1/*
2 * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * This code is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 only, as
7 * published by the Free Software Foundation.
8 *
9 * This code is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12 * version 2 for more details (a copy is included in the LICENSE file that
13 * accompanied this code).
14 *
15 * You should have received a copy of the GNU General Public License version
16 * 2 along with this work; if not, write to the Free Software Foundation,
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20 * or visit www.oracle.com if you need additional information or have any
21 * questions.
22 */
23
24
25// program to generate rsakeys.ks. does not need to run during testing
26// checked into the workspace so that the keystore file can be recreated
27// in the future if needed.
28
29// @author Andreas Sterbenz
30
31import java.io.*;
32import java.math.BigInteger;
33import java.util.*;
34
35import java.security.*;
36import java.security.cert.*;
37import java.security.interfaces.*;
38import java.security.spec.*;
39
40import sun.security.x509.*;
41
42public class GenKeyStore {
43
44    static final char[] password = "test12".toCharArray();
45
46    private static X509Certificate getCertificate(String suffix, PublicKey publicKey, PrivateKey privateKey) throws Exception {
47        X500Name name = new X500Name("CN=Dummy Certificate " + suffix);
48        String algorithm = "SHA1with" + publicKey.getAlgorithm();
49        Date date = new Date();
50        AlgorithmId algID = AlgorithmId.getAlgorithmId(algorithm);
51
52        X509CertInfo certInfo = new X509CertInfo();
53
54        certInfo.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V1));
55        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(1));
56        certInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algID));
57        certInfo.set(X509CertInfo.SUBJECT, name);
58        certInfo.set(X509CertInfo.ISSUER, name);
59        certInfo.set(X509CertInfo.KEY, new CertificateX509Key(publicKey));
60        certInfo.set(X509CertInfo.VALIDITY, new CertificateValidity(date, date));
61
62        X509CertImpl cert = new X509CertImpl(certInfo);
63        cert.sign(privateKey, algorithm);
64
65        return cert;
66    }
67
68    private static void addToKeyStore(KeyStore ks, KeyPair kp, String name) throws Exception {
69        PublicKey pubKey = kp.getPublic();
70        PrivateKey privKey = kp.getPrivate();
71        X509Certificate cert = getCertificate(name, pubKey, privKey);
72        ks.setKeyEntry(name, privKey, password, new X509Certificate[] {cert});
73    }
74
75    private static void generateKeyPair(KeyStore ks, int keyLength, String alias) throws Exception {
76        System.out.println("Generating " + keyLength + " keypair " + alias + "...");
77        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "SunRsaSign");
78        kpg.initialize(keyLength);
79        KeyPair kp = kpg.generateKeyPair();
80        addToKeyStore(ks, kp, alias);
81    }
82
83    static KeyStore ks;
84
85    public static void main(String[] args) throws Exception {
86        long start = System.currentTimeMillis();
87
88        KeyStore ks = KeyStore.getInstance("JKS");
89        ks.load(null, null);
90
91        generateKeyPair(ks, 512, "rsa512a");
92        generateKeyPair(ks, 512, "rsa512b");
93        generateKeyPair(ks, 1024, "rsa1024a");
94        generateKeyPair(ks, 1024, "rsa1024b");
95        generateKeyPair(ks, 2048, "rsa2048a");
96        generateKeyPair(ks, 2048, "rsa2048b");
97        generateKeyPair(ks, 4096, "rsa4096a");
98
99        // only one 4096 bit keys and none longer than that
100        // that would slow down the other tests too much
101        // on old machines
102//      generateKeyPair(ks, 4096, "rsa4096b");
103//      generateKeyPair(ks, 8192, "rsa8192a");
104//      generateKeyPair(ks, 8192, "rsa8192b");
105
106        OutputStream out = new FileOutputStream("rsakeys.ks");
107        ks.store(out, password);
108        out.close();
109
110        long stop = System.currentTimeMillis();
111        System.out.println("Done (" + (stop - start) + " ms).");
112    }
113
114}
115