keytool -genkey 叩き台

Java

X500Nameとか見てたら、公開パッケージのみに作り直すの面倒くさくなってきた。。。
つーわけでKeyToolクラスからパクってきて少しいじった下記の非公開パッケージ使用版コードを、一昨日作ったKeyStoreWrapperに組み込む方向で。

import java.io.*;
import java.security.*;
import java.security.cert.*;
import sun.security.x509.*;

public class GenKey
{
  public static void main(String[] args) throws Exception
  {
    String keyStore = System.getProperty("user.home")
                            + File.separator + ".keystore";
    KeyStoreWrapper ks = new KeyStoreWrapper(new File(keyStore),"changeit");
    genkey(
        ks.getKeyStore()
        , "changeit"
        , "key_alias"
        ,new GenKeyParams("www.oreore.com"
            ,"OreOre CA Services"
            ,"OreOre Japan K.K."
            ,"Shinagawa"
            ,"Tokyo"
            ,"JP"
            )
    );
    ks.save();
  }
  
  public static X509Certificate[] genkey(
      KeyStore keyStore
      , String keyPass
      , String alias
      , GenKeyParams params
      )
      throws NoSuchAlgorithmException
      , NoSuchProviderException
      , KeyStoreException
      , IOException
      , InvalidKeyException
      , CertificateException
      , SignatureException
  {
    if (keyStore.containsAlias(alias))
      throw new KeyStoreException("alias <" + alias + "> already exists");
    if( keyPass == null || keyPass.length() < 6 )
      throw new InvalidKeyException("keyPass '" + keyPass + "'");

    CertAndKeyGen keypair = new CertAndKeyGen(
        params.keyAlgName, params.sigAlgName, null);
    X500Name x500Name = new X500Name(
        params.commonName
        , params.organizationUnit
        , params.organizationName
        , params.localityName
        , params.stateName
        , params.country);

    keypair.generate(params.keySize);
    PrivateKey privKey = keypair.getPrivateKey();
    X509Certificate[] chain = new X509Certificate[1];
    chain[0] = keypair.getSelfCertificate(x500Name,
        (long) params.validity);

    keyStore.setKeyEntry(alias, privKey, keyPass.toCharArray(), chain);
    return chain;
  }

  static class GenKeyParams
  {
    private String commonName; // cn
    private String organizationUnit; // ou
    private String organizationName; // o
    private String localityName; // l
    private String stateName; // st
    private String country; // c
    private long validity =  90 * 24 * 60 * 60; // 90 days

    private String keyAlgName = "DSA";

    private int keySize = 1024;

    private String sigAlgName = "SHA1WithDSA";

    public GenKeyParams(
        String commonName
        , String organizationUnit
        , String organizationName
        , String localityName
        , String stateName
        , String country)
    {
      this.commonName = commonName;
      this.organizationUnit = organizationUnit;
      this.organizationName = organizationName;
      this.localityName = localityName;
      this.stateName = stateName;
      this.country = country;
    }

    public void setKeyAlgName(String keyAlgName)
        throws NoSuchAlgorithmException
    {
      this.keyAlgName = keyAlgName;

      if (sigAlgName == null) {
        if (keyAlgName.equalsIgnoreCase("DSA")) {
          sigAlgName = "SHA1WithDSA";
        } else if (keyAlgName.equalsIgnoreCase("RSA")) {
          sigAlgName = "MD5WithRSA";
        } else {
          throw new NoSuchAlgorithmException("Cannot derive signature algorithm='" + keyAlgName + "'");
        }
      }
    }
    
    public void setSigAlgName(String sigAlgName)
    {
      this.sigAlgName = sigAlgName;
    }
  }
}