List of usage examples for org.bouncycastle.asn1.x509 X509Name L
ASN1ObjectIdentifier L
To view the source code for org.bouncycastle.asn1.x509 X509Name L.
Click Source Link
From source file:de.mendelson.util.security.keygeneration.KeyGenerator.java
/** * Generates a self-signed X509 Version 3 certificate * *//*from w ww. j av a2s . c o m*/ private X509Certificate generateCertificate(PublicKey publicKey, PrivateKey privateKey, KeyGenerationValues generationValues) throws Exception { //Stores certificate attributes Hashtable<ASN1ObjectIdentifier, String> attributes = new Hashtable<ASN1ObjectIdentifier, String>(); Vector<ASN1ObjectIdentifier> order = new Vector<ASN1ObjectIdentifier>(); attributes.put(X509Name.CN, generationValues.getCommonName()); order.add(0, X509Name.CN); attributes.put(X509Name.OU, generationValues.getOrganisationUnit()); order.add(0, X509Name.OU); attributes.put(X509Name.O, generationValues.getOrganisationName()); order.add(0, X509Name.O); attributes.put(X509Name.L, generationValues.getLocalityName()); order.add(0, X509Name.L); attributes.put(X509Name.ST, generationValues.getStateName()); order.add(0, X509Name.ST); attributes.put(X509Name.C, generationValues.getCountryCode()); order.add(0, X509Name.C); attributes.put(X509Name.E, generationValues.getEmailAddress()); order.add(0, X509Name.E); X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator(); // Set the issuer distinguished name certificateGenerator.setIssuerDN(new X509Principal(order, attributes)); //add a key extension if this is requested if (generationValues.getKeyExtension() != null) { certificateGenerator.addExtension(X509Extensions.KeyUsage, true, generationValues.getKeyExtension()); } //add a extended key extension if this is requested if (generationValues.getExtendedKeyExtension() != null) { certificateGenerator.addExtension(X509Extensions.ExtendedKeyUsage, false, generationValues.getExtendedKeyExtension()); } // Valid before and after dates now to iValidity days in the future Date startDate = new Date(System.currentTimeMillis()); long duration = TimeUnit.DAYS.toMillis(generationValues.getKeyValidInDays()); Date endDate = new Date(startDate.getTime() + duration); certificateGenerator.setNotBefore(startDate); certificateGenerator.setNotAfter(endDate); certificateGenerator.setSubjectDN(new X509Principal(order, attributes)); certificateGenerator.setPublicKey(publicKey); certificateGenerator.setSignatureAlgorithm(generationValues.getSignatureAlgorithm()); BigInteger serialNumber = new BigInteger(Long.toString(System.currentTimeMillis() / 1000)); certificateGenerator.setSerialNumber(serialNumber); // Generate an X.509 certificate, based on the current issuer and subject X509Certificate cert = certificateGenerator.generate(privateKey, "BC"); // Return the certificate return cert; }
From source file:org.glite.voms.PKIUtils.java
License:Open Source License
/** * Gets an OpenSSL-style representation of a principal. * * @param principal the principal//from ww w . j a v a 2 s. c o m * * @return a String representing the principal. */ public static String getOpenSSLFormatPrincipal(Principal principal) { X509Name name = new X509Name(principal.getName()); Vector oids = name.getOIDs(); Vector values = name.getValues(); ListIterator oids_iter = oids.listIterator(); ListIterator values_iter = values.listIterator(); String result = new String(); while (oids_iter.hasNext()) { DERObjectIdentifier oid = (DERObjectIdentifier) oids_iter.next(); String value = (String) values_iter.next(); if (oid.equals(X509Name.C)) result += "/C=" + value; else if (oid.equals(X509Name.CN)) result += "/CN=" + value; else if (oid.equals(X509Name.DC)) result += "/DC=" + value; else if (oid.equals(X509Name.E)) result += "/E=" + value; else if (oid.equals(X509Name.EmailAddress)) result += "/Email=" + value; else if (oid.equals(X509Name.L)) result += "/L=" + value; else if (oid.equals(X509Name.O)) result += "/O=" + value; else if (oid.equals(X509Name.OU)) result += "/OU=" + value; else if (oid.equals(X509Name.ST)) result += "/ST=" + value; else if (oid.equals(X509Name.UID)) result += "/UID=" + value; else result += "/" + oid.toString() + "=" + value; } logger.debug("SSLFormat: " + result); return result; }
From source file:org.sonatype.nexus.ssl.CertificateUtil.java
License:Open Source License
public static X509Certificate generateCertificate(final PublicKey publicKey, final PrivateKey privateKey, final String algorithm, final int validDays, final String commonName, final String orgUnit, final String organization, final String locality, final String state, final String country) throws SignatureException, InvalidKeyException, NoSuchAlgorithmException, CertificateEncodingException { X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator(); Vector<ASN1ObjectIdentifier> order = new Vector<>(); Hashtable<ASN1ObjectIdentifier, String> attributeMap = new Hashtable<>(); if (commonName != null) { attributeMap.put(X509Name.CN, commonName); order.add(X509Name.CN);//w w w . j a v a 2 s.c o m } if (orgUnit != null) { attributeMap.put(X509Name.OU, orgUnit); order.add(X509Name.OU); } if (organization != null) { attributeMap.put(X509Name.O, organization); order.add(X509Name.O); } if (locality != null) { attributeMap.put(X509Name.L, locality); order.add(X509Name.L); } if (state != null) { attributeMap.put(X509Name.ST, state); order.add(X509Name.ST); } if (country != null) { attributeMap.put(X509Name.C, country); order.add(X509Name.C); } X509Name issuerDN = new X509Name(order, attributeMap); // validity long now = System.currentTimeMillis(); long expire = now + (long) validDays * 24 * 60 * 60 * 1000; certificateGenerator.setNotBefore(new Date(now)); certificateGenerator.setNotAfter(new Date(expire)); certificateGenerator.setIssuerDN(issuerDN); certificateGenerator.setSubjectDN(issuerDN); certificateGenerator.setPublicKey(publicKey); certificateGenerator.setSignatureAlgorithm(algorithm); certificateGenerator.setSerialNumber(BigInteger.valueOf(now)); // make certificate return certificateGenerator.generate(privateKey); }