Examples with X509CertInfo android.sun.security.x509.X509CertInfo used on opensource projects

Search in sources :

Example 11 with X509CertInfo

use of android.sun.security.x509.X509CertInfo in project baseio by generallycloud.

the class SelfSignedCertificate method generate.

private File[] generate(String fileRoot, String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter) throws Exception {
    PrivateKey key = keypair.getPrivate();
    // Prepare the information required for generating an X.509
    // certificate.
    X509CertInfo info = new X509CertInfo();
    X500Name owner = new X500Name("CN=" + fqdn);
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, random)));
    try {
        info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
    } catch (CertificateException ignore) {
        info.set(X509CertInfo.SUBJECT, owner);
    }
    try {
        info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
    } catch (CertificateException ignore) {
        info.set(X509CertInfo.ISSUER, owner);
    }
    info.set(X509CertInfo.VALIDITY, new CertificateValidity(notBefore, notAfter));
    info.set(X509CertInfo.KEY, new CertificateX509Key(keypair.getPublic()));
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid)));
    // Sign the cert to identify the algorithm that's used.
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(key, "SHA1withRSA");
    // Update the algorithm and sign again.
    info.set(CertificateAlgorithmId.NAME + '.' + CertificateAlgorithmId.ALGORITHM, cert.get(X509CertImpl.SIG_ALG));
    cert = new X509CertImpl(info);
    cert.sign(key, "SHA1withRSA");
    cert.verify(keypair.getPublic());
    return newSelfSignedCertificate(fileRoot, fqdn, key, cert);
}
Also used : CertificateSubjectName(sun.security.x509.CertificateSubjectName) PrivateKey(java.security.PrivateKey) X509CertInfo(sun.security.x509.X509CertInfo) CertificateIssuerName(sun.security.x509.CertificateIssuerName) CertificateVersion(sun.security.x509.CertificateVersion) CertificateException(java.security.cert.CertificateException) CertificateValidity(sun.security.x509.CertificateValidity) X500Name(sun.security.x509.X500Name) CertificateX509Key(sun.security.x509.CertificateX509Key) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) AlgorithmId(sun.security.x509.AlgorithmId) X509CertImpl(sun.security.x509.X509CertImpl) BigInteger(java.math.BigInteger) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)

Example 12 with X509CertInfo

use of android.sun.security.x509.X509CertInfo in project coprhd-controller by CoprHD.

the class KeyCertificatePairGenerator method generateCertificate.

/**
 * Create a self-signed X.509 Certificate
 *
 * @param pair the KeyPair
 */
private X509Certificate generateCertificate(KeyPair pair) throws GeneralSecurityException, IOException {
    PublicKey pubKey = loadPublicKeyFromBytes(pair.getPublic().getEncoded());
    PrivateKey privkey = pair.getPrivate();
    X509CertInfo info = new X509CertInfo();
    Date from = getNotBefore();
    Date to = new Date(from.getTime() + valuesHolder.getCertificateValidityInDays() * 86400000L);
    CertificateValidity interval = new CertificateValidity(from, to);
    BigInteger sn = new BigInteger(64, new SecureRandom());
    X500Name owner = new X500Name(String.format(CERTIFICATE_COMMON_NAME_FORMAT, valuesHolder.getCertificateCommonName()));
    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
    info.set(X509CertInfo.SUBJECT, owner);
    info.set(X509CertInfo.ISSUER, owner);
    info.set(X509CertInfo.KEY, new CertificateX509Key(pubKey));
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    AlgorithmId keyAlgo = AlgorithmId.get(KeyCertificateAlgorithmValuesHolder.DEFAULT_KEY_ALGORITHM);
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(keyAlgo));
    AlgorithmId signingAlgo = AlgorithmId.get(valuesHolder.getSigningAlgorithm());
    info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, signingAlgo);
    // add extensions
    CertificateExtensions ext = new CertificateExtensions();
    ext.set(SubjectKeyIdentifierExtension.NAME, new SubjectKeyIdentifierExtension(new KeyIdentifier(pubKey).getIdentifier()));
    // CA public key is the same as our public key (self signed)
    ext.set(AuthorityKeyIdentifierExtension.NAME, new AuthorityKeyIdentifierExtension(new KeyIdentifier(pubKey), null, null));
    ext.set(SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(subjectAltNames()));
    info.set(X509CertInfo.EXTENSIONS, ext);
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(privkey, valuesHolder.getSigningAlgorithm());
    return cert;
}
Also used : RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) KeyIdentifier(sun.security.x509.KeyIdentifier) X509CertInfo(sun.security.x509.X509CertInfo) PublicKey(java.security.PublicKey) SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension) SecureRandom(java.security.SecureRandom) CertificateVersion(sun.security.x509.CertificateVersion) CertificateValidity(sun.security.x509.CertificateValidity) CertificateExtensions(sun.security.x509.CertificateExtensions) X500Name(sun.security.x509.X500Name) CertificateX509Key(sun.security.x509.CertificateX509Key) Date(java.util.Date) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) SubjectKeyIdentifierExtension(sun.security.x509.SubjectKeyIdentifierExtension) AlgorithmId(sun.security.x509.AlgorithmId) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) X509CertImpl(sun.security.x509.X509CertImpl) BigInteger(java.math.BigInteger) AuthorityKeyIdentifierExtension(sun.security.x509.AuthorityKeyIdentifierExtension) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)

Example 13 with X509CertInfo

use of android.sun.security.x509.X509CertInfo in project Bytecoder by mirkosertic.

the class PKCS7 method populateCertIssuerNames.

/**
 * Populate array of Issuer DNs from certificates and convert
 * each Principal to type X500Name if necessary.
 */
private void populateCertIssuerNames() {
    if (certificates == null)
        return;
    certIssuerNames = new Principal[certificates.length];
    for (int i = 0; i < certificates.length; i++) {
        X509Certificate cert = certificates[i];
        Principal certIssuerName = cert.getIssuerDN();
        if (!(certIssuerName instanceof X500Name)) {
            // types of String attribute values to be changed)
            try {
                X509CertInfo tbsCert = new X509CertInfo(cert.getTBSCertificate());
                certIssuerName = (Principal) tbsCert.get(X509CertInfo.ISSUER + "." + X509CertInfo.DN_NAME);
            } catch (Exception e) {
            // error generating X500Name object from the cert's
            // issuer DN, leave name as is.
            }
        }
        certIssuerNames[i] = certIssuerName;
    }
}
Also used : X509CertInfo(sun.security.x509.X509CertInfo) X500Name(sun.security.x509.X500Name) X509Certificate(java.security.cert.X509Certificate) CertificateException(java.security.cert.CertificateException) CRLException(java.security.cert.CRLException)

Example 14 with X509CertInfo

use of android.sun.security.x509.X509CertInfo in project cdap by caskdata.

the class KeyStores method getCertificate.

/**
 * Generate an X.509 certificate
 *
 * @param dn Distinguished name for the owner of the certificate, it will also be the signer of the certificate.
 * @param pair Key pair used for signing the certificate.
 * @param days Validity of the certificate.
 * @param algorithm Name of the signature algorithm used.
 * @return A X.509 certificate
 */
private static X509Certificate getCertificate(String dn, KeyPair pair, int days, String algorithm) throws IOException, CertificateException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
    // Calculate the validity interval of the certificate
    Date from = new Date();
    Date to = DateUtils.addDays(from, days);
    CertificateValidity interval = new CertificateValidity(from, to);
    // Generate a random number to use as the serial number for the certificate
    BigInteger sn = new BigInteger(64, new SecureRandom());
    // Create the name of the owner based on the provided distinguished name
    X500Name owner = new X500Name(dn);
    // Create an info objects with the provided information, which will be used to create the certificate
    X509CertInfo info = new X509CertInfo();
    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
    // In java 7, subject is of type CertificateSubjectName and issuer is of type CertificateIssuerName.
    // These were changed to X500Name in Java8. So looking at the field type before setting them.
    // This certificate will be self signed, hence the subject and the issuer are same.
    Field subjectField = null;
    try {
        subjectField = info.getClass().getDeclaredField("subject");
        if (subjectField.getType().equals(X500Name.class)) {
            info.set(X509CertInfo.SUBJECT, owner);
            info.set(X509CertInfo.ISSUER, owner);
        } else {
            info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
            info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
        }
    } catch (NoSuchFieldException e) {
        // Trying to set it to Java 8 types. If one of the underlying fields has changed then this will throw a
        // CertificateException which is handled by the caller.
        info.set(X509CertInfo.SUBJECT, owner);
        info.set(X509CertInfo.ISSUER, owner);
    }
    info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    AlgorithmId algo = new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid);
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
    // Create the certificate and sign it with the private key
    X509CertImpl cert = new X509CertImpl(info);
    PrivateKey privateKey = pair.getPrivate();
    cert.sign(privateKey, algorithm);
    return cert;
}
Also used : CertificateSubjectName(sun.security.x509.CertificateSubjectName) PrivateKey(java.security.PrivateKey) X509CertInfo(sun.security.x509.X509CertInfo) CertificateIssuerName(sun.security.x509.CertificateIssuerName) SecureRandom(java.security.SecureRandom) CertificateVersion(sun.security.x509.CertificateVersion) CertificateValidity(sun.security.x509.CertificateValidity) X500Name(sun.security.x509.X500Name) CertificateX509Key(sun.security.x509.CertificateX509Key) Date(java.util.Date) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) Field(java.lang.reflect.Field) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) AlgorithmId(sun.security.x509.AlgorithmId) X509CertImpl(sun.security.x509.X509CertImpl) BigInteger(java.math.BigInteger) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)

Example 15 with X509CertInfo

use of android.sun.security.x509.X509CertInfo in project spring-cloud-digital-sign by SpringForAll.

the class DistinguishNameBuilder method build.

public CertificateBuilder build() throws IOException, CertificateException {
    String dn = stringBuilder.toString();
    X500Name owner = new X500Name(dn.substring(0, dn.length() - 1));
    X509CertInfo info = certificateBuilder.getInfo();
    info.set(X509CertInfo.SUBJECT, owner);
    info.set(X509CertInfo.ISSUER, owner);
    return certificateBuilder;
}
Also used : X509CertInfo(sun.security.x509.X509CertInfo) X500Name(sun.security.x509.X500Name)

Aggregations

X509CertInfo (sun.security.x509.X509CertInfo)24 X500Name (sun.security.x509.X500Name)19 X509CertImpl (sun.security.x509.X509CertImpl)15 CertificateAlgorithmId (sun.security.x509.CertificateAlgorithmId)13 CertificateSerialNumber (sun.security.x509.CertificateSerialNumber)13 CertificateValidity (sun.security.x509.CertificateValidity)13 CertificateX509Key (sun.security.x509.CertificateX509Key)13 BigInteger (java.math.BigInteger)12 CertificateVersion (sun.security.x509.CertificateVersion)12 AlgorithmId (sun.security.x509.AlgorithmId)11 CertificateException (java.security.cert.CertificateException)9 CertificateIssuerName (sun.security.x509.CertificateIssuerName)8 CertificateSubjectName (sun.security.x509.CertificateSubjectName)8 PrivateKey (java.security.PrivateKey)7 SecureRandom (java.security.SecureRandom)6 X509Certificate (java.security.cert.X509Certificate)6 CertificateExtensions (sun.security.x509.CertificateExtensions)6 PublicKey (java.security.PublicKey)5 Date (java.util.Date)5 KeyPair (java.security.KeyPair)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial