GenerateLeafRequest xref

View Javadoc

1   package net.sf.bse;
2   
3   /*
4    * Copyright (c) 2002-2003 BSE project contributors 
5    * (http://bse.sourceforge.net/)
6    * 
7    * Permission is hereby granted, free of charge, to any person obtaining a copy
8    * of this software and associated documentation files (the "Software"), to deal
9    * in the Software without restriction, including without limitation the rights
10   * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11   * copies of the Software, and to permit persons to whom the Software is
12   * furnished to do so, subject to the following conditions:
13   * 
14   * The above copyright notice and this permission notice shall be included in
15   * all copies or substantial portions of the Software.
16   * 
17   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
20   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23   * THE SOFTWARE.
24   */
25  
26  import java.io.FileOutputStream;
27  import java.io.PrintStream;
28  import java.security.Key;
29  import java.security.KeyPair;
30  import java.security.KeyPairGenerator;
31  import java.security.SecureRandom;
32  import java.util.Map;
33  
34  import org.bouncycastle.asn1.DERConstructedSequence;
35  import org.bouncycastle.asn1.DERSet;
36  import org.bouncycastle.asn1.DERUTF8String;
37  import org.bouncycastle.asn1.x509.X509Name;
38  import org.bouncycastle.jce.PKCS10CertificationRequest;
39  
40  /***
41   * Command to generate a request for an MHP leaf certificate.
42   *
43   * @author Bill Foote (bill.foote@sun.com)
44   * @author Aleksi Peebles (aleksi.peebles@infocast.fi)
45   * @version $Revision: 1.3 $ $Date: 2004/05/06 09:51:15 $
46   */
47  public class GenerateLeafRequest extends Command
48  {    
49      public GenerateLeafRequest(Map args)
50      {
51          super(args);
52      }
53      
54      public void usageMessage(PrintStream out)
55      {
56          out.println(
57  "Command:  request\n\n" +
58  
59  "    Generates a request for an MHP leaf certificate\n\n" + 
60  
61  "    Arguments:\n\n" +
62  
63  "        name:        Subject commonName of leaf (not including org id)\n" +
64  "        country:     Subject countryName of leaf\n" +
65  "        email:       Subject e-mail address of leaf\n" +
66  "        strength:    Length of key in bits\n" +
67  "        file:        Where to store the results.\n\n" +
68  
69  "    Plus, optionally:\n\n" +
70  
71  "        org:         Subject organisation specific text followed by a\n" +
72  "                     dot and the organisation ID as eight hex digits\n" +
73  "                     with leading zeroes\n" +
74  "        validFrom:   Date cert to be valid from, in dd/mm/yyyy format\n" +
75  "        validUntil:  Date cert to be valid until, in dd/mm/yyyy format\n");
76      }
77      
78      public String[] getRequiredArgs()
79      {
80          return new String[] { "name:", "country:", "email:", "strength:", 
81              "file:" };
82      }
83  
84      public String[] getOptionalArgs()
85      {
86          return new String[] { "org:", "validFrom:", "validUntil:" };
87      }
88  
89      public void run() throws Exception
90      {
91          System.out.println("Generating leaf certificate request.");
92          
93          // Do a bit of argument checking before time-consuming operations...
94          if (getArg("validFrom:") != null)
95          {
96              getDateArg("validFrom:");
97          }
98          if (getArg("validUntil:") != null)
99          {
100             getDateArg("validUntil:");
101         }
102         
103         KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA");
104         
105         // key bit length, 4096 is max guaranteed by MHP
106         int strength = Integer.parseInt(getArg("strength:"));        
107         
108         kpGen.initialize(strength, new SecureRandom());
109         
110         System.out.println("Generating key pair. This may take a few minutes.");
111         KeyPair pair = kpGen.genKeyPair();
112         
113         String privateFile = getArg("file:") + "_private.pkcs";
114         String derCsrFile = getArg("file:") + ".der.csr";
115         
116         // Now, write private key
117         Key key = pair.getPrivate();
118         System.out.println("Writing root private key in "
119             + key.getFormat() + " format to "
120             + privateFile + ".");
121         FileOutputStream str = new FileOutputStream(privateFile);
122         str.write(key.getEncoded());
123         str.close();              
124         
125         System.out.println("Writing request in DER encoded format to " + 
126             derCsrFile + ".");
127         
128         DERConstructedSequence seq = new DERConstructedSequence();
129         DERConstructedSequence p = new DERConstructedSequence();
130         p.addObject(X509Name.CN);
131         p.addObject(new DERUTF8String(getArg("name:")));
132         seq.addObject(new DERSet(p));
133         p = new DERConstructedSequence();
134         p.addObject(X509Name.C);
135         p.addObject(new DERUTF8String(getArg("country:")));
136         seq.addObject(new DERSet(p));
137         p = new DERConstructedSequence();
138         p.addObject(X509Name.O);
139         p.addObject(new DERUTF8String(getArg("org:")));
140         seq.addObject(new DERSet(p));
141         p = new DERConstructedSequence();
142         p.addObject(X509Name.EmailAddress);
143         p.addObject(new DERUTF8String(getArg("email:")));
144         seq.addObject(new DERSet(p));
145         X509Name subject = new X509Name(seq);
146         
147         PKCS10CertificationRequest req = 
148             new PKCS10CertificationRequest("MD5WITHRSA", subject, 
149             pair.getPublic(), null, pair.getPrivate());
150         FileOutputStream fos = new FileOutputStream(derCsrFile);
151         fos.write(req.getEncoded());
152         fos.close();
153         
154         System.out.println("Done!");
155         System.out.println();
156         System.out.println("    Please send " + derCsrFile);
157         System.out.println("    to your certificate authority.");
158         System.out.println("    Keep " + privateFile);
159         System.out.println("    in a safe place.");
160         System.out.println();
161     }
162 }