Example 66 with VCertException
use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.
the class CertificateRequest method generateECDSAKeyPair.
@VisibleForTesting
KeyPair generateECDSAKeyPair(EllipticCurve keyCurve) throws VCertException {
try {
KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
ECGenParameterSpec spec = new ECGenParameterSpec(keyCurve.bcName());
g.initialize(spec);
return g.generateKeyPair();
} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
throw new VCertException("No security provider found for KeyFactory.EC", e);
} catch (InvalidAlgorithmParameterException e) {
throw new VCertException(format("No algorithmn provider for curve %s", keyCurve.bcName()), e);
}
}
Also used :
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
VCertException(com.venafi.vcert.sdk.VCertException)
ECGenParameterSpec(java.security.spec.ECGenParameterSpec)
KeyPairGenerator(java.security.KeyPairGenerator)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Example 67 with VCertException
use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.
the class CertificateRequest method generateCSR.
public void generateCSR() throws VCertException {
try {
List<GeneralName> sans = new ArrayList<>();
PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject.toX500Principal(), keyPair.getPublic());
JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder(signatureAlgorithm.standardName());
ContentSigner signer = signerBuilder.build(keyPair.getPrivate());
for (String san : dnsNames) {
sans.add(new GeneralName(GeneralName.dNSName, san));
}
for (InetAddress san : ipAddresses) {
sans.add(new GeneralName(GeneralName.iPAddress, new DEROctetString(san.getAddress())));
}
for (String san : emailAddresses) {
sans.add(new GeneralName(GeneralName.rfc822Name, san));
}
if (!sans.isEmpty()) {
GeneralNames names = new GeneralNames(sans.toArray(new GeneralName[] {}));
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, false, names);
requestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
}
PKCS10CertificationRequest certificationRequest = requestBuilder.build(signer);
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
outputStream.write("-----BEGIN CERTIFICATE REQUEST-----".getBytes());
outputStream.write(System.lineSeparator().getBytes());
outputStream.write(Base64.getMimeEncoder().encode(certificationRequest.getEncoded()));
outputStream.write(System.lineSeparator().getBytes());
outputStream.write("-----END CERTIFICATE REQUEST-----".getBytes());
csr = outputStream.toByteArray();
} catch (Exception e) {
throw new VCertException("Unable to generate CSR", e);
}
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ArrayList(java.util.ArrayList)
ContentSigner(org.bouncycastle.operator.ContentSigner)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
IOException(java.io.IOException)
VCertException(com.venafi.vcert.sdk.VCertException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
VCertException(com.venafi.vcert.sdk.VCertException)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
InetAddress(java.net.InetAddress)
Example 68 with VCertException
use of com.venafi.vcert.sdk.VCertException in project vcert-java by Venafi.
the class CertificateRequest method generateRSAKeyPair.
@VisibleForTesting
KeyPair generateRSAKeyPair(Integer keyLength) throws VCertException {
try {
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
keyPairGenerator.initialize(keyLength);
return keyPairGenerator.generateKeyPair();
} catch (NoSuchAlgorithmException e) {
throw new VCertException("No security provider found for KeyFactory.RSA", e);
} catch (NoSuchProviderException e) {
throw new VCertException(format("No algorithm provider for RSA with key length %s", Integer.toString(keyLength)), e);
}
}
Also used :
VCertException(com.venafi.vcert.sdk.VCertException)
KeyPairGenerator(java.security.KeyPairGenerator)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
NoSuchProviderException(java.security.NoSuchProviderException)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Aggregations
VCertException (com.venafi.vcert.sdk.VCertException)68
PolicySpecification (com.venafi.vcert.sdk.policy.domain.PolicySpecification)49
DisplayName (org.junit.jupiter.api.DisplayName)48
Test (org.junit.jupiter.api.Test)48
IOException (java.io.IOException)34
CertificateNotFoundByThumbprintException (com.venafi.vcert.sdk.connectors.ConnectorException.CertificateNotFoundByThumbprintException)26
CertificateDNOrThumbprintWasNotProvidedException (com.venafi.vcert.sdk.connectors.ConnectorException.CertificateDNOrThumbprintWasNotProvidedException)25
MoreThanOneCertificateWithSameThumbprintException (com.venafi.vcert.sdk.connectors.ConnectorException.MoreThanOneCertificateWithSameThumbprintException)25
FeignException (feign.FeignException)25
FailedToRevokeTokenException (com.venafi.vcert.sdk.connectors.ConnectorException.FailedToRevokeTokenException)23
Authentication (com.venafi.vcert.sdk.endpoint.Authentication)23
StringReader (java.io.StringReader)7
CertificateRequest (com.venafi.vcert.sdk.certificate.CertificateRequest)5
PEMCollection (com.venafi.vcert.sdk.certificate.PEMCollection)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
CsrOriginOption (com.venafi.vcert.sdk.certificate.CsrOriginOption)4
DataFormat (com.venafi.vcert.sdk.certificate.DataFormat)4
ImportResponse (com.venafi.vcert.sdk.certificate.ImportResponse)4
RenewalRequest (com.venafi.vcert.sdk.certificate.RenewalRequest)4
RevocationRequest (com.venafi.vcert.sdk.certificate.RevocationRequest)4
