List of usage examples for org.bouncycastle.jce PKCS10CertificationRequest toASN1Primitive
public ASN1Primitive toASN1Primitive()
From source file:hu.akarnokd.utils.crypto.KeystoreManager.java
License:Apache License
/** * Create a certificate signing request. * The created text can be sent to a Certificate Authority to request * a countersigning.//w ww . j a va 2 s .c o m * @param cert the local X509Certificate object * @param privKey the private key of the certificate * @return the request string */ public String createRSASigningRequest(X509Certificate cert, PrivateKey privKey) { X509Name xname = new X509Name(cert.getSubjectDN().getName()); try { PKCS10CertificationRequest certReq = new PKCS10CertificationRequest("MD5withRSA", xname, cert.getPublicKey(), null, privKey, BC_PROVIDER.getName()); ByteArrayOutputStream bout = new ByteArrayOutputStream(); DEROutputStream dout = new DEROutputStream(bout); try { dout.writeObject(certReq.toASN1Primitive()); } finally { dout.close(); } String s = Base64.encodeBytes(bout.toByteArray()); StringBuilder result = new StringBuilder(s.length() + 100); result.append("-----BEGIN NEW CERTIFICATE REQUEST-----\n"); // split base64 string into 76 character lines int lineLen = 76; int len = s.length(); int idx = 0; while (len > 0) { if (len > lineLen) { result.append(s.substring(idx, idx + lineLen)).append('\n'); len -= lineLen; idx += lineLen; } else { result.append(s.substring(idx)).append('\n'); break; } } result.append("-----END NEW CERTIFICATE REQUEST-----\n"); return result.toString(); } catch (Exception ex) { throw new KeystoreFault(ex); } }
From source file:org.jivesoftware.util.CertificateManager.java
License:Open Source License
/** * Creates and returns the content of a new singing request for the specified certificate. Signing * requests are required by Certificate Authorities as part of their signing process. The signing request * contains information about the certificate issuer, subject DN, subject alternative names and public key. * Private keys are not included. After the Certificate Authority verified and signed the certificate a new * certificate is going to be returned. Use {@link #installReply(java.security.KeyStore, java.security.KeyStore, String, String, java.io.InputStream, boolean, boolean)} * to import the CA reply.//from ww w .j a v a 2 s . c o m * * @param cert the certificate to create a signing request. * @param privKey the private key of the certificate. * @return the content of a new singing request for the specified certificate. * @throws Exception */ public static String createSigningRequest(X509Certificate cert, PrivateKey privKey) throws Exception { StringBuilder sb = new StringBuilder(); String subject = cert.getSubjectDN().getName(); X509Name xname = new X509Name(subject); PublicKey pubKey = cert.getPublicKey(); String signatureAlgorithm = "DSA".equals(pubKey.getAlgorithm()) ? "SHA1withDSA" : "SHA1WITHRSAENCRYPTION"; PKCS10CertificationRequest csr = new PKCS10CertificationRequest(signatureAlgorithm, xname, pubKey, null, privKey); ByteArrayOutputStream baos = new ByteArrayOutputStream(); DEROutputStream deros = new DEROutputStream(baos); deros.writeObject(csr.toASN1Primitive()); String sTmp = new String(org.bouncycastle.util.encoders.Base64.encode(baos.toByteArray())); // Header sb.append("-----BEGIN NEW CERTIFICATE REQUEST-----\n"); // Add signing request content (base 64 encoded) for (int iCnt = 0; iCnt < sTmp.length(); iCnt += CERT_REQ_LINE_LENGTH) { int iLineLength; if ((iCnt + CERT_REQ_LINE_LENGTH) > sTmp.length()) { iLineLength = sTmp.length() - iCnt; } else { iLineLength = CERT_REQ_LINE_LENGTH; } sb.append(sTmp.substring(iCnt, iCnt + iLineLength)).append("\n"); } // Footer sb.append("-----END NEW CERTIFICATE REQUEST-----\n"); return sb.toString(); }