|
JCA - KeyStore and Related Classes
Part:
1
2
3
This chapter describes some parts of the JCA (Java Cryptography Architecture)
which has been included in JDK since 1.1:
- The Certificate class.
- The CertificateFactory class.
- The KeyStore class.
- Example programs
Certificate Class
java.security.cert.Certificate is an abstract class representing common features
of different implementations of different certificate types. Its main methods
are:
- getEncoded() - Returns a byte array of the encoded form of this certificate.
The encoding format used depends on the certificate type. For "X.509" type of certificates,
the encoding format will be "ASN.1 DER".
- getPublicKey() - Returns the public key of signed in this certificate.
- getType() - Returns the type of this certificate.
- verify() - Verifies this certificate with the specified public key.
I am not sure why this method has no return value.
There is a deprecated interface, java.security.Certificate, in JDK with the same
name as Certificate, which could confuse the compiler. To help the compiler,
you may need to use the full class name, java.security.cert.Certificate, in your
code.
CertificateFactory Class
java.security.cert.CertificateFactory is a class to read in differente types
of certificates from certificate files.
- getIntance() - Returns a CertificateFactory object of the specified certificate type
using the implementation of the specified security package provider. If not specified,
the default provider will used.
- generateCertificate() - Read in a certificate from the specified input stream,
and returns it as a Certificate object. It can read certificate in both binary
(DER encoded) and printable (RFC standard) formats. Note that only the first certificate
in the input stream will be processed.
- generateCertificates() - Read in multiple certificates from the specified input stream,
and returns them as a Certificate arrary. It can read certificate in both binary
(DER encoded) and printable (RFC standard) formats.
- getType() - Returns the type of this certificate factory.
- getProvider() - Returns the security package provider.
JcaCertificateTest.java - Sample Program
In the following sample program, I want to show you how to read in a certificate
from a certificate file, and write it out to a certificate file in the default encoding
format.
/**
* JcaCertificateTest.java
* Copyright (c) 2002 by Dr. Herong Yang
*/
import java.io.*;
import java.security.*;
import java.security.cert.*;
class JcaCertificateTest {
public static void main(String[] a) {
if (a.length<2) {
System.out.println("Usage:");
System.out.println("java JcaCertificateFactoryTest input"
+" output");
return;
}
String input = a[0];
String output = a[1];
try {
test(input,output);
} catch (Exception e) {
System.out.println("Exception: "+e);
return;
}
}
private static void test(String input, String output)
throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
System.out.println();
System.out.println("CertificateFactory Object Info: ");
System.out.println("Type = "+cf.getType());
System.out.println("Provider = "+cf.getProvider());
System.out.println("toString = "+cf.toString());
FileInputStream fis = new FileInputStream(input);
java.security.cert.Certificate cert = cf.generateCertificate(fis);
fis.close();
System.out.println();
System.out.println("Certificate Object Info: ");
System.out.println("Type = "+cert.getType());
System.out.println("toString = "+cert.toString());
PublicKey pubKey = cert.getPublicKey();
System.out.println();
System.out.println("PublicKey Object Info: ");
System.out.println("Algorithm = "+pubKey.getAlgorithm());
System.out.println("Format = "+pubKey.getFormat());
System.out.println("toString = "+pubKey.toString());
FileOutputStream fos = new FileOutputStream(output);
byte[] certBytes = cert.getEncoded();
fos.write(certBytes);
fos.close();
}
}
(Continued on next part...)
Part:
1
2
3
| 