use of android.sun.security.x509.CertificateValidity in project AppManager by MuntashirAkon.
the class KeyStoreUtils method generateCert.
@NonNull
private static X509Certificate generateCert(PrivateKey privateKey, PublicKey publicKey, @NonNull String formattedSubject, long expiryDate) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, InvalidKeyException, IOException {
String algorithmName = "SHA512withRSA";
CertificateExtensions certificateExtensions = new CertificateExtensions();
certificateExtensions.set("SubjectKeyIdentifier", new SubjectKeyIdentifierExtension(new KeyIdentifier(publicKey).getIdentifier()));
X500Name x500Name = new X500Name(formattedSubject);
Date notBefore = new Date();
Date notAfter = new Date(expiryDate);
certificateExtensions.set("PrivateKeyUsage", new PrivateKeyUsageExtension(notBefore, notAfter));
CertificateValidity certificateValidity = new CertificateValidity(notBefore, notAfter);
X509CertInfo x509CertInfo = new X509CertInfo();
x509CertInfo.set("version", new CertificateVersion(2));
x509CertInfo.set("serialNumber", new CertificateSerialNumber(new Random().nextInt() & Integer.MAX_VALUE));
x509CertInfo.set("algorithmID", new CertificateAlgorithmId(AlgorithmId.get(algorithmName)));
x509CertInfo.set("subject", new CertificateSubjectName(x500Name));
x509CertInfo.set("key", new CertificateX509Key(publicKey));
x509CertInfo.set("validity", certificateValidity);
x509CertInfo.set("issuer", new CertificateIssuerName(x500Name));
x509CertInfo.set("extensions", certificateExtensions);
X509CertImpl x509CertImpl = new X509CertImpl(x509CertInfo);
x509CertImpl.sign(privateKey, algorithmName);
return x509CertImpl;
}
use of android.sun.security.x509.CertificateValidity in project xap by xap.
the class SelfSignedCertificate method generateKeyStore.
private KeyStore generateKeyStore(String fqdn, KeyPair keypair, SecureRandom random) throws Exception {
PrivateKey key = keypair.getPrivate();
// Prepare the information required for generating an X.509 certificate.
X509CertInfo info = new X509CertInfo();
X500Name owner = new X500Name("CN=" + fqdn);
info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, random)));
try {
info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
} catch (CertificateException ignore) {
info.set(X509CertInfo.SUBJECT, owner);
}
try {
info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
} catch (CertificateException ignore) {
info.set(X509CertInfo.ISSUER, owner);
}
info.set(X509CertInfo.VALIDITY, new CertificateValidity(NOT_BEFORE, NOT_AFTER));
info.set(X509CertInfo.KEY, new CertificateX509Key(keypair.getPublic()));
info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid)));
// Sign the cert to identify the algorithm that's used.
X509CertImpl cert = new X509CertImpl(info);
cert.sign(key, "SHA1withRSA");
// Update the algorithm and sign again.
info.set(CertificateAlgorithmId.NAME + '.' + CertificateAlgorithmId.ALGORITHM, cert.get(X509CertImpl.SIG_ALG));
cert = new X509CertImpl(info);
cert.sign(key, "SHA1withRSA");
cert.verify(keypair.getPublic());
String keyStoreType = KeyStore.getDefaultType();
final KeyStore keyStore = KeyStore.getInstance(keyStoreType);
keyStore.load(null, null);
// keyStore.setCertificateEntry("CAcert-root", cert);
keyStore.setKeyEntry("key", keypair.getPrivate(), "foo".toCharArray(), new Certificate[] { cert });
return keyStore;
}
use of android.sun.security.x509.CertificateValidity in project CipherTrust_Application_Protection by thalescpl-io.
the class SelfSignedCertificateUtility method generateCertificate.
private static X509Certificate generateCertificate(PublicKey publicKey, PrivateKey privateKey, Map<String, String> certificateProeprties) throws Exception {
String dn = makeDN(certificateProeprties);
X509CertInfo info = new X509CertInfo();
Date from = new Date();
Date to = new Date(from.getTime() + Integer.valueOf(certificateProeprties.get("Validity")) * 86400000l);
CertificateValidity interval = new CertificateValidity(from, to);
X500Name owner = new X500Name(dn);
boolean[] kueOk = getKeyUsgaeExtension(certificateProeprties.get("KeyUsage"));
KeyUsageExtension kue = new KeyUsageExtension(kueOk);
CertificateExtensions ext = new CertificateExtensions();
ext.set(KeyUsageExtension.NAME, kue);
info.set(X509CertInfo.VALIDITY, interval);
BigInteger sn = new BigInteger(64, new SecureRandom());
info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
boolean justName = isJavaAtLeast(1.8);
if (justName) {
info.set(X509CertInfo.SUBJECT, owner);
info.set(X509CertInfo.ISSUER, owner);
} else {
info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
}
info.set(X509CertInfo.KEY, new CertificateX509Key(publicKey));
info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
AlgorithmId algo = null;
String provider = null;
switch(certificateProeprties.get("Algorithm")) {
case "SHA1WithRSA":
break;
case "SHA256WithRSA":
break;
case "SHA384WithRSA":
break;
case "SHA512WithRSA":
provider = "BC";
break;
case "SHA1WithECDSA":
provider = "BC";
break;
case "SHA224WithECDSA":
provider = "BC";
break;
case "SHA256WithECDSA":
provider = "BC";
break;
case "SHA384WithECDSA":
provider = "BC";
break;
case "SHA512WithECDSA":
provider = "BC";
break;
default:
throw new NAEException(certificateProeprties.get("Algorithm") + " not supported.");
}
algo = AlgorithmId.get(certificateProeprties.get("Algorithm"));
info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
info.set(X509CertInfo.EXTENSIONS, ext);
// Sign the cert to identify the algorithm that's used.
X509CertImpl cert = new X509CertImpl(info);
if (provider != null)
cert.sign(privateKey, certificateProeprties.get("Algorithm"), provider);
else
cert.sign(privateKey, certificateProeprties.get("Algorithm"));
return cert;
}
use of android.sun.security.x509.CertificateValidity in project mockserver by mock-server.
the class X509Generator method buildX509CertInfo.
private X509CertInfo buildX509CertInfo(final X500Name subject, final X500Name issuer, final PublicKey publicKey, final CertificateSigningRequest csr) throws IOException, NoSuchAlgorithmException, CertificateException {
X509CertInfo x509CertInfo = new X509CertInfo();
CertificateValidity interval = new CertificateValidity(NOT_BEFORE, NOT_AFTER);
// replaced secure random with random in order to prevent entropy depletion
BigInteger sn = new BigInteger(64, new Random());
x509CertInfo.set(X509CertInfo.VALIDITY, interval);
x509CertInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
x509CertInfo.set(X509CertInfo.SUBJECT, subject);
x509CertInfo.set(X509CertInfo.ISSUER, issuer);
x509CertInfo.set(X509CertInfo.KEY, new CertificateX509Key(publicKey));
x509CertInfo.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
AlgorithmId algo = new AlgorithmId(AlgorithmId.get(csr.getSigningAlgorithm()).getOID());
x509CertInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
return x509CertInfo;
}
use of android.sun.security.x509.CertificateValidity in project OpenAttestation by OpenAttestation.
the class X509Builder method expires.
public X509Builder expires(long expiration, TimeUnit units) {
try {
Date from = new Date();
Date to = new Date(from.getTime() + TimeUnit.MILLISECONDS.convert(expiration, units));
certificateValidity = new CertificateValidity(from, to);
// CertificateException, IOException
info.set(X509CertInfo.VALIDITY, certificateValidity);
} catch (Exception e) {
fault(e, "expires(%d,%s)", expiration, units == null ? "null" : units.name());
}
return this;
}
Aggregations