List of usage examples for org.bouncycastle.operator.bc BcECContentSignerBuilder BcECContentSignerBuilder
public BcECContentSignerBuilder(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
From source file:org.apache.zookeeper.common.X509TestHelpers.java
License:Apache License
/** * Signs the certificate being built by the given builder using the given private key and returns the certificate. * @param privateKey the private key to sign the certificate with. * @param builder the cert builder that contains the certificate data. * @return the signed certificate./*from ww w .ja v a 2 s .com*/ * @throws IOException * @throws OperatorCreationException * @throws CertificateException */ private static X509Certificate buildAndSignCertificate(PrivateKey privateKey, X509v3CertificateBuilder builder) throws IOException, OperatorCreationException, CertificateException { BcContentSignerBuilder signerBuilder; if (privateKey.getAlgorithm().contains("RSA")) { // a little hacky way to detect key type, but it works AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder() .find("SHA256WithRSAEncryption"); AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder() .find(signatureAlgorithm); signerBuilder = new BcRSAContentSignerBuilder(signatureAlgorithm, digestAlgorithm); } else { // if not RSA, assume EC AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder() .find("SHA256withECDSA"); AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder() .find(signatureAlgorithm); signerBuilder = new BcECContentSignerBuilder(signatureAlgorithm, digestAlgorithm); } AsymmetricKeyParameter privateKeyParam = PrivateKeyFactory.createKey(privateKey.getEncoded()); ContentSigner signer = signerBuilder.build(privateKeyParam); return toX509Cert(builder.build(signer)); }
From source file:org.xipki.commons.security.pkcs12.P12KeypairGenerator.java
License:Open Source License
private static ContentSigner getContentSigner(final PrivateKey key) throws Exception { BcContentSignerBuilder builder;// www . ja v a 2 s. com if (key instanceof RSAPrivateKey) { ASN1ObjectIdentifier hashOid = X509ObjectIdentifiers.id_SHA1; ASN1ObjectIdentifier sigOid = PKCSObjectIdentifiers.sha1WithRSAEncryption; builder = new BcRSAContentSignerBuilder(buildAlgId(sigOid), buildAlgId(hashOid)); } else if (key instanceof DSAPrivateKey) { ASN1ObjectIdentifier hashOid = X509ObjectIdentifiers.id_SHA1; AlgorithmIdentifier sigId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa_with_sha1); builder = new BcDSAContentSignerBuilder(sigId, buildAlgId(hashOid)); } else if (key instanceof ECPrivateKey) { HashAlgoType hashAlgo; ASN1ObjectIdentifier sigOid; int keysize = ((ECPrivateKey) key).getParams().getOrder().bitLength(); if (keysize > 384) { hashAlgo = HashAlgoType.SHA512; sigOid = X9ObjectIdentifiers.ecdsa_with_SHA512; } else if (keysize > 256) { hashAlgo = HashAlgoType.SHA384; sigOid = X9ObjectIdentifiers.ecdsa_with_SHA384; } else if (keysize > 224) { hashAlgo = HashAlgoType.SHA224; sigOid = X9ObjectIdentifiers.ecdsa_with_SHA224; } else if (keysize > 160) { hashAlgo = HashAlgoType.SHA256; sigOid = X9ObjectIdentifiers.ecdsa_with_SHA256; } else { hashAlgo = HashAlgoType.SHA1; sigOid = X9ObjectIdentifiers.ecdsa_with_SHA1; } builder = new BcECContentSignerBuilder(new AlgorithmIdentifier(sigOid), buildAlgId(hashAlgo.getOid())); } else { throw new IllegalArgumentException("unknown type of key " + key.getClass().getName()); } return builder.build(KeyUtil.generatePrivateKeyParameter(key)); }