Search in sources :

Example 1 with Certificate

use of io.jans.as.model.crypto.Certificate in project jans by JanssenProject.

the class ECDSAKeyFactory method generateV3Certificate.

public Certificate generateV3Certificate(Date startDate, Date expirationDate, String dnName) throws OperatorCreationException, CertificateException {
    // Create certificate
    Certificate resCertificate = null;
    BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyPair.getPublic();
    // serial number for certificate
    BigInteger serialNumber = new BigInteger(1024, new SecureRandom());
    X500Name name = new X500Name(dnName);
    JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(name, serialNumber, startDate, expirationDate, name, publicKey);
    X509CertificateHolder certHolder = certGen.build(new JcaContentSignerBuilder(signatureAlgorithm.getAlgorithm()).setProvider(DEF_BC).build(keyPair.getPrivate()));
    X509Certificate cert = new JcaX509CertificateConverter().setProvider(DEF_BC).getCertificate(certHolder);
    resCertificate = new Certificate(signatureAlgorithm, cert);
    return resCertificate;
}
Also used : JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) SecureRandom(java.security.SecureRandom) X500Name(org.bouncycastle.asn1.x500.X500Name) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(io.jans.as.model.crypto.Certificate)

Example 2 with Certificate

use of io.jans.as.model.crypto.Certificate in project jans by JanssenProject.

the class EDDSAKeyFactory method generateV3Certificate.

/**
 * Generates certificate X509 v3
 *
 * @param startDate
 * @param expirationDate
 * @param dnName
 * @return
 * @throws CertificateEncodingException
 * @throws InvalidKeyException
 * @throws IllegalStateException
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws SignatureException
 */
public Certificate generateV3Certificate(final Date startDate, final Date expirationDate, final String dnName) throws SignatureException {
    // Creating the certificate
    Certificate resCertificate = null;
    try {
        BCEdDSAPublicKey publicKey = (BCEdDSAPublicKey) keyPair.getPublic();
        // serial number for certificate
        BigInteger serialNumber = new BigInteger(1024, new SecureRandom());
        X500Name name = new X500Name(dnName);
        JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(name, serialNumber, startDate, expirationDate, name, publicKey);
        X509CertificateHolder certHolder = certGen.build(new JcaContentSignerBuilder(signatureAlgorithm.getAlgorithm()).setProvider(DEF_BC).build(keyPair.getPrivate()));
        X509Certificate cert = new JcaX509CertificateConverter().setProvider(DEF_BC).getCertificate(certHolder);
        resCertificate = new Certificate(signatureAlgorithm, cert);
    } catch (Exception e) {
        throw new SignatureException(e);
    }
    return resCertificate;
}
Also used : JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) SecureRandom(java.security.SecureRandom) X500Name(org.bouncycastle.asn1.x500.X500Name) SignatureException(java.security.SignatureException) BCEdDSAPublicKey(org.bouncycastle.jcajce.provider.asymmetric.edec.BCEdDSAPublicKey) X509Certificate(java.security.cert.X509Certificate) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException) InvalidParameterException(java.security.InvalidParameterException) SignatureException(java.security.SignatureException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) NoSuchProviderException(java.security.NoSuchProviderException) CertificateEncodingException(java.security.cert.CertificateEncodingException) X509Certificate(java.security.cert.X509Certificate) Certificate(io.jans.as.model.crypto.Certificate)

Example 3 with Certificate

use of io.jans.as.model.crypto.Certificate in project jans by JanssenProject.

the class SignatureTest method generateES256Keys.

@Test
public void generateES256Keys() throws Exception {
    showTitle("TEST: generateES256Keys");
    KeyFactory<ECDSAPrivateKey, ECDSAPublicKey> keyFactory = new ECDSAKeyFactory(SignatureAlgorithm.ES256, "CN=Test CA Certificate");
    Key<ECDSAPrivateKey, ECDSAPublicKey> key = keyFactory.getKey();
    ECDSAPrivateKey privateKey = key.getPrivateKey();
    ECDSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    ECDSASigner ecdsaSigner1 = new ECDSASigner(SignatureAlgorithm.ES256, privateKey);
    String signature = ecdsaSigner1.generateSignature(signingInput);
    ECDSASigner ecdsaSigner2 = new ECDSASigner(SignatureAlgorithm.ES256, publicKey);
    assertTrue(ecdsaSigner2.validateSignature(signingInput, signature));
    ECDSASigner ecdsaSigner3 = new ECDSASigner(SignatureAlgorithm.ES256, certificate);
    assertTrue(ecdsaSigner3.validateSignature(signingInput, signature));
}
Also used : ECDSAKeyFactory(io.jans.as.model.crypto.signature.ECDSAKeyFactory) ECDSASigner(io.jans.as.model.jws.ECDSASigner) ECDSAPrivateKey(io.jans.as.model.crypto.signature.ECDSAPrivateKey) ECDSAPublicKey(io.jans.as.model.crypto.signature.ECDSAPublicKey) Certificate(io.jans.as.model.crypto.Certificate) Test(org.testng.annotations.Test) BaseTest(io.jans.as.server.BaseTest)

Example 4 with Certificate

use of io.jans.as.model.crypto.Certificate in project jans by JanssenProject.

the class SignatureTest method generateRS384Keys.

@Test
public void generateRS384Keys() throws Exception {
    showTitle("TEST: generateRS384Keys");
    KeyFactory<RSAPrivateKey, RSAPublicKey> keyFactory = new RSAKeyFactory(SignatureAlgorithm.RS384, "CN=Test CA Certificate");
    Key<RSAPrivateKey, RSAPublicKey> key = keyFactory.getKey();
    RSAPrivateKey privateKey = key.getPrivateKey();
    RSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    RSASigner rsaSigner1 = new RSASigner(SignatureAlgorithm.RS384, privateKey);
    String signature = rsaSigner1.generateSignature(signingInput);
    RSASigner rsaSigner2 = new RSASigner(SignatureAlgorithm.RS384, publicKey);
    assertTrue(rsaSigner2.validateSignature(signingInput, signature));
    RSASigner rsaSigner3 = new RSASigner(SignatureAlgorithm.RS384, certificate);
    assertTrue(rsaSigner3.validateSignature(signingInput, signature));
}
Also used : RSAKeyFactory(io.jans.as.model.crypto.signature.RSAKeyFactory) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) RSASigner(io.jans.as.model.jws.RSASigner) RSAPrivateKey(io.jans.as.model.crypto.signature.RSAPrivateKey) Certificate(io.jans.as.model.crypto.Certificate) Test(org.testng.annotations.Test) BaseTest(io.jans.as.server.BaseTest)

Example 5 with Certificate

use of io.jans.as.model.crypto.Certificate in project jans by JanssenProject.

the class SignatureTest method generateRS256Keys.

@Test
public void generateRS256Keys() throws Exception {
    showTitle("TEST: generateRS256Keys");
    KeyFactory<RSAPrivateKey, RSAPublicKey> keyFactory = new RSAKeyFactory(SignatureAlgorithm.RS256, "CN=Test CA Certificate");
    Key<RSAPrivateKey, RSAPublicKey> key = keyFactory.getKey();
    RSAPrivateKey privateKey = key.getPrivateKey();
    RSAPublicKey publicKey = key.getPublicKey();
    Certificate certificate = key.getCertificate();
    System.out.println(key);
    String signingInput = "Hello World!";
    RSASigner rsaSigner1 = new RSASigner(SignatureAlgorithm.RS256, privateKey);
    String signature = rsaSigner1.generateSignature(signingInput);
    RSASigner rsaSigner2 = new RSASigner(SignatureAlgorithm.RS256, publicKey);
    assertTrue(rsaSigner2.validateSignature(signingInput, signature));
    RSASigner rsaSigner3 = new RSASigner(SignatureAlgorithm.RS256, certificate);
    assertTrue(rsaSigner3.validateSignature(signingInput, signature));
}
Also used : RSAKeyFactory(io.jans.as.model.crypto.signature.RSAKeyFactory) RSAPublicKey(io.jans.as.model.crypto.signature.RSAPublicKey) RSASigner(io.jans.as.model.jws.RSASigner) RSAPrivateKey(io.jans.as.model.crypto.signature.RSAPrivateKey) Certificate(io.jans.as.model.crypto.Certificate) Test(org.testng.annotations.Test) BaseTest(io.jans.as.server.BaseTest)

Aggregations

Certificate (io.jans.as.model.crypto.Certificate)9 BaseTest (io.jans.as.server.BaseTest)6 Test (org.testng.annotations.Test)6 ECDSAPublicKey (io.jans.as.model.crypto.signature.ECDSAPublicKey)4 RSAPublicKey (io.jans.as.model.crypto.signature.RSAPublicKey)4 ECDSAKeyFactory (io.jans.as.model.crypto.signature.ECDSAKeyFactory)3 ECDSAPrivateKey (io.jans.as.model.crypto.signature.ECDSAPrivateKey)3 RSAKeyFactory (io.jans.as.model.crypto.signature.RSAKeyFactory)3 RSAPrivateKey (io.jans.as.model.crypto.signature.RSAPrivateKey)3 ECDSASigner (io.jans.as.model.jws.ECDSASigner)3 RSASigner (io.jans.as.model.jws.RSASigner)3 BigInteger (java.math.BigInteger)3 X509Certificate (java.security.cert.X509Certificate)3 IOException (java.io.IOException)2 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)2 NoSuchProviderException (java.security.NoSuchProviderException)2 SecureRandom (java.security.SecureRandom)2 X500Name (org.bouncycastle.asn1.x500.X500Name)2 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)2