.setProvider(CipherParams.CRYPTO_PROVIDER) .build(keyPair.getPrivate());
serial, issueDate, notAfter, builder.build(), keyPair.getPublic()); ContentSigner sigGen = new JcaContentSignerBuilder(signatureAlgorithm) .setProvider(BC).build(keyPair.getPrivate()); X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC) .getCertificate(certGen.build(sigGen));
private static X509Certificate signCertificate(X509v3CertificateBuilder certificateBuilder, PrivateKey signedWithPrivateKey) throws OperatorCreationException, CertificateException { ContentSigner signer = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(PROVIDER_NAME).build(signedWithPrivateKey); return new JcaX509CertificateConverter().setProvider(PROVIDER_NAME).getCertificate(certificateBuilder.build(signer)); }
private static X509Certificate signCertificate( X509v3CertificateBuilder certificateBuilder, PrivateKey signedWithPrivateKey) throws OperatorCreationException, CertificateException { ContentSigner signer = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM) .setProvider(PROVIDER_NAME).build(signedWithPrivateKey); return new JcaX509CertificateConverter().setProvider( PROVIDER_NAME).getCertificate(certificateBuilder.build(signer)); }
public X509Certificate generate(PrivateKey caPrivKey) throws Exception { ContentSigner contentSigner = new JcaContentSignerBuilder(new SystemEnvironment().get(GO_SSL_CERTS_PUBLIC_KEY_ALGORITHM)).setProvider("BC").build(caPrivKey); return new JcaX509CertificateConverter().setProvider("BC").getCertificate(v3CertGen.build(contentSigner)); } }
throws CertificateException { try { ContentSigner sigGen = new JcaContentSignerBuilder(signingAlgorithm).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(keyPair.getPrivate()); SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()); Date startDate = new Date();
throws CertificateException { try { ContentSigner sigGen = new JcaContentSignerBuilder(signingAlgorithm).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(issuerKeyPair.getPrivate()); SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()); Date startDate = new Date();
new JcaX509CertificateHolder(rootCertificate) }; ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC") .build(rootKeyPair.getPrivate()); BasicOCSPResp ocspResponse = responseBuilder.build(signer, chain, Calendar.getInstance().getTime() );
/** * generateCertificationRequest * * @param subject The subject to be added to the certificate * @param pair Public private key pair * @return PKCS10CertificationRequest Certificate Signing Request. * @throws OperatorCreationException */ public String generateCertificationRequest(String subject, KeyPair pair) throws InvalidArgumentException { try { PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder( new X500Principal("CN=" + subject), pair.getPublic()); JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withECDSA"); if (null != SECURITY_PROVIDER) { csBuilder.setProvider(SECURITY_PROVIDER); } ContentSigner signer = csBuilder.build(pair.getPrivate()); return certificationRequestToPEM(p10Builder.build(signer)); } catch (Exception e) { logger.error(e); throw new InvalidArgumentException(e); } }
public static X509Certificate generateV1Certificate(final KeyPair keyPair, final String subject, final String issuer, final int validityYears, final String signatureAlgorithm) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, InvalidKeyException, OperatorCreationException { final DateTime now = DateTime.now(DateTimeZone.UTC); final X509v1CertificateBuilder certBuilder = new JcaX509v1CertificateBuilder( new X500Name(issuer), generateRandomBigInt(), now.minusDays(1).toDate(), now.plusYears(validityYears).toDate(), new X500Name(subject), keyPair.getPublic()); final ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).setProvider("BC").build(keyPair.getPrivate()); final X509CertificateHolder certHolder = certBuilder.build(signer); return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder); }
protected X509Certificate createCertificate(PrivateKey privateKey, X509v3CertificateBuilder x509v3CertificateBuilder) throws OperatorCreationException, CertificateException { ContentSigner contentSigner = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(BouncyCastleProvider.PROVIDER_NAME) .build(privateKey); X509Certificate x509Certificate = new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME) .getCertificate(x509v3CertificateBuilder.build(contentSigner)); return x509Certificate; }
final ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).setProvider("BC").build(caKeyPair.getPrivate()); final X509CertificateHolder certHolder = certBuilder.build(signer); final X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
@SuppressWarnings(value = "unchecked") public static byte[] sign(Providers providers, SignedOutput out) throws IOException, NoSuchAlgorithmException, NoSuchProviderException, CMSException, OperatorCreationException, CertificateEncodingException { ByteArrayOutputStream bodyOs = new ByteArrayOutputStream(); MessageBodyWriter writer = providers.getMessageBodyWriter(out.getType(), out.getGenericType(), null, out.getMediaType()); if (writer == null) { throw new WriterException(Messages.MESSAGES.failedToFindWriter(out.getType().getName())); } MultivaluedMapImpl<String, Object> bodyHeaders = new MultivaluedMapImpl<String, Object>(); bodyHeaders.add("Content-Type", out.getMediaType().toString()); writer.writeTo(out.getEntity(), out.getType(), out.getGenericType(), null, out.getMediaType(), bodyHeaders, bodyOs); CMSSignedDataGenerator signGen = new CMSSignedDataGenerator(); ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(out.getPrivateKey()); signGen.addSignerInfoGenerator( new JcaSignerInfoGeneratorBuilder( new JcaDigestCalculatorProviderBuilder().setProvider("BC").build()) .build(sha1Signer, out.getCertificate())); CMSTypedData content = new CMSProcessableByteArray(bodyOs.toByteArray()); CMSSignedData signedData = signGen.generate(content, true); return signedData.getEncoded(); } }
private JcaContentSignerBuilder makeContentSignerBuilder(PublicKey issPub) throws Exception { if (issPub.getAlgorithm().equals("EC")) { JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SIGN_ALGO_SM3WITHSM2); contentSignerBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME); return contentSignerBuilder; } throw new Exception("Unsupported PublicKey Algorithm:" + issPub.getAlgorithm()); } }
private static X509Certificate verifyCertificate(PrivateKey caPrivateKey, PublicKey caPublicKey, JcaX509v3CertificateBuilder certificateBuilder) throws OperatorCreationException, CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { ContentSigner signer = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(PROVIDER_NAME).build(caPrivateKey); X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER_NAME).getCertificate(certificateBuilder.build(signer)); cert.checkValidity(new Date()); cert.verify(caPublicKey); return cert; }
private X509Certificate generateVersion1(X500Name subject, X500Name issuer, Date validityStart, Date validityEnd, PublicKey publicKey, PrivateKey privateKey, SignatureType signatureType, BigInteger serialNumber) throws CryptoException { Date notBefore = validityStart == null ? new Date() : validityStart; Date notAfter = validityEnd == null ? new Date(notBefore.getTime() + TimeUnit.DAYS.toMillis(365)) : validityEnd; JcaX509v1CertificateBuilder certBuilder = new JcaX509v1CertificateBuilder(issuer, serialNumber, notBefore, notAfter, subject, publicKey); try { ContentSigner certSigner = new JcaContentSignerBuilder(signatureType.jce()).setProvider("BC").build( privateKey); return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certBuilder.build(certSigner)); } catch (CertificateException | IllegalStateException | OperatorCreationException ex) { throw new CryptoException(res.getString("CertificateGenFailed.exception.message"), ex); } }
public static PKCS10CertificationRequest createCSR(X500Name subject, SM2PublicKey pubKey, PrivateKey priKey, String signAlgo) throws OperatorCreationException { PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(subject, pubKey); ContentSigner signerBuilder = new JcaContentSignerBuilder(signAlgo) .setProvider(BouncyCastleProvider.PROVIDER_NAME).build(priKey); return csrBuilder.build(signerBuilder); }
private static X509Certificate signCertificate(X509v3CertificateBuilder certificateBuilder, PrivateKey signedWithPrivateKey) throws OperatorCreationException, CertificateException { ContentSigner signer = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM) .setProvider(PROVIDER_NAME) .build(signedWithPrivateKey); return new JcaX509CertificateConverter() .setProvider(PROVIDER_NAME) .getCertificate(certificateBuilder.build(signer)); }
private static X509Certificate signCertificate( X509v3CertificateBuilder certificateBuilder, PrivateKey signedWithPrivateKey) throws OperatorCreationException, CertificateException { ContentSigner signer = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM) .setProvider(PROVIDER_NAME).build(signedWithPrivateKey); return new JcaX509CertificateConverter().setProvider( PROVIDER_NAME).getCertificate(certificateBuilder.build(signer)); }
private static X509Certificate signCertificate(X509v3CertificateBuilder certificateBuilder, PrivateKey signedWithPrivateKey) throws OperatorCreationException, CertificateException { ContentSigner signer = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(PROVIDER_NAME).build(signedWithPrivateKey); return new JcaX509CertificateConverter().setProvider(PROVIDER_NAME).getCertificate(certificateBuilder.build(signer)); }