List of usage examples for org.bouncycastle.operator.jcajce JcaContentSignerBuilder JcaContentSignerBuilder
public JcaContentSignerBuilder(String signatureAlgorithm)
From source file:org.signserver.test.utils.builders.CertBuilder.java
License:Open Source License
/** * Builds a certificate based on the specified values and default values * for everything not specified but required. * @return a new certificate/* ww w .j a va2 s . c o m*/ * @throws CertBuilderException in case anything failed */ public X509CertificateHolder build() throws CertBuilderException { try { if (isVersion3()) { JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(getIssuer(), getSerialNumber(), getNotBefore(), getNotAfter(), getSubject(), getSubjectPublicKey()); for (CertExt ext : extensions) { builder.addExtension(ext.getOid(), ext.isIsCritical(), ext.getValue()); } if (getIssuerUniqueId() != null) { builder.setIssuerUniqueID(getIssuerUniqueId()); } if (getSubjectUniqueId() != null) { builder.setSubjectUniqueID(getSubjectUniqueId()); } // builder.setSubjectUniqueID(issuerUniqueId) ContentSigner contentSigner = new JcaContentSignerBuilder(getSignatureAlgorithm()).setProvider("BC") .build(getIssuerPrivateKey()); return builder.build(contentSigner); } else { JcaX509v1CertificateBuilder builder = new JcaX509v1CertificateBuilder(getIssuer(), getSerialNumber(), getNotBefore(), getNotAfter(), getSubject(), getSubjectPublicKey()); ContentSigner contentSigner = new JcaContentSignerBuilder(getSignatureAlgorithm()).setProvider("BC") .build(getIssuerPrivateKey()); return builder.build(contentSigner); } } catch (OperatorCreationException ex) { throw new CertBuilderException(ex); } catch (NoSuchAlgorithmException ex) { throw new CertBuilderException(ex); } catch (NoSuchProviderException ex) { throw new CertBuilderException(ex); } catch (CertIOException ex) { throw new CertBuilderException(ex); } }
From source file:org.signserver.test.utils.builders.crl.CRLBuilder.java
License:Open Source License
/** * Builds a CRL based on the specified values and default values * for everything not specified but required. * @return a new CRL/*from w ww . j ava 2 s .co m*/ * @throws CertBuilderException in case anything failed */ public X509CRLHolder build() throws CertBuilderException { try { X509v2CRLBuilder builder = new X509v2CRLBuilder(getIssuer(), getThisUpdate()); builder.setNextUpdate(getNextUpdate()); for (CertExt ext : extensions) { builder.addExtension(ext.getOid(), ext.isIsCritical(), ext.getValue()); } for (CRLEntry entry : entries) { if (entry.getExtensions() != null) { builder.addCRLEntry(entry.getUserCertificateSerial(), entry.getDate(), entry.getExtensions()); } else if (entry.getInvalidityDate() != null) { builder.addCRLEntry(entry.getUserCertificateSerial(), entry.getDate(), entry.getReason(), entry.getInvalidityDate()); } else { builder.addCRLEntry(entry.getUserCertificateSerial(), entry.getDate(), entry.getReason()); } } // if (getIssuerUniqueId() != null) { // builder.setIssuerUniqueID(getIssuerUniqueId()); // } ContentSigner contentSigner = new JcaContentSignerBuilder(getSignatureAlgorithm()).setProvider("BC") .build(getIssuerPrivateKey()); return builder.build(contentSigner); } catch (OperatorCreationException ex) { throw new CertBuilderException(ex); } catch (NoSuchAlgorithmException ex) { throw new CertBuilderException(ex); } catch (NoSuchProviderException ex) { throw new CertBuilderException(ex); } catch (CertIOException ex) { throw new CertBuilderException(ex); } catch (IOException ex) { throw new CertBuilderException(ex); } }
From source file:org.signserver.test.utils.builders.ocsp.OCSPResponseBuilder.java
License:Open Source License
private BasicOCSPResp buildBasicOCSPResp() throws OCSPResponseBuilderException { try {//www.j av a 2 s.c o m BasicOCSPRespBuilder gen = new BasicOCSPRespBuilder(new RespID(new X500Name(getResponderName()))); if (getNonce() != null) { extensions.add( new OcspExt(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(nonce))); } Extension[] extArray = new Extension[extensions.size()]; int i = 0; for (OcspExt ext : extensions) { extArray[i++] = new Extension(ext.getOid(), ext.isIsCritical(), ext.getValue()); } if (extArray.length > 0) { gen.setResponseExtensions(new Extensions(extArray)); } for (OcspRespObject r : responses) { gen.addResponse(r.getCertId(), r.getCertStatus(), r.getThisUpdate(), r.getNextUpdate(), r.getExtensions()); } ContentSigner contentSigner = /*new BufferingContentSigner(*/new JcaContentSignerBuilder( getSignatureAlgorithm()).setProvider("BC").build(getIssuerPrivateKey());//, 20480); BasicOCSPResp response = gen.build(contentSigner, getChain(), getProducedAt()); return response; } catch (OCSPException ex) { throw new OCSPResponseBuilderException(ex); } catch (NoSuchAlgorithmException ex) { throw new OCSPResponseBuilderException(ex); } catch (NoSuchProviderException ex) { throw new OCSPResponseBuilderException(ex); } catch (OperatorCreationException ex) { throw new OCSPResponseBuilderException(ex); } }
From source file:org.sipfoundry.sipxconfig.cert.CertificateUtils.java
License:Contributor Agreement License
public static X509Certificate generateCert(X509v3CertificateBuilder gen, String algorithm, PrivateKey key) throws GeneralSecurityException { ContentSigner sigGen;//from w w w .jav a2 s .c o m try { sigGen = new JcaContentSignerBuilder(algorithm).setProvider(PROVIDER).build(key); JcaX509CertificateConverter converter = new JcaX509CertificateConverter().setProvider(PROVIDER); return converter.getCertificate(gen.build(sigGen)); } catch (OperatorCreationException e) { throw new GeneralSecurityException(e); } catch (CertificateException e) { throw new GeneralSecurityException(e); } }
From source file:org.soulwing.credo.service.crypto.bc.BcCertificationRequestBuilder.java
License:Apache License
/** * {@inheritDoc}//from www. j a v a 2 s . c o m */ @Override public CertificationRequestWrapper build(PrivateKeyWrapper privateKey) throws CertificationRequestException { PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey.derive()); JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder("SHA1WithRSA"); try { ContentSigner signer = signerBuilder.build(privateKey.derive()); PKCS10CertificationRequest csr = builder.build(signer); return new BcCertificationRequestWrapper(csr); } catch (OperatorCreationException ex) { throw new CertificationRequestException(ex); } }
From source file:org.structr.function.CreateJarFileFunction.java
License:Open Source License
private void writeSignatureBlock(final JarOutputStream jos, final String algorithm, final CMSTypedData data, final X509Certificate publicKey, final PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { final List<X509Certificate> certList = new ArrayList<>(); certList.add(publicKey);/*from ww w.jav a2 s .c om*/ final JcaCertStore certs = new JcaCertStore(certList); final CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); final ContentSigner signer = new JcaContentSignerBuilder(algorithm + "with" + privateKey.getAlgorithm()) .build(privateKey); final SignerInfoGenerator infoGenerator = new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().build()).setDirectSignature(true).build(signer, publicKey); gen.addSignerInfoGenerator(infoGenerator); gen.addCertificates(certs); final CMSSignedData sigData = gen.generate(data, false); final ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); final DEROutputStream dos = new DEROutputStream(jos); dos.writeObject(asn1.readObject()); }
From source file:org.structr.jar.CreateJarFileFunction.java
License:Open Source License
private void writeSignatureBlock(final JarOutputStream jos, final String algorithm, final CMSTypedData data, final X509Certificate publicKey, final PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { final List<X509Certificate> certList = new ArrayList<>(); certList.add(publicKey);/* w w w .j av a2 s . c om*/ final JcaCertStore certs = new JcaCertStore(certList); final CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); final ContentSigner signer = new JcaContentSignerBuilder(algorithm + "with" + privateKey.getAlgorithm()) .build(privateKey); final SignerInfoGenerator infoGenerator = new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().build()).setDirectSignature(true).build(signer, publicKey); gen.addSignerInfoGenerator(infoGenerator); gen.addCertificates(certs); final CMSSignedData sigData = gen.generate(data, false); final ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); final DEROutputStream dos = new DEROutputStream(jos); final ASN1Primitive obj = asn1.readObject(); dos.writeObject(obj); }
From source file:org.structr.jar.SignedJarBuilder.java
License:Open Source License
/** * Write the certificate file with a digital signature. *///from w w w . j ava 2 s. c o m private void writeSignatureBlock(final JarOutputStream jos, final CMSTypedData data, final X509Certificate publicKey, final PrivateKey privateKey) throws IOException, CertificateEncodingException, OperatorCreationException, CMSException { final List<X509Certificate> certList = new ArrayList<>(); certList.add(publicKey); final JcaCertStore certs = new JcaCertStore(certList); final CMSSignedDataGenerator gen = new CMSSignedDataGenerator(); final ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1with" + privateKey.getAlgorithm()) .build(privateKey); gen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()) .setDirectSignature(true).build(sha1Signer, publicKey)); gen.addCertificates(certs); final CMSSignedData sigData = gen.generate(data, false); final ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded()); final DEROutputStream dos = new DEROutputStream(jos); dos.writeObject(asn1.readObject()); }
From source file:org.syncany.crypto.CipherUtil.java
License:Open Source License
/** * Generates a self-signed certificate, given a public/private key pair. * * @see <a href="https://code.google.com/p/gitblit/source/browse/src/com/gitblit/MakeCertificate.java?r=88598bb2f779b73479512d818c675dea8fa72138">Original source of this method</a> *///from w ww . j av a 2s . co m public static X509Certificate generateSelfSignedCertificate(String commonName, KeyPair keyPair) throws OperatorCreationException, CertificateException, InvalidKeyException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException { // Certificate CN, O and OU X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE); builder.addRDN(BCStyle.CN, commonName); builder.addRDN(BCStyle.O, CipherParams.CERTIFICATE_ORGANIZATION); builder.addRDN(BCStyle.OU, CipherParams.CERTIFICATE_ORGUNIT); // Dates and serial Date notBefore = new Date(System.currentTimeMillis() - 1 * 24 * 60 * 60 * 1000L); Date notAfter = new Date(System.currentTimeMillis() + 5 * 365 * 24 * 60 * 60 * 1000L); BigInteger serial = BigInteger.valueOf(System.currentTimeMillis()); // Issuer and subject (identical, because self-signed) X500Name issuer = builder.build(); X500Name subject = issuer; X509v3CertificateBuilder certificateGenerator = new JcaX509v3CertificateBuilder(issuer, serial, notBefore, notAfter, subject, keyPair.getPublic()); ContentSigner signatureGenerator = new JcaContentSignerBuilder("SHA256WithRSAEncryption") .setProvider(CipherParams.CRYPTO_PROVIDER).build(keyPair.getPrivate()); X509Certificate certificate = new JcaX509CertificateConverter().setProvider(CipherParams.CRYPTO_PROVIDER) .getCertificate(certificateGenerator.build(signatureGenerator)); certificate.checkValidity(new Date()); certificate.verify(certificate.getPublicKey()); return certificate; }
From source file:org.tastefuljava.minica.X509CertificateBuilder.java
License:Open Source License
public X509Certificate build() throws OperatorCreationException, CertificateException, IOException, NoSuchAlgorithmException { if (publicKey == null) { KeyPair pair = generateKeyPair(algorithm, keySize); publicKey = pair.getPublic();/*from www . j av a 2 s . c o m*/ privateKey = pair.getPrivate(); } if (issuer == null) { issuer = principal; issuerKey = privateKey; } JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(issuer, sn, start, end, principal, publicKey); if (basicConstraints < 0) { certGen.addExtension(X509Extension.basicConstraints, true, new BasicConstraints(false)); } else if (basicConstraints != Integer.MAX_VALUE) { certGen.addExtension(X509Extension.basicConstraints, true, new BasicConstraints(basicConstraints)); } JcaContentSignerBuilder builder = new JcaContentSignerBuilder(signatureAlgorithm); builder.setProvider("BC"); ContentSigner signr = builder.build(issuerKey); X509CertificateHolder certHolder = certGen.build(signr); return decode(certHolder.getEncoded()); }