List of usage examples for org.bouncycastle.operator.jcajce JcaContentSignerBuilder JcaContentSignerBuilder
public JcaContentSignerBuilder(String signatureAlgorithm)
From source file:com.android.sdklib.internal.build.SignedJarBuilder.java
License:Apache License
/** Write the certificate file with a digital signature. */ private void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(); certList.add(publicKey);/* ww w . j a v a2 s.c om*/ JcaCertStore certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" + privateKey.getAlgorithm()) .build(privateKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .setDirectSignature(true).build(sha1Signer, publicKey)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(data, false); ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); DEROutputStream dos = new DEROutputStream(mOutputJar); dos.writeObject(asn1.readObject()); }
From source file:com.android.signapk.SignApk.java
License:Apache License
/** Sign data and write the digital signature to 'out'. */ private static void writeSignatureBlock(CMSTypedData data, X509Certificate publicKey, PrivateKey privateKey, OutputStream out)/* w ww. j a va2s. c o m*/ throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(1); certList.add(publicKey); JcaCertStore certs = new JcaCertStore(certList); CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); ContentSigner signer = new JcaContentSignerBuilder(getSignatureAlgorithm(publicKey)) .setProvider(sBouncyCastleProvider).build(privateKey); gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider(sBouncyCastleProvider).build()) .setDirectSignature(true).build(signer, publicKey)); gen.addCertificates(certs); CMSSignedData sigData = gen.generate(data, false); ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); DEROutputStream dos = new DEROutputStream(out); dos.writeObject(asn1.readObject()); }
From source file:com.aqnote.shared.cryptology.cert.CertificateChainDemo.java
License:Open Source License
public boolean generateX509Certificate(String userCertPath) { try {/* ww w . j av a 2s.c o m*/ FileInputStream in = new FileInputStream(keyStorePath); KeyStore ks = KeyStore.getInstance("JKS"); ks.load(in, keyStorePasswd.toCharArray()); in.close(); // Get CA private key. PrivateKey caPrivateKey = (PrivateKey) ks.getKey(caName, caPasswd.toCharArray()); System.out.println("\nCA private key:\n" + caPrivateKey); // Get CA DN. Certificate c = ks.getCertificate(caName); X509Certificate t = (X509Certificate) c; String caDN = t.getIssuerDN().toString(); // CN:???? OU:???? O:?? L:? C:? System.out.println("\nCA DN:\n" + caDN); KeyPair KPair = RSAKeyPairGenDemo.getRSAKeyPair(1024); System.out.println("\nuser private key:\n" + KPair.getPrivate()); System.out.println("\nuser public key:\n" + KPair.getPublic()); JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(new X500Name(caDN), BigInteger.valueOf(1), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 365)), new X500Name(userDN), KPair.getPublic()); X509CertificateHolder certHolder = certBuilder.build(new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA) .setProvider(JCE_PROVIDER).build(KPair.getPrivate())); X509Certificate cert = new JcaX509CertificateConverter().setProvider(JCE_PROVIDER) .getCertificate(certHolder); cert.checkValidity(new Date()); cert.verify(KPair.getPublic()); ((PKCS12BagAttributeCarrier) cert).setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("x509 cert")); FileOutputStream out = new FileOutputStream(userCertPath); out.write(cert.getEncoded()); out.close(); // Add user entry into keystore ks.setCertificateEntry(userAlias, cert); out = new FileOutputStream(keyStorePath); ks.store(out, caPasswd.toCharArray()); out.close(); } catch (Exception e) { e.printStackTrace(); } return true; }
From source file:com.aqnote.shared.cryptology.cert.gen.CertGenerator.java
License:Open Source License
public PKCS10CertificationRequest createCSR(X500Name x500Name, KeyPair keyPair) throws Exception { PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(x500Name, publicKey);/*from w w w .j a v a 2 s . co m*/ JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA); ContentSigner signer = csBuilder.build(privateKey); PKCS10CertificationRequest csr = p10Builder.build(signer); return csr; }
From source file:com.aqnote.shared.cryptology.cert.gen.CertGenerator.java
License:Open Source License
public X509Certificate signCert(PKCS10CertificationRequest pkcs10CSR, X500Name issuer, KeyPair pKeyPair) throws Exception { SubjectPublicKeyInfo pkInfo = pkcs10CSR.getSubjectPublicKeyInfo(); RSAKeyParameters rsa = (RSAKeyParameters) PublicKeyFactory.createKey(pkInfo); RSAPublicKeySpec rsaSpec = new RSAPublicKeySpec(rsa.getModulus(), rsa.getExponent()); KeyFactory kf = KeyFactory.getInstance(ALG_RSA); PublicKey publicKey = kf.generatePublic(rsaSpec); SubjectPublicKeyInfo keyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(publicKey.getEncoded())); X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(issuer, BigInteger.valueOf(System.currentTimeMillis()), new Date(System.currentTimeMillis() - DateConstant.ONE_DAY), new Date(System.currentTimeMillis() + DateConstant.ONE_YEAR), pkcs10CSR.getSubject(), keyInfo); ContentSigner signer = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA).setProvider(JCE_PROVIDER) .build(pKeyPair.getPrivate()); X509Certificate signedCert = new JcaX509CertificateConverter().setProvider(JCE_PROVIDER) .getCertificate(certBuilder.build(signer)); signedCert.verify(pKeyPair.getPublic()); return signedCert; }
From source file:com.aqnote.shared.cryptology.cert.gen.CertGenerator.java
License:Open Source License
private X509Certificate signCert(X509v3CertificateBuilder certBuilder, PrivateKey pPrivKey) throws Exception { ContentSigner signer = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA).setProvider(JCE_PROVIDER) .build(pPrivKey);/* ww w. ja va 2s.com*/ return new JcaX509CertificateConverter().setProvider(JCE_PROVIDER) .getCertificate(certBuilder.build(signer)); }
From source file:com.aqnote.shared.cryptology.cert.gen.SingleX509V1Creator.java
License:Open Source License
public static X509Certificate generate(CertObject certObject, KeyPair keyPair) throws CertException { try {/*from w ww. j a va2 s.co m*/ X509v1CertificateBuilder certBuilder = new JcaX509v1CertificateBuilder( new X500Name(certObject.getIssuer()), BigInteger.valueOf(System.currentTimeMillis()), certObject.getNotBefore(), certObject.getNotAfter(), new X500Name(certObject.getSubject()), keyPair.getPublic()); ContentSigner signer = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA).setProvider(JCE_PROVIDER) .build(keyPair.getPrivate()); return new JcaX509CertificateConverter().setProvider(JCE_PROVIDER) .getCertificate(certBuilder.build(signer)); } catch (CertificateEncodingException e) { throw new CertException(e); } catch (IllegalStateException e) { throw new CertException(e); } catch (OperatorCreationException e) { throw new CertException(e); } catch (CertificateException e) { throw new CertException(e); } }
From source file:com.aqnote.shared.cryptology.cert.gen.SingleX509V3Creator.java
License:Open Source License
public static X509Certificate generate(CertObject certObject, KeyPair keyPair) throws CertException { try {//from w w w.j av a 2s . c om X509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder( new X500Name(certObject.getIssuer()), BigInteger.valueOf(System.currentTimeMillis()), certObject.getNotBefore(), certObject.getNotAfter(), new X500Name(certObject.getSubject()), keyPair.getPublic()); certBuilder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); certBuilder.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment)); certBuilder.addExtension(Extension.subjectAlternativeName, false, new GeneralNames(new GeneralName(GeneralName.rfc822Name, "trust_device"))); ContentSigner signer = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA).setProvider(JCE_PROVIDER) .build(keyPair.getPrivate()); return new JcaX509CertificateConverter().setProvider(JCE_PROVIDER) .getCertificate(certBuilder.build(signer)); } catch (CertificateEncodingException e) { throw new CertException(e); } catch (IllegalStateException e) { throw new CertException(e); } catch (CertIOException e) { throw new CertException(e); } catch (OperatorCreationException e) { throw new CertException(e); } catch (CertificateException e) { throw new CertException(e); } }
From source file:com.aqnote.shared.cryptology.cert.main.AQCRLMain.java
License:Open Source License
public static void createCRL() throws CertException { try {/* w ww .j a v a 2 s . c o m*/ X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(X500NameUtil.createRootCaPrincipal(), new Date()); crlBuilder.setNextUpdate(new Date(System.currentTimeMillis() + DateConstant.ONE_YEAR)); X509CRLHolder crlHolder = crlBuilder.build(new JcaContentSignerBuilder(SHA256_RSA) .setProvider(JCE_PROVIDER).build(CaCertLoader.getRootCaKeyPair(USER_CERT_PASSWD).getPrivate())); X509CRL crl = new JcaX509CRLConverter().setProvider(JCE_PROVIDER).getCRL(crlHolder); FileOutputStream fostream = new FileOutputStream(CRL_FILE); PKCSWriter.storeCRLFile(crl, fostream); ASN1Dump.dumpAsString(crlHolder.toASN1Structure()); } catch (OperatorCreationException e) { throw new CertException(e); } catch (IOException e) { throw new CertException(e); } catch (InvalidKeyException e) { throw new CertException(e); } catch (CRLException e) { throw new CertException(e); } catch (NoSuchAlgorithmException e) { throw new CertException(e); } catch (NoSuchProviderException e) { throw new CertException(e); } catch (SignatureException e) { throw new CertException(e); } catch (Exception e) { throw new CertException(e); } return; }
From source file:com.aqnote.shared.encrypt.cert.gen.BCCertGenerator.java
License:Open Source License
private static X509Certificate signCert(X509v3CertificateBuilder certBuilder, PrivateKey pPrivKey) throws Exception { ContentSigner signer = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA).setProvider(JCE_PROVIDER) .build(pPrivKey);//w ww . j av a2 s. com return new JcaX509CertificateConverter().setProvider(JCE_PROVIDER) .getCertificate(certBuilder.build(signer)); }