Examples with RSAPrivateKey org.bouncycastle.asn1.pkcs.RSAPrivateKey used on opensource projects

Search in sources :

Example 21 with RSAPrivateKey

use of org.bouncycastle.asn1.pkcs.RSAPrivateKey in project athenz by yahoo.

the class CryptoTest method testGenerateX509CertificateReqPrivateKey.

@Test
public void testGenerateX509CertificateReqPrivateKey() throws IOException {
    Path path = Paths.get("src/test/resources/valid.csr");
    String certStr = new String(Files.readAllBytes(path));
    PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
    X509Certificate caCertificate = Crypto.loadX509Certificate(ecPublicX509Cert);
    PrivateKey caPrivateKey = Crypto.loadPrivateKey(rsaPrivateKey);
    X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey, caCertificate, 600, false);
    assertNotNull(cert);
    assertEquals(cert.getIssuerX500Principal().getName(), "CN=athenz.syncer,O=My Test Company,L=Sunnyvale,ST=CA,C=US");
}
Also used : Path(java.nio.file.Path) PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PrivateKey(java.security.PrivateKey) DERIA5String(org.bouncycastle.asn1.DERIA5String) X509Certificate(java.security.cert.X509Certificate) Test(org.testng.annotations.Test)

Example 22 with RSAPrivateKey

use of org.bouncycastle.asn1.pkcs.RSAPrivateKey in project athenz by yahoo.

the class CryptoTest method testGenerateX509CertificateInvalid.

@Test
public void testGenerateX509CertificateInvalid() throws IOException {
    Path path = Paths.get("src/test/resources/valid.csr");
    String certStr = new String(Files.readAllBytes(path));
    PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
    PrivateKey caPrivateKey = Crypto.loadPrivateKey(rsaPrivateKey);
    try {
        Crypto.generateX509Certificate(certReq, caPrivateKey, (X500Name) null, 600, true);
        fail();
    } catch (CryptoException ex) {
        assertTrue(true, "Caught excepted exception");
    }
}
Also used : Path(java.nio.file.Path) PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) PrivateKey(java.security.PrivateKey) DERIA5String(org.bouncycastle.asn1.DERIA5String) Test(org.testng.annotations.Test)

Example 23 with RSAPrivateKey

use of org.bouncycastle.asn1.pkcs.RSAPrivateKey in project athenz by yahoo.

the class CryptoTest method validateJWSDocumentInvalidHeader.

@Test
public void validateJWSDocumentInvalidHeader() {
    Function<String, PublicKey> keyGetter = (String keyId) -> null;
    final Base64.Encoder encoder = Base64.getUrlEncoder().withoutPadding();
    final String protectedHeader = "{\"alg\":\"ES256\"}";
    final byte[] encodedHeader = encoder.encode(protectedHeader.getBytes(StandardCharsets.UTF_8));
    final String payload = "{\"domainName\":\"athenz\"}";
    final byte[] encodedPayload = encoder.encode(payload.getBytes(StandardCharsets.UTF_8));
    PrivateKey privateKey = Crypto.loadPrivateKey(rsaPrivateKey);
    final byte[] signature = encoder.encode(Crypto.sign(Bytes.concat(encodedHeader, PERIOD, encodedPayload), privateKey, Crypto.SHA256));
    assertFalse(Crypto.validateJWSDocument("invalid-header", new String(encodedPayload), new String(signature), keyGetter));
}
Also used : PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) DERIA5String(org.bouncycastle.asn1.DERIA5String) Test(org.testng.annotations.Test)

Example 24 with RSAPrivateKey

use of org.bouncycastle.asn1.pkcs.RSAPrivateKey in project athenz by yahoo.

the class CryptoTest method testX509CSRrequestWithPrivateKeyOnly.

@Test(dataProvider = "x500Principal")
public void testX509CSRrequestWithPrivateKeyOnly(String x500Principal, boolean badRequest) {
    PrivateKey privateKey = Crypto.loadPrivateKey(rsaPrivateKey);
    String certRequest = null;
    GeneralName otherName1 = new GeneralName(GeneralName.otherName, new DERIA5String("role1"));
    GeneralName otherName2 = new GeneralName(GeneralName.otherName, new DERIA5String("role2"));
    GeneralName[] sanArray = new GeneralName[] { otherName1, otherName2 };
    try {
        certRequest = Crypto.generateX509CSR(privateKey, x500Principal, sanArray);
    } catch (Exception e) {
        if (!badRequest) {
            fail("Should not have failed to create csr");
        }
    }
    if (!badRequest) {
        // Now validate the csr
        Crypto.getPKCS10CertRequest(certRequest);
    }
}
Also used : PrivateKey(java.security.PrivateKey) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERIA5String(org.bouncycastle.asn1.DERIA5String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Test(org.testng.annotations.Test)

Example 25 with RSAPrivateKey

use of org.bouncycastle.asn1.pkcs.RSAPrivateKey in project jruby-openssl by jruby.

the class SignerInfoWithPkey method set.

/* c: PKCS7_SIGNER_INFO_set
     *
     */
public void set(X509AuxCertificate x509, PrivateKey pkey, MessageDigest dgst) throws PKCS7Exception {
    boolean dsa = (pkey instanceof DSAPrivateKey) || (pkey instanceof ECPrivateKey);
    version = new ASN1Integer(BigInteger.ONE);
    X500Name issuer = X500Name.getInstance(x509.getIssuerX500Principal().getEncoded());
    BigInteger serial = x509.getSerialNumber();
    issuerAndSerialNumber = new IssuerAndSerialNumber(issuer, serial);
    this.pkey = pkey;
    if (dsa) {
        digAlgorithm = new AlgorithmIdentifier(OID_sha1);
    } else {
        digAlgorithm = new AlgorithmIdentifier(ASN1Registry.nid2obj(EVP.type(dgst)));
    }
    if (pkey instanceof RSAPrivateKey) {
        digEncryptionAlgorithm = new AlgorithmIdentifier(OID_rsaEncryption);
    } else if (pkey instanceof DSAPrivateKey) {
        digEncryptionAlgorithm = new AlgorithmIdentifier(OID_dsa);
    } else if (pkey instanceof ECPrivateKey) {
        digEncryptionAlgorithm = new AlgorithmIdentifier(OID_ecdsa_with_SHA1);
    }
}
Also used : IssuerAndSerialNumber(org.bouncycastle.asn1.pkcs.IssuerAndSerialNumber) ECPrivateKey(java.security.interfaces.ECPrivateKey) DSAPrivateKey(java.security.interfaces.DSAPrivateKey) BigInteger(java.math.BigInteger) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) X500Name(org.bouncycastle.asn1.x500.X500Name) RSAPrivateKey(java.security.interfaces.RSAPrivateKey) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Aggregations

BigInteger (java.math.BigInteger)11 PrivateKey (java.security.PrivateKey)10 BufferedOutputStream (java.io.BufferedOutputStream)8 File (java.io.File)8 FileOutputStream (java.io.FileOutputStream)8 OutputStream (java.io.OutputStream)8 X509CRL (java.security.cert.X509CRL)8 DERIA5String (org.bouncycastle.asn1.DERIA5String)8 Test (org.testng.annotations.Test)8 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)7 Test (org.junit.Test)7 PublicKey (java.security.PublicKey)6 X509CRLEntry (java.security.cert.X509CRLEntry)6 Date (java.util.Date)6 HashSet (java.util.HashSet)6 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)5 DERSequence (org.bouncycastle.asn1.DERSequence)5 X509CRLHolder (org.bouncycastle.cert.X509CRLHolder)5 DSAPrivateKey (java.security.interfaces.DSAPrivateKey)4 RSAPrivateKey (java.security.interfaces.RSAPrivateKey)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial