use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.
the class CertificateRequest method generateECDSAKeyPair.
@VisibleForTesting
KeyPair generateECDSAKeyPair(EllipticCurve keyCurve) throws VCertException {
try {
KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
ECGenParameterSpec spec = new ECGenParameterSpec(keyCurve.bcName());
g.initialize(spec);
return g.generateKeyPair();
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new VCertException("No security provider found for KeyFactory.EC", e);
} catch (InvalidAlgorithmParameterException e) {
throw new VCertException(format("No algorithmn provider for curve %s", keyCurve.bcName()), e);
}
}
use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.
the class CertificateRequest method generateCSR.
public void generateCSR() throws VCertException {
try {
List<GeneralName> sans = new ArrayList<>();
PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject.toX500Principal(), keyPair.getPublic());
JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(signatureAlgorithm.standardName());
ContentSigner signer = signerBuilder.build(keyPair.getPrivate());
for (String san : dnsNames) {
sans.add(new GeneralName(GeneralName.dNSName, san));
}
for (InetAddress san : ipAddresses) {
sans.add(new GeneralName(GeneralName.iPAddress, new DEROctetString(san.getAddress())));
}
for (String san : emailAddresses) {
sans.add(new GeneralName(GeneralName.rfc822Name, san));
}
if (!sans.isEmpty()) {
GeneralNames names = new GeneralNames(sans.toArray(new GeneralName[] {}));
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, false, names);
requestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
}
PKCS10CertificationRequest certificationRequest = requestBuilder.build(signer);
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
outputStream.write("-----BEGIN CERTIFICATE REQUEST-----".getBytes());
outputStream.write(System.lineSeparator().getBytes());
outputStream.write(Base64.getMimeEncoder().encode(certificationRequest.getEncoded()));
outputStream.write(System.lineSeparator().getBytes());
outputStream.write("-----END CERTIFICATE REQUEST-----".getBytes());
csr = outputStream.toByteArray();
} catch (Exception e) {
throw new VCertException("Unable to generate CSR", e);
}
}
use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.
the class CertificateRequest method generateRSAKeyPair.
@VisibleForTesting
KeyPair generateRSAKeyPair(Integer keyLength) throws VCertException {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
keyPairGenerator.initialize(keyLength);
return keyPairGenerator.generateKeyPair();
} catch (NoSuchAlgorithmException e) {
throw new VCertException("No security provider found for KeyFactory.RSA", e);
} catch (NoSuchProviderException e) {
throw new VCertException(format("No algorithm provider for RSA with key length %s", Integer.toString(keyLength)), e);
}
}
Aggregations