List of usage examples for org.bouncycastle.pkcs PKCS10CertificationRequestBuilder build
public PKCS10CertificationRequest build(ContentSigner signer)
From source file:be.e_contract.mycarenet.certra.CertRASession.java
License:Open Source License
public byte[] generateCSR(X500Name name) throws OperatorCreationException, IOException { PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(name, this.publicKey); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA"); ContentSigner signer = csBuilder.build(this.privateKey); PKCS10CertificationRequest csr = csrBuilder.build(signer); return csr.getEncoded(); }
From source file:beta01.CertSigningRequest.java
private void genaretKeyPairDsa() throws Exception { String signatureAlg = "SHA1withDSA"; KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA", "BC"); kpg.initialize(2048);/*from ww w. j a v a 2 s. c o m*/ KeyPair kp = kpg.genKeyPair(); X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); x500NameBuilder.addRDN(BCStyle.C, "ID"); x500NameBuilder.addRDN(BCStyle.CN, "Pizaini"); //x500NameBuilder.addRDN(BCStyle.O, "Institut Pertanian Bogor"); X500Name subject = x500NameBuilder.build(); PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, kp.getPublic()); try { PKCS10CertificationRequest request = requestBuilder .build(new JcaContentSignerBuilder(signatureAlg).setProvider("BC").build(kp.getPrivate())); //verify signature if (request.isSignatureValid( new JcaContentVerifierProviderBuilder().setProvider("BC").build(kp.getPublic()))) { System.out.println(signatureAlg + ": PKCS#10 request verified."); //CSR Output ByteArrayOutputStream baos = new ByteArrayOutputStream(); //PemWriter pemWrtb = new PemWriter(new OutputStreamWriter(baos)); JcaPEMWriter jcaPem = new JcaPEMWriter(new OutputStreamWriter(baos)); jcaPem.writeObject(request); jcaPem.close(); try { File file = new File("D:\\CSR_" + kpg.getAlgorithm() + ".p10"); FileOutputStream fos = new FileOutputStream(file); baos.close(); fos.write(baos.toByteArray()); fos.flush(); fos.close(); } catch (IOException ex) { } //store Private Key p8 try { File file = new File("D:\\PrivateKey_" + kpg.getAlgorithm() + ".p8"); FileOutputStream fos = new FileOutputStream(file); fos.write(kp.getPrivate().getEncoded()); fos.flush(); fos.close(); System.out.println("Privated key stored as " + kp.getPrivate().getFormat()); } catch (IOException ex) { } //p12 /*KeyStore pkcs12 = KeyStore.getInstance("PKCS12", "BC"); pkcs12.load(null, null); //pkcs12.setCertificateEntry("r2oot", holderRoot); pkcs12.setKeyEntry("PIZAINI_ECDSA", kp.getPrivate(), null, null); char[] password = "pass".toCharArray(); ByteArrayOutputStream bOut = new ByteArrayOutputStream(); pkcs12.store(bOut, password); ASN1InputStream asnInput = new ASN1InputStream(bOut.toByteArray()); bOut.reset(); DEROutputStream derOut = new DEROutputStream(bOut); derOut.writeObject(asnInput.readObject()); byte[] derFormat = bOut.toByteArray(); try{ File file = new File("D:\\Pizaini_ECDSA_Private.p12"); FileOutputStream fos = new FileOutputStream(file); bOut.close(); fos.write(derFormat); fos.flush(); fos.close(); }catch(IOException ex){ }*/ } else { System.out.println(signatureAlg + ": Failed verify check."); } } catch (OperatorCreationException | PKCSException ex) { } }
From source file:com.adaptris.security.certificate.CertRequestHandler.java
License:Apache License
/** * Create a certificate Request.//from w ww . ja v a 2 s . co m */ private static CertificationRequest createCertRequest(Certificate c, PrivateKey key) throws Exception { X509Certificate x509 = (X509Certificate) c; x509.getSigAlgName(); X500Name entityName = new X500Name(x509.getSubjectDN().getName()); KeyPair entityPair = KeyPairGenerator.getInstance("RSA").genKeyPair(); SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(x509.getPublicKey().getEncoded()); // Generate the certificate signing request PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(entityName, publicKeyInfo); // // SCEP servers usually require a challenge password // csrBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(new String( // "password".toCharArray()))); JcaContentSignerBuilder builder = new JcaContentSignerBuilder(x509.getSigAlgName()); PKCS10CertificationRequest csr = csrBuilder.build(builder.build(entityPair.getPrivate())); // CertificateRequest certRequest = new CertificateRequest( // x509.getPublicKey(), (Name) x509.getSubjectDN()); // // certRequest.sign(x509.getSignatureAlgorithm(), key); return csr.toASN1Structure(); }
From source file:com.aqnote.shared.cryptology.cert.gen.CertGenerator.java
License:Open Source License
public PKCS10CertificationRequest createCSR(X500Name x500Name, KeyPair keyPair) throws Exception { PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(x500Name, publicKey);/* w ww . ja v a 2 s .c om*/ JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(ALG_SIG_SHA256_RSA); ContentSigner signer = csBuilder.build(privateKey); PKCS10CertificationRequest csr = p10Builder.build(signer); return csr; }
From source file:com.cordova.plugin.CertPlugin.java
License:Open Source License
private String getPriAndCsr() { try {/*w w w . j a v a 2 s .c o m*/ KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA"); gen.initialize(2048); KeyPair pair = gen.generateKeyPair(); PrivateKey privateKey = pair.getPrivate(); Log.i(TAG, "privateKey : " + Base64.encodeToString(privateKey.getEncoded(), 0)); String strPrivateKey = Base64.encodeToString(privateKey.getEncoded(), 0); //? SharedPreferences SharedPreferences sp = this.cordova.getActivity().getSharedPreferences("SP", this.cordova.getActivity().getBaseContext().MODE_PRIVATE); //? SharedPreferences.Editor editor = sp.edit(); editor.putString("PRIVATE_KEY", strPrivateKey); editor.commit(); // PRIVATE_KEY Log.d("SP", sp.getString("PRIVATE_KEY", "none")); PublicKey publicKey = pair.getPublic(); // X500Principal subject = new X500Principal("C=NO, ST=Trondheim, L=Trondheim, O=Senthadev, OU=Innovation, CN=www.senthadev.com, EMAILADDRESS=senthadev@gmail.com"); ContentSigner signGen = new JcaContentSignerBuilder("SHA1withRSA").build(privateKey); X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE); X500Name x500Name = x500NameBuilder.build(); PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(x500Name, publicKey); PKCS10CertificationRequest csr = csrBuilder.build(signGen); Log.i(TAG, Base64.encodeToString(csr.getEncoded(), 0)); return Base64.encodeToString(csr.getEncoded(), 0); } catch (Exception e) { e.printStackTrace(); } return ""; }
From source file:com.cws.esolutions.security.dao.certmgmt.impl.CertificateManagerImpl.java
License:Apache License
/** * @see com.cws.esolutions.security.dao.certmgmt.interfaces.ICertificateManager#createCertificateRequest(List, String, int, int) *//*from ww w . j a v a 2 s .co m*/ public synchronized File createCertificateRequest(final List<String> subjectData, final String storePassword, final int validityPeriod, final int keySize) throws CertificateManagementException { final String methodName = ICertificateManager.CNAME + "#createCertificateRequest(final List<String> subjectData, final String storePassword, final int validityPeriod, final int keySize) throws CertificateManagementException"; if (DEBUG) { DEBUGGER.debug(methodName); DEBUGGER.debug("Value: {}", subjectData); DEBUGGER.debug("Value: {}", validityPeriod); DEBUGGER.debug("Value: {}", keySize); } final File rootDirectory = certConfig.getRootDirectory(); final String signatureAlgorithm = certConfig.getSignatureAlgorithm(); final String certificateAlgorithm = certConfig.getCertificateAlgorithm(); final File privateKeyDirectory = FileUtils .getFile(certConfig.getPrivateKeyDirectory() + "/" + subjectData.get(0)); final File publicKeyDirectory = FileUtils .getFile(certConfig.getPublicKeyDirectory() + "/" + subjectData.get(0)); final File csrDirectory = FileUtils.getFile(certConfig.getCsrDirectory() + "/" + subjectData.get(0)); final File storeDirectory = FileUtils.getFile(certConfig.getStoreDirectory() + "/" + subjectData.get(0)); final X500Name x500Name = new X500Name("CN=" + subjectData.get(0) + ",OU=" + subjectData.get(1) + ",O=" + subjectData.get(2) + ",L=" + subjectData.get(3) + ",ST=" + subjectData.get(4) + ",C=" + subjectData.get(5) + ",E=" + subjectData.get(6)); if (DEBUG) { DEBUGGER.debug("rootDirectory: {}", rootDirectory); DEBUGGER.debug("signatureAlgorithm: {}", signatureAlgorithm); DEBUGGER.debug("certificateAlgorithm: {}", certificateAlgorithm); DEBUGGER.debug("privateKeyDirectory: {}", privateKeyDirectory); DEBUGGER.debug("publicKeyDirectory: {}", publicKeyDirectory); DEBUGGER.debug("csrDirectory: {}", csrDirectory); DEBUGGER.debug("storeDirectory: {}", storeDirectory); DEBUGGER.debug("x500Name: {}", x500Name); } File csrFile = null; JcaPEMWriter csrPemWriter = null; JcaPEMWriter publicKeyWriter = null; JcaPEMWriter privateKeyWriter = null; FileOutputStream csrFileStream = null; FileOutputStream keyStoreStream = null; FileOutputStream publicKeyFileStream = null; FileOutputStream privateKeyFileStream = null; OutputStreamWriter csrFileStreamWriter = null; OutputStreamWriter privateKeyStreamWriter = null; OutputStreamWriter publicKeyStreamWriter = null; try { KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType()); keyStore.load(null, storePassword.toCharArray()); if (DEBUG) { DEBUGGER.debug("KeyStore: {}", keyStore); } SecureRandom random = new SecureRandom(); KeyPairGenerator keyGenerator = KeyPairGenerator.getInstance(certificateAlgorithm); keyGenerator.initialize(keySize, random); if (DEBUG) { DEBUGGER.debug("KeyGenerator: {}", keyGenerator); } KeyPair keyPair = keyGenerator.generateKeyPair(); if (DEBUG) { DEBUGGER.debug("KeyPair: {}", keyPair); } if (keyPair != null) { final Signature sig = Signature.getInstance(signatureAlgorithm); final PrivateKey privateKey = keyPair.getPrivate(); final PublicKey publicKey = keyPair.getPublic(); if (DEBUG) { DEBUGGER.debug("Signature: {}", sig); DEBUGGER.debug("PrivateKey: {}", privateKey); DEBUGGER.debug("PublicKey: {}", publicKey); } sig.initSign(privateKey, random); ContentSigner signGen = new JcaContentSignerBuilder(signatureAlgorithm).build(privateKey); if (DEBUG) { DEBUGGER.debug("ContentSigner: {}", signGen); } Calendar expiry = Calendar.getInstance(); expiry.add(Calendar.DAY_OF_YEAR, validityPeriod); if (DEBUG) { DEBUGGER.debug("Calendar: {}", expiry); } CertificateFactory certFactory = CertificateFactory.getInstance(certConfig.getCertificateType()); if (DEBUG) { DEBUGGER.debug("CertificateFactory: {}", certFactory); } X509Certificate[] issuerCert = new X509Certificate[] { (X509Certificate) certFactory .generateCertificate(new FileInputStream(certConfig.getIntermediateCertificateFile())) }; if (DEBUG) { DEBUGGER.debug("X509Certificate[]: {}", (Object) issuerCert); } keyStore.setCertificateEntry(certConfig.getRootCertificateName(), certFactory.generateCertificate( new FileInputStream(FileUtils.getFile(certConfig.getRootCertificateFile())))); keyStore.setCertificateEntry(certConfig.getIntermediateCertificateName(), certFactory.generateCertificate(new FileInputStream( FileUtils.getFile(certConfig.getIntermediateCertificateFile())))); PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name, publicKey); if (DEBUG) { DEBUGGER.debug("PKCS10CertificationRequestBuilder: {}", builder); } PKCS10CertificationRequest csr = builder.build(signGen); if (DEBUG) { DEBUGGER.debug("PKCS10CertificationRequest: {}", csr); } // write private key File privateKeyFile = FileUtils.getFile(privateKeyDirectory + "/" + subjectData.get(0) + SecurityServiceConstants.PRIVATEKEY_FILE_EXT); if (DEBUG) { DEBUGGER.debug("privateKeyFile: {}", privateKeyFile); } if (!(privateKeyFile.createNewFile())) { throw new IOException("Failed to store private file"); } privateKeyFileStream = new FileOutputStream(privateKeyFile); privateKeyStreamWriter = new OutputStreamWriter(privateKeyFileStream); if (DEBUG) { DEBUGGER.debug("privateKeyFileStream: {}", privateKeyFileStream); DEBUGGER.debug("privateKeyStreamWriter: {}", privateKeyStreamWriter); } privateKeyWriter = new JcaPEMWriter(privateKeyStreamWriter); privateKeyWriter.writeObject(privateKey); privateKeyWriter.flush(); privateKeyStreamWriter.flush(); privateKeyFileStream.flush(); // write public key File publicKeyFile = FileUtils.getFile(publicKeyDirectory + "/" + subjectData.get(0) + SecurityServiceConstants.PUBLICKEY_FILE_EXT); if (DEBUG) { DEBUGGER.debug("publicKeyFile: {}", publicKeyFile); } if (!(publicKeyFile.createNewFile())) { throw new IOException("Failed to store public key file"); } publicKeyFileStream = new FileOutputStream(publicKeyFile); publicKeyStreamWriter = new OutputStreamWriter(publicKeyFileStream); if (DEBUG) { DEBUGGER.debug("publicKeyFileStream: {}", publicKeyFileStream); DEBUGGER.debug("publicKeyStreamWriter: {}", publicKeyStreamWriter); } publicKeyWriter = new JcaPEMWriter(publicKeyStreamWriter); publicKeyWriter.writeObject(publicKey); publicKeyWriter.flush(); publicKeyStreamWriter.flush(); publicKeyFileStream.flush(); // write csr csrFile = FileUtils .getFile(csrDirectory + "/" + subjectData.get(0) + SecurityServiceConstants.CSR_FILE_EXT); if (DEBUG) { DEBUGGER.debug("csrFile: {}", csrFile); } if (!(csrFile.createNewFile())) { throw new IOException("Failed to store CSR file"); } csrFileStream = new FileOutputStream(csrFile); csrFileStreamWriter = new OutputStreamWriter(csrFileStream); if (DEBUG) { DEBUGGER.debug("publicKeyFileStream: {}", publicKeyFileStream); DEBUGGER.debug("publicKeyStreamWriter: {}", publicKeyStreamWriter); } csrPemWriter = new JcaPEMWriter(csrFileStreamWriter); csrPemWriter.writeObject(csr); csrPemWriter.flush(); csrFileStreamWriter.flush(); csrFileStream.flush(); File keyStoreFile = FileUtils .getFile(storeDirectory + "/" + subjectData.get(0) + "." + KeyStore.getDefaultType()); if (DEBUG) { DEBUGGER.debug("keyStoreFile: {}", keyStoreFile); } keyStoreStream = FileUtils.openOutputStream(keyStoreFile); if (DEBUG) { DEBUGGER.debug("keyStoreStream: {}", keyStoreStream); } keyStore.setKeyEntry(subjectData.get(0), (Key) keyPair.getPrivate(), storePassword.toCharArray(), issuerCert); keyStore.store(keyStoreStream, storePassword.toCharArray()); keyStoreStream.flush(); if (DEBUG) { DEBUGGER.debug("KeyStore: {}", keyStore); } } else { throw new CertificateManagementException("Failed to generate keypair. Cannot continue."); } } catch (FileNotFoundException fnfx) { throw new CertificateManagementException(fnfx.getMessage(), fnfx); } catch (IOException iox) { throw new CertificateManagementException(iox.getMessage(), iox); } catch (NoSuchAlgorithmException nsax) { throw new CertificateManagementException(nsax.getMessage(), nsax); } catch (IllegalStateException isx) { throw new CertificateManagementException(isx.getMessage(), isx); } catch (InvalidKeyException ikx) { throw new CertificateManagementException(ikx.getMessage(), ikx); } catch (OperatorCreationException ocx) { throw new CertificateManagementException(ocx.getMessage(), ocx); } catch (KeyStoreException ksx) { throw new CertificateManagementException(ksx.getMessage(), ksx); } catch (CertificateException cx) { throw new CertificateManagementException(cx.getMessage(), cx); } finally { if (csrFileStreamWriter != null) { IOUtils.closeQuietly(csrFileStreamWriter); } if (csrFileStream != null) { IOUtils.closeQuietly(csrFileStream); } if (csrPemWriter != null) { IOUtils.closeQuietly(csrPemWriter); } if (publicKeyFileStream != null) { IOUtils.closeQuietly(publicKeyFileStream); } if (publicKeyStreamWriter != null) { IOUtils.closeQuietly(publicKeyStreamWriter); } if (publicKeyWriter != null) { IOUtils.closeQuietly(publicKeyWriter); } if (privateKeyFileStream != null) { IOUtils.closeQuietly(privateKeyFileStream); } if (privateKeyStreamWriter != null) { IOUtils.closeQuietly(privateKeyStreamWriter); } if (privateKeyWriter != null) { IOUtils.closeQuietly(privateKeyWriter); } if (keyStoreStream != null) { IOUtils.closeQuietly(keyStoreStream); } } return csrFile; }
From source file:com.helger.ebinterface.signature.CreateCertHelper.java
License:Apache License
@Nonnull public static PKCS10CertificationRequest createCSR(final X509Certificate cert, final KeyPair keyPair) throws Exception { final Principal principal = cert.getSubjectDN(); // generate certification request final X500Name x500Name = new X500Name(principal.toString()); final PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(x500Name, keyPair.getPublic());/*from w ww . j a v a 2s . c om*/ final JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(SIGNING_ALGO); final ContentSigner signer = csBuilder.build(keyPair.getPrivate()); return p10Builder.build(signer); }
From source file:com.hypersocket.certs.X509CertificateUtils.java
License:Open Source License
public static byte[] generatePKCS10(PrivateKey privateKey, PublicKey publicKey, String CN, String OU, String O, String L, String S, String C) throws Exception { JcaContentSignerBuilder csb = new JcaContentSignerBuilder("SHA1withRSA"); ContentSigner cs = csb.build(privateKey); X500Principal principal = new X500Principal( "CN=" + CN + ", OU=" + OU + ", O=" + O + ", L=" + L + ", S=" + S + ", C=" + C); PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(principal, publicKey); PKCS10CertificationRequest req = builder.build(cs); ByteArrayOutputStream bout = new ByteArrayOutputStream(); JcaPEMWriter p = null;//from www . j a va2 s . co m try { p = new JcaPEMWriter(new OutputStreamWriter(bout)); p.writeObject(req); } finally { if (p != null) p.close(); } return bout.toByteArray(); }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException { // Create Distinguished Name X500Principal subject = new X500Principal(x500Principal); // Create ContentSigner JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256); ContentSigner signer = csBuilder.build(privateKey); // Create the CSR PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey); // Add SubjectAlternativeNames (SAN) if specified if (sanArray != null) { ExtensionsGenerator extGen = new ExtensionsGenerator(); GeneralNames subjectAltNames = new GeneralNames(sanArray); extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames); p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()); }/* w ww. ja v a 2 s .c o m*/ PKCS10CertificationRequest csr = p10Builder.build(signer); // write to openssl PEM format PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded()); StringWriter strWriter; try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) { pemWriter.writeObject(pemObject); } return strWriter.toString(); }
From source file:de.carne.certmgr.store.provider.bouncycastle.BouncyCastleStoreProvider.java
License:Open Source License
@Override public PKCS10Object generateAndSignCSR(KeyPair key, X509CertificateParams certificateParams) throws IOException, GeneralSecurityException { X500Principal subjectDN = certificateParams.getSubjectDN(); PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(subjectDN, key.getPublic());//w ww. ja va 2 s . c om addCustomExtensions(csrBuilder, certificateParams); LOG.notice(I18N.BUNDLE, I18N.STR_GENERATE_CSR, subjectDN); ContentSigner csrSigner; try { csrSigner = new JcaContentSignerBuilder(certificateParams.getSigAlg()).build(key.getPrivate()); } catch (OperatorCreationException e) { throw new StoreProviderException(e.getMessage(), e); } return new BouncyCastlePKCS10Object(csrBuilder.build(csrSigner)); }