List of usage examples for org.bouncycastle.asn1.x500 X500NameBuilder addRDN
public X500NameBuilder addRDN(ASN1ObjectIdentifier oid, ASN1Encodable value)
From source file:beta01.CertSigningRequest.java
private void genaretKeyPairDsa() throws Exception { String signatureAlg = "SHA1withDSA"; KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA", "BC"); kpg.initialize(2048);/*from w ww .j a v a2s .co m*/ KeyPair kp = kpg.genKeyPair(); X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.C, "ID"); x500NameBuilder.addRDN(BCStyle.CN, "Pizaini"); //x500NameBuilder.addRDN(BCStyle.O, "Institut Pertanian Bogor"); X500Name subject = x500NameBuilder.build(); PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, kp.getPublic()); try { PKCS10CertificationRequest request = requestBuilder .build(new JcaContentSignerBuilder(signatureAlg).setProvider("BC").build(kp.getPrivate())); //verify signature if (request.isSignatureValid( new JcaContentVerifierProviderBuilder().setProvider("BC").build(kp.getPublic()))) { System.out.println(signatureAlg + ": PKCS#10 request verified."); //CSR Output ByteArrayOutputStream baos = new ByteArrayOutputStream(); //PemWriter pemWrtb = new PemWriter(new OutputStreamWriter(baos)); JcaPEMWriter jcaPem = new JcaPEMWriter(new OutputStreamWriter(baos)); jcaPem.writeObject(request); jcaPem.close(); try { File file = new File("D:\\CSR_" + kpg.getAlgorithm() + ".p10"); FileOutputStream fos = new FileOutputStream(file); baos.close(); fos.write(baos.toByteArray()); fos.flush(); fos.close(); } catch (IOException ex) { } //store Private Key p8 try { File file = new File("D:\\PrivateKey_" + kpg.getAlgorithm() + ".p8"); FileOutputStream fos = new FileOutputStream(file); fos.write(kp.getPrivate().getEncoded()); fos.flush(); fos.close(); System.out.println("Privated key stored as " + kp.getPrivate().getFormat()); } catch (IOException ex) { } //p12 /*KeyStore pkcs12 = KeyStore.getInstance("PKCS12", "BC"); pkcs12.load(null, null); //pkcs12.setCertificateEntry("r2oot", holderRoot); pkcs12.setKeyEntry("PIZAINI_ECDSA", kp.getPrivate(), null, null); char[] password = "pass".toCharArray(); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); pkcs12.store(bOut, password); ASN1InputStream asnInput = new ASN1InputStream(bOut.toByteArray()); bOut.reset(); DEROutputStream derOut = new DEROutputStream(bOut); derOut.writeObject(asnInput.readObject()); byte[] derFormat = bOut.toByteArray(); try{ File file = new File("D:\\Pizaini_ECDSA_Private.p12"); FileOutputStream fos = new FileOutputStream(file); bOut.close(); fos.write(derFormat); fos.flush(); fos.close(); }catch(IOException ex){ }*/ } else { System.out.println(signatureAlg + ": Failed verify check."); } } catch (OperatorCreationException | PKCSException ex) { } }
From source file:ch.ge.ve.offlineadmin.services.KeyGenerator.java
License:Open Source License
private X509v3CertificateBuilder createCertificateBuilder(KeyPair keyPair) throws PropertyConfigurationException, CertIOException { X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE); nameBuilder.addRDN(BCStyle.CN, propertyConfigurationService.getConfigValue(CERT_COMMON_NAME_PROPERTY)); nameBuilder.addRDN(BCStyle.O, propertyConfigurationService.getConfigValue(CERT_ORGANISATION_PROPERTY)); nameBuilder.addRDN(BCStyle.OU,/* ww w.ja v a2 s . c om*/ propertyConfigurationService.getConfigValue(CERT_ORGANISATIONAL_UNIT_PROPERTY)); nameBuilder.addRDN(BCStyle.C, propertyConfigurationService.getConfigValue(CERT_COUNTRY_PROPERTY)); X500Name x500Name = nameBuilder.build(); BigInteger serial = new BigInteger(CERT_SERIAL_NUMBER_BIT_SIZE, SecureRandomFactory.createPRNG()); SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()); Date startDate = new Date(); Date endDate = Date.from(startDate.toInstant().plus( propertyConfigurationService.getConfigValueAsInt(CERT_VALIDITY_DAYS_PROPERTY), ChronoUnit.DAYS)); X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(x500Name, serial, startDate, endDate, x500Name, publicKeyInfo); String certFriendlyName = propertyConfigurationService.getConfigValue(CERT_PRIVATE_FRIENDLY_NAME_PROPERTY); certificateBuilder.addExtension(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, false, new DERBMPString(certFriendlyName)); return certificateBuilder; }
From source file:com.adaptris.core.security.JunitSecurityHelper.java
License:Apache License
private static CertificateBuilder getBuilder(String commonName) throws Exception { CertificateBuilder builder = CertificateBuilderFactory.getInstance().createBuilder(); CertificateParameter cp = new CertificateParameter(); X500NameBuilder subject = new X500NameBuilder(); subject.addRDN(X509ObjectIdentifiers.countryName, "GB"); subject.addRDN(X509ObjectIdentifiers.stateOrProvinceName, "Middlesex"); subject.addRDN(X509ObjectIdentifiers.localityName, "Uxbridge"); subject.addRDN(X509ObjectIdentifiers.organization, "Adaptris"); subject.addRDN(X509ObjectIdentifiers.organizationalUnitName, "JUNIT"); subject.addRDN(X509ObjectIdentifiers.commonName, commonName); subject.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "myname@adaptris.com"); cp.setSignatureAlgorithm("SHA256WithRSAEncryption"); // Changed to 1024 as the key size, otherwise jdk8_66 appears to have a fit // wrt to java.security limiting the certpath algorithms // jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 (it was like this in _40, but doesn't // apparently break things cp.setKeyAlgorithm("RSA", 1024); cp.setSubjectInfo(subject.build());//from w w w .j a v a 2 s . com builder.setCertificateParameters(cp); return builder; }
From source file:com.adaptris.security.Config.java
License:Apache License
public CertificateBuilder getBuilder(String commonName) throws Exception { CertificateBuilder builder = CertificateBuilderFactory.getInstance().createBuilder(); CertificateParameter cp = new CertificateParameter(); X500NameBuilder subject = new X500NameBuilder(); subject.addRDN(X509ObjectIdentifiers.countryName, config.getProperty(CERTIFICATE_C)); subject.addRDN(X509ObjectIdentifiers.stateOrProvinceName, config.getProperty(CERTIFICATE_ST)); subject.addRDN(X509ObjectIdentifiers.localityName, config.getProperty(CERTIFICATE_L)); subject.addRDN(X509ObjectIdentifiers.organization, config.getProperty(CERTIFICATE_O)); subject.addRDN(X509ObjectIdentifiers.organizationalUnitName, config.getProperty(CERTIFICATE_OU)); subject.addRDN(X509ObjectIdentifiers.commonName, commonName); subject.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, config.getProperty(CERTIFICATE_EMAIL)); cp.setSignatureAlgorithm(config.getProperty(CERTIFICATE_SIGALG)); cp.setKeyAlgorithm(config.getProperty(CERTIFICATE_KEYALG), Integer.parseInt(config.getProperty(CERTIFICATE_KEYSIZE))); cp.setSubjectInfo(subject.build());//from w ww . j a v a2 s . c o m builder.setCertificateParameters(cp); return builder; }
From source file:com.aqnote.shared.cryptology.cert.util.X500NameUtil.java
License:Open Source License
/** ? */ public static X500Name createRootCaPrincipal() { X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.E, DN_ROOT_E); x500NameBuilder.addRDN(BCStyle.CN, DN_ROOT_CN); x500NameBuilder.addRDN(BCStyle.OU, DN_ROOT_OU); x500NameBuilder.addRDN(BCStyle.O, DN_ROOT_O); return x500NameBuilder.build(); }
From source file:com.aqnote.shared.cryptology.cert.util.X500NameUtil.java
License:Open Source License
public static X500Name createClass1CaPrincipal() { X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.CN, DN_CLASS1_ROOT_CN); x500NameBuilder.addRDN(BCStyle.OU, DN_OU); x500NameBuilder.addRDN(BCStyle.O, DN_O); return x500NameBuilder.build(); }
From source file:com.aqnote.shared.cryptology.cert.util.X500NameUtil.java
License:Open Source License
public static X500Name createClass1EndPrincipal(String cn, String email) { X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.E, email); x500NameBuilder.addRDN(BCStyle.CN, cn); x500NameBuilder.addRDN(BCStyle.OU, DN_OU); x500NameBuilder.addRDN(BCStyle.O, DN_O); x500NameBuilder.addRDN(BCStyle.L, DN_L); x500NameBuilder.addRDN(BCStyle.ST, DN_ST); x500NameBuilder.addRDN(BCStyle.C, DN_C); return x500NameBuilder.build(); }
From source file:com.aqnote.shared.cryptology.cert.util.X500NameUtil.java
License:Open Source License
public static X500Name createClass3CaPrincipal() { X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.CN, DN_CLASS3_ROOT_CN); x500NameBuilder.addRDN(BCStyle.OU, DN_ROOT_OU); x500NameBuilder.addRDN(BCStyle.O, DN_ROOT_O); return x500NameBuilder.build(); }
From source file:com.aqnote.shared.cryptology.cert.util.X500NameUtil.java
License:Open Source License
public static X500Name createClass3EndPrincipal(String cn, String email, String title) { X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.E, email); x500NameBuilder.addRDN(BCStyle.CN, cn); x500NameBuilder.addRDN(BCStyle.T, title); x500NameBuilder.addRDN(BCStyle.OU, DN_CLASS3_END_OU); // x500NameBuilder.addRDN(BCStyle.O, DN_O); // x500NameBuilder.addRDN(BCStyle.L, DN_L); // x500NameBuilder.addRDN(BCStyle.ST, DN_ST); // x500NameBuilder.addRDN(BCStyle.C, DN_C); return x500NameBuilder.build(); }
From source file:com.aqnote.shared.cryptology.cert.util.X500NameUtil.java
License:Open Source License
public static X500Name createClass3EndPrincipal(String cn, String email) { X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.E, email); x500NameBuilder.addRDN(BCStyle.CN, cn); x500NameBuilder.addRDN(BCStyle.OU, DN_OU); x500NameBuilder.addRDN(BCStyle.O, DN_O); x500NameBuilder.addRDN(BCStyle.L, DN_L); x500NameBuilder.addRDN(BCStyle.ST, DN_ST); x500NameBuilder.addRDN(BCStyle.C, DN_C); return x500NameBuilder.build(); }