Examples with SubjectPublicKeyInfo org.apache.harmony.security.x509.SubjectPublicKeyInfo used on opensource projects

Search in sources :

Example 16 with SubjectPublicKeyInfo

use of org.apache.harmony.security.x509.SubjectPublicKeyInfo in project platformlayer by platformlayer.

the class SimpleCertificateAuthority method selfSign.

public static X509Certificate selfSign(String csr, KeyPair keyPair) throws OpsException {
    try {
        PKCS10CertificationRequest csrHolder = parseCsr(csr);
        SubjectPublicKeyInfo subjectPublicKeyInfo = csrHolder.getSubjectPublicKeyInfo();
        X500Name subject = csrHolder.getSubject();
        // Self sign
        X500Name issuer = subject;
        PrivateKey issuerPrivateKey = keyPair.getPrivate();
        Certificate certificate = signCertificate(issuer, issuerPrivateKey, subject, subjectPublicKeyInfo);
        return toX509(certificate);
    } catch (IOException e) {
        throw new OpsException("Error reading CSR", e);
    }
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) OpsException(org.platformlayer.ops.OpsException) PrivateKey(java.security.PrivateKey) X500Name(org.bouncycastle.asn1.x500.X500Name) IOException(java.io.IOException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) X509Certificate(java.security.cert.X509Certificate) Certificate(org.bouncycastle.asn1.x509.Certificate)

Example 17 with SubjectPublicKeyInfo

use of org.apache.harmony.security.x509.SubjectPublicKeyInfo in project helios by spotify.

the class X509CertificateFactory method generate.

private CertificateAndPrivateKey generate(final AgentProxy agentProxy, final Identity identity, final String username) {
    final UUID uuid = new UUID();
    final Calendar calendar = Calendar.getInstance();
    final X500Name issuerdn = new X500Name("C=US,O=Spotify,CN=helios-client");
    final X500Name subjectdn = new X500NameBuilder().addRDN(BCStyle.UID, username).build();
    calendar.add(Calendar.MILLISECOND, -validBeforeMilliseconds);
    final Date notBefore = calendar.getTime();
    calendar.add(Calendar.MILLISECOND, validBeforeMilliseconds + validAfterMilliseconds);
    final Date notAfter = calendar.getTime();
    // Reuse the UUID time as a SN
    final BigInteger serialNumber = BigInteger.valueOf(uuid.getTime()).abs();
    try {
        final KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
        keyPairGenerator.initialize(KEY_SIZE, new SecureRandom());
        final KeyPair keyPair = keyPairGenerator.generateKeyPair();
        final SubjectPublicKeyInfo subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(ASN1Sequence.getInstance(keyPair.getPublic().getEncoded()));
        final X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuerdn, serialNumber, notBefore, notAfter, subjectdn, subjectPublicKeyInfo);
        final DigestCalculator digestCalculator = new BcDigestCalculatorProvider().get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1));
        final X509ExtensionUtils utils = new X509ExtensionUtils(digestCalculator);
        final SubjectKeyIdentifier keyId = utils.createSubjectKeyIdentifier(subjectPublicKeyInfo);
        final String keyIdHex = KEY_ID_ENCODING.encode(keyId.getKeyIdentifier());
        log.info("generating an X509 certificate for {} with key ID={} and identity={}", username, keyIdHex, identity.getComment());
        builder.addExtension(Extension.subjectKeyIdentifier, false, keyId);
        builder.addExtension(Extension.authorityKeyIdentifier, false, utils.createAuthorityKeyIdentifier(subjectPublicKeyInfo));
        builder.addExtension(Extension.keyUsage, false, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign));
        builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(false));
        final X509CertificateHolder holder = builder.build(new SshAgentContentSigner(agentProxy, identity));
        final X509Certificate certificate = CERTIFICATE_CONVERTER.getCertificate(holder);
        log.debug("generated certificate:\n{}", asPemString(certificate));
        return new CertificateAndPrivateKey(certificate, keyPair.getPrivate());
    } catch (Exception e) {
        throw Throwables.propagate(e);
    }
}
Also used : BcDigestCalculatorProvider(org.bouncycastle.operator.bc.BcDigestCalculatorProvider) KeyPair(java.security.KeyPair) X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder) Calendar(java.util.Calendar) DigestCalculator(org.bouncycastle.operator.DigestCalculator) SecureRandom(java.security.SecureRandom) KeyUsage(org.bouncycastle.asn1.x509.KeyUsage) X500Name(org.bouncycastle.asn1.x500.X500Name) KeyPairGenerator(java.security.KeyPairGenerator) SubjectKeyIdentifier(org.bouncycastle.asn1.x509.SubjectKeyIdentifier) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date) X509Certificate(java.security.cert.X509Certificate) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) UUID(com.eaio.uuid.UUID) X509ExtensionUtils(org.bouncycastle.cert.X509ExtensionUtils) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)

Example 18 with SubjectPublicKeyInfo

use of org.apache.harmony.security.x509.SubjectPublicKeyInfo in project platformlayer by platformlayer.

the class Csr method buildCsr.

public static Csr buildCsr(KeyPair keyPair, X500Principal subjectName) {
    X500Name subject = BouncyCastleHelpers.toX500Name(subjectName);
    SubjectPublicKeyInfo publicKeyInfo = BouncyCastleHelpers.toSubjectPublicKeyInfo(keyPair.getPublic());
    PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
    BcRSAContentSignerBuilder sigBuild = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
    ContentSigner signer;
    try {
        signer = sigBuild.build(BouncyCastleHelpers.toAsymmetricKeyParameter(keyPair.getPrivate()));
    } catch (OperatorCreationException e) {
        throw new IllegalArgumentException("Error building content signer", e);
    }
    PKCS10CertificationRequest csrHolder = csrBuilder.build(signer);
    return new Csr(csrHolder);
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) X500Name(org.bouncycastle.asn1.x500.X500Name) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)

Example 19 with SubjectPublicKeyInfo

use of org.apache.harmony.security.x509.SubjectPublicKeyInfo in project robovm by robovm.

the class SubjectPublicKeyInfoTest method test_getPublicKey_WellKnownOid.

public void test_getPublicKey_WellKnownOid() throws Exception {
    KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
    KeyPair pair = kpg.generateKeyPair();
    final RSAPublicKey rsaPubKey = (RSAPublicKey) pair.getPublic();
    /* Do some fancy footwork to get an ASN.1 SubjectPublicKey for RSA */
    final ASN1Sequence rsaPubKeyInfo = new ASN1Sequence(new ASN1Type[] { ASN1Integer.getInstance(), ASN1Integer.getInstance() }) {

        @Override
        protected void getValues(Object object, Object[] values) {
            values[0] = rsaPubKey.getModulus().toByteArray();
            values[1] = rsaPubKey.getPublicExponent().toByteArray();
        }
    };
    /* The algorithm ID for RSA encryption */
    AlgorithmIdentifier algid = new AlgorithmIdentifier("1.2.840.113549.1.1.1");
    SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(algid, rsaPubKeyInfo.encode(null));
    PublicKey pubKey = spki.getPublicKey();
    assertNotNull(pubKey);
    assertTrue(pubKey instanceof RSAPublicKey);
}
Also used : KeyPair(java.security.KeyPair) ASN1Sequence(org.apache.harmony.security.asn1.ASN1Sequence) RSAPublicKey(java.security.interfaces.RSAPublicKey) X509PublicKey(org.apache.harmony.security.x509.X509PublicKey) PublicKey(java.security.PublicKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) KeyPairGenerator(java.security.KeyPairGenerator) SubjectPublicKeyInfo(org.apache.harmony.security.x509.SubjectPublicKeyInfo) AlgorithmIdentifier(org.apache.harmony.security.x509.AlgorithmIdentifier)

Example 20 with SubjectPublicKeyInfo

use of org.apache.harmony.security.x509.SubjectPublicKeyInfo in project robovm by robovm.

the class KeyFactory method engineGeneratePublic.

protected PublicKey engineGeneratePublic(KeySpec keySpec) throws InvalidKeySpecException {
    if (keySpec instanceof X509EncodedKeySpec) {
        try {
            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(((X509EncodedKeySpec) keySpec).getEncoded());
            PublicKey key = BouncyCastleProvider.getPublicKey(info);
            if (key != null) {
                return key;
            }
            throw new InvalidKeySpecException("no factory found for OID: " + info.getAlgorithm().getAlgorithm());
        } catch (Exception e) {
            throw new InvalidKeySpecException(e.toString());
        }
    }
    throw new InvalidKeySpecException("Unknown KeySpec type: " + keySpec.getClass().getName());
}
Also used : PublicKey(java.security.PublicKey) X509EncodedKeySpec(java.security.spec.X509EncodedKeySpec) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) InvalidKeyException(java.security.InvalidKeyException)

Aggregations

SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)18 IOException (java.io.IOException)10 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)8 X500Name (org.bouncycastle.asn1.x500.X500Name)7 Date (java.util.Date)6 BigInteger (java.math.BigInteger)5 PublicKey (java.security.PublicKey)5 AlgorithmIdentifier (org.apache.harmony.security.x509.AlgorithmIdentifier)5 SubjectPublicKeyInfo (org.apache.harmony.security.x509.SubjectPublicKeyInfo)5 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)5 GeneralSecurityException (java.security.GeneralSecurityException)4 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4 SecureRandom (java.security.SecureRandom)4 RSAPublicKey (java.security.interfaces.RSAPublicKey)4 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)4 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)4 InvalidKeyException (java.security.InvalidKeyException)3 CertificateParsingException (java.security.cert.CertificateParsingException)3 X509PublicKey (org.apache.harmony.security.x509.X509PublicKey)3 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial