List of usage examples for org.bouncycastle.operator.jcajce JcaContentSignerBuilder build
public ContentSigner build(PrivateKey privateKey) throws OperatorCreationException
From source file:be.e_contract.mycarenet.certra.CertRASession.java
License:Open Source License
public byte[] generateCSR(X500Name name) throws OperatorCreationException, IOException { PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(name, this.publicKey); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA"); ContentSigner signer = csBuilder.build(this.privateKey); PKCS10CertificationRequest csr = csrBuilder.build(signer); return csr.getEncoded(); }
From source file:com.adaptris.security.certificate.CertRequestHandler.java
License:Apache License
/** * Create a certificate Request./*from w w w . j a va 2 s . com*/ */ private static CertificationRequest createCertRequest(Certificate c, PrivateKey key) throws Exception { X509Certificate x509 = (X509Certificate) c; x509.getSigAlgName(); X500Name entityName = new X500Name(x509.getSubjectDN().getName()); KeyPair entityPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(x509.getPublicKey().getEncoded()); // Generate the certificate signing request PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(entityName, publicKeyInfo); // // SCEP servers usually require a challenge password // csrBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(new String( // "password".toCharArray()))); JcaContentSignerBuilder builder = new JcaContentSignerBuilder(x509.getSigAlgName()); PKCS10CertificationRequest csr = csrBuilder.build(builder.build(entityPair.getPrivate())); // CertificateRequest certRequest = new CertificateRequest( // x509.getPublicKey(), (Name) x509.getSubjectDN()); // // certRequest.sign(x509.getSignatureAlgorithm(), key); return csr.toASN1Structure(); }
From source file:com.adaptris.security.certificate.X509Builder.java
License:Apache License
private X509Certificate build() throws NoSuchAlgorithmException, CertificateException, OperatorCreationException { X509Certificate result = null; if (privateKey == null) { this.createKeyPair(); }/* w w w . j av a2 s . c o m*/ // The certificate is self-signed, so use the current // subject as the issuer X500Name name = certificateParm.getSubjectInfo(); // The certificate is self-signed, do we exactly care what // the serial number that uniquely identifies is BigInteger serial = BigInteger .valueOf(new Integer(SecurityUtil.getSecureRandom().nextInt(10000)).longValue()); GregorianCalendar valid = new GregorianCalendar(); Date notBefore = valid.getTime(); valid.add(Calendar.MONTH, 12); Date notAfter = valid.getTime(); SubjectPublicKeyInfo pubKeyInfo = SubjectPublicKeyInfo .getInstance(ASN1Sequence.getInstance(publicKey.getEncoded())); X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(name, serial, notBefore, notAfter, name, pubKeyInfo); String alg = certificateParm.getSignatureAlgorithm(); JcaContentSignerBuilder builder = new JcaContentSignerBuilder(alg); // build and sign the certificate X509CertificateHolder certHolder = certGen.build(builder.build(privateKey)); result = new JcaX509CertificateConverter().getCertificate(certHolder); // result = new X509CertificateObject(certHolder.toASN1Structure()); return result; }
From source file:com.aqnote.shared.cryptology.cert.gen.CertGenerator.java
License:Open Source License
public PKCS10CertificationRequest createCSR(X500Name x500Name, KeyPair keyPair) throws Exception { PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(x500Name, publicKey);//from w w w. j ava 2 s . c o m JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA); ContentSigner signer = csBuilder.build(privateKey); PKCS10CertificationRequest csr = p10Builder.build(signer); return csr; }
From source file:com.helger.ebinterface.signature.CreateCertHelper.java
License:Apache License
@Nonnull public static PKCS10CertificationRequest createCSR(final X509Certificate cert, final KeyPair keyPair) throws Exception { final Principal principal = cert.getSubjectDN(); // generate certification request final X500Name x500Name = new X500Name(principal.toString()); final PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(x500Name, keyPair.getPublic());//from w ww .j ava 2 s. co m final JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(SIGNING_ALGO); final ContentSigner signer = csBuilder.build(keyPair.getPrivate()); return p10Builder.build(signer); }
From source file:com.hypersocket.certs.X509CertificateUtils.java
License:Open Source License
public static byte[] generatePKCS10(PrivateKey privateKey, PublicKey publicKey, String CN, String OU, String O, String L, String S, String C) throws Exception { JcaContentSignerBuilder csb = new JcaContentSignerBuilder("SHA1withRSA"); ContentSigner cs = csb.build(privateKey); X500Principal principal = new X500Principal( "CN=" + CN + ", OU=" + OU + ", O=" + O + ", L=" + L + ", S=" + S + ", C=" + C); PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(principal, publicKey); PKCS10CertificationRequest req = builder.build(cs); ByteArrayOutputStream bout = new ByteArrayOutputStream(); JcaPEMWriter p = null;//ww w .ja v a 2 s. c o m try { p = new JcaPEMWriter(new OutputStreamWriter(bout)); p.writeObject(req); } finally { if (p != null) p.close(); } return bout.toByteArray(); }
From source file:com.liferay.sync.util.SyncUtil.java
License:Open Source License
public static void enableLanSync(long companyId) throws Exception { String lanServerUuid = PrefsPropsUtil.getString(companyId, SyncConstants.SYNC_LAN_SERVER_UUID); if (Validator.isNotNull(lanServerUuid)) { return;//from w w w . j ava 2s . c om } lanServerUuid = PortalUUIDUtil.generate(); X500Name x500Name = new X500Name("CN=" + lanServerUuid); KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(1024); KeyPair keyPair = keyPairGenerator.generateKeyPair(); X509v3CertificateBuilder x509v3CertificateBuilder = new JcaX509v3CertificateBuilder(x500Name, new BigInteger(64, new SecureRandom()), new Date(System.currentTimeMillis() - Time.YEAR), new Date(System.currentTimeMillis() + Time.YEAR * 1000), x500Name, keyPair.getPublic()); PrivateKey privateKey = keyPair.getPrivate(); JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption"); JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter(); jcaX509CertificateConverter.setProvider(_provider); X509Certificate x509Certificate = jcaX509CertificateConverter .getCertificate(x509v3CertificateBuilder.build(jcaContentSignerBuilder.build(privateKey))); x509Certificate.verify(keyPair.getPublic()); PortletPreferences portletPreferences = PrefsPropsUtil.getPreferences(companyId); portletPreferences.setValue(SyncConstants.SYNC_LAN_CERTIFICATE, Base64.encode(x509Certificate.getEncoded())); portletPreferences.setValue(SyncConstants.SYNC_LAN_KEY, Base64.encode(privateKey.getEncoded())); portletPreferences.setValue(SyncConstants.SYNC_LAN_SERVER_UUID, lanServerUuid); portletPreferences.store(); }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException { // Create Distinguished Name X500Principal subject = new X500Principal(x500Principal); // Create ContentSigner JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256); ContentSigner signer = csBuilder.build(privateKey); // Create the CSR PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey); // Add SubjectAlternativeNames (SAN) if specified if (sanArray != null) { ExtensionsGenerator extGen = new ExtensionsGenerator(); GeneralNames subjectAltNames = new GeneralNames(sanArray); extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames); p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()); }// w ww .j a v a 2 s. co m PKCS10CertificationRequest csr = p10Builder.build(signer); // write to openssl PEM format PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded()); StringWriter strWriter; try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) { pemWriter.writeObject(pemObject); } return strWriter.toString(); }
From source file:eu.europa.ec.markt.dss.validation102853.ocsp.SKOnlineOCSPSource.java
License:GNU General Public License
private byte[] buildOCSPRequest(final X509Certificate signCert, final X509Certificate issuerCert, Extension nonceExtension) throws DSSException { try {/*w w w . j av a 2s . com*/ final CertificateID certId = DSSRevocationUtils.getOCSPCertificateID(signCert, issuerCert); final OCSPReqBuilder ocspReqBuilder = new OCSPReqBuilder(); ocspReqBuilder.addRequest(certId); ocspReqBuilder.setRequestExtensions(new Extensions(nonceExtension)); if (configuration.hasToBeOCSPRequestSigned()) { JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder("SHA1withRSA"); if (!configuration.isOCSPSigningConfigurationAvailable()) { throw new ConfigurationException( "Configuration needed for OCSP request signing is not complete."); } SignatureToken ocspSigner = new PKCS12SignatureToken( configuration.getOCSPAccessCertificateFileName(), configuration.getOCSPAccessCertificatePassword()); ContentSigner contentSigner = signerBuilder.build(ocspSigner.getPrivateKey()); X509Certificate ocspSignerCert = ocspSigner.getCertificate(); X509CertificateHolder[] chain = { new X509CertificateHolder(ocspSignerCert.getEncoded()) }; GeneralName generalName = new GeneralName( new JcaX509CertificateHolder(ocspSignerCert).getSubject()); ocspReqBuilder.setRequestorName(generalName); return ocspReqBuilder.build(contentSigner, chain).getEncoded(); } return ocspReqBuilder.build().getEncoded(); } catch (Exception e) { throw new DSSException(e); } }
From source file:ezbake.crypto.RSAKeyCrypto.java
License:Apache License
private String generatePKCS10(String dn) { String pem = null;/*from w ww. j av a 2 s. co m*/ X500Principal x500p = new X500Principal(dn); PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(x500p, this.publicKey); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(algorithm); try { ContentSigner signer = csBuilder.build(this.privateKey); org.bouncycastle.pkcs.PKCS10CertificationRequest csr = p10Builder.build(signer); ByteArrayOutputStream baos = new ByteArrayOutputStream(); PrintWriter writer = new PrintWriter(baos); PEMWriter out = new PEMWriter(writer); out.writeObject(csr); out.close(); pem = new String(baos.toByteArray()); } catch (OperatorCreationException e) { // TODO Auto-generated catch block e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block e.printStackTrace(); } return pem; }