List of usage examples for org.bouncycastle.x509 X509V1CertificateGenerator generate
public X509Certificate generate(PrivateKey key) throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
From source file:ch.rgw.crypt.JCEKeyManager.java
License:Open Source License
/** * Generate a certificate from a public key and a signing private key. * /* w w w . j a va 2 s . com*/ * @param pk * the key to make a certficate from * @param signingKey * the signer's private key * @param name * of the issuer * @param name * of the certificate holder * @return the signed certificate. * @throws KeyStoreException * */ public X509Certificate generateCertificate(PublicKey pk, PrivateKey signingKey, String issuer, String subject, TimeTool ttFrom, TimeTool ttUntil) throws InvalidKeyException, NoSuchProviderException, SignatureException, CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, KeyStoreException { // generate the certificate X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())); certGen.setIssuerDN(new X500Principal("CN=" + issuer)); if (ttFrom == null) { ttFrom = new TimeTool(); } if (ttUntil == null) { ttUntil = new TimeTool(ttFrom); ttUntil.add(TimeTool.YEAR, 2); } certGen.setNotBefore(ttFrom.getTime()); certGen.setNotAfter(ttUntil.getTime()); certGen.setSubjectDN(new X500Principal("CN=" + subject)); certGen.setPublicKey(pk); certGen.setSignatureAlgorithm(CERTIFICATE_SIGNATURE_ALGO); // X509Certificate cert = certGen.generate(signingKey, "BC"); X509Certificate cert = certGen.generate(signingKey); ks.setCertificateEntry(subject, cert); return cert; }
From source file:com.igeekinc.indelible.indeliblefs.security.EntityAuthenticationServerNewRMITest.java
License:Open Source License
public void testRegisterServer() throws UnknownHostException, IOException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException, CertificateException, NoSuchProviderException, KeyStoreException { EntityAuthenticationServerFirehoseClient client = new EntityAuthenticationServerFirehoseClient( getTCPConnectAddress());//from w ww . j av a 2 s.com try { X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal("CN=Indelible FS Client self-signed cert"); certGen.setSerialNumber(id.toBigInteger()); certGen.setIssuerDN(dnName); certGen.setNotBefore(new Date(System.currentTimeMillis() - 10 * 60 * 1000)); // Allow for some clock skew certGen.setNotAfter(new Date(System.currentTimeMillis() + 3600 * 1000)); certGen.setSubjectDN(dnName); // note: same as issuer certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm(EntityAuthenticationServer.kCertificateSignatureAlg); X509Certificate mySelfSignedCert = certGen.generate(keyPair.getPrivate()); client.registerServer(mySelfSignedCert); } finally { client.close(); } }
From source file:com.streamsets.datacollector.credential.cyberark.TestWebServicesFetcher.java
License:Apache License
@SuppressWarnings("deprecation") /**//from ww w.j av a 2 s.co m * Create a self-signed X.509 Certificate. * * @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB" * @param pair the KeyPair * @param days how many days from now the Certificate is valid for * @param algorithm the signing algorithm, eg "SHA1withRSA" * @return the self-signed certificate */ public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException { Date from = new Date(); Date to = new Date(from.getTime() + days * 86400000l); BigInteger sn = new BigInteger(64, new SecureRandom()); KeyPair keyPair = pair; X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal(dn); certGen.setSerialNumber(sn); certGen.setIssuerDN(dnName); certGen.setNotBefore(from); certGen.setNotAfter(to); certGen.setSubjectDN(dnName); certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm(algorithm); X509Certificate cert = certGen.generate(pair.getPrivate()); return cert; }
From source file:com.streamsets.pipeline.stage.destination.sdcipc.SSLTestUtils.java
License:Apache License
public static X509Certificate generateCertificate(String dn, KeyPair keyPair, int days) throws Exception { Date from = new Date(); Date to = new Date(from.getTime() + days * 86400000l); BigInteger sn = new BigInteger(64, new SecureRandom()); X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal(dn); certGen.setSerialNumber(sn);// w w w.j a v a 2 s . c om certGen.setIssuerDN(dnName); certGen.setNotBefore(from); certGen.setNotAfter(to); certGen.setSubjectDN(dnName); certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm("SHA1withRSA"); return certGen.generate(keyPair.getPrivate()); }
From source file:com.streamsets.pipeline.stage.util.tls.TLSTestUtils.java
License:Apache License
public static X509Certificate generateCertificate(String dn, KeyPair keyPair, int days) throws Exception { Date from = new Date(); Date to = new Date(from.getTime() + days * 86400000L); BigInteger sn = new BigInteger(64, new SecureRandom()); X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal(dn); certGen.setSerialNumber(sn);//from w w w. ja va 2 s. c om certGen.setIssuerDN(dnName); certGen.setNotBefore(from); certGen.setNotAfter(to); certGen.setSubjectDN(dnName); certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm("SHA1withRSA"); return certGen.generate(keyPair.getPrivate()); }
From source file:com.thoughtworks.go.server.util.HttpTestUtil.java
License:Apache License
private X509Certificate generateCert(final KeyPair keyPair) { Date startDate = day(-1);/*from w w w .j a v a 2 s . c o m*/ Date expiryDate = day(+1); BigInteger serialNumber = new BigInteger("1000200030004000"); X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal("CN=Test CA Certificate"); certGen.setSerialNumber(serialNumber); certGen.setIssuerDN(dnName); certGen.setNotBefore(startDate); certGen.setNotAfter(expiryDate); certGen.setSubjectDN(dnName); // note: same as issuer certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm("SHA1WITHRSA"); try { return certGen.generate(keyPair.getPrivate()); } catch (Exception e) { throw new RuntimeException(e); } }
From source file:org.apache.hadoop.hbase.http.ssl.KeyStoreTestUtil.java
License:Apache License
/** * Create a self-signed X.509 Certificate. * * @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB" * @param pair the KeyPair//from w ww .java 2 s. co m * @param days how many days from now the Certificate is valid for * @param algorithm the signing algorithm, eg "SHA1withRSA" * @return the self-signed certificate */ public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException { Date from = new Date(); Date to = new Date(from.getTime() + days * 86400000l); BigInteger sn = new BigInteger(64, new SecureRandom()); KeyPair keyPair = pair; X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal(dn); certGen.setSerialNumber(sn); certGen.setIssuerDN(dnName); certGen.setNotBefore(from); certGen.setNotAfter(to); certGen.setSubjectDN(dnName); certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm(algorithm); X509Certificate cert = certGen.generate(pair.getPrivate()); return cert; }
From source file:org.jscep.x509.X509Util.java
License:Open Source License
/** * Creates a self-signed ephemeral certificate. * <p> //from w ww. jav a 2 s . c om * The resulting certificate will have a not-before date * of yesterday, and not-after date of tomorrow. * * @param subject the subject to certify. * @param keyPair the key pair to sign the certificate with. * @return a new certificate. * @throws GeneralSecurityException if any security problem occurs. */ public static X509Certificate createEphemeralCertificate(X500Principal subject, KeyPair keyPair) throws GeneralSecurityException { LOGGER.entering(X509Util.class.getName(), "createEphemeralCertificate", new Object[] { subject, keyPair }); final Calendar cal = Calendar.getInstance(); cal.add(Calendar.DATE, -1); final Date notBefore = cal.getTime(); cal.add(Calendar.DATE, 2); final Date notAfter = cal.getTime(); final X509V1CertificateGenerator gen = new X509V1CertificateGenerator(); gen.setIssuerDN(subject); gen.setNotBefore(notBefore); gen.setNotAfter(notAfter); gen.setPublicKey(keyPair.getPublic()); gen.setSerialNumber(BigInteger.ONE); gen.setSignatureAlgorithm("SHA1with" + keyPair.getPublic().getAlgorithm()); gen.setSubjectDN(subject); X509Certificate cert = gen.generate(keyPair.getPrivate()); LOGGER.exiting(X509Util.class.getName(), "createEphemeralCertificate", cert); return cert; }
From source file:org.martus.common.crypto.DefaultSecurityContext.java
License:Open Source License
public X509Certificate createCertificate(RSAPublicKey publicKey, RSAPrivateCrtKey privateKey, SecureRandom secureRandom) throws SecurityException, SignatureException, InvalidKeyException, CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException { Hashtable attrs = new Hashtable(); Vector ord = new Vector(); Vector values = new Vector(); ord.addElement(X509Principal.C); ord.addElement(X509Principal.O); ord.addElement(X509Principal.L); ord.addElement(X509Principal.ST); ord.addElement(X509Principal.EmailAddress); final String certificateCountry = "US"; final String certificateOrganization = "Benetech"; final String certificateLocation = "Palo Alto"; final String certificateState = "CA"; final String certificateEmail = "martus@benetech.org"; values.addElement(certificateCountry); values.addElement(certificateOrganization); values.addElement(certificateLocation); values.addElement(certificateState); values.addElement(certificateEmail); attrs.put(X509Principal.C, certificateCountry); attrs.put(X509Principal.O, certificateOrganization); attrs.put(X509Principal.L, certificateLocation); attrs.put(X509Principal.ST, certificateState); attrs.put(X509Principal.EmailAddress, certificateEmail); // create a certificate X509V1CertificateGenerator certGen1 = new X509V1CertificateGenerator(); certGen1.setSerialNumber(new BigInteger(128, secureRandom)); certGen1.setIssuerDN(new X509Principal(ord, attrs)); certGen1.setNotBefore(new Date(System.currentTimeMillis() - 50000)); certGen1.setNotAfter(new Date(System.currentTimeMillis() + 50000)); certGen1.setSubjectDN(new X509Principal(ord, values)); certGen1.setPublicKey(publicKey);//from w ww.j a va 2 s . c o m certGen1.setSignatureAlgorithm("MD5WithRSAEncryption"); // self-sign it X509Certificate cert = certGen1.generate(privateKey); return cert; }
From source file:org.nuxeo.ecm.directory.ldap.ExternalLDAPDirectoryFeature.java
License:Apache License
/** * Method to create a X509 certificate used to test the creation and the update of an entry in the ldap. * * @return A X509 certificate//from ww w . j a v a 2s. c o m * @throws CertificateException * @throws NoSuchAlgorithmException * @throws InvalidKeyException * @throws SignatureException * @throws IllegalStateException * @since 5.9.3 */ protected X509Certificate createCertificate(String dnNameStr) throws NoSuchAlgorithmException, CertificateException, InvalidKeyException, IllegalStateException, SignatureException { X509Certificate cert = null; // Parameters used to define the certificate // yesterday Date validityBeginDate = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000); // in 2 years Date validityEndDate = new Date(System.currentTimeMillis() + 2 * 365 * 24 * 60 * 60 * 1000); // Generate the key pair KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA"); keyPairGenerator.initialize(1024, new SecureRandom()); KeyPair keyPair = keyPairGenerator.generateKeyPair(); // Define the content of the certificate X509V1CertificateGenerator certGen = new X509V1CertificateGenerator(); X500Principal dnName = new X500Principal(dnNameStr); certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis())); certGen.setSubjectDN(dnName); certGen.setIssuerDN(dnName); // use the same certGen.setNotBefore(validityBeginDate); certGen.setNotAfter(validityEndDate); certGen.setPublicKey(keyPair.getPublic()); certGen.setSignatureAlgorithm("SHA256WithRSA"); cert = certGen.generate(keyPair.getPrivate()); return cert; }