Gimme the Keys...
We can either generate keys for an identity or import them from a file. Generally speaking, you’ll generate key pairs for the signers you “own” and import public keys for everyone else. Marian, for example, will generate her own public and private keys. She, however, will import public keys for both Will Scarlet and Sheriff.
Let’s begin by generating a public and private key pair for
Marian. We’ll use the
-gk
option, which can be abbreviated to
-g
. To generate the keys, we need to specify which
public key cipher algorithm we wish to use. JDK 1.1 ships with
support for the DSA algorithm, so that’s what we’ll use.
Finally, javakey
needs to know how long to make
the keys. This is the size, in bits, of the keys. Longer keys are
more secure, but they take more time to create and use. You need to
generate keys only once, though, so you might as well bite the bullet
and generate longer keys. You probably won’t notice the extra
time it takes to use a longer key. The DSA algorithm can generate
keys of 512, 768, or 1024 bits.
C:\ javakey -gk Marian DSA 1024
Generated DSA keys for Marian (strength: 1024).
This is a lengthy process: You should probably kick this off and take a break while it chugs along.
When you generate the keys this way, they are stored in
javakey’s internal database. If you want to store the keys by
themselves in external files, you can specify the filenames at the
end of the javakey
command, like this:
C:\ javakey -gk Marian DSA 1024 public.x509 private.x509 ...
Get Java Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.