org.jstk.cert.SetupCACommand (Java2HTML)

1 /*
2  * @(#) $Id: SetupCACommand.java,v 1.3 2003/07/08 08:13:52 pankaj Exp $
3  *
4  * Copyright (c) 2002-03 by Pankaj Kumar (http://www.pankaj-k.net). 
5  * All rights reserved.
6  *
7  * The license governing the use of this file can be found in the 
8  * root directory of the containing software.
9  */
10package org.jstk.cert;
11
12import java.util.*;
13import java.security.Signature;
14import java.security.KeyPair;
15import java.security.KeyPairGenerator;
16import java.security.PrivateKey;
17import java.security.PublicKey;
18import java.security.cert.X509Certificate;
19import java.security.cert.Certificate;
20import java.security.cert.CertPath;
21import java.io.*;
22
23import org.jstk.*;
24import org.jstk.asn1.DefASN1PullParser;
25import org.jstk.asn1.ASN1Seq;
26import org.jstk.cert.ca.CADatabase;
27import org.jstk.cert.ca.FileBasedCADatabaseParams;
28import java.math.BigInteger;
29
30public class SetupCACommand extends JSTKCommandAdapter {
31    private static HashMap defaults = new HashMap();
32    static {
33        defaults.put("cadir", "cadir");
34        defaults.put("capath", "2");
35        defaults.put("days", "1000");
36        defaults.put("serial", "100");
37        defaults.put("keyalg", "RSA");
38        defaults.put("keysize", "2048");
39        defaults.put("sigalg", "SHA1WithRSA");
40        defaults.put("dn", "CN=JSTK Test Root CA, OU=JSTK Operations, O=JSTK Inc, C=US");
41    }
42
43    public String briefDescription(){
44        String briefDesc = "setup a filebased CA";
45        return briefDesc;
46    }
47
48    public String optionsDescription(){
49        String optionsDesc =
50            "  -cadir <cadir>      : Directory to store CA information.[" +
51            defaults.get("cadir") + "]\n" +
52            "  -dn <dn>            : CA distinguished name.[" +
53            defaults.get("dn") + "]\n" +
54            "  -capath <pathlen>   : path length.[" +
55            defaults.get("capath") + "]\n" +
56            "  -days <days>        : Validity period from the time of setup.[" +
57            defaults.get("days") + "]\n" +
58            "  -serial <serial>    : Serial no. of the CA certificate.[" +
59            defaults.get("serial") + "]\n" +
60            "  -keyalg <keyalg>    : Algorithm for Key Pair generation (RSA|DSA).[" +
61            defaults.get("keyalg") + "]\n" +
62            "  -keysize <keysize>  : Size of key (no. of bits).[" +
63            defaults.get("keysize") + "]\n" +
64            "  -sigalg <sigalg>    : Signature Algorithm. Should match Key Algorithm.[" +
65            defaults.get("sigalg") + "]\n" +
66            "  -password <passwd>  : Password for CA keystore.\n";
67        return optionsDesc;
68    }
69    public String[] useForms(){
70        String[] useForms = {
71            "[-cadir <cadir>] [-capath <pathlen>] [-days <days>] [-serial <serial_no>] [-dn <dname>]"
72        };
73        return useForms;
74    }
75    public String[] sampleUses(){
76        String[] sampleUses = {
77            "",
78            "-cadir testca -days 3650"
79        };
80        return sampleUses;
81    }
82
83
84    public Object execute(JSTKArgs args) throws JSTKException{
85        try {
86            args.setDefaults(defaults);
87            String cadir = args.get("cadir");
88            String dn = args.get("dn");
89            String serialNo = args.get("serial");
90            String keyAlg = args.get("keyalg");
91            String sigAlg = args.get("sigalg");
92            String password = args.get("password");
93            int pathLen = Integer.parseInt(args.get("capath"));
94            int noDays = Integer.parseInt(args.get("days"));
95            int keySize = Integer.parseInt(args.get("keysize"));
96
97            if (password == null){
98                return new JSTKResult(null, false, "CA keystore password not specified. Use -password option.");
99            }
00
01            KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyAlg);
02            kpg.initialize(keySize);
03            KeyPair kp = kpg.generateKeyPair();
04
05            CertificateGenerator cg = new CertificateGenerator();
06
07            cg.setBasicConstraints(true, pathLen);
08            cg.setSigAlg(sigAlg);
09
10            Certificate[] certs = null;
11            X509Certificate cert = cg.generateSelfSignedCertificate(dn, kp, new BigInteger(serialNo), noDays);
12            certs = new Certificate[1];
13            certs[0] = cert;
14            FileBasedCADatabaseParams fbParams = new FileBasedCADatabaseParams(cadir, certs, kp.getPrivate());
15            fbParams.setPassword(password);
16
17            CADatabase cadb = CADatabase.getInstance("file", fbParams);
18
19            return new JSTKResult(null, true, "CA setup successful: " + cadir);
20        } catch (Exception exc){
21            throw new JSTKException("SetupCACommand execution failed", exc);
22        }
23    }
24
25    public static void main(String[] args) throws Exception {
26        JSTKOptions opts = new JSTKOptions();
27        opts.parse(args, 0);
28        SetupCACommand setupCACmd = new SetupCACommand();
29        JSTKResult result = (JSTKResult)setupCACmd.execute(opts);
30        System.out.println(result.getText());
31        System.exit(result.isSuccess()? 0 : 1);
32    }
33}