Examples with SignatureAlgorithm de.carne.certmgr.certs.security.SignatureAlgorithm used on opensource projects

Search in sources :

Example 1 with SignatureAlgorithm

use of de.carne.certmgr.certs.security.SignatureAlgorithm in project certmgr by hdecarne.

the class RemoteCertGenerator method generateCert.

@Override
public CertObjectStore generateCert(GenerateCertRequest request, PasswordCallback password) throws IOException {
    KeyPair key = KeyHelper.generateKey(request.keyPairAlgorithm(), request.keySize());
    SignatureAlgorithm signatureAlgorithm = requiredParameter(request.getSignatureAlgorithm(), "SignatureAlgorithm");
    PKCS10CertificateRequest csr = PKCS10CertificateRequest.generateCSR(request.dn(), key, request.getExtensions(), signatureAlgorithm);
    CertObjectStore certObjects = new CertObjectStore();
    certObjects.addKey(key);
    certObjects.addCSR(csr);
    return certObjects;
}
Also used : KeyPair(java.security.KeyPair) PKCS10CertificateRequest(de.carne.certmgr.certs.x509.PKCS10CertificateRequest) SignatureAlgorithm(de.carne.certmgr.certs.security.SignatureAlgorithm) CertObjectStore(de.carne.certmgr.certs.CertObjectStore)

Example 2 with SignatureAlgorithm

use of de.carne.certmgr.certs.security.SignatureAlgorithm in project certmgr by hdecarne.

the class LocalCertGenerator method generateCert.

@Override
public CertObjectStore generateCert(GenerateCertRequest request, PasswordCallback password) throws IOException {
    KeyPair key = KeyHelper.generateKey(request.keyPairAlgorithm(), request.keySize());
    Issuer issuer = requiredParameter(request.getIssuer(), "Issuer");
    BigInteger serial = BigInteger.ONE;
    X500Principal issuerDN = null;
    KeyPair issuerKey = null;
    X500Principal dn = request.dn();
    if (!this.selfSignedIssuer.equals(issuer)) {
        UserCertStoreEntry issuerEntry = Check.notNull(issuer.storeEntry());
        serial = getNextSerial(issuerEntry);
        issuerDN = issuerEntry.dn();
        issuerKey = issuerEntry.getKey(password);
    } else {
        issuerKey = key;
        issuerDN = dn;
    }
    Date notBefore = requiredParameter(request.getNotBefore(), "NotBefore");
    Date notAfter = requiredParameter(request.getNotAfter(), "NotAfter");
    SignatureAlgorithm signatureAlgorithm = requiredParameter(request.getSignatureAlgorithm(), "SignatureAlgorithm");
    X509Certificate crt = X509CertificateHelper.generateCRT(dn, key, serial, notBefore, notAfter, request.getExtensions(), issuerDN, issuerKey, signatureAlgorithm);
    CertObjectStore certObjects = new CertObjectStore();
    certObjects.addKey(key);
    certObjects.addCRT(crt);
    return certObjects;
}
Also used : KeyPair(java.security.KeyPair) BigInteger(java.math.BigInteger) X500Principal(javax.security.auth.x500.X500Principal) SignatureAlgorithm(de.carne.certmgr.certs.security.SignatureAlgorithm) CertObjectStore(de.carne.certmgr.certs.CertObjectStore) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate) UserCertStoreEntry(de.carne.certmgr.certs.UserCertStoreEntry)

Example 3 with SignatureAlgorithm

use of de.carne.certmgr.certs.security.SignatureAlgorithm in project certmgr by hdecarne.

the class CertOptionsController method resetSigAlgOptions.

private void resetSigAlgOptions(@Nullable CertGenerator generator, @Nullable KeyPairAlgorithm keyPairAlgorithm, @Nullable Issuer issuer) {
    DefaultSet<SignatureAlgorithm> sigAlgs = null;
    if (generator != null) {
        String defaultHint = null;
        if (keyPairAlgorithm != null) {
            UserCertStorePreferences storePreferences = this.storePreferencesParam.get();
            if (keyPairAlgorithm.algorithm().equals(storePreferences.defaultKeyPairAlgorithm.get())) {
                defaultHint = storePreferences.defaultSignatureAlgorithm.get();
            }
        }
        sigAlgs = generator.getSignatureAlgorithms(issuer, keyPairAlgorithm, defaultHint, this.expertModeParam);
    }
    Controls.resetComboBoxOptions(this.ctlSigAlgOption, sigAlgs, (o1, o2) -> o1.toString().compareTo(o2.toString()));
}
Also used : UserCertStorePreferences(de.carne.certmgr.certs.UserCertStorePreferences) SignatureAlgorithm(de.carne.certmgr.certs.security.SignatureAlgorithm)

Example 4 with SignatureAlgorithm

use of de.carne.certmgr.certs.security.SignatureAlgorithm in project certmgr by hdecarne.

the class UserCertStoreTest method testAccessStore.

/**
 * Test access store operations.
 */
@Test
public void testAccessStore() {
    try {
        UserCertStore store = UserCertStore.openStore(testStorePath.get());
        Assert.assertEquals(11, store.size());
        Assert.assertEquals(TestCerts.TEST_STORE_NAME, store.storeName());
        Assert.assertEquals(11, store.getEntries().size());
        Assert.assertEquals(1, traverseStore(store.getRootEntries()));
        // Check preferences access
        UserCertStorePreferences loadPreferences = Check.notNull(store.storePreferences());
        Assert.assertEquals(Integer.valueOf(365), loadPreferences.defaultCRTValidityPeriod.get());
        Assert.assertEquals(Integer.valueOf(30), loadPreferences.defaultCRLUpdatePeriod.get());
        Assert.assertEquals("EC", loadPreferences.defaultKeyPairAlgorithm.get());
        Assert.assertEquals(Integer.valueOf(384), loadPreferences.defaultKeySize.get());
        Assert.assertEquals("SHA256WITHECDSA", loadPreferences.defaultSignatureAlgorithm.get());
        UserCertStorePreferences setPreferences = Check.notNull(store.storePreferences());
        setPreferences.defaultCRTValidityPeriod.putInt(180);
        setPreferences.defaultCRLUpdatePeriod.putInt(7);
        setPreferences.defaultKeyPairAlgorithm.put("EC");
        setPreferences.defaultKeySize.putInt(521);
        setPreferences.defaultSignatureAlgorithm.put("SHA256WITHECDSA");
        setPreferences.sync();
        UserCertStorePreferences getPreferences = Check.notNull(store.storePreferences());
        Assert.assertEquals(Integer.valueOf(180), getPreferences.defaultCRTValidityPeriod.get());
        Assert.assertEquals(Integer.valueOf(7), getPreferences.defaultCRLUpdatePeriod.get());
        Assert.assertEquals("EC", getPreferences.defaultKeyPairAlgorithm.get());
        Assert.assertEquals(Integer.valueOf(521), getPreferences.defaultKeySize.get());
        Assert.assertEquals("SHA256WITHECDSA", getPreferences.defaultSignatureAlgorithm.get());
        // Import access (with already existing entries)
        UserCertStore importStore = UserCertStore.createFromFiles(collectDirectoryFiles(testStorePath.get()), TestCerts.password());
        for (UserCertStoreEntry importStoreEntry : importStore.getEntries()) {
            store.importEntry(importStoreEntry, TestCerts.password(), "Imported");
        }
        Assert.assertEquals(11, store.size());
        // Revoke access
        for (UserCertStoreEntry storeEntry : store.getEntries()) {
            if (storeEntry.hasCRT() && !storeEntry.isSelfSigned() && !storeEntry.isRevoked()) {
                UserCertStoreEntry issuerEntry = storeEntry.issuer();
                if (issuerEntry.canIssue()) {
                    Date lastUpdate = new Date(System.currentTimeMillis());
                    Date nextUpdate = new Date(lastUpdate.getTime() + 1000);
                    SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.getDefaultSet(issuerEntry.getPublicKey().getAlgorithm(), storeEntry.getCRT().getSigAlgName(), false).getDefault();
                    Assert.assertNotNull(signatureAlgorithm);
                    UpdateCRLRequest updateCRLRequest = new UpdateCRLRequest(lastUpdate, nextUpdate, signatureAlgorithm);
                    updateCRLRequest.addRevokeEntry(storeEntry.getCRT().getSerialNumber(), ReasonFlag.PRIVILEGE_WITHDRAWN);
                    issuerEntry.updateCRL(updateCRLRequest, TestCerts.password());
                    Assert.assertTrue(storeEntry.isRevoked());
                }
            }
        }
        // Delete access
        List<UserCertStoreEntryId> deleteIds = new ArrayList<>();
        for (UserCertStoreEntry storeEntry : store.getEntries()) {
            deleteIds.add(storeEntry.id());
        }
        for (UserCertStoreEntryId deleteId : deleteIds) {
            store.deleteEntry(deleteId);
        }
        Assert.assertEquals(0, store.size());
        // Import access (now with empty store)
        for (UserCertStoreEntry importStoreEntry : importStore.getEntries()) {
            store.importEntry(importStoreEntry, TestCerts.password(), "Imported");
        }
        Assert.assertEquals(11, store.size());
    } catch (IOException | BackingStoreException e) {
        e.printStackTrace();
        Assert.fail(e.getMessage());
    }
}
Also used : UserCertStorePreferences(de.carne.certmgr.certs.UserCertStorePreferences) UpdateCRLRequest(de.carne.certmgr.certs.x509.UpdateCRLRequest) ArrayList(java.util.ArrayList) BackingStoreException(java.util.prefs.BackingStoreException) SignatureAlgorithm(de.carne.certmgr.certs.security.SignatureAlgorithm) IOException(java.io.IOException) UserCertStoreEntryId(de.carne.certmgr.certs.UserCertStoreEntryId) Date(java.util.Date) UserCertStore(de.carne.certmgr.certs.UserCertStore) UserCertStoreEntry(de.carne.certmgr.certs.UserCertStoreEntry) Test(org.junit.Test)

Example 5 with SignatureAlgorithm

use of de.carne.certmgr.certs.security.SignatureAlgorithm in project certmgr by hdecarne.

the class CRLOptionsController method validateAndGetUpdateRequest.

private UpdateCRLRequest validateAndGetUpdateRequest() throws ValidationException {
    Date lastUpdate = validateAndGetLastUpdate();
    Date nextUpdate = validateAndGetNextUpdate(lastUpdate);
    SignatureAlgorithm sigAlg = validateAndGetSigAlg();
    UpdateCRLRequest updateRequest = new UpdateCRLRequest(lastUpdate, nextUpdate, sigAlg);
    for (CRLEntryModel entryItem : this.ctlEntryOptions.getItems()) {
        if (entryItem.getRevoked()) {
            updateRequest.addRevokeEntry(entryItem.getSerial(), entryItem.getReason());
        }
    }
    return updateRequest;
}
Also used : UpdateCRLRequest(de.carne.certmgr.certs.x509.UpdateCRLRequest) SignatureAlgorithm(de.carne.certmgr.certs.security.SignatureAlgorithm) Date(java.util.Date) LocalDate(java.time.LocalDate)

Aggregations

SignatureAlgorithm (de.carne.certmgr.certs.security.SignatureAlgorithm)6 Date (java.util.Date)3 CertObjectStore (de.carne.certmgr.certs.CertObjectStore)2 UserCertStoreEntry (de.carne.certmgr.certs.UserCertStoreEntry)2 UserCertStorePreferences (de.carne.certmgr.certs.UserCertStorePreferences)2 UpdateCRLRequest (de.carne.certmgr.certs.x509.UpdateCRLRequest)2 KeyPair (java.security.KeyPair)2 Test (org.junit.Test)2 UserCertStore (de.carne.certmgr.certs.UserCertStore)1 UserCertStoreEntryId (de.carne.certmgr.certs.UserCertStoreEntryId)1 KeyPairAlgorithm (de.carne.certmgr.certs.security.KeyPairAlgorithm)1 PKCS10CertificateRequest (de.carne.certmgr.certs.x509.PKCS10CertificateRequest)1 IOException (java.io.IOException)1 BigInteger (java.math.BigInteger)1 X509Certificate (java.security.cert.X509Certificate)1 LocalDate (java.time.LocalDate)1 ArrayList (java.util.ArrayList)1 BackingStoreException (java.util.prefs.BackingStoreException)1 X500Principal (javax.security.auth.x500.X500Principal)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial