Example usage for org.bouncycastle.x509 X509V3CertificateGenerator generate

List of usage examples for org.bouncycastle.x509 X509V3CertificateGenerator generate

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.x509.*
  5. X509V3CertificateGenerator
  6. generate

Introduction

In this page you can find the example usage for org.bouncycastle.x509 X509V3CertificateGenerator generate.

Prototype

public X509Certificate generate(PrivateKey key, String provider)
        throws CertificateEncodingException, IllegalStateException, NoSuchProviderException,
        NoSuchAlgorithmException, SignatureException, InvalidKeyException

Source Link

Document

generate an X509 certificate, based on the current issuer and subject, using the passed in provider for the signing.

Usage

From source file:ru.codeinside.gws.signature.injector.InjectTest.java

License:Mozilla Public License

private X509Certificate genCertificate(KeyPair pair) throws NoSuchAlgorithmException,
        CertificateEncodingException, NoSuchProviderException, InvalidKeyException, SignatureException {
    Date startDate = new Date();
    Date expiryDate = new Date(startDate.getTime() + 10000);
    BigInteger serialNumber = new BigInteger("123456789");
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    X500Principal dnName = new X500Principal("CN=Test CA Certificate");
    certGen.setSerialNumber(serialNumber);
    certGen.setIssuerDN(dnName);//from  w w  w. j  a  v a 2 s. co m
    certGen.setNotBefore(startDate);
    certGen.setNotAfter(expiryDate);
    certGen.setSubjectDN(dnName);
    certGen.setPublicKey(pair.getPublic());
    certGen.setSignatureAlgorithm("GOST3411withECGOST3410");
    return certGen.generate(pair.getPrivate(), "BC");
}

From source file:sernet.verinice.encryption.test.CryptoTest.java

License:Open Source License

X509Certificate generateCertificate(String dn, KeyPair pair, int days)
        throws GeneralSecurityException, IOException {
    PublicKey publicKey = pair.getPublic();
    PrivateKey privateKey = pair.getPrivate();
    if (publicKey instanceof RSAPublicKey) {
        RSAPublicKey rsaPk = (RSAPublicKey) publicKey;
        RSAPublicKeySpec rsaPkSpec = new RSAPublicKeySpec(rsaPk.getModulus(), rsaPk.getPublicExponent());
        try {/*from  w  ww  . j  av  a  2 s . c o  m*/
            publicKey = KeyFactory.getInstance("RSA").generatePublic(rsaPkSpec);
        } catch (InvalidKeySpecException e) {
            publicKey = pair.getPublic();
        }
    }
    if (privateKey instanceof RSAPrivateKey) {
        RSAPrivateKey rsaPk = (RSAPrivateKey) privateKey;
        RSAPrivateKeySpec rsaPkSpec = new RSAPrivateKeySpec(rsaPk.getModulus(), rsaPk.getPrivateExponent());
        try {
            privateKey = KeyFactory.getInstance("RSA").generatePrivate(rsaPkSpec);
        } catch (InvalidKeySpecException e) {
            privateKey = pair.getPrivate();
        }
    }

    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
    String commonName = "CN=" + dn + ", OU=None, O=None L=None, C=None";
    X500Principal dnName = new X500Principal(commonName);
    certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
    certGen.setIssuerDN(dnName);
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
    Calendar cal = Calendar.getInstance();
    certGen.setNotBefore(cal.getTime());
    cal.add(Calendar.YEAR, 5);
    certGen.setNotAfter(cal.getTime());
    certGen.setSubjectDN(dnName);
    certGen.setPublicKey(publicKey);
    certGen.setSignatureAlgorithm("MD5WithRSA");
    return certGen.generate(privateKey, BouncyCastleProvider.PROVIDER_NAME);
}

From source file:utils.Tools.java

License:Apache License

/**
 * Generate a sample V3 certificate to use as an intermediate CA certificate
 * @author David Hook//from w  ww .j a v a  2  s  . co m
 */
public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey,
        X509Certificate caCert) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName()));
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD));
    certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test Intermediate Certificate").getName()));
    certGen.setPublicKey(intKey);
    certGen.setSignatureAlgorithm("SHA1WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
    certGen.addExtension(X509Extensions.KeyUsage, true,
            new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));

    return certGen.generate(caKey, "BC");
}

From source file:utils.Tools.java

License:Apache License

/**
 * Generate a sample V3 certificate to use as an end entity certificate
 * @author David Hook/*from  w w w  .  ja  va 2 s . c  o m*/
 */
public static X509Certificate generateEndEntityCert(PublicKey entityKey, PrivateKey caKey,
        X509Certificate caCert) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName()));
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD));
    certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test End Certificate").getName()));
    certGen.setPublicKey(entityKey);
    certGen.setSignatureAlgorithm("SHA1WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            new SubjectKeyIdentifierStructure(entityKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
    certGen.addExtension(X509Extensions.KeyUsage, true,
            new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));

    return certGen.generate(caKey, "BC");
}

From source file:utils.Utils.java

License:Apache License

/**
 * Generate a sample V1 certificate to use as a CA root certificate
 *//*from   w ww . j  av a 2s . co m*/
public static X509Certificate generateRootCert(KeyPair pair, Config config) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Name("CN=Test CA Certificate"));
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD));
    certGen.setSubjectDN(new X509Name("CN=Test CA Certificate"));
    certGen.setPublicKey(pair.getPublic());

    if (config == null) {
        certGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
    } else {
        String name = "SHA1WithRSAEncryption";
        certGen.setSignatureAlgorithm(name);
    }

    return certGen.generate(pair.getPrivate(), "BC");
}

From source file:utils.Utils.java

License:Apache License

/**
 * Generate a sample V3 certificate to use as an intermediate CA certificate
 *//*w ww  .  j a v a2s  . c om*/
public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey,
        X509Certificate caCert) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName()));
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD));
    certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test Intermediate Certificate").getName()));
    certGen.setPublicKey(intKey);
    certGen.setSignatureAlgorithm("SHA1WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
    certGen.addExtension(X509Extensions.KeyUsage, true,
            new org.bouncycastle.asn1.x509.KeyUsage(org.bouncycastle.asn1.x509.KeyUsage.digitalSignature
                    | org.bouncycastle.asn1.x509.KeyUsage.keyCertSign | KeyUsage.cRLSign));

    return certGen.generate(caKey, "BC");
}

From source file:utils.Utils.java

License:Apache License

/**
 * Generate a sample V3 certificate to use as an end entity certificate
 *//* ww w  . j  a v a  2  s.  c o m*/
public static X509Certificate generateEndEntityCert(PublicKey entityKey, PrivateKey caKey,
        X509Certificate caCert, Config config) throws Exception {
    X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();

    certGen.setSerialNumber(BigInteger.valueOf(1));
    certGen.setIssuerDN(new X509Name(caCert.getSubjectX500Principal().getName()));
    certGen.setNotBefore(new Date(System.currentTimeMillis()));
    certGen.setNotAfter(new Date(System.currentTimeMillis() + VALIDITY_PERIOD));
    certGen.setSubjectDN(new X509Name(new X500Principal("CN=Test End Certificate").getName()));
    certGen.setPublicKey(entityKey);
    if (config.getHash() == 0)
        certGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
    else
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");

    certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
            new AuthorityKeyIdentifierStructure(caCert));
    certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
            new SubjectKeyIdentifierStructure(entityKey));
    certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
    certGen.addExtension(X509Extensions.KeyUsage, true,
            new org.bouncycastle.asn1.x509.KeyUsage(org.bouncycastle.asn1.x509.KeyUsage.digitalSignature
                    | org.bouncycastle.asn1.x509.KeyUsage.keyEncipherment));

    return certGen.generate(caKey, "BC");
}