diff options
Diffstat (limited to 'base/util/src/netscape/security/x509/CertAndKeyGen.java')
-rw-r--r-- | base/util/src/netscape/security/x509/CertAndKeyGen.java | 32 |
1 files changed, 16 insertions, 16 deletions
diff --git a/base/util/src/netscape/security/x509/CertAndKeyGen.java b/base/util/src/netscape/security/x509/CertAndKeyGen.java index 1579d46bf..703585f36 100644 --- a/base/util/src/netscape/security/x509/CertAndKeyGen.java +++ b/base/util/src/netscape/security/x509/CertAndKeyGen.java @@ -38,22 +38,22 @@ import netscape.security.pkcs.PKCS10; /** * Generate a pair of keys, and provide access to them. This class is * provided primarily for ease of use. - * + * * <P> * This provides some simple certificate management functionality. Specifically, it allows you to create self-signed * X.509 certificates as well as PKCS 10 based certificate signing requests. - * + * * <P> * Keys for some public key signature algorithms have algorithm parameters, such as DSS/DSA. Some sites' Certificate * Authorities adopt fixed algorithm parameters, which speeds up some operations including key generation and signing. * <em>At this time, this interface * does not provide a way to provide such algorithm parameters, e.g. * by providing the CA certificate which includes those parameters.</em> - * + * * <P> * Also, note that at this time only signature-capable keys may be acquired through this interface. Diffie-Hellman keys, * used for secure key exchange, may be supported later. - * + * * @author David Brownell * @author Hemma Prafullchandra * @version 1.44 @@ -64,7 +64,7 @@ public final class CertAndKeyGen { /** * Creates a CertAndKeyGen object for a particular key type * and signature algorithm. - * + * * @param keyType type of key, e.g. "RSA", "DSA" * @param sigAlg name of the signature algorithm, e.g. "MD5WithRSA", * "MD2WithRSA", "SHAwithDSA". @@ -83,7 +83,7 @@ public final class CertAndKeyGen { * to get a reproducible sequence of keys and signatures, or * because you may be able to take advantage of strong sources * of randomness/entropy in your environment. - * + * * @deprecated All random numbers come from PKCS #11 now. */ public void setRandom(SecureRandom generator) { @@ -97,12 +97,12 @@ public final class CertAndKeyGen { * for the same key size, because of the "work factor" involved in * brute force attacks. As computers become faster, it becomes * easier to perform such attacks. Small keys are to be avoided. - * + * * <P> * Note that not all values of "keyBits" are valid for all algorithms, and not all public key algorithms are * currently supported for use in X.509 certificates. If the algorithm you specified does not produce X.509 * compatible keys, an invalid key exception is thrown. - * + * * @param keyBits the number of bits in the keys. * @exception InvalidKeyException if the environment does not * provide X.509 public keys for this signature algorithm. @@ -140,7 +140,7 @@ public final class CertAndKeyGen { /** * Returns the private key of the generated key pair. - * + * * <P> * <STRONG><em>Be extremely careful when handling private keys. * When private keys are not kept secret, they lose their ability @@ -154,15 +154,15 @@ public final class CertAndKeyGen { /** * Returns a self-signed X.509v1 certificate for the public key. * The certificate is immediately valid. - * + * * <P> * Such certificates normally are used to identify a "Certificate Authority" (CA). Accordingly, they will not always * be accepted by other parties. However, such certificates are also useful when you are bootstrapping your security * infrastructure, or deploying system prototypes. - * + * * @deprecated Use the new <a href = * "#getSelfCertificate(netscape.security.x509.X500Name, long)"> - * + * * @param myname X.500 name of the subject (who is also the issuer) * @param validity how long the certificate should be valid, in seconds */ @@ -185,12 +185,12 @@ public final class CertAndKeyGen { /** * Returns a self-signed X.509v3 certificate for the public key. * The certificate is immediately valid. No extensions. - * + * * <P> * Such certificates normally are used to identify a "Certificate Authority" (CA). Accordingly, they will not always * be accepted by other parties. However, such certificates are also useful when you are bootstrapping your security * infrastructure, or deploying system prototypes. - * + * * @param myname X.500 name of the subject (who is also the issuer) * @param validity how long the certificate should be valid, in seconds * @exception CertificateException on certificate handling errors. @@ -246,11 +246,11 @@ public final class CertAndKeyGen { * Returns a PKCS #10 certificate request. The caller uses either <code>PKCS10.print</code> or * <code>PKCS10.toByteArray</code> operations on the result, to get the request in an appropriate * transmission format. - * + * * <P> * PKCS #10 certificate requests are sent, along with some proof of identity, to Certificate Authorities (CAs) which * then issue X.509 public key certificates. - * + * * @param myname X.500 name of the subject * @exception InvalidKeyException on key handling errors. * @exception SignatureException on signature handling errors. |