Example 1 with AsymmetricKeyParameter
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project kafka by apache.
the class TestSslUtils method generateCertificate.
/**
* Create a self-signed X.509 Certificate.
* From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
*
* @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for
* @param algorithm the signing algorithm, eg "SHA1withRSA"
* @return the self-signed certificate
* @throws CertificateException thrown if a security error or an IO error occurred.
*/
public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
Also used :
ContentSigner(org.bouncycastle.operator.ContentSigner)
SecureRandom(java.security.SecureRandom)
CertificateException(java.security.cert.CertificateException)
X500Name(org.bouncycastle.asn1.x500.X500Name)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
Date(java.util.Date)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
EOFException(java.io.EOFException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
BigInteger(java.math.BigInteger)
X509v1CertificateBuilder(org.bouncycastle.cert.X509v1CertificateBuilder)
BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)
Example 2 with AsymmetricKeyParameter
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project platformlayer by platformlayer.
the class SimpleCertificateAuthority method signCertificate.
private static Certificate signCertificate(X500Name signer, PrivateKey signerPrivateKey, X500Name subject, SubjectPublicKeyInfo subjectPublicKeyInfo) throws OpsException {
try {
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(SIGNATURE_ALGORITHM);
AlgorithmIdentifier digestAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
long days = 3650;
long now = System.currentTimeMillis();
Date notBefore = new Date(now - ONE_DAY);
Date notAfter = new Date(notBefore.getTime() + (days * ONE_DAY));
BigInteger serialNumber;
synchronized (SimpleCertificateAuthority.class) {
long nextSerialNumber = System.currentTimeMillis();
serialNumber = BigInteger.valueOf(nextSerialNumber);
}
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(signer, serialNumber, notBefore, notAfter, subject, subjectPublicKeyInfo);
// {
// boolean isCritical = false;
// certificateBuilder.addExtension(X509Extensions.SubjectKeyIdentifier, isCritical,
// csr.getSubjectPublicKeyInfo());
// }
AsymmetricKeyParameter caPrivateKeyParameters = PrivateKeyFactory.createKey(signerPrivateKey.getEncoded());
ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgId, digestAlgId).build(caPrivateKeyParameters);
X509CertificateHolder certificateHolder = certificateBuilder.build(contentSigner);
Certificate certificate = certificateHolder.toASN1Structure();
return certificate;
} catch (OperatorCreationException e) {
throw new OpsException("Error signing certificate", e);
} catch (IOException e) {
throw new OpsException("Error signing certificate", e);
}
}
Also used :
OpsException(org.platformlayer.ops.OpsException)
ContentSigner(org.bouncycastle.operator.ContentSigner)
IOException(java.io.IOException)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
Date(java.util.Date)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
BigInteger(java.math.BigInteger)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Example 3 with AsymmetricKeyParameter
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.
the class DHBasicAgreement method init.
public void init(CipherParameters param) {
AsymmetricKeyParameter kParam;
if (param instanceof ParametersWithRandom) {
ParametersWithRandom rParam = (ParametersWithRandom) param;
kParam = (AsymmetricKeyParameter) rParam.getParameters();
} else {
kParam = (AsymmetricKeyParameter) param;
}
if (!(kParam instanceof DHPrivateKeyParameters)) {
throw new IllegalArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters) kParam;
this.dhParams = key.getParameters();
}
Also used :
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
DHPrivateKeyParameters(org.bouncycastle.crypto.params.DHPrivateKeyParameters)
ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom)
Example 4 with AsymmetricKeyParameter
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.
the class PKCS1Encoding method init.
public void init(boolean forEncryption, CipherParameters param) {
AsymmetricKeyParameter kParam;
if (param instanceof ParametersWithRandom) {
ParametersWithRandom rParam = (ParametersWithRandom) param;
this.random = rParam.getRandom();
kParam = (AsymmetricKeyParameter) rParam.getParameters();
} else {
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter) param;
}
engine.init(forEncryption, param);
this.forPrivateKey = kParam.isPrivate();
this.forEncryption = forEncryption;
}
Also used :
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom)
SecureRandom(java.security.SecureRandom)
Example 5 with AsymmetricKeyParameter
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.
the class RSADigestSigner method init.
/**
* initialise the signer for signing or verification.
*
* @param forSigning
* true if for signing, false otherwise
* @param parameters
* necessary parameters.
*/
public void init(boolean forSigning, CipherParameters parameters) {
this.forSigning = forSigning;
AsymmetricKeyParameter k;
if (parameters instanceof ParametersWithRandom) {
k = (AsymmetricKeyParameter) ((ParametersWithRandom) parameters).getParameters();
} else {
k = (AsymmetricKeyParameter) parameters;
}
if (forSigning && !k.isPrivate()) {
throw new IllegalArgumentException("signing requires private key");
}
if (!forSigning && k.isPrivate()) {
throw new IllegalArgumentException("verification requires public key");
}
reset();
rsaEngine.init(forSigning, parameters);
}
Also used :
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom)
Aggregations
AsymmetricKeyParameter (org.bouncycastle.crypto.params.AsymmetricKeyParameter)9
ParametersWithRandom (org.bouncycastle.crypto.params.ParametersWithRandom)7
SecureRandom (java.security.SecureRandom)4
IOException (java.io.IOException)2
BigInteger (java.math.BigInteger)2
Date (java.util.Date)2
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)2
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2
DHPrivateKeyParameters (org.bouncycastle.crypto.params.DHPrivateKeyParameters)2
ContentSigner (org.bouncycastle.operator.ContentSigner)2
DefaultDigestAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)2
DefaultSignatureAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)2
BcRSAContentSignerBuilder (org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)2
EOFException (java.io.EOFException)1
GeneralSecurityException (java.security.GeneralSecurityException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
X500Name (org.bouncycastle.asn1.x500.X500Name)1
Certificate (org.bouncycastle.asn1.x509.Certificate)1
