/** * Create a certification request with the default distinguished name * * @param keypair * @return * @throws SignatureException * @throws NoSuchProviderException * @throws InvalidKeyException * @throws NoSuchAlgorithmException * @throws IOException */ public static MyPKCS10CertRequest createCertRequest(KeyPair keypair) throws SignatureException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, IOException { return createCertRequest(keypair, DEFAULT_PKCS10_DISTINGUISHED_NAME); }
/** * Create a certification request with a supplied distinguished name. This should be exactly * what you want it to be, e.g. the username. * * @param keypair * @param dn * @return * @throws SignatureException * @throws NoSuchProviderException * @throws InvalidKeyException * @throws NoSuchAlgorithmException * @throws IOException */ public static MyPKCS10CertRequest createCertRequest(KeyPair keypair, String dn) throws SignatureException, NoSuchProviderException, InvalidKeyException, NoSuchAlgorithmException, IOException { return createCertRequest(keypair, DEFAULT_PKCS10_SIGNATURE_ALGORITHM, dn, DEFAULT_PKCS10_PROVIDER); }
/** * Command line utility to generate a keypair with a given DN. This is intended for low level * debugging, not public consumption. This is a very stupid utility but much more convenient * than using openSSL or some other such command line utility. * @param args */ public static void main(String[] args){ if(args.length != 1){ System.out.println("Usage: This accepts a single argument that is the DN for a cert request. It returns the pem encoded " + "cert request (but not the private key)"); return; } try{ KeyPair keyPair = KeyUtil.generateKeyPair(); MyPKCS10CertRequest cr = CertUtil.createCertRequest(keyPair, args[0]); System.out.println(CertUtil.fromCertReqToString(cr)); }catch(Throwable t){ t.printStackTrace(); } } }
/** * Retrieves credentials from the MyProxy server. */ public void getCredentials() throws IOException, GeneralSecurityException { KeyPairGenerator keyGenerator = KeyPairGenerator.getInstance(keyAlg); keyGenerator.initialize(getKeySize()); this.keypair = keyGenerator.genKeyPair(); MyPKCS10CertRequest pkcs10 = CertUtil.createCertRequest(this.keypair, pkcs10SigAlgName, DN, pkcs10Provider); getCredentials(pkcs10.getEncoded()); }
@Override public void preRequestCert(Asset asset, Map additionalParameters) { KeyPair keyPair = getNextKeyPair(); MyPKCS10CertRequest certReq = null; try { certReq = CertUtil.createCertRequest(keyPair); } catch (Throwable e) { if (e instanceof RuntimeException) { throw (RuntimeException) e; } throw new GeneralException("Could not create cert request", e); } asset.setPrivateKey(keyPair.getPrivate()); asset.setCertReq(certReq); additionalParameters.put(ClientEnvironment.CERT_REQUEST_KEY, Base64.encodeBase64String(asset.getCertReq().getEncoded())); //additionalParameters.put(ClientEnvironment.CERT_REQUEST_KEY, "Mairzy doates and does eat stoats."); if (!additionalParameters.containsKey(getEnvironment().getConstants().get(CALLBACK_URI_KEY))) { additionalParameters.put(getEnvironment().getConstants().get(CALLBACK_URI_KEY), getEnvironment().getCallback().toString()); } if (0 <= getEnvironment().getCertLifetime()) { additionalParameters.put(ClientEnvironment.CERT_LIFETIME_KEY, getEnvironment().getCertLifetime()); } }
asset.setCertReq(CertUtil.createCertRequest(keyPair)); } catch (Throwable t) { String msg = "Error: could not create cert request.";
try { keyPair = getServiceEnvironment().getKeyPair(); localCertRequest = CertUtil.createCertRequest(keyPair); } catch (GeneralSecurityException e) { error("3.b. " + e.getMessage());
public AssetResponse getCert(OA2Asset a, ATResponse2 atResponse2) { KeyPair keyPair = getNextKeyPair(); MyPKCS10CertRequest certReq = null; try { certReq = CertUtil.createCertRequest(keyPair, a.getUsername()); } catch (Throwable e) { if (e instanceof RuntimeException) { throw (RuntimeException) e; } throw new GeneralException("Could no create cert request", e); } a.setPrivateKey(keyPair.getPrivate()); a.setCertReq(certReq); Map<String, String> m1 = getAssetParameters(a); preGetCert(a, m1); if (MANUAL_TEST) { return manualTest(a, m1); } DelegatedAssetResponse daResp = getEnvironment().getDelegationService().getCert(atResponse2, getEnvironment().getClient(), m1); AssetResponse par = new AssetResponse(); MyX509Certificates myX509Certificate = (MyX509Certificates) daResp.getProtectedAsset(); par.setX509Certificates(myX509Certificate.getX509Certificates()); postGetCert(a, par); a.setCertificates(par.getX509Certificates()); getEnvironment().getAssetStore().save(a); return par; }