[Ejbca-develop] PKI Tools - hide the complexity

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hi, all

Forgive me for cross posting this but I think a fair number of people on the 
BouncyCastle and the EJBCA list would be interested.   

I've created a module under the EJBCA project called 'pkit' (PKI Tools) with 
the intention of developing a friendly API that 'hides' the complexity of 
PKI/X509, allowing knowledgeable programmers to implement elements of PKI 
without having to also become a master of applied crypto and the X509 
standards.

At this stage it's not much more than a hack of existing EJBCA code ie I've 
converted the some of the classes from session beans to normal classes and 
made an example class that uses some of the functionality then.   

Using this code you will be able to sign a:
	key
	cert 
	pkcs10 request
to produce a well formed cert for usages
	non repudiation
	key encipherment
	data encipherment
	cert signing
	etc ..
and
	generate a CRL from a cert chain

... with a CA root cert which you can make with the provided ant script and 
EJBCA code, if you don't have one.

On the principle of 'release early and release often' a copy is available via 
cvs from

	cvs -d:pserver:ano...@cv...:2401/cvsroot/ejbca co pkit

I encourage you to muck about with it, paying heed to its development status 
and provide some feed back ... or some lines of code :-).

Regards
Justin Wood