Examples with TBSCertificate com.github.zhenwei.core.asn1.x509.TBSCertificate used on opensource projects

Example 36 with TBSCertificate

use of com.github.zhenwei.core.asn1.x509.TBSCertificate in project LinLong-Java by zhenwei1108.

the class X509V3CertificateGenerator method generate.

/**
 * generate an X509 certificate, based on the current issuer and subject, using the passed in
 * provider for the signing and the supplied source of randomness, if required.
 */
public X509Certificate generate(PrivateKey key, String provider, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
    TBSCertificate tbsCert = generateTbsCert();
    byte[] signature;
    try {
        signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert);
    } catch (IOException e) {
        throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
    }
    try {
        return generateJcaObject(tbsCert, signature);
    } catch (Exception e) {
        throw new ExtCertificateEncodingException("exception producing certificate object", e);
    }
}

Example 37 with TBSCertificate

use of com.github.zhenwei.core.asn1.x509.TBSCertificate in project LinLong-Java by zhenwei1108.

the class X509V1CertificateGenerator method generateJcaObject.

private X509Certificate generateJcaObject(TBSCertificate tbsCert, byte[] signature) throws CertificateEncodingException {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(tbsCert);
    v.add(sigAlgId);
    v.add(new DERBitString(signature));
    try {
        return (X509Certificate) certificateFactory.engineGenerateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
    } catch (Exception e) {
        throw new ExtCertificateEncodingException("exception producing certificate object", e);
    }
}

Example 38 with TBSCertificate

use of com.github.zhenwei.core.asn1.x509.TBSCertificate in project LinLong-Java by zhenwei1108.

the class X509CertificateHolder method isSignatureValid.

/**
 * Validate the signature on the certificate in this holder.
 *
 * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the
 *                         signature.
 * @return true if the signature is valid, false otherwise.
 * @throws CertException if the signature cannot be processed or is inappropriate.
 */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider) throws CertException {
    TBSCertificate tbsCert = x509Certificate.getTBSCertificate();
    if (!CertUtils.isAlgIdEqual(tbsCert.getSignature(), x509Certificate.getSignatureAlgorithm())) {
        throw new CertException("signature invalid - algorithm identifier mismatch");
    }
    ContentVerifier verifier;
    try {
        verifier = verifierProvider.get((tbsCert.getSignature()));
        OutputStream sOut = verifier.getOutputStream();
        tbsCert.encodeTo(sOut, ASN1Encoding.DER);
        sOut.close();
    } catch (Exception e) {
        throw new CertException("unable to process signature: " + e.getMessage(), e);
    }
    return verifier.verify(this.getSignature());
}

Example 39 with TBSCertificate

use of com.github.zhenwei.core.asn1.x509.TBSCertificate in project xwiki-commons by xwiki.

the class BcX509CertifiedPublicKey method isSignedBy.

@Override
public boolean isSignedBy(PublicKeyParameters publicKey) throws GeneralSecurityException {
    TBSCertificate tbsCert = this.holder.toASN1Structure().getTBSCertificate();
    if (!BcUtils.isAlgorithlIdentifierEqual(tbsCert.getSignature(), this.holder.getSignatureAlgorithm())) {
        return false;
    }
    Signer signer = null;
    // Optimisation
    if (this.signerFactory instanceof BcSignerFactory) {
        signer = ((BcSignerFactory) this.signerFactory).getInstance(false, publicKey, tbsCert.getSignature());
    } else {
        try {
            signer = this.signerFactory.getInstance(false, publicKey, this.holder.getSignatureAlgorithm().getEncoded());
        } catch (IOException e) {
            return false;
        }
    }
    try {
        return BcUtils.updateDEREncodedObject(signer, tbsCert).verify(this.holder.getSignature());
    } catch (IOException e) {
        return false;
    }
}

Example 40 with TBSCertificate

use of com.github.zhenwei.core.asn1.x509.TBSCertificate in project LinLong-Java by zhenwei1108.

the class V1TBSCertificateGenerator method generateTBSCertificate.

public TBSCertificate generateTBSCertificate() {
    if ((serialNumber == null) || (signature == null) || (issuer == null) || (startDate == null) || (endDate == null) || (subject == null) || (subjectPublicKeyInfo == null)) {
        throw new IllegalStateException("not all mandatory fields set in V1 TBScertificate generator");
    }
    ASN1EncodableVector seq = new ASN1EncodableVector(6);
    // seq.add(version); - not required as default value.
    seq.add(serialNumber);
    seq.add(signature);
    seq.add(issuer);
    // 
    // before and after dates
    // 
    {
        ASN1EncodableVector validity = new ASN1EncodableVector(2);
        validity.add(startDate);
        validity.add(endDate);
        seq.add(new DERSequence(validity));
    }
    seq.add(subject);
    seq.add(subjectPublicKeyInfo);
    return TBSCertificate.getInstance(new DERSequence(seq));
}