Search in sources :

Example 11 with Certificate

use of com.github.zhenwei.core.asn1.x509.Certificate in project kubernetes-client by fabric8io.

the class CertificateCreate method main.

public static void main(String[] args) {
    try (NamespacedCertManagerClient certManagerClient = new DefaultCertManagerClient()) {
        String namespace = "default";
        Certificate certificate = new CertificateBuilder().build();
        // Create Certificate
        certManagerClient.v1alpha2().certificates().inNamespace(namespace).create(certificate);
        System.out.println("Created: " + certificate.getMetadata().getName());
        // List Certificate
        CertificateList certificateList = certManagerClient.v1alpha2().certificates().inNamespace(namespace).list();
        System.out.println("There are " + certificateList.getItems().size() + " TaskRun objects in " + namespace);
    }
}
Also used : NamespacedCertManagerClient(io.fabric8.certmanager.client.NamespacedCertManagerClient) DefaultCertManagerClient(io.fabric8.certmanager.client.DefaultCertManagerClient) CertificateBuilder(io.fabric8.certmanager.api.model.v1alpha2.CertificateBuilder) CertificateList(io.fabric8.certmanager.api.model.v1alpha2.CertificateList) Certificate(io.fabric8.certmanager.api.model.v1alpha2.Certificate)

Example 12 with Certificate

use of com.github.zhenwei.core.asn1.x509.Certificate in project kubernetes-client by fabric8io.

the class CertificateCreate method main.

public static void main(String[] args) {
    try (NamespacedCertManagerClient certManagerClient = new DefaultCertManagerClient()) {
        String namespace = "default";
        Certificate certificate = new CertificateBuilder().build();
        // Create Certificate
        certManagerClient.v1alpha3().certificates().inNamespace(namespace).create(certificate);
        System.out.println("Created: " + certificate.getMetadata().getName());
        // List Certificate
        CertificateList certificateList = certManagerClient.v1alpha3().certificates().inNamespace(namespace).list();
        System.out.println("There are " + certificateList.getItems().size() + " TaskRun objects in " + namespace);
    }
}
Also used : NamespacedCertManagerClient(io.fabric8.certmanager.client.NamespacedCertManagerClient) DefaultCertManagerClient(io.fabric8.certmanager.client.DefaultCertManagerClient) CertificateBuilder(io.fabric8.certmanager.api.model.v1alpha3.CertificateBuilder) CertificateList(io.fabric8.certmanager.api.model.v1alpha3.CertificateList) Certificate(io.fabric8.certmanager.api.model.v1alpha3.Certificate)

Example 13 with Certificate

use of com.github.zhenwei.core.asn1.x509.Certificate in project remoting by jenkinsci.

the class X509CertificateRule method apply.

@Override
public Statement apply(final Statement base, final Description description) {
    Skip skip = description.getAnnotation(Skip.class);
    if (skip != null && (skip.value().length == 0 || Arrays.asList(skip.value()).contains(id))) {
        return base;
    }
    return new Statement() {

        @Override
        public void evaluate() throws Throwable {
            Date now = new Date();
            Date firstDate = new Date(now.getTime() + startDateOffsetMillis);
            Date lastDate = new Date(now.getTime() + endDateOffsetMillis);
            SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(subjectKey.getPublic().getEncoded());
            X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
            if (id != null) {
                nameBuilder.addRDN(BCStyle.CN, id);
            }
            X500Name subject = nameBuilder.addRDN(BCStyle.CN, description.getDisplayName()).addRDN(BCStyle.C, "US").build();
            X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(subject, BigInteger.ONE, firstDate, lastDate, subject, subjectPublicKeyInfo);
            JcaX509ExtensionUtils instance = new JcaX509ExtensionUtils();
            certGen.addExtension(Extension.subjectKeyIdentifier, false, instance.createSubjectKeyIdentifier(subjectPublicKeyInfo));
            ContentSigner signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BOUNCY_CASTLE_PROVIDER).build(X509CertificateRule.this.signerKey.getPrivate());
            certificate = new JcaX509CertificateConverter().setProvider(BOUNCY_CASTLE_PROVIDER).getCertificate(certGen.build(signer));
            try {
                base.evaluate();
            } finally {
                certificate = null;
            }
        }
    };
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder) Statement(org.junit.runners.model.Statement) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) ContentSigner(org.bouncycastle.operator.ContentSigner) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date)

Example 14 with Certificate

use of com.github.zhenwei.core.asn1.x509.Certificate in project Gene by Nervousync.

the class CertificateUtils method x509.

/**
 * Convert public key instance to X.509 certificate
 *
 * @param publicKey     Public key
 * @param serialNumber  Certificate serial number
 * @param beginDate     Certificate begin date
 * @param endDate       Certificate end date
 * @param certName      Certificate name
 * @param signKey       Certificate signer private key
 * @param signAlgorithm Signature algorithm
 * @return Generated X.509 certificate
 */
public static X509Certificate x509(PublicKey publicKey, long serialNumber, Date beginDate, Date endDate, String certName, PrivateKey signKey, String signAlgorithm) {
    if (publicKey == null || signKey == null || StringUtils.isEmpty(signAlgorithm)) {
        return null;
    }
    X500Name subjectDN = new X500Name("CN=" + certName);
    SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(publicKey.getEncoded());
    X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(subjectDN, BigInteger.valueOf(serialNumber), beginDate, endDate, subjectDN, publicKeyInfo);
    try {
        x509v3CertificateBuilder.addExtension(Extension.basicConstraints, Boolean.FALSE, new BasicConstraints(Boolean.FALSE));
        ContentSigner contentSigner = new JcaContentSignerBuilder(signAlgorithm).setProvider("BC").build(signKey);
        X509CertificateHolder certificateHolder = x509v3CertificateBuilder.build(contentSigner);
        return new JcaX509CertificateConverter().getCertificate(certificateHolder);
    } catch (OperatorCreationException | GeneralSecurityException | IOException e) {
        LOGGER.error("Generate PKCS12 Certificate Failed! ");
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug("Stack message: ", e);
        }
    }
    return null;
}
Also used : X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) ContentSigner(org.bouncycastle.operator.ContentSigner) X500Name(org.bouncycastle.asn1.x500.X500Name) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)

Example 15 with Certificate

use of com.github.zhenwei.core.asn1.x509.Certificate in project webauthn4j by webauthn4j.

the class PackedAttestationStatementValidatorTest method generateCertPath.

private static AttestationCertificatePath generateCertPath(KeyPair pair, String signAlg) {
    try {
        Provider bcProvider = new BouncyCastleProvider();
        // Security.addProvider(bcProvider);
        long now = System.currentTimeMillis();
        Date from = new Date(now);
        Date to = new Date(from.getTime() + TimeUnit.DAYS.toMillis(1));
        X500Name dnName = new X500Name("C=ORG, O=Dummy Org, OU=Authenticator Attestation, CN=Dummy");
        BigInteger certSerialNumber = BigInteger.ZERO;
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(from);
        calendar.add(Calendar.YEAR, 1);
        ContentSigner contentSigner = new JcaContentSignerBuilder(signAlg).build(pair.getPrivate());
        JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(dnName, certSerialNumber, from, to, dnName, pair.getPublic());
        BasicConstraints basicConstraints = new BasicConstraints(false);
        certBuilder.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, basicConstraints);
        X509Certificate certificate = new JcaX509CertificateConverter().setProvider(bcProvider).getCertificate(certBuilder.build(contentSigner));
        return new AttestationCertificatePath(Collections.singletonList(certificate));
    } catch (OperatorCreationException | CertificateException | CertIOException e) {
        throw new UnexpectedCheckedException(e);
    }
}
Also used : UnexpectedCheckedException(com.webauthn4j.util.exception.UnexpectedCheckedException) AttestationCertificatePath(com.webauthn4j.data.attestation.statement.AttestationCertificatePath) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) Calendar(java.util.Calendar) ContentSigner(org.bouncycastle.operator.ContentSigner) CertificateException(java.security.cert.CertificateException) X500Name(org.bouncycastle.asn1.x500.X500Name) CertIOException(org.bouncycastle.cert.CertIOException) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) BigInteger(java.math.BigInteger) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Aggregations

IOException (java.io.IOException)242 X509Certificate (java.security.cert.X509Certificate)216 Date (java.util.Date)133 X500Name (org.bouncycastle.asn1.x500.X500Name)133 BigInteger (java.math.BigInteger)120 ContentSigner (org.bouncycastle.operator.ContentSigner)102 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)101 GeneralName (org.bouncycastle.asn1.x509.GeneralName)100 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)96 CertificateException (java.security.cert.CertificateException)95 ArrayList (java.util.ArrayList)90 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)85 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)82 SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)78 GeneralSecurityException (java.security.GeneralSecurityException)69 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)62 GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)62 Extension (org.bouncycastle.asn1.x509.Extension)61 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)60 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)59