Gimme the Keys...
We can either generate keys for an identity or import them from a file. Generally speaking, you’ll generate key pairs for the signers you “own” and import public keys for everyone else. Marian, for example, will generate her own public and private keys. She, however, will import public keys for both Will Scarlet and Sheriff.
Let’s begin by generating a public and private key pair for
Marian. We’ll use the
option, which can be abbreviated to
-g. To generate the keys, we need to specify which
public key cipher algorithm we wish to use. JDK 1.1 ships with
support for the DSA algorithm, so that’s what we’ll use.
javakey needs to know how long to make
the keys. This is the size, in bits, of the keys. Longer keys are
more secure, but they take more time to create and use. You need to
generate keys only once, though, so you might as well bite the bullet
and generate longer keys. You probably won’t notice the extra
time it takes to use a longer key. The DSA algorithm can generate
keys of 512, 768, or 1024 bits.
javakey -gk Marian DSA 1024Generated DSA keys for Marian (strength: 1024).
This is a lengthy process: You should probably kick this off and take a break while it chugs along.
When you generate the keys this way, they are stored in
javakey’s internal database. If you want to store the keys by
themselves in external files, you can specify the filenames at the
end of the
javakey command, like this:
javakey -gk Marian DSA 1024 public.x509 private.x509 ...