List of usage examples for org.bouncycastle.pkcs PKCS10CertificationRequest getEncoded
public byte[] getEncoded() throws IOException
From source file:be.e_contract.mycarenet.certra.CertRASession.java
License:Open Source License
public byte[] generateCSR(X500Name name) throws OperatorCreationException, IOException { PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(name, this.publicKey); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA"); ContentSigner signer = csBuilder.build(this.privateKey); PKCS10CertificationRequest csr = csrBuilder.build(signer); return csr.getEncoded(); }
From source file:Client.CSRRequest.java
public void run() { try {/*from w ww . j a v a 2s. com*/ //Gnration de la paire de cls KeyPair keyPair = generateKeyPair(); //Rcupration de la cl priv privKey = keyPair.getPrivate(); //Cration du CSR a envoyer au Serveur de Certificat PKCS10CertificationRequest csr = CSRManager.generateCSR(login, keyPair); System.out.print("Cration de l'objet envoy : "); // HashMap hashMap = new HashMap(); // hashMap.put(login, c.getServInfo().getPort()); InfoCSR clientCSR = new InfoCSR(csr.getEncoded(), login, digest(mdp)); System.out.println("OK"); System.out.print("Transformation en tableau de bytes : "); byte[] bytesCSR = ObjectToByte(clientCSR); System.out.println("OK"); System.out.print("Rcupration de la cl publique du Serveur de Certificats : "); pubKeySC = getPublicKeyInFile(); System.out.println("OK"); System.out.print("Chiffrement de l'objet : "); byte[] encrypted = encrypt(pubKeySC, bytesCSR); System.out.println("OK"); System.out.print("Instanciation pour l'envoi et la rception : "); readAndWriteObject readWrite2 = new readAndWriteObject(s); System.out.println("OK"); System.out.print("Envoi de la demande de certification : "); readWrite2.writeObject2(encrypted); System.out.println("OK"); System.out.print("Rception de l'objet contenant le certificat : "); byte[] receive = readWrite2.readObject2(); if (receive == null) { System.out.println("Dmande de certification rfuse."); } else { System.out.println("OK"); System.out.print("Rconstruction du certificat : "); cert = getCertBytes(receive); System.out.println("OK"); storeManager = new KeyStoreManager(); System.out.print("Enregistrement du certificat dans le keystore : "); storeManager.saveOwnCert(login, cert); System.out.println("OK"); System.out.print("Enregistrement de la cl priv dans le keystore : "); storeManager.saveOwnKey(login, privKey, cert); System.out.println("OK"); } System.out.println("==========Liste des certificats========="); storeManager.listCertAliasses(login); close(); System.out.println("CSRRequest closed!"); } catch (Exception e) { System.out.println("CSRRequest : " + e); } }
From source file:com.aqnote.shared.cryptology.cert.io.PKCSWriter.java
License:Open Source License
public static void storePKCS10File(PKCS10CertificationRequest csr, OutputStream ostream) throws Exception { StringBuilder csrString = new StringBuilder(CSR_BEGIN + _N); csrString.append(Base64.encodeBase64String(csr.getEncoded()) + _N); csrString.append(CSR_END);/*from w w w. j a v a2s. c o m*/ ostream.write(csrString.toString().getBytes()); ostream.close(); }
From source file:com.cordova.plugin.CertPlugin.java
License:Open Source License
private String getPriAndCsr() { try {/* w ww. j av a 2s.c om*/ KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); gen.initialize(2048); KeyPair pair = gen.generateKeyPair(); PrivateKey privateKey = pair.getPrivate(); Log.i(TAG, "privateKey : " + Base64.encodeToString(privateKey.getEncoded(), 0)); String strPrivateKey = Base64.encodeToString(privateKey.getEncoded(), 0); //? SharedPreferences SharedPreferences sp = this.cordova.getActivity().getSharedPreferences("SP", this.cordova.getActivity().getBaseContext().MODE_PRIVATE); //? SharedPreferences.Editor editor = sp.edit(); editor.putString("PRIVATE_KEY", strPrivateKey); editor.commit(); // PRIVATE_KEY Log.d("SP", sp.getString("PRIVATE_KEY", "none")); PublicKey publicKey = pair.getPublic(); // X500Principal subject = new X500Principal("C=NO, ST=Trondheim, L=Trondheim, O=Senthadev, OU=Innovation, CN=www.senthadev.com, EMAILADDRESS=senthadev@gmail.com"); ContentSigner signGen = new JcaContentSignerBuilder("SHA1withRSA").build(privateKey); X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); X500Name x500Name = x500NameBuilder.build(); PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(x500Name, publicKey); PKCS10CertificationRequest csr = csrBuilder.build(signGen); Log.i(TAG, Base64.encodeToString(csr.getEncoded(), 0)); return Base64.encodeToString(csr.getEncoded(), 0); } catch (Exception e) { e.printStackTrace(); } return ""; }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException { // Create Distinguished Name X500Principal subject = new X500Principal(x500Principal); // Create ContentSigner JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256); ContentSigner signer = csBuilder.build(privateKey); // Create the CSR PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey); // Add SubjectAlternativeNames (SAN) if specified if (sanArray != null) { ExtensionsGenerator extGen = new ExtensionsGenerator(); GeneralNames subjectAltNames = new GeneralNames(sanArray); extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames); p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()); }/* w ww . jav a 2 s. c om*/ PKCS10CertificationRequest csr = p10Builder.build(signer); // write to openssl PEM format PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded()); StringWriter strWriter; try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) { pemWriter.writeObject(pemObject); } return strWriter.toString(); }
From source file:craterdog.security.RsaCertificateManager.java
License:Open Source License
/** * This method encodes a certificate signing request (CSR) into a string for transport purposes. * This is a convenience method that really should be part of the * <code>CertificateManagement</code> interface except that it depends on a Bouncy Castle * class in the signature. The java security framework does not have a similar class so it * has been left out of the interface.//from w w w. java 2 s. com * * @param csr The certificate signing request. * @return The encoded certificate signing request string. */ public String encodeSigningRequest(PKCS10CertificationRequest csr) { logger.entry(); try (StringWriter swriter = new StringWriter(); PemWriter pwriter = new PemWriter(swriter)) { pwriter.writeObject(new PemObject("CERTIFICATE REQUEST", csr.getEncoded())); pwriter.flush(); String result = swriter.toString(); logger.exit(); return result; } catch (IOException e) { RuntimeException exception = new RuntimeException( "An unexpected exception occurred while attempting to encode a certificate signing request.", e); throw logger.throwing(exception); } }
From source file:edu.vt.alerts.android.library.tasks.RegistrationTask.java
License:Apache License
/** * {@inheritDoc}//from w ww . ja v a 2 s. com */ @Override protected TaskResult<Boolean> doInBackground(Void... params) { if (PreferenceUtil.getSubscriberUrl(context, alertsEnvironment) != null) return new TaskResult<Boolean>(null, null); try { String gcmToken = gcmTokenObtainer.obtainToken(context, gcmSenderId); Log.d("registrationService", "Got GCM token: " + gcmToken); KeyPair keyPair = generateKeyPair(); Log.d("registrationService", "keyPair has been generated"); PKCS10CertificationRequest csr = generateCSR(keyPair); Log.d("registrationService", "csr has been generated"); HttpClient httpClient = httpClientFactory.generateInstallerClient(context, installerKeystore); HttpPost post = new HttpPost(alertsEnvironment.getRegisterUrl() + "?token=" + gcmToken); post.setEntity(new ByteArrayEntity(csr.getEncoded())); post.addHeader("Content-Type", CONTENT_TYPE); post.addHeader("Accept", ACCEPT_TYPE); Log.d("registrationService", "Sending httpPost of Content-Type " + CONTENT_TYPE + " to " + post.getURI()); HttpResponse response = httpClient.execute(post); StatusLine statusLine = response.getStatusLine(); int statusCode = statusLine.getStatusCode(); Log.d("registrationService", "Got a " + statusLine.getStatusCode() + " back"); if (statusCode < 200 || statusCode >= 300) { throw new UnexpectedNetworkResponseException( "Unexpected response (" + statusCode + ") while trying to post certificate", statusCode, statusLine.getReasonPhrase()); } KeyStore keyStore = createKeyStore(keyPair, response); keyStoreContainer.storeKeyStore(context, alertsEnvironment, keyStore); String location = response.getLastHeader("Location").getValue(); PreferenceUtil.setSubscriberUrl(context, alertsEnvironment, location); } catch (Exception e) { Log.e("registration", "An exception has occurred during registration", e); return new TaskResult<Boolean>(false, e); } return new TaskResult<Boolean>(true, null); }
From source file:ee.ria.xroad.signer.protocol.handler.GenerateCertRequestRequestHandler.java
License:Open Source License
private static byte[] convert(PKCS10CertificationRequest request, GenerateCertRequest.RequestFormat format) throws Exception { switch (format) { case PEM://from ww w . j ava 2s . co m return toPem(request); default: return request.getEncoded(); // DER } }
From source file:eu.betaas.taas.securitymanager.core.service.impl.JoinInstanceService.java
License:Apache License
public boolean requestGwCertificate(String countryCode, String state, String location, String orgName, String gwId) throws Exception { Security.addProvider(new BouncyCastleProvider()); boolean ok = false; log.info("Start the request certificate instance..."); ArrayOfCertificate certsArray = null; // initiate a CertificationRequest message X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE); x500NameBld.addRDN(BCStyle.C, countryCode); x500NameBld.addRDN(BCStyle.ST, state); x500NameBld.addRDN(BCStyle.L, location); x500NameBld.addRDN(BCStyle.O, orgName); x500NameBld.addRDN(BCStyle.CN, "BETaaS Gateway Certificate"); X500Name subject = x500NameBld.build(); AsymmetricCipherKeyPair kp = ECKeyPairGen.generateECKeyPair192(); // log.info("intServ: "+intServ.toString()); // get the certification request message PKCS10CertificationRequest gwCertReq = gwCertificateService.buildCertificationRequest(subject, kp, gwId); log.info("Successfully generate PKCS10CertificationRequest!!"); // get the GW* external cert. service via ServiceTracker IGatewayStarCertificateExtService extServ = null; extCertTracker = new ServiceTracker(context, IGatewayStarCertificateExtService.class.getName(), null); extCertTracker.open();//from w w w. ja v a2s . co m // give time to the tracker to find CertificateExtService Thread.sleep(2500); ServiceReference[] refs = extCertTracker.getServiceReferences(); // iterating through the service references for (ServiceReference ref : refs) { log.debug("GW ID: " + ref.getProperty("gwId")); log.debug("Is it GW*: " + ((IGatewayStarCertificateExtService) context.getService(ref)).isGWStar()); // check if the gatewayId of remote GW equals gwStar if (((IGatewayStarCertificateExtService) context.getService(ref)).isGWStar()) { log.debug("Found the ExtCert service of GW*"); extServ = (IGatewayStarCertificateExtService) context.getService(ref); } } // send a request to issue a certificate for me (this GW) to GW* if (gwCertReq != null && extServ != null) { certsArray = extServ.issueGwCertificate(gwCertReq.getEncoded()); X509CertificateHolder[] certs = new X509CertificateHolder[certsArray.getCertificate().size()]; // decode the received array of certificates (consists of intermediate // and my own certificates) from array byte[] to X509Certificate for (int i = 0; i < certsArray.getCertificate().size(); i++) { byte[] cert = certsArray.getCertificate().get(i); certs[i] = new X509CertificateHolder(cert); } log.debug("Start storing the newly created certificate from GW*..."); // now store the certificates in a .p12 file gwCertificateService.storeMyCertificate(kp.getPrivate(), certs); ok = true; log.info("Successfully requesting certificate from GW* and store it"); // closing the service tracker extCertTracker.close(); } return ok; }
From source file:eu.optimis.ics.BrokerVPNCredentials.PeerCredManager.java
License:Open Source License
public static void main(String[] args) { PeerCredManager pcm = null;//from ww w . j a va 2 s . c o m if (args.length > 0) { log("Taking inputs from the commandline:-"); log("Peer Name = " + args[0]); log("Broker IP Address = " + args[1]); pcm = new PeerCredManager(args[0], args[1]); } else { log("Using default values: Assuming RMI server is running locally"); pcm = new PeerCredManager("peer", "127.0.1.1"); } KeyPair peerKP = pcm.genPeerKeyPair(); pcm.savePeerPrivateKey(peerCredLocation + pcm.peerName + ".key", peerKP.getPrivate()); PKCS10CertificationRequest certReq = pcm.genCertificationRequest(peerKP); Registry registry; try { registry = LocateRegistry.getRegistry(pcm.brokerCAHost); RemoteCSR stub = (RemoteCSR) registry.lookup(pcm.registryName); // Get the CA certificate from the Broker and save in the racoon directory byte[] caCertficate = stub.getCACertificate(); pcm.savePeerCertificate(peerCredLocation + "ca.crt", caCertficate); System.out.println("SUCCESS: CA Certificate stored in -> " + peerCredLocation); // Get the Peer certificate signed from the Broker CA and save in the racoon directory byte[] signedCertBytes = stub.getSignedCertificateBytes(certReq.getEncoded()); X509CertificateHolder certHolder = new X509CertificateHolder(signedCertBytes); pcm.savePeerCertificate(peerCredLocation + pcm.peerName + ".crt", certHolder.getEncoded()); System.out.println("SUCCESS: Peer Credentials generated in -> " + peerCredLocation); } catch (RemoteException e) { e.printStackTrace(); } catch (NotBoundException e) { e.printStackTrace(); } catch (IOException e) { e.printStackTrace(); } catch (CertificateEncodingException e) { e.printStackTrace(); } }