Example 6 with Certificate
use of org.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class PKIXCertPath method getEncoded.
/**
* Returns the encoded form of this certification path, using
* the specified encoding.
*
* @param encoding the name of the encoding to use
* @return the encoded bytes
* @exception CertificateEncodingException if an encoding error
* occurs or the encoding requested is not supported
*
**/
public byte[] getEncoded(String encoding) throws CertificateEncodingException {
if (encoding.equalsIgnoreCase("PkiPath")) {
ASN1EncodableVector v = new ASN1EncodableVector();
ListIterator iter = certificates.listIterator(certificates.size());
while (iter.hasPrevious()) {
v.add(toASN1Object((X509Certificate) iter.previous()));
}
return toDEREncoded(new DERSequence(v));
} else if (encoding.equalsIgnoreCase("PKCS7")) {
ContentInfo encInfo = new ContentInfo(PKCSObjectIdentifiers.data, null);
ASN1EncodableVector v = new ASN1EncodableVector();
for (int i = 0; i != certificates.size(); i++) {
v.add(toASN1Object((X509Certificate) certificates.get(i)));
}
SignedData sd = new SignedData(new DERInteger(1), new DERSet(), encInfo, new DERSet(v), null, new DERSet());
return toDEREncoded(new ContentInfo(PKCSObjectIdentifiers.signedData, sd));
} else // BEGIN android-removed
// else if (encoding.equalsIgnoreCase("PEM"))
// {
// ByteArrayOutputStream bOut = new ByteArrayOutputStream();
// PEMWriter pWrt = new PEMWriter(new OutputStreamWriter(bOut));
//
// try
// {
// for (int i = 0; i != certificates.size(); i++)
// {
// pWrt.writeObject(certificates.get(i));
// }
//
// pWrt.close();
// }
// catch (Exception e)
// {
// throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
// }
//
// return bOut.toByteArray();
// }
// END android-removed
{
throw new CertificateEncodingException("unsupported encoding: " + encoding);
}
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
SignedData(org.bouncycastle.asn1.pkcs.SignedData)
ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
ListIterator(java.util.ListIterator)
DERSet(org.bouncycastle.asn1.DERSet)
X509Certificate(java.security.cert.X509Certificate)
DERInteger(org.bouncycastle.asn1.DERInteger)
Example 7 with Certificate
use of org.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class RFC3280CertPathUtilities method processCRLF.
/**
* Obtain and validate the certification path for the complete CRL issuer.
* If a key usage extension is present in the CRL issuer's certificate,
* verify that the cRLSign bit is set.
*
* @param crl CRL which contains revocation information for the certificate
* <code>cert</code>.
* @param cert The attribute certificate or certificate to check if it is
* revoked.
* @param defaultCRLSignCert The issuer certificate of the certificate <code>cert</code>.
* @param defaultCRLSignKey The public key of the issuer certificate
* <code>defaultCRLSignCert</code>.
* @param paramsPKIX paramsPKIX PKIX parameters.
* @param certPathCerts The certificates on the certification path.
* @return A <code>Set</code> with all keys of possible CRL issuer
* certificates.
* @throws AnnotatedException if the CRL is not valid or the status cannot be checked or
* some error occurs.
*/
protected static Set processCRLF(X509CRL crl, Object cert, X509Certificate defaultCRLSignCert, PublicKey defaultCRLSignKey, ExtendedPKIXParameters paramsPKIX, List certPathCerts) throws AnnotatedException {
// (f)
// get issuer from CRL
X509CertStoreSelector selector = new X509CertStoreSelector();
try {
byte[] issuerPrincipal = CertPathValidatorUtilities.getIssuerPrincipal(crl).getEncoded();
selector.setSubject(issuerPrincipal);
} catch (IOException e) {
throw new AnnotatedException("Subject criteria for certificate selector to find issuer certificate for CRL could not be set.", e);
}
// get CRL signing certs
Collection coll;
try {
coll = CertPathValidatorUtilities.findCertificates(selector, paramsPKIX.getStores());
coll.addAll(CertPathValidatorUtilities.findCertificates(selector, paramsPKIX.getAdditionalStores()));
coll.addAll(CertPathValidatorUtilities.findCertificates(selector, paramsPKIX.getCertStores()));
} catch (AnnotatedException e) {
throw new AnnotatedException("Issuer certificate for CRL cannot be searched.", e);
}
coll.add(defaultCRLSignCert);
Iterator cert_it = coll.iterator();
List validCerts = new ArrayList();
List validKeys = new ArrayList();
while (cert_it.hasNext()) {
X509Certificate signingCert = (X509Certificate) cert_it.next();
/*
* CA of the certificate, for which this CRL is checked, has also
* signed CRL, so skip the path validation, because is already done
*/
if (signingCert.equals(defaultCRLSignCert)) {
validCerts.add(signingCert);
validKeys.add(defaultCRLSignKey);
continue;
}
try {
CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
selector = new X509CertStoreSelector();
selector.setCertificate(signingCert);
ExtendedPKIXParameters temp = (ExtendedPKIXParameters) paramsPKIX.clone();
temp.setTargetCertConstraints(selector);
ExtendedPKIXBuilderParameters params = (ExtendedPKIXBuilderParameters) ExtendedPKIXBuilderParameters.getInstance(temp);
/*
* if signingCert is placed not higher on the cert path a
* dependency loop results. CRL for cert is checked, but
* signingCert is needed for checking the CRL which is dependent
* on checking cert because it is higher in the cert path and so
* signing signingCert transitively. so, revocation is disabled,
* forgery attacks of the CRL are detected in this outer loop
* for all other it must be enabled to prevent forgery attacks
*/
if (certPathCerts.contains(signingCert)) {
params.setRevocationEnabled(false);
} else {
params.setRevocationEnabled(true);
}
List certs = builder.build(params).getCertPath().getCertificates();
validCerts.add(signingCert);
validKeys.add(CertPathValidatorUtilities.getNextWorkingKey(certs, 0));
} catch (CertPathBuilderException e) {
throw new AnnotatedException("Internal error.", e);
} catch (CertPathValidatorException e) {
throw new AnnotatedException("Public key of issuer certificate of CRL could not be retrieved.", e);
} catch (Exception e) {
throw new RuntimeException(e.getMessage());
}
}
Set checkKeys = new HashSet();
AnnotatedException lastException = null;
for (int i = 0; i < validCerts.size(); i++) {
X509Certificate signCert = (X509Certificate) validCerts.get(i);
boolean[] keyusage = signCert.getKeyUsage();
if (keyusage != null && (keyusage.length < 7 || !keyusage[CRL_SIGN])) {
lastException = new AnnotatedException("Issuer certificate key usage extension does not permit CRL signing.");
} else {
checkKeys.add(validKeys.get(i));
}
}
if (checkKeys.isEmpty() && lastException == null) {
throw new AnnotatedException("Cannot find a valid issuer certificate.");
}
if (checkKeys.isEmpty() && lastException != null) {
throw lastException;
}
return checkKeys;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
ExtendedPKIXBuilderParameters(org.bouncycastle.x509.ExtendedPKIXBuilderParameters)
X509CertStoreSelector(org.bouncycastle.x509.X509CertStoreSelector)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
X509Certificate(java.security.cert.X509Certificate)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
GeneralSecurityException(java.security.GeneralSecurityException)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
IOException(java.io.IOException)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
CertPathValidatorException(java.security.cert.CertPathValidatorException)
ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException)
ExtendedPKIXParameters(org.bouncycastle.x509.ExtendedPKIXParameters)
CertPathBuilderException(java.security.cert.CertPathBuilderException)
Iterator(java.util.Iterator)
Collection(java.util.Collection)
List(java.util.List)
ArrayList(java.util.ArrayList)
CertPathBuilder(java.security.cert.CertPathBuilder)
HashSet(java.util.HashSet)
Example 8 with Certificate
use of org.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class JDKPKCS12KeyStore method engineGetCertificateChain.
public Certificate[] engineGetCertificateChain(String alias) {
if (alias == null) {
throw new IllegalArgumentException("null alias passed to getCertificateChain.");
}
if (!engineIsKeyEntry(alias)) {
return null;
}
Certificate c = engineGetCertificate(alias);
if (c != null) {
Vector cs = new Vector();
while (c != null) {
X509Certificate x509c = (X509Certificate) c;
Certificate nextC = null;
byte[] bytes = x509c.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (bytes != null) {
try {
ASN1InputStream aIn = new ASN1InputStream(bytes);
byte[] authBytes = ((ASN1OctetString) aIn.readObject()).getOctets();
aIn = new ASN1InputStream(authBytes);
AuthorityKeyIdentifier id = new AuthorityKeyIdentifier((ASN1Sequence) aIn.readObject());
if (id.getKeyIdentifier() != null) {
nextC = (Certificate) chainCerts.get(new CertId(id.getKeyIdentifier()));
}
} catch (IOException e) {
throw new RuntimeException(e.toString());
}
}
if (nextC == null) {
//
// no authority key id, try the Issuer DN
//
Principal i = x509c.getIssuerDN();
Principal s = x509c.getSubjectDN();
if (!i.equals(s)) {
Enumeration e = chainCerts.keys();
while (e.hasMoreElements()) {
X509Certificate crt = (X509Certificate) chainCerts.get(e.nextElement());
Principal sub = crt.getSubjectDN();
if (sub.equals(i)) {
try {
x509c.verify(crt.getPublicKey());
nextC = crt;
break;
} catch (Exception ex) {
// continue
}
}
}
}
}
cs.addElement(c);
if (// self signed - end of the chain
nextC != c) {
c = nextC;
} else {
c = null;
}
}
Certificate[] certChain = new Certificate[cs.size()];
for (int i = 0; i != certChain.length; i++) {
certChain[i] = (Certificate) cs.elementAt(i);
}
return certChain;
}
return null;
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
Enumeration(java.util.Enumeration)
AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier)
IOException(java.io.IOException)
X509Certificate(java.security.cert.X509Certificate)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
Vector(java.util.Vector)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
Principal(java.security.Principal)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 9 with Certificate
use of org.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class JDKPKCS12KeyStore method engineGetCertificateAlias.
public String engineGetCertificateAlias(Certificate cert) {
Enumeration c = certs.elements();
Enumeration k = certs.keys();
while (c.hasMoreElements()) {
Certificate tc = (Certificate) c.nextElement();
String ta = (String) k.nextElement();
if (tc.equals(cert)) {
return ta;
}
}
c = keyCerts.elements();
k = keyCerts.keys();
while (c.hasMoreElements()) {
Certificate tc = (Certificate) c.nextElement();
String ta = (String) k.nextElement();
if (tc.equals(cert)) {
return ta;
}
}
return null;
}
Also used :
Enumeration(java.util.Enumeration)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
Example 10 with Certificate
use of org.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class JDKPKCS12KeyStore method doStore.
private void doStore(OutputStream stream, char[] password, boolean useDEREncoding) throws IOException {
if (password == null) {
throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
}
//
// handle the key
//
ASN1EncodableVector keyS = new ASN1EncodableVector();
Enumeration ks = keys.keys();
while (ks.hasMoreElements()) {
byte[] kSalt = new byte[SALT_SIZE];
random.nextBytes(kSalt);
String name = (String) ks.nextElement();
PrivateKey privKey = (PrivateKey) keys.get(name);
PKCS12PBEParams kParams = new PKCS12PBEParams(kSalt, MIN_ITERATIONS);
byte[] kBytes = wrapKey(keyAlgorithm.getId(), privKey, kParams, password);
AlgorithmIdentifier kAlgId = new AlgorithmIdentifier(keyAlgorithm, kParams.getDERObject());
org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo kInfo = new org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo(kAlgId, kBytes);
boolean attrSet = false;
ASN1EncodableVector kName = new ASN1EncodableVector();
if (privKey instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) privKey;
//
// make sure we are using the local alias on store
//
DERBMPString nm = (DERBMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
if (nm == null || !nm.getString().equals(name)) {
bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
}
//
if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null) {
Certificate ct = engineGetCertificate(name);
bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(ct.getPublicKey()));
}
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
ASN1EncodableVector kSeq = new ASN1EncodableVector();
kSeq.add(oid);
kSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
attrSet = true;
kName.add(new DERSequence(kSeq));
}
}
if (!attrSet) {
//
// set a default friendly name (from the key id) and local id
//
ASN1EncodableVector kSeq = new ASN1EncodableVector();
Certificate ct = engineGetCertificate(name);
kSeq.add(pkcs_9_at_localKeyId);
kSeq.add(new DERSet(createSubjectKeyId(ct.getPublicKey())));
kName.add(new DERSequence(kSeq));
kSeq = new ASN1EncodableVector();
kSeq.add(pkcs_9_at_friendlyName);
kSeq.add(new DERSet(new DERBMPString(name)));
kName.add(new DERSequence(kSeq));
}
SafeBag kBag = new SafeBag(pkcs8ShroudedKeyBag, kInfo.getDERObject(), new DERSet(kName));
keyS.add(kBag);
}
byte[] keySEncoded = new DERSequence(keyS).getDEREncoded();
BERConstructedOctetString keyString = new BERConstructedOctetString(keySEncoded);
//
// certificate processing
//
byte[] cSalt = new byte[SALT_SIZE];
random.nextBytes(cSalt);
ASN1EncodableVector certSeq = new ASN1EncodableVector();
PKCS12PBEParams cParams = new PKCS12PBEParams(cSalt, MIN_ITERATIONS);
AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.getDERObject());
Hashtable doneCerts = new Hashtable();
Enumeration cs = keys.keys();
while (cs.hasMoreElements()) {
try {
String name = (String) cs.nextElement();
Certificate cert = engineGetCertificate(name);
boolean cAttrSet = false;
CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
ASN1EncodableVector fName = new ASN1EncodableVector();
if (cert instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
//
// make sure we are using the local alias on store
//
DERBMPString nm = (DERBMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
if (nm == null || !nm.getString().equals(name)) {
bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
}
//
if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null) {
bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(cert.getPublicKey()));
}
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(oid);
fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
fName.add(new DERSequence(fSeq));
cAttrSet = true;
}
}
if (!cAttrSet) {
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(pkcs_9_at_localKeyId);
fSeq.add(new DERSet(createSubjectKeyId(cert.getPublicKey())));
fName.add(new DERSequence(fSeq));
fSeq = new ASN1EncodableVector();
fSeq.add(pkcs_9_at_friendlyName);
fSeq.add(new DERSet(new DERBMPString(name)));
fName.add(new DERSequence(fSeq));
}
SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));
certSeq.add(sBag);
doneCerts.put(cert, cert);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
cs = certs.keys();
while (cs.hasMoreElements()) {
try {
String certId = (String) cs.nextElement();
Certificate cert = (Certificate) certs.get(certId);
boolean cAttrSet = false;
if (keys.get(certId) != null) {
continue;
}
CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
ASN1EncodableVector fName = new ASN1EncodableVector();
if (cert instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
//
// make sure we are using the local alias on store
//
DERBMPString nm = (DERBMPString) bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
if (nm == null || !nm.getString().equals(certId)) {
bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(certId));
}
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
// If we find one, we'll prune it out.
if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
continue;
}
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(oid);
fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
fName.add(new DERSequence(fSeq));
cAttrSet = true;
}
}
if (!cAttrSet) {
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(pkcs_9_at_friendlyName);
fSeq.add(new DERSet(new DERBMPString(certId)));
fName.add(new DERSequence(fSeq));
}
SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));
certSeq.add(sBag);
doneCerts.put(cert, cert);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
cs = chainCerts.keys();
while (cs.hasMoreElements()) {
try {
CertId certId = (CertId) cs.nextElement();
Certificate cert = (Certificate) chainCerts.get(certId);
if (doneCerts.get(cert) != null) {
continue;
}
CertBag cBag = new CertBag(x509Certificate, new DEROctetString(cert.getEncoded()));
ASN1EncodableVector fName = new ASN1EncodableVector();
if (cert instanceof PKCS12BagAttributeCarrier) {
PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier) cert;
Enumeration e = bagAttrs.getBagAttributeKeys();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
// If we find one, we'll prune it out.
if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)) {
continue;
}
ASN1EncodableVector fSeq = new ASN1EncodableVector();
fSeq.add(oid);
fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
fName.add(new DERSequence(fSeq));
}
}
SafeBag sBag = new SafeBag(certBag, cBag.getDERObject(), new DERSet(fName));
certSeq.add(sBag);
} catch (CertificateEncodingException e) {
throw new IOException("Error encoding certificate: " + e.toString());
}
}
byte[] certSeqEncoded = new DERSequence(certSeq).getDEREncoded();
byte[] certBytes = cryptData(true, cAlgId, password, false, certSeqEncoded);
EncryptedData cInfo = new EncryptedData(data, cAlgId, new BERConstructedOctetString(certBytes));
ContentInfo[] info = new ContentInfo[] { new ContentInfo(data, keyString), new ContentInfo(encryptedData, cInfo.getDERObject()) };
AuthenticatedSafe auth = new AuthenticatedSafe(info);
ByteArrayOutputStream bOut = new ByteArrayOutputStream();
DEROutputStream asn1Out;
if (useDEREncoding) {
asn1Out = new DEROutputStream(bOut);
} else {
asn1Out = new BEROutputStream(bOut);
}
asn1Out.writeObject(auth);
byte[] pkg = bOut.toByteArray();
ContentInfo mainInfo = new ContentInfo(data, new BERConstructedOctetString(pkg));
//
// create the mac
//
byte[] mSalt = new byte[20];
int itCount = MIN_ITERATIONS;
random.nextBytes(mSalt);
byte[] data = ((ASN1OctetString) mainInfo.getContent()).getOctets();
MacData mData;
try {
byte[] res = calculatePbeMac(id_SHA1, mSalt, itCount, password, false, data);
// BEGIN android-changed
AlgorithmIdentifier algId = new AlgorithmIdentifier(id_SHA1, DERNull.INSTANCE);
// END android-changed
DigestInfo dInfo = new DigestInfo(algId, res);
mData = new MacData(dInfo, mSalt, itCount);
} catch (Exception e) {
throw new IOException("error constructing MAC: " + e.toString());
}
//
// output the Pfx
//
Pfx pfx = new Pfx(mainInfo, mData);
if (useDEREncoding) {
asn1Out = new DEROutputStream(stream);
} else {
asn1Out = new BEROutputStream(stream);
}
asn1Out.writeObject(pfx);
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
PrivateKey(java.security.PrivateKey)
AuthenticatedSafe(org.bouncycastle.asn1.pkcs.AuthenticatedSafe)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERSet(org.bouncycastle.asn1.DERSet)
PKCS12BagAttributeCarrier(org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DERSequence(org.bouncycastle.asn1.DERSequence)
ContentInfo(org.bouncycastle.asn1.pkcs.ContentInfo)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
BERConstructedOctetString(org.bouncycastle.asn1.BERConstructedOctetString)
EncryptedData(org.bouncycastle.asn1.pkcs.EncryptedData)
MacData(org.bouncycastle.asn1.pkcs.MacData)
Enumeration(java.util.Enumeration)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
Pfx(org.bouncycastle.asn1.pkcs.Pfx)
Hashtable(java.util.Hashtable)
BEROutputStream(org.bouncycastle.asn1.BEROutputStream)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
SafeBag(org.bouncycastle.asn1.pkcs.SafeBag)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
KeyStoreException(java.security.KeyStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
UnrecoverableKeyException(java.security.UnrecoverableKeyException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
CertBag(org.bouncycastle.asn1.pkcs.CertBag)
PKCS12PBEParams(org.bouncycastle.asn1.pkcs.PKCS12PBEParams)
DigestInfo(org.bouncycastle.asn1.x509.DigestInfo)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
DEROutputStream(org.bouncycastle.asn1.DEROutputStream)
Aggregations
X509Certificate (java.security.cert.X509Certificate)204
IOException (java.io.IOException)149
X500Name (org.bouncycastle.asn1.x500.X500Name)111
Date (java.util.Date)95
BigInteger (java.math.BigInteger)88
CertificateException (java.security.cert.CertificateException)77
ArrayList (java.util.ArrayList)68
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)64
DEROctetString (org.bouncycastle.asn1.DEROctetString)63
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)62
ContentSigner (org.bouncycastle.operator.ContentSigner)61
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)60
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)56
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)55
GeneralName (org.bouncycastle.asn1.x509.GeneralName)51
DERIA5String (org.bouncycastle.asn1.DERIA5String)46
CertificateEncodingException (java.security.cert.CertificateEncodingException)44
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)41
KeyPair (java.security.KeyPair)40
PrivateKey (java.security.PrivateKey)40
