Package com.browserup.bup.mitm

Class RootCertificateGenerator

java.lang.Object

com.browserup.bup.mitm.RootCertificateGenerator

All Implemented Interfaces:

CertificateAndKeySource

public class RootCertificateGenerator
extends java.lang.Object
implements CertificateAndKeySource

A CertificateAndKeySource that dynamically generates a CA root certificate and private key. The certificate and key will only be generated once; all subsequent calls to load() will return the same materials. To save the generated certificate and/or private key for installation in a browser or other client, use one of the encode or save methods:

• encodeRootCertificateAsPem()
• encodePrivateKeyAsPem(String)
• saveRootCertificateAsPemFile(File)
• savePrivateKeyAsPemFile(File, String)
• saveRootCertificateAndKey(String, File, String, String)

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static class	RootCertificateGenerator.Builder	A Builder for RootCertificateGenerators.

Constructor Summary

Constructors

Constructor	Description
RootCertificateGenerator(CertificateInfo rootCertificateInfo, java.lang.String messageDigest, KeyGenerator keyGenerator, SecurityProviderTool securityProviderTool)

Method Summary

Modifier and Type	Method	Description
static RootCertificateGenerator.Builder	builder()	Convenience method to return a new RootCertificateGenerator.Builder instance.
java.lang.String	encodePrivateKeyAsPem(java.lang.String privateKeyPassword)	Returns the generated private key as a PEM-encoded String, encrypted using the specified password and the DEFAULT_PEM_ENCRYPTION_ALGORITHM.
java.lang.String	encodeRootCertificateAsPem()	Returns the generated root certificate as a PEM-encoded String.
CertificateAndKey	load()	Loads a certificate and its corresponding private key.
void	savePrivateKeyAsPemFile(java.io.File file, java.lang.String passwordForPrivateKey)	Saves the private key as PEM-encoded data to a file, using the specified password to encrypt the private key and the DEFAULT_PEM_ENCRYPTION_ALGORITHM.
void	saveRootCertificateAndKey(java.lang.String keyStoreType, java.io.File file, java.lang.String privateKeyAlias, java.lang.String password)	Saves the generated certificate and private key as a file, using the specified password to protect the key store.
void	saveRootCertificateAsPemFile(java.io.File file)	Saves the root certificate as PEM-encoded data to the specified file.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

RootCertificateGenerator

public RootCertificateGenerator(CertificateInfo rootCertificateInfo,
                                java.lang.String messageDigest,
                                KeyGenerator keyGenerator,
                                SecurityProviderTool securityProviderTool)

Method Detail

load

public CertificateAndKey load()

Description copied from interface: CertificateAndKeySource

Loads a certificate and its corresponding private key. Every time this method is called, it should return the same certificate and private key (although it may be a different CertificateAndKey instance).

Specified by:

load in interface CertificateAndKeySource

Returns:

certificate and its corresponding private key

encodeRootCertificateAsPem

public java.lang.String encodeRootCertificateAsPem()

Returns the generated root certificate as a PEM-encoded String.

Returns:

encoded RootCertificateAsPem

encodePrivateKeyAsPem

public java.lang.String encodePrivateKeyAsPem(java.lang.String privateKeyPassword)

Returns the generated private key as a PEM-encoded String, encrypted using the specified password and the DEFAULT_PEM_ENCRYPTION_ALGORITHM.

Parameters:

privateKeyPassword - password to use to encrypt the private key

Returns:

encoded PrivateKeyAsPem

saveRootCertificateAsPemFile

public void saveRootCertificateAsPemFile(java.io.File file)

Saves the root certificate as PEM-encoded data to the specified file.

Parameters:

file - file

savePrivateKeyAsPemFile

public void savePrivateKeyAsPemFile(java.io.File file,
                                    java.lang.String passwordForPrivateKey)

Saves the private key as PEM-encoded data to a file, using the specified password to encrypt the private key and the DEFAULT_PEM_ENCRYPTION_ALGORITHM. If the password is null, the private key will be stored unencrypted. In general, private keys should not be stored unencrypted.

Parameters:

file - file to save the private key to

passwordForPrivateKey - password to protect the private key

saveRootCertificateAndKey

public void saveRootCertificateAndKey(java.lang.String keyStoreType,
                                      java.io.File file,
                                      java.lang.String privateKeyAlias,
                                      java.lang.String password)

Saves the generated certificate and private key as a file, using the specified password to protect the key store.

Parameters:

keyStoreType - the KeyStore type, such as PKCS12 or JKS

file - file to export the root certificate and private key to

privateKeyAlias - alias for the private key in the KeyStore

password - password for the private key and the KeyStore

builder

public static RootCertificateGenerator.Builder builder()

Convenience method to return a new RootCertificateGenerator.Builder instance.

Returns:

Builder