List of usage examples for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME
String PROVIDER_NAME
To view the source code for org.bouncycastle.jce.provider BouncyCastleProvider PROVIDER_NAME.
Click Source Link
From source file:org.fuin.esmp.EventStoreCertificateMojo.java
License:Open Source License
private static KeyPair generateKeyPair(final int keySize) { try {//from w ww . j a v a2s .c o m final KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", BouncyCastleProvider.PROVIDER_NAME); generator.initialize(keySize, new SecureRandom()); return generator.generateKeyPair(); } catch (final NoSuchAlgorithmException | NoSuchProviderException ex) { throw new RuntimeException("Couldn't generate key pair", ex); } }
From source file:org.fuin.esmp.EventStoreCertificateMojo.java
License:Open Source License
private static X509Certificate signCertificate(final X509v3CertificateBuilder certificateBuilder, final PrivateKey privateKey) { try {//w ww.ja v a 2 s. c o m final ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption") .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(privateKey); return new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME) .getCertificate(certificateBuilder.build(signer)); } catch (final OperatorCreationException | CertificateException ex) { throw new RuntimeException("Couldn't sign certificate", ex); } }
From source file:org.fuin.esmp.EventStoreCertificateMojo.java
License:Open Source License
private static void saveCertificateAsP12File(final String domain, final X509Certificate certificate, final PrivateKey key, final File file) { try {//from w ww. j a v a 2 s .c o m final char[] noPw = new char[] {}; final KeyStore p12Store = KeyStore.getInstance("PKCS12", BouncyCastleProvider.PROVIDER_NAME); p12Store.load(null, null); p12Store.setKeyEntry(domain, key, noPw, new X509Certificate[] { certificate }); final FileOutputStream fos = new FileOutputStream(file); try { p12Store.store(fos, noPw); } finally { fos.close(); } } catch (final KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException | NoSuchProviderException ex) { throw new RuntimeException("Couldn't save certificate", ex); } }
From source file:org.glite.authz.pep.pip.provider.CommonXACMLAuthorizationProfilePIP.java
License:Apache License
/** * The constructor for this PIP. This constructor enables support for the * VOMS attribute certificates.//from w w w .j a v a 2s . c o m * * @param pipID * ID of this PIP * @param requireProxy * whether a subject's certificate chain must require a proxy in * order to be valid * @param eeTrustMaterial * trust material used to validate the subject's end entity * certificate * @param acTrustMaterial * trust material used to validate the subject's attribute * certificate certificate, may be <code>null</code> if AC * support is not desired * @param performPKIXValidation * perform or not PKIX validation on the certificate * @throws ConfigurationException * thrown if the configuration of the PIP fails */ public CommonXACMLAuthorizationProfilePIP(String pipID, boolean requireProxy, PKIStore eeTrustMaterial, PKIStore acTrustMaterial, boolean performPKIXValidation) throws ConfigurationException { super(pipID, requireProxy, eeTrustMaterial, acTrustMaterial); performPKIXValidation(performPKIXValidation); try { cf_ = CertificateFactory.getInstance("X.509", Security.getProvider(BouncyCastleProvider.PROVIDER_NAME)); } catch (CertificateException e) { throw new ConfigurationException("Fail to get instance of the X.509 certificate factory", e); } }
From source file:org.glite.slcs.pki.bouncycastle.CMCPKIResponse.java
License:Apache License
/** * Constructor. Decode the CMS signed data in the BC CMSSignedData object. * /*ww w. j av a2s . c o m*/ * @param signedData * The byte array of of the CMS Signed Data * @throws GeneralSecurityException * If an error occurs. */ public CMCPKIResponse(byte[] signedData) throws GeneralSecurityException { try { LOG.debug("decode CMSSignedData..."); CMSSignedData cmsSignedData = new CMSSignedData(signedData); certificatesStore_ = cmsSignedData.getCertificatesAndCRLs("Collection", BouncyCastleProvider.PROVIDER_NAME); } catch (CMSException e) { throw new GeneralSecurityException("CMSException: " + e); } }
From source file:org.glite.slcs.pki.bouncycastle.Codec.java
License:eu-egee.org license
/** * Stores the private key and certificate in a PKCS12 file. The certificate * Subject CN is used as key alias in the PKCS12 store. * //from w w w . j a va 2 s. c om * @param privateKey * The private key. * @param certificate * The X509 certificate. * @param chain * The X509 certificate chain. * @param file * The file object. * @param password * The password for the PKCS12 file. * @throws GeneralSecurityException * If a crypto error occurs. * @throws IOException * If an IO error occurs. */ static public void storePKCS12(PrivateKey privateKey, X509Certificate certificate, X509Certificate chain[], File file, char[] password) throws GeneralSecurityException, IOException { // set the bag information for the PKCS12 keystore PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier) privateKey; PublicKey publicKey = certificate.getPublicKey(); bagAttr.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, new SubjectKeyIdentifierStructure(publicKey)); // the PKCS12 keystore key alias is the CN String alias = getPrincipalValue(certificate, X509Principal.CN); // build full cert chain int nCerts = chain.length + 1; Certificate certs[] = new Certificate[nCerts]; certs[0] = certificate; for (int i = 0; i < chain.length; i++) { certs[i + 1] = chain[i]; } // create a PKCS12 keystore KeyStore p12Store = KeyStore.getInstance("PKCS12", BouncyCastleProvider.PROVIDER_NAME); p12Store.load(null, null); // set the key entry p12Store.setKeyEntry(alias, privateKey, null, certs); // store the file FileOutputStream fos = new FileOutputStream(file); p12Store.store(fos, password); fos.close(); }
From source file:org.glite.slcs.pki.bouncycastle.KeyPairGenerator.java
License:eu-egee.org license
/** * Construtor.//w w w . j ava 2s. c o m * * @param algorithm * @throws GeneralSecurityException */ public KeyPairGenerator(String algorithm) throws GeneralSecurityException { generator_ = java.security.KeyPairGenerator.getInstance(algorithm, BouncyCastleProvider.PROVIDER_NAME); }
From source file:org.gluu.oxeleven.service.AppInitializer.java
License:MIT License
private void installBCProvider(boolean silent) { Provider provider = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME); if (provider == null) { if (!silent) { log.info("Adding Bouncy Castle Provider"); }// ww w .ja v a2 s . co m Security.addProvider(new BouncyCastleProvider()); } else { if (!silent) { log.info("Bouncy Castle Provider was added already"); } } }
From source file:org.gluu.oxeleven.service.PKCS11Service.java
License:MIT License
public void init(String pin, Map<String, String> pkcs11Config) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException { this.pin = pin.toCharArray(); this.provider = new SunPKCS11(getTokenCfg(pkcs11Config)); Provider installedProvider = Security.getProvider(provider.getName()); if (installedProvider == null) { Security.addProvider(provider); } else {/*from w ww .j a v a 2 s.co m*/ provider = installedProvider; } keyStore = KeyStore.getInstance("PKCS11", provider); keyStore.load(null, this.pin); installedProvider = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME); if (installedProvider == null) { Security.addProvider(new BouncyCastleProvider()); } }
From source file:org.gluu.oxtrust.action.ManageCertificateAction.java
License:MIT License
@Restrict("#{s:hasPermission('configuration', 'access')}") public String generateCSR(String fileName) { if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) { Security.addProvider(new BouncyCastleProvider()); }/*from ww w. j av a 2s . c o m*/ KeyPair pair = getKeyPair(fileName); boolean result = false; if (pair != null) { String url = applicationConfiguration.getIdpUrl().replaceFirst(".*//", ""); String csrPrincipal = String.format("CN=%s", url); X500Principal principal = new X500Principal(csrPrincipal); PKCS10CertificationRequest csr = null; try { csr = new PKCS10CertificationRequest("SHA1withRSA", principal, pair.getPublic(), null, pair.getPrivate()); } catch (GeneralSecurityException e) { log.error(e.getMessage(), e); return OxTrustConstants.RESULT_FAILURE; } // Form download responce StringBuilder response = new StringBuilder(); response.append(BEGIN_CERT_REQ + "\n"); response.append(WordUtils.wrap(new String(Base64.encode(csr.getDEREncoded())), 64, "\n", true) + "\n"); response.append(END_CERT_REQ + "\n"); result = ResponseHelper.downloadFile("csr.pem", OxTrustConstants.CONTENT_TYPE_TEXT_PLAIN, response.toString().getBytes(), facesContext); } return result ? OxTrustConstants.RESULT_SUCCESS : OxTrustConstants.RESULT_FAILURE; }