001: /*
002: * Copyright 2004-2008 H2 Group. Licensed under the H2 License, Version 1.0
003: * (license2)
004: * Initial Developer: H2 Group
005: */
006: package org.h2.tools.security;
007:
008: import java.security.Key;
009: import java.security.KeyStore;
010: import java.security.KeyStoreException;
011: import java.security.NoSuchAlgorithmException;
012: import java.security.UnrecoverableKeyException;
013: import java.security.cert.Certificate;
014: import java.security.cert.CertificateEncodingException;
015: import java.util.Enumeration;
016:
017: import org.h2.security.SecureSocketFactory;
018: import org.h2.util.ByteUtils;
019:
020: /**
021: * Tool to generate source code for the SecureSocketFactory. First, create a
022: * keystore using:
023: * <pre>
024: * keytool -genkey -alias h2 -keyalg RSA -dname "cn=H2" -validity 25000
025: * -keypass h2pass -keystore h2.keystore -storepass h2pass
026: * </pre>
027: * Then run this application to generate the source code. Then replace the code
028: * in the function SecureSocketFactory.getKeyStore as specified
029: */
030: public class SecureKeyStoreBuilder {
031:
032: public static void main(String[] a) throws Exception {
033: String password = SecureSocketFactory.KEYSTORE_PASSWORD;
034: KeyStore store = SecureSocketFactory.getKeyStore(password);
035: printKeystore(store, password);
036: }
037:
038: private static void printKeystore(KeyStore store, String password)
039: throws KeyStoreException, NoSuchAlgorithmException,
040: UnrecoverableKeyException, CertificateEncodingException {
041: System.out.println("KeyStore store = KeyStore.getInstance(\""
042: + store.getType() + "\");");
043: System.out.println("store.load(null, password.toCharArray());");
044: //System.out.println("keystore provider="+store.getProvider().getName());
045: Enumeration en = store.aliases();
046: while (en.hasMoreElements()) {
047: String alias = (String) en.nextElement();
048: Key key = store.getKey(alias, password.toCharArray());
049: System.out
050: .println("KeyFactory keyFactory = KeyFactory.getInstance(\""
051: + key.getAlgorithm() + "\");");
052: System.out
053: .println("store.load(null, password.toCharArray());");
054: String pkFormat = key.getFormat();
055: String encoded = ByteUtils.convertBytesToString(key
056: .getEncoded());
057: System.out.println(pkFormat
058: + "EncodedKeySpec keySpec = new " + pkFormat
059: + "EncodedKeySpec(getBytes(\"" + encoded + "\"));");
060: System.out
061: .println("PrivateKey privateKey = keyFactory.generatePrivate(keySpec);");
062: System.out
063: .println("Certificate[] certs = new Certificate[]{");
064: Certificate[] certs = store.getCertificateChain(alias);
065: for (int i = 0; i < certs.length; i++) {
066: Certificate cert = certs[i];
067: System.out
068: .println(" CertificateFactory.getInstance(\""
069: + cert.getType() + "\").");
070: String enc = ByteUtils.convertBytesToString(cert
071: .getEncoded());
072: System.out
073: .println(" generateCertificate(new ByteArrayInputStream(getBytes(\""
074: + enc + "\"))),");
075: // PublicKey pubKey = cert.getPublicKey();
076: // System.out.println(" pubKey algorithm="+pubKey.getAlgorithm());
077: // System.out.println(" pubKey format="+pubKey.getFormat());
078: // System.out.println(" pubKey format="+
079: // ByteUtils.convertBytesToString(pubKey.getEncoded()));
080: }
081: System.out.println("};");
082: System.out
083: .println("store.setKeyEntry(\""
084: + alias
085: + "\", privateKey, password.toCharArray(), certs);");
086: }
087: }
088:
089: // private void listCipherSuites(SSLServerSocketFactory f) {
090: // String[] def = f.getDefaultCipherSuites();
091: // for (int i = 0; i < def.length; i++) {
092: // System.out.println("default = " + def[i]);
093: // }
094: // String[] sup = f.getSupportedCipherSuites();
095: // for (int i = 0; i < sup.length; i++) {
096: // System.out.println("supported = " + sup[i]);
097: // }
098: // }
099:
100: }
|