeMillis();
84  		GregorianCalendar notBefore = new GregorianCalendar();
85  		notBefore.setTimeInMillis(currentTime);
86  		generator.setNotBefore(notBefore.getTime());
87  
88  		/* Setup the NotAfter attribute */
89  		GregorianCalendar notAfter = new GregorianCalendar();
90  		notAfter.setTimeInMillis(currentTime);
91  		notAfter.set(Calendar.YEAR, notBefore.get(Calendar.YEAR) + 1);// The
92  		// certificate
93  		// will
94  		// be
95  		// valid
96  		// for 1
97  		// Year
98  		// from
99  		// now.
100 		generator.setNotAfter(notAfter.getTime());
101 
102 		/* Setup the Subject Domain Name */
103 		generator.setSubjectDN(new X509Principal(CN + "," + OU + "," + O + ","
104 				+ L + "," + C));
105 
106 		/* Setup the PublikKey attribute */
107 		generator.setPublicKey(publicKey);
108 
109 		X509Certificate certificate = generator
110 				.generateX509Certificate(privateKey);
111 
112 		logger.debug("Certificate:\n" + certificate);
113 
114 		return new base.jdbs.cryptography.asymmetric.KeyPair(asymmetricKeyRing
115 				.nextKeyPairId(), asymmetricKeyRing.getOwner().getNickname()
116 				+ "-KeyPair", new base.jdbs.cryptography.asymmetric.PublicKey(
117 				publicKey), new base.jdbs.cryptography.asymmetric.PrivateKey(
118 				privateKey), certificate);
119 	}
120 
121 }