Search in sources :

Example 1 with CertificateBuilder

use of com.adaptris.security.certificate.CertificateBuilder in project interlok by adaptris.

the class JunitSecurityHelper method getBuilder.

private static CertificateBuilder getBuilder(String commonName) throws Exception {
    CertificateBuilder builder = CertificateBuilderFactory.getInstance().createBuilder();
    CertificateParameter cp = new CertificateParameter();
    X500NameBuilder subject = new X500NameBuilder();
    subject.addRDN(X509ObjectIdentifiers.countryName, "GB");
    subject.addRDN(X509ObjectIdentifiers.stateOrProvinceName, "Middlesex");
    subject.addRDN(X509ObjectIdentifiers.localityName, "Uxbridge");
    subject.addRDN(X509ObjectIdentifiers.organization, "Adaptris");
    subject.addRDN(X509ObjectIdentifiers.organizationalUnitName, "JUNIT");
    subject.addRDN(X509ObjectIdentifiers.commonName, commonName);
    subject.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "myname@adaptris.com");
    cp.setSignatureAlgorithm("SHA256WithRSAEncryption");
    // Changed to 1024 as the key size, otherwise jdk8_66 appears to have a fit
    // wrt to java.security limiting the certpath algorithms
    // jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 (it was like this in _40, but doesn't
    // apparently break things
    cp.setKeyAlgorithm("RSA", 1024);
    cp.setSubjectInfo(subject.build());
    builder.setCertificateParameters(cp);
    return builder;
}
Also used : CertificateBuilder(com.adaptris.security.certificate.CertificateBuilder) CertificateParameter(com.adaptris.security.certificate.CertificateParameter) X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder)

Example 2 with CertificateBuilder

use of com.adaptris.security.certificate.CertificateBuilder in project interlok by adaptris.

the class JunitSecurityHelper method newKeystore.

private void newKeystore(String url, String commonName, char[] password) throws Exception {
    KeystoreProxy ksp = null;
    KeystoreLocation ksc = KeystoreFactory.getDefault().create(url, password);
    CertificateBuilder builder = getBuilder(commonName);
    Certificate selfCert = builder.createSelfSignedCertificate();
    PrivateKey privkey = builder.getPrivateKey();
    ksp = KeystoreFactory.getDefault().create(ksc);
    try {
        ksp.load();
    } catch (Exception e) {
    // Ignore the error...
    }
    String alias = config.getProperty(SECURITY_ALIAS);
    Certificate[] certChain = new Certificate[1];
    certChain[0] = selfCert;
    ksp.setPrivateKey(alias, privkey, password, certChain);
    ksp.commit();
}
Also used : CertificateBuilder(com.adaptris.security.certificate.CertificateBuilder) PrivateKey(java.security.PrivateKey) KeystoreLocation(com.adaptris.security.keystore.KeystoreLocation) KeystoreProxy(com.adaptris.security.keystore.KeystoreProxy) Certificate(java.security.cert.Certificate)

Example 3 with CertificateBuilder

use of com.adaptris.security.certificate.CertificateBuilder in project interlok by adaptris.

the class Config method getBuilder.

public CertificateBuilder getBuilder(String commonName) throws Exception {
    CertificateBuilder builder = CertificateBuilderFactory.getInstance().createBuilder();
    CertificateParameter cp = new CertificateParameter();
    X500NameBuilder subject = new X500NameBuilder();
    subject.addRDN(X509ObjectIdentifiers.countryName, config.getProperty(CERTIFICATE_C));
    subject.addRDN(X509ObjectIdentifiers.stateOrProvinceName, config.getProperty(CERTIFICATE_ST));
    subject.addRDN(X509ObjectIdentifiers.localityName, config.getProperty(CERTIFICATE_L));
    subject.addRDN(X509ObjectIdentifiers.organization, config.getProperty(CERTIFICATE_O));
    subject.addRDN(X509ObjectIdentifiers.organizationalUnitName, config.getProperty(CERTIFICATE_OU));
    subject.addRDN(X509ObjectIdentifiers.commonName, commonName);
    subject.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, config.getProperty(CERTIFICATE_EMAIL));
    cp.setSignatureAlgorithm(config.getProperty(CERTIFICATE_SIGALG));
    cp.setKeyAlgorithm(config.getProperty(CERTIFICATE_KEYALG), Integer.parseInt(config.getProperty(CERTIFICATE_KEYSIZE)));
    cp.setSubjectInfo(subject.build());
    builder.setCertificateParameters(cp);
    return builder;
}
Also used : CertificateBuilder(com.adaptris.security.certificate.CertificateBuilder) CertificateParameter(com.adaptris.security.certificate.CertificateParameter) X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder)

Example 4 with CertificateBuilder

use of com.adaptris.security.certificate.CertificateBuilder in project interlok by adaptris.

the class Config method buildKeystore.

public KeystoreLocation buildKeystore(String ksUrl, String cn, boolean overwrite) throws Exception {
    String commonName = StringUtils.defaultIfBlank(cn, config.getProperty(KEYSTORE_COMMON_PRIVKEY_ALIAS));
    KeystoreLocation ksc = KeystoreFactory.getDefault().create(ksUrl, config.getProperty(Config.KEYSTORE_COMMON_KEYSTORE_PW).toCharArray());
    KeystoreProxy ksp = KeystoreFactory.getDefault().create(ksc);
    if (ksc.exists() && overwrite == false) {
        ksp.load();
    }
    CertificateBuilder builder = getBuilder(commonName);
    Certificate selfCert = builder.createSelfSignedCertificate();
    PrivateKey privkey = builder.getPrivateKey();
    char[] password = config.getProperty(KEYSTORE_COMMON_PRIVKEY_PW).toCharArray();
    Certificate[] certChain = new Certificate[1];
    certChain[0] = selfCert;
    ksp.setPrivateKey(commonName, privkey, password, certChain);
    ksp.commit();
    return ksc;
}
Also used : CertificateBuilder(com.adaptris.security.certificate.CertificateBuilder) PrivateKey(java.security.PrivateKey) KeystoreLocation(com.adaptris.security.keystore.KeystoreLocation) KeystoreProxy(com.adaptris.security.keystore.KeystoreProxy) Certificate(java.security.cert.Certificate)

Example 5 with CertificateBuilder

use of com.adaptris.security.certificate.CertificateBuilder in project interlok by adaptris.

the class TestCertificateGeneration method testCertificateAndPrivateKeyToKeystore.

@Test
public void testCertificateAndPrivateKeyToKeystore() throws Exception {
    String commonName = String.valueOf(random.nextInt(1000));
    CertificateBuilder builder = Config.getInstance().getBuilder(commonName);
    Certificate selfCert = builder.createSelfSignedCertificate();
    PrivateKey privkey = builder.getPrivateKey();
    ksp = KeystoreFactory.getDefault().create(ksc);
    try {
        ksp.load();
    } catch (Exception e) {
    // Ignore the error...
    }
    String alias = cfg.getProperty(Config.KEYSTORE_COMMON_PRIVKEY_ALIAS);
    char[] password = cfg.getProperty(Config.KEYSTORE_COMMON_PRIVKEY_PW).toCharArray();
    Certificate[] certChain = new Certificate[1];
    certChain[0] = selfCert;
    ksp.setPrivateKey(alias, privkey, password, certChain);
    ksp.commit();
}
Also used : CertificateBuilder(com.adaptris.security.certificate.CertificateBuilder) PrivateKey(java.security.PrivateKey) Certificate(java.security.cert.Certificate) Test(org.junit.Test)

Aggregations

CertificateBuilder (com.adaptris.security.certificate.CertificateBuilder)10 Certificate (java.security.cert.Certificate)7 Test (org.junit.Test)5 PrivateKey (java.security.PrivateKey)4 CertificateParameter (com.adaptris.security.certificate.CertificateParameter)2 KeystoreLocation (com.adaptris.security.keystore.KeystoreLocation)2 KeystoreProxy (com.adaptris.security.keystore.KeystoreProxy)2 X500NameBuilder (org.bouncycastle.asn1.x500.X500NameBuilder)2 CertificateHandler (com.adaptris.security.certificate.CertificateHandler)1 ByteArrayInputStream (java.io.ByteArrayInputStream)1 KeyStore (java.security.KeyStore)1 X509Certificate (java.security.cert.X509Certificate)1