List of usage examples for org.bouncycastle.asn1.x500 X500Name X500Name
public X500Name(String dirName)
From source file:net.sf.keystore_explorer.crypto.signing.TestSignatureAlgorithms.java
License:Open Source License
private void doTest2(KeyPairType keyPairType, SignatureType signatureType, CsrType csrType, X509CertificateVersion version) throws Exception { KeyPair keyPair = null;/*from www.j a va2s. c om*/ if (keyPairType == KeyPairType.RSA) { keyPair = rsaKeyPair; } else { keyPair = dsaKeyPair; } X500Name name = new X500Name("cn=this"); PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); X509Certificate cert = null; if (version == X509CertificateVersion.VERSION1) { cert = generatorv1.generateSelfSigned(name, 1000, publicKey, privateKey, signatureType, BigInteger.ONE); } else { cert = generatorv3.generateSelfSigned(name, 1000, publicKey, privateKey, signatureType, BigInteger.ONE); } if (csrType == CsrType.SPKAC) { Spkac spkac = new Spkac("whatever", signatureType, new SpkacSubject(name), publicKey, privateKey); ByteArrayOutputStream baos = new ByteArrayOutputStream(); spkac.output(baos); spkac = new Spkac(new ByteArrayInputStream(baos.toByteArray())); assertTrue(spkac.verify()); } else { PKCS10CertificationRequest pkcs10 = Pkcs10Util.generateCsr(cert, privateKey, signatureType, "w/e", "w/e", false, new BouncyCastleProvider()); byte[] encoded = Pkcs10Util.getCsrEncodedDer(pkcs10); pkcs10 = Pkcs10Util.loadCsr(new ByteArrayInputStream(encoded)); assertTrue(Pkcs10Util.verifyCsr(pkcs10)); } }
From source file:net.sf.keystore_explorer.gui.dialogs.DPreferences.java
License:Open Source License
private void initDefaultNameTab() { jlCommonName = new JLabel(res.getString("DPreferences.jlCommonName.text")); jtfCommonName = new JTextField(25); jlOrganisationUnit = new JLabel(res.getString("DPreferences.jlOrganisationUnit.text")); jtfOrganisationUnit = new JTextField(25); jlOrganisationName = new JLabel(res.getString("DPreferences.jlOrganisationName.text")); jtfOrganisationName = new JTextField(25); jlLocalityName = new JLabel(res.getString("DPreferences.jlLocalityName.text")); jtfLocalityName = new JTextField(25); jlStateName = new JLabel(res.getString("DPreferences.jlStateName.text")); jtfStateName = new JTextField(25); jlCountryCode = new JLabel(res.getString("DPreferences.jlCountryCode.text")); jtfCountryCode = new JTextField(4); jlEmailAddress = new JLabel(res.getString("DPreferences.jlEmailAddress.text")); jtfEmailAddress = new JTextField(30); // layout//from w w w . jav a 2 s. co m jpDefaultName = new JPanel(); jpDefaultName.setLayout(new MigLayout("insets dialog, fill", "[right][][]", "[]")); jpDefaultName.add(jlCommonName, ""); jpDefaultName.add(jtfCommonName, "gap rel, wrap unrel"); jpDefaultName.add(jlOrganisationUnit, ""); jpDefaultName.add(jtfOrganisationUnit, "gap rel, wrap unrel"); jpDefaultName.add(jlOrganisationName, ""); jpDefaultName.add(jtfOrganisationName, "gap rel, wrap unrel"); jpDefaultName.add(jlLocalityName, ""); jpDefaultName.add(jtfLocalityName, "gap rel, wrap unrel"); jpDefaultName.add(jlStateName, ""); jpDefaultName.add(jtfStateName, "gap rel, wrap unrel"); jpDefaultName.add(jlCountryCode, ""); jpDefaultName.add(jtfCountryCode, "gap rel, wrap unrel"); jpDefaultName.add(jlEmailAddress, ""); jpDefaultName.add(jtfEmailAddress, "gap rel, wrap unrel"); // populate fields with content from saved preferences if (defaultDN != null) { try { X500Name x500Name = new X500Name(defaultDN); populateRdnField(x500Name, jtfCommonName, BCStyle.CN); populateRdnField(x500Name, jtfOrganisationUnit, BCStyle.OU); populateRdnField(x500Name, jtfOrganisationName, BCStyle.O); populateRdnField(x500Name, jtfLocalityName, BCStyle.L); populateRdnField(x500Name, jtfStateName, BCStyle.ST); populateRdnField(x500Name, jtfCountryCode, BCStyle.C); populateRdnField(x500Name, jtfEmailAddress, BCStyle.E); } catch (Exception e) { // reset invalid DN by leaving fields empty } } }
From source file:net.sf.keystore_explorer.gui.dialogs.DViewCsr.java
License:Open Source License
public static void main(String[] args) throws Exception { Security.addProvider(new BouncyCastleProvider()); javax.swing.UIManager.setLookAndFeel("com.sun.java.swing.plaf.windows.WindowsLookAndFeel"); java.awt.EventQueue.invokeLater(new Runnable() { @Override// ww w . java 2 s . c o m public void run() { try { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC"); KeyPair keyPair = keyGen.genKeyPair(); JcaPKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder( new X500Name("cn=test"), keyPair.getPublic()); PKCS10CertificationRequest csr = csrBuilder.build(new JcaContentSignerBuilder("SHA256withRSA") .setProvider("BC").build(keyPair.getPrivate())); DViewCsr dialog = new DViewCsr(new javax.swing.JFrame(), "Title", csr); dialog.addWindowListener(new java.awt.event.WindowAdapter() { @Override public void windowClosing(java.awt.event.WindowEvent e) { System.exit(0); } }); dialog.setVisible(true); } catch (Exception e) { e.printStackTrace(); } } }); }
From source file:net.sf.keystore_explorer.gui.dialogs.sign.DSignCsr.java
License:Open Source License
public static void main(String[] args) throws Exception { Security.addProvider(new BouncyCastleProvider()); javax.swing.UIManager.setLookAndFeel("com.sun.java.swing.plaf.windows.WindowsLookAndFeel"); java.awt.EventQueue.invokeLater(new Runnable() { @Override/*from w w w. j a va2s .c o m*/ public void run() { try { KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC"); keyGen.initialize(1024); KeyPair keyPair = keyGen.genKeyPair(); JcaPKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder( new X500Name("cn=test"), keyPair.getPublic()); PKCS10CertificationRequest csr = csrBuilder.build(new JcaContentSignerBuilder("SHA256withRSA") .setProvider("BC").build(keyPair.getPrivate())); DSignCsr dialog = new DSignCsr(new javax.swing.JFrame(), csr, new File(System.getProperty("user.dir"), "test.csr"), keyPair.getPrivate(), KeyPairType.RSA, null, new BouncyCastleProvider()); dialog.addWindowListener(new java.awt.event.WindowAdapter() { @Override public void windowClosing(java.awt.event.WindowEvent e) { System.exit(0); } }); dialog.setVisible(true); } catch (Exception e) { e.printStackTrace(); } } }); }
From source file:net.sf.portecle.crypto.X509CertUtil.java
License:Open Source License
/** * Create a PKCS #10 certification request (CSR) using the supplied certificate and private key. * /* w w w .j a va 2 s .com*/ * @param cert The certificate * @param privateKey The private key * @throws CryptoException If there was a problem generating the CSR * @return The CSR */ public static PKCS10CertificationRequest generatePKCS10CSR(X509Certificate cert, PrivateKey privateKey) throws CryptoException { X500Name subject = new X500Name(cert.getSubjectDN().toString()); JcaPKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(subject, cert.getPublicKey()); JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(cert.getSigAlgName()); try { ContentVerifierProvider prov = new JcaContentVerifierProviderBuilder().build(cert); PKCS10CertificationRequest csr = csrBuilder.build(signerBuilder.build(privateKey)); if (!csr.isSignatureValid(prov)) { throw new CryptoException(RB.getString("NoVerifyGenCsr.exception.message")); } return csr; } catch (OperatorCreationException | PKCSException ex) { throw new CryptoException(RB.getString("NoGenerateCsr.exception.message"), ex); } }
From source file:net.solarnetwork.node.setup.test.PKITestUtils.java
License:Open Source License
public static X509Certificate generateNewCACert(PublicKey publicKey, String subject, X509Certificate issuer, PrivateKey issuerKey, String caDN) throws Exception { final X500Name issuerDn = (issuer == null ? new X500Name(subject) : JcaX500NameUtil.getSubject(issuer)); final X500Name subjectDn = new X500Name(subject); final BigInteger serial = getNextSerialNumber(); final Date notBefore = new Date(); final Date notAfter = new Date(System.currentTimeMillis() + 1000L * 60L * 60L); JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerDn, serial, notBefore, notAfter, subjectDn, publicKey);//from w ww . j a va 2s . c o m // add "CA" extension BasicConstraints basicConstraints; if (issuer == null) { basicConstraints = new BasicConstraints(true); } else { int issuerPathLength = issuer.getBasicConstraints(); basicConstraints = new BasicConstraints(issuerPathLength - 1); } builder.addExtension(X509Extension.basicConstraints, true, basicConstraints); // add subjectKeyIdentifier JcaX509ExtensionUtils utils = new JcaX509ExtensionUtils(); SubjectKeyIdentifier ski = utils.createSubjectKeyIdentifier(publicKey); builder.addExtension(X509Extension.subjectKeyIdentifier, false, ski); // add authorityKeyIdentifier GeneralNames issuerName = new GeneralNames(new GeneralName(GeneralName.directoryName, caDN)); AuthorityKeyIdentifier aki = utils.createAuthorityKeyIdentifier(publicKey); aki = new AuthorityKeyIdentifier(aki.getKeyIdentifier(), issuerName, serial); builder.addExtension(X509Extension.authorityKeyIdentifier, false, aki); // add keyUsage X509KeyUsage keyUsage = new X509KeyUsage(X509KeyUsage.cRLSign | X509KeyUsage.digitalSignature | X509KeyUsage.keyCertSign | X509KeyUsage.nonRepudiation); builder.addExtension(X509Extension.keyUsage, true, keyUsage); JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder("SHA256WithRSA"); ContentSigner signer = signerBuilder.build(issuerKey); X509CertificateHolder holder = builder.build(signer); JcaX509CertificateConverter converter = new JcaX509CertificateConverter(); return converter.getCertificate(holder); }
From source file:org.apache.accumulo.test.util.CertUtils.java
License:Apache License
private X509CertificateObject generateCert(String keyName, KeyPair kp, boolean isCertAuthority, PublicKey signerPublicKey, PrivateKey signerPrivateKey) throws IOException, CertIOException, OperatorCreationException, CertificateException, NoSuchAlgorithmException { Calendar startDate = Calendar.getInstance(); Calendar endDate = Calendar.getInstance(); endDate.add(Calendar.YEAR, 100); BigInteger serialNumber = BigInteger.valueOf((startDate.getTimeInMillis())); X500Name issuer = new X500Name(IETFUtils.rDNsFromString(issuerDirString, RFC4519Style.INSTANCE)); JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(issuer, serialNumber, startDate.getTime(), endDate.getTime(), issuer, kp.getPublic()); JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils(); certGen.addExtension(Extension.subjectKeyIdentifier, false, extensionUtils.createSubjectKeyIdentifier(kp.getPublic())); certGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(isCertAuthority)); certGen.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(signerPublicKey)); if (isCertAuthority) { certGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign)); }//w ww . jav a 2 s .c o m X509CertificateHolder cert = certGen .build(new JcaContentSignerBuilder(signingAlgorithm).build(signerPrivateKey)); return new X509CertificateObject(cert.toASN1Structure()); }
From source file:org.apache.ace.authentication.processor.clientcert.MemoryKeyStore.java
License:Apache License
/** * @throws IllegalStateException/*from w w w . j a v a2 s . c om*/ * if an internal exception occurs. * @throws IllegalArgumentException * if the alias already exists. */ public X509Certificate createCertificate(X500Principal issuerDN, PrivateKey issuerKey, String name, Date notBefore, Date notAfter, PublicKey key) throws IllegalArgumentException { try { X500Name issuer = new X500Name(issuerDN.getName()); X500Name commonName = new X500Name(name); BigInteger serial = BigInteger.valueOf(++m_serial); SubjectPublicKeyInfo pubKeyInfo = convertToSubjectPublicKeyInfo(key); X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, commonName, pubKeyInfo); X509CertificateHolder certHolder = builder .build(new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).build(issuerKey)); return new JcaX509CertificateConverter().getCertificate(certHolder); } catch (IllegalArgumentException e) { throw e; } catch (Exception e) { throw new RuntimeException(e); } }
From source file:org.apache.ace.authentication.processor.clientcert.MemoryKeyStore.java
License:Apache License
private X509Certificate generateRootCertificate(String commonName, Date notBefore, Date notAfter) throws Exception { X500Name issuer = new X500Name(commonName); BigInteger serial = BigInteger.probablePrime(16, new Random()); SubjectPublicKeyInfo pubKeyInfo = convertToSubjectPublicKeyInfo(m_caKey.getPublic()); X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, issuer, pubKeyInfo);//from www . j a v a 2 s .co m builder.addExtension( new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(true)))); X509CertificateHolder certHolder = builder .build(new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).build(m_caKey.getPrivate())); return new JcaX509CertificateConverter().getCertificate(certHolder); }
From source file:org.apache.airavata.gfac.bes.utils.MyProxyLogon.java
License:Apache License
private PKCS10CertificationRequest generateCertificationRequest(String dn, KeyPair kp) throws Exception { X500Name subject = new X500Name(dn); PublicKey pubKey = kp.getPublic(); PrivateKey privKey = kp.getPrivate(); AsymmetricKeyParameter pubkeyParam = PublicKeyFactory.createKey(pubKey.getEncoded()); SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(pubkeyParam); PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(subject, publicKeyInfo); AlgorithmIdentifier signatureAi = new AlgorithmIdentifier(OIWObjectIdentifiers.sha1WithRSA); BcRSAContentSignerBuilder signerBuilder = new BcRSAContentSignerBuilder(signatureAi, AlgorithmIdentifier.getInstance(OIWObjectIdentifiers.idSHA1)); AsymmetricKeyParameter pkParam = PrivateKeyFactory.createKey(privKey.getEncoded()); ContentSigner signer = signerBuilder.build(pkParam); return builder.build(signer); }