From: "Thorsten Goeller" <tgoeller@metafinanz.de>
To: java-security@java.sun.com
Date: Thu, 17 Jun 1999 12:37:29 +0200
Subject: Java Cryptography Architecture in JDK1 .2
Hello,
I have a question about implementing own providers. I create a provider
named "ElGamal". What I currently have implemented, are the following
classes:
- ElGamalProvider extends Provider
- ElGamalSignature extends Signature
- ElGamalKeyPairGenerator extends KeyPairGenerator
- ElGamalPublicKey implements PublicKey
- ElGamalPrivateKey implements PrivateKey
What I have not realized at present, are the following classes:
- KeyStore
- KeyFactory
- CertificateFactory
- X509Certificate
Now my questions:
1. Problem: output of the getEncoded()-method. Description: For the two
Key-Classes I have to implement the methods getEncoded() and getFormat() to
get my PublicKey encoded as X.509 and the PrivateKey encoded as PKCS#8. But
what have to be in the returned byte-Array of this method (perhaps you can
give me an example of such an byte-Array returned by the method
getEncoded)?
2. Problem: input of the engineGenerateCertificate()-method. Description:
When I have the byte-Array of my PublicKey, I want to create a
X509Certificate. Therefore I have to use the CertificateFactory. But the
input of the method to create a Certificate is a InputStream. What is to do
to convert a PublicKey into a Certificate (with the Keytool you can create
KeyPairs and then the Keytool saves the PublicKey as Certificate, so the
Keytool have to convert the PublicKey into a Certificate - how does it
function in the Keytool)?
3. Problem: using keytool with own provider - KeyStore and KeyFactory
needed? Description: In Question 1 and 2 I spoke about the
CertificateFactory and the X509Certificate. I think, with the answers you
will give me, I can implement them. But then there are still the KeyStore
and the KeyFactory, I have not realized. Do I need the KeyStore to use the
keytool with my own provider or can the keytool also saves my ElGamal-Keys
in the default JKS-Keystore? Is the CertificateFactory enough to generate a
X509Certificate of my PublicKey to store in the Keystore (I remember, that
the PublicKeys are saved as Certificates) or have I to implement an own
KeyFactory?
4. Are there other things to pay attention to, when I want to use the
keytool and the jarsigner with my own "ElGamal"-Provider?
Many thanks in advance for helping me,
Thorsten Goeller
Metafinanz GmbH, St. Georgen, Germany