List of usage examples for org.bouncycastle.operator OperatorCreationException OperatorCreationException
public OperatorCreationException(String msg)
From source file:com.yahoo.athenz.auth.util.CryptoExceptionTest.java
License:Apache License
@Test public void testCryptoExceptions() { CryptoException ex = new CryptoException(); assertNotNull(ex);//from ww w . jav a 2s .com assertNotNull(new CryptoException(new NoSuchAlgorithmException())); assertNotNull(new CryptoException(new InvalidKeyException())); assertNotNull(new CryptoException(new NoSuchProviderException())); assertNotNull(new CryptoException(new SignatureException())); assertNotNull(new CryptoException(new FileNotFoundException())); assertNotNull(new CryptoException(new IOException())); assertNotNull(new CryptoException(new CertificateException())); assertNotNull(new CryptoException(new InvalidKeySpecException())); assertNotNull(new CryptoException(new OperatorCreationException("unit-test"))); assertNotNull(new CryptoException(new PKCSException("unit-test"))); assertNotNull(new CryptoException(new CMSException("unit-test"))); }
From source file:org.wso2.carbon.certificate.mgt.core.impl.CertificateGeneratorNegativeTests.java
License:Open Source License
@Test(description = "This test case tests behaviour when Certificate Operator creation error occurs", expectedExceptions = KeystoreException.class) public void negativeTestGenerateCertificateFromCSR2() throws Exception { CertificateGenerator generator = new CertificateGenerator(); //Prepare mock objects JcaContentSignerBuilder mock = Mockito.mock(JcaContentSignerBuilder.class); Mockito.when(mock.setProvider(Matchers.eq(CertificateManagementConstants.PROVIDER))).thenReturn(mock); Mockito.when(mock.build(Matchers.any(PrivateKey.class))) .thenThrow(new OperatorCreationException("OPERATOR")); PowerMockito.whenNew(JcaContentSignerBuilder.class).withAnyArguments().thenReturn(mock); //prepare input parameters CSRGenerator csrGeneration = new CSRGenerator(); KeyStoreReader keyStoreReader = new KeyStoreReader(); KeyPair keyPair = csrGeneration.generateKeyPair("RSA", 1024); byte[] csrData = csrGeneration.generateCSR("SHA256WithRSA", keyPair); PKCS10CertificationRequest certificationRequest; PrivateKey privateKeyCA = keyStoreReader.getCAPrivateKey(); X509Certificate certCA = (X509Certificate) keyStoreReader.getCACertificate(); certificationRequest = new PKCS10CertificationRequest(csrData); generator.generateCertificateFromCSR(privateKeyCA, certificationRequest, certCA.getIssuerX500Principal().getName()); }
From source file:org.xipki.commons.security.pkcs12.SoftTokenContentSignerBuilder.java
License:Open Source License
public ConcurrentContentSigner createSigner(final AlgorithmIdentifier signatureAlgId, final int parallelism, final SecureRandom random) throws OperatorCreationException, NoSuchPaddingException { ParamUtil.requireNonNull("signatureAlgId", signatureAlgId); ParamUtil.requireMin("parallelism", parallelism, 1); List<ContentSigner> signers = new ArrayList<>(parallelism); ASN1ObjectIdentifier algOid = signatureAlgId.getAlgorithm(); final String provName = XiSecurityConstants.PROVIDER_NAME_NSS; if (Security.getProvider(provName) != null && !(key instanceof ECPrivateKey)) { String algoName;//from w w w. ja v a2 s. c o m try { algoName = AlgorithmUtil.getSignatureAlgoName(signatureAlgId); } catch (NoSuchAlgorithmException ex) { throw new OperatorCreationException(ex.getMessage()); } boolean useGivenProvider = true; if (algOid.equals(PKCSObjectIdentifiers.id_RSASSA_PSS)) { BcContentSignerBuilder signerBuilder; if (!(key instanceof RSAPrivateKey)) { throw new OperatorCreationException( "unsupported key " + key.getClass().getName() + " for RSAPSS"); } try { AsymmetricKeyParameter keyparam; try { signerBuilder = new RSAContentSignerBuilder(signatureAlgId, true); keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key); } catch (NoSuchAlgorithmException ex) { throw new OperatorCreationException("no such algorithm", ex); } for (int i = 0; i < parallelism; i++) { if (random != null) { signerBuilder.setSecureRandom(random); } ContentSigner signer = signerBuilder.build(keyparam); signers.add(signer); } } catch (Exception ex) { useGivenProvider = false; signers.clear(); } } else { try { for (int i = 0; i < parallelism; i++) { Signature signature = Signature.getInstance(algoName, provName); signature.initSign(key); if (i == 0) { signature.update(new byte[] { 1, 2, 3, 4 }); signature.sign(); } ContentSigner signer = new SignatureSigner(signatureAlgId, signature, key); signers.add(signer); } } catch (Exception ex) { useGivenProvider = false; signers.clear(); } } if (useGivenProvider) { LOG.info("use {} to sign {} signature", provName, algoName); } else { LOG.info("could not use {} to sign {} signature", provName, algoName); } } if (CollectionUtil.isEmpty(signers)) { BcContentSignerBuilder signerBuilder; AsymmetricKeyParameter keyparam; try { if (key instanceof RSAPrivateKey) { keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key); signerBuilder = new RSAContentSignerBuilder(signatureAlgId, false); } else if (key instanceof DSAPrivateKey) { keyparam = DSAUtil.generatePrivateKeyParameter(key); signerBuilder = new DSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else if (key instanceof ECPrivateKey) { keyparam = ECUtil.generatePrivateKeyParameter(key); signerBuilder = new ECDSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else { throw new OperatorCreationException("unsupported key " + key.getClass().getName()); } } catch (InvalidKeyException ex) { throw new OperatorCreationException("invalid key", ex); } catch (NoSuchAlgorithmException ex) { throw new OperatorCreationException("no such algorithm", ex); } for (int i = 0; i < parallelism; i++) { if (random != null) { signerBuilder.setSecureRandom(random); } ContentSigner signer = signerBuilder.build(keyparam); signers.add(signer); } } ConcurrentContentSigner concurrentSigner = new DefaultConcurrentContentSigner(signers, key); if (certificateChain != null) { concurrentSigner.setCertificateChain(certificateChain); } else { concurrentSigner.setPublicKey(publicKey); } return concurrentSigner; }
From source file:org.xipki.security.bcext.ECDSAContentVerifierProviderBuilder.java
License:Open Source License
protected Signer createSigner(final AlgorithmIdentifier sigAlgId) throws OperatorCreationException { AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId); if (digAlg == null) { throw new OperatorCreationException("could not retrieve digest algorithm from the signature algorithm " + sigAlgId.getAlgorithm().getId()); }//from w w w. j a v a 2s .co m Digest dig = digestProvider.get(digAlg); return new DSADigestSigner(new ECDSASigner(), dig); }
From source file:org.xipki.security.KeyUtil.java
License:Open Source License
public static ContentVerifierProvider getContentVerifierProvider(final PublicKey publicKey) throws OperatorCreationException, InvalidKeyException { String keyAlg = publicKey.getAlgorithm().toUpperCase(); if (keyAlg.equals("EC")) { keyAlg = "ECDSA"; }//from ww w . j a va 2 s. co m BcContentVerifierProviderBuilder builder = verifierProviderBuilders.get(keyAlg); if (builder == null) { if ("RSA".equals(keyAlg)) { builder = new BcRSAContentVerifierProviderBuilder(dfltDigesAlgIdentifierFinder); } else if ("DSA".equals(keyAlg)) { builder = new BcDSAContentVerifierProviderBuilder(dfltDigesAlgIdentifierFinder); } else if ("ECDSA".equals(keyAlg)) { builder = new ECDSAContentVerifierProviderBuilder(dfltDigesAlgIdentifierFinder); } else { throw new OperatorCreationException("unknown key algorithm of the public key " + keyAlg); } verifierProviderBuilders.put(keyAlg, builder); } AsymmetricKeyParameter keyParam = KeyUtil.generatePublicKeyParameter(publicKey); return builder.build(keyParam); }
From source file:org.xipki.security.p11.P11ContentSignerBuilder.java
License:Open Source License
public ConcurrentContentSigner createSigner(final AlgorithmIdentifier signatureAlgId, final int parallelism) throws OperatorCreationException, NoSuchPaddingException { if (parallelism < 1) { throw new IllegalArgumentException("non-positive parallelism is not allowed: " + parallelism); }/*from w ww .ja v a 2 s .c o m*/ List<ContentSigner> signers = new ArrayList<>(parallelism); PublicKey publicKey = certificateChain[0].getPublicKey(); try { for (int i = 0; i < parallelism; i++) { ContentSigner signer; if (publicKey instanceof RSAPublicKey) { if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(signatureAlgId.getAlgorithm())) { signer = new P11RSAPSSContentSigner(cryptService, slot, keyId, signatureAlgId); } else { signer = new P11RSAContentSigner(cryptService, slot, keyId, signatureAlgId); } } else if (publicKey instanceof ECPublicKey) { if (AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)) { signer = new P11ECDSAPlainContentSigner(cryptService, slot, keyId, signatureAlgId); } else { signer = new P11ECDSAX962ContentSigner(cryptService, slot, keyId, signatureAlgId); } } else if (publicKey instanceof DSAPublicKey) { if (AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)) { signer = new P11DSAPlainContentSigner(cryptService, slot, keyId, signatureAlgId); } else { signer = new P11DSAX962ContentSigner(cryptService, slot, keyId, signatureAlgId); } } else { throw new OperatorCreationException("unsupported key " + publicKey.getClass().getName()); } signers.add(signer); } } catch (NoSuchAlgorithmException e) { throw new OperatorCreationException("no such algorithm", e); } PrivateKey privateKey; try { privateKey = new P11PrivateKey(cryptService, slot, keyId); } catch (InvalidKeyException e) { throw new OperatorCreationException("could not construct P11PrivateKey: " + e.getMessage(), e); } DefaultConcurrentContentSigner concurrentSigner = new DefaultConcurrentContentSigner(signers, privateKey); concurrentSigner.setCertificateChain(certificateChain); return concurrentSigner; }
From source file:org.xipki.security.SignerUtil.java
License:Open Source License
static public PSSSigner createPSSRSASigner(final AlgorithmIdentifier sigAlgId, AsymmetricBlockCipher cipher) throws OperatorCreationException { if (PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm()) == false) { throw new OperatorCreationException( "signature algorithm " + sigAlgId.getAlgorithm() + " is not allowed"); }//from w w w . j ava 2s . com BcDigestProvider digestProvider = BcDefaultDigestProvider.INSTANCE; AlgorithmIdentifier digAlgId; try { digAlgId = AlgorithmUtil.extractDigesetAlgorithmIdentifier(sigAlgId); } catch (NoSuchAlgorithmException e) { throw new OperatorCreationException(e.getMessage(), e); } Digest dig = digestProvider.get(digAlgId); if (cipher == null) { cipher = new RSABlindedEngine(); } RSASSAPSSparams param = RSASSAPSSparams.getInstance(sigAlgId.getParameters()); AlgorithmIdentifier mfgDigAlgId = AlgorithmIdentifier .getInstance(param.getMaskGenAlgorithm().getParameters()); Digest mfgDig = digestProvider.get(mfgDigAlgId); int saltSize = param.getSaltLength().intValue(); int trailerField = param.getTrailerField().intValue(); return new PSSSigner(cipher, dig, mfgDig, saltSize, getTrailer(trailerField)); }
From source file:org.xipki.security.SoftTokenContentSignerBuilder.java
License:Open Source License
public ConcurrentContentSigner createSigner(final AlgorithmIdentifier signatureAlgId, final int parallelism) throws OperatorCreationException, NoSuchPaddingException { if (parallelism < 1) { throw new IllegalArgumentException("non-positive parallelism is not allowed: " + parallelism); }//from w w w . j a va2 s . c om List<ContentSigner> signers = new ArrayList<>(parallelism); ASN1ObjectIdentifier algOid = signatureAlgId.getAlgorithm(); if (Security.getProvider(PROVIDER_XIPKI_NSS) != null && algOid.equals(PKCSObjectIdentifiers.id_RSASSA_PSS) == false && key instanceof ECPrivateKey == false) { String algoName; try { algoName = AlgorithmUtil.getSignatureAlgoName(signatureAlgId); } catch (NoSuchAlgorithmException e) { throw new OperatorCreationException(e.getMessage()); } boolean useGivenProvider = true; for (int i = 0; i < parallelism; i++) { try { Signature signature = Signature.getInstance(algoName, PROVIDER_XIPKI_NSS); signature.initSign(key); if (i == 0) { signature.update(new byte[] { 1, 2, 3, 4 }); signature.sign(); } ContentSigner signer = new SignatureSigner(signatureAlgId, signature, key); signers.add(signer); } catch (Exception e) { useGivenProvider = false; signers.clear(); break; } } if (useGivenProvider) { LOG.info("use {} to sign {} signature", PROVIDER_XIPKI_NSS, algoName); } else { LOG.info("could not use {} to sign {} signature", PROVIDER_XIPKI_NSS, algoName); } } if (CollectionUtil.isEmpty(signers)) { BcContentSignerBuilder signerBuilder; AsymmetricKeyParameter keyparam; try { if (key instanceof RSAPrivateKey) { keyparam = SignerUtil.generateRSAPrivateKeyParameter((RSAPrivateKey) key); signerBuilder = new RSAContentSignerBuilder(signatureAlgId); } else if (key instanceof DSAPrivateKey) { keyparam = DSAUtil.generatePrivateKeyParameter(key); signerBuilder = new DSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else if (key instanceof ECPrivateKey) { keyparam = ECUtil.generatePrivateKeyParameter(key); signerBuilder = new ECDSAContentSignerBuilder(signatureAlgId, AlgorithmUtil.isDSAPlainSigAlg(signatureAlgId)); } else { throw new OperatorCreationException("unsupported key " + key.getClass().getName()); } } catch (InvalidKeyException e) { throw new OperatorCreationException("invalid key", e); } catch (NoSuchAlgorithmException e) { throw new OperatorCreationException("no such algorithm", e); } for (int i = 0; i < parallelism; i++) { ContentSigner signer = signerBuilder.build(keyparam); signers.add(signer); } } ConcurrentContentSigner concurrentSigner = new DefaultConcurrentContentSigner(signers, key); if (certificateChain != null) { concurrentSigner.setCertificateChain(certificateChain); } return concurrentSigner; }