use of org.bouncycastle.asn1.x509.Certificate in project poi by apache.
the class TestSignatureInfo method initKeyPair.
private void initKeyPair(String alias, String subjectDN) throws Exception {
final char[] password = "test".toCharArray();
File file = new File("build/test.pfx");
KeyStore keystore = KeyStore.getInstance("PKCS12");
if (file.exists()) {
FileInputStream fis = new FileInputStream(file);
keystore.load(fis, password);
fis.close();
} else {
keystore.load(null, password);
}
if (keystore.isKeyEntry(alias)) {
Key key = keystore.getKey(alias, password);
x509 = (X509Certificate) keystore.getCertificate(alias);
keyPair = new KeyPair(x509.getPublicKey(), (PrivateKey) key);
} else {
keyPair = PkiTestUtils.generateKeyPair();
Date notBefore = cal.getTime();
Calendar cal2 = (Calendar) cal.clone();
cal2.add(Calendar.YEAR, 1);
Date notAfter = cal2.getTime();
KeyUsage keyUsage = new KeyUsage(KeyUsage.digitalSignature);
x509 = PkiTestUtils.generateCertificate(keyPair.getPublic(), subjectDN, notBefore, notAfter, null, keyPair.getPrivate(), true, 0, null, null, keyUsage);
keystore.setKeyEntry(alias, keyPair.getPrivate(), password, new Certificate[] { x509 });
FileOutputStream fos = new FileOutputStream(file);
keystore.store(fos, password);
fos.close();
}
}
use of org.bouncycastle.asn1.x509.Certificate in project robovm by robovm.
the class CertificateFactory method engineGenerateCertificate.
/**
* Generates a certificate object and initializes it with the data
* read from the input stream inStream.
*/
public java.security.cert.Certificate engineGenerateCertificate(InputStream in) throws CertificateException {
if (currentStream == null) {
currentStream = in;
sData = null;
sDataObjectCount = 0;
} else if (// reset if input stream has changed
currentStream != in) {
currentStream = in;
sData = null;
sDataObjectCount = 0;
}
try {
if (sData != null) {
if (sDataObjectCount != sData.size()) {
return getCertificate();
} else {
sData = null;
sDataObjectCount = 0;
return null;
}
}
PushbackInputStream pis = new PushbackInputStream(in);
int tag = pis.read();
if (tag == -1) {
return null;
}
pis.unread(tag);
if (// assume ascii PEM encoded.
tag != 0x30) {
return readPEMCertificate(pis);
} else {
return readDERCertificate(new ASN1InputStream(pis));
}
} catch (Exception e) {
throw new ExCertificateException(e);
}
}
use of org.bouncycastle.asn1.x509.Certificate in project robovm by robovm.
the class CertificateFactory method engineGenerateCRL.
/**
* Generates a certificate revocation list (CRL) object and initializes
* it with the data read from the input stream inStream.
*/
public CRL engineGenerateCRL(InputStream inStream) throws CRLException {
if (currentCrlStream == null) {
currentCrlStream = inStream;
sCrlData = null;
sCrlDataObjectCount = 0;
} else if (// reset if input stream has changed
currentCrlStream != inStream) {
currentCrlStream = inStream;
sCrlData = null;
sCrlDataObjectCount = 0;
}
try {
if (sCrlData != null) {
if (sCrlDataObjectCount != sCrlData.size()) {
return getCRL();
} else {
sCrlData = null;
sCrlDataObjectCount = 0;
return null;
}
}
PushbackInputStream pis = new PushbackInputStream(inStream);
int tag = pis.read();
if (tag == -1) {
return null;
}
pis.unread(tag);
if (// assume ascii PEM encoded.
tag != 0x30) {
return readPEMCRL(pis);
} else {
// lazy evaluate to help processing of large CRLs
return readDERCRL(new ASN1InputStream(pis, true));
}
} catch (CRLException e) {
throw e;
} catch (Exception e) {
throw new CRLException(e.toString());
}
}
use of org.bouncycastle.asn1.x509.Certificate in project robovm by robovm.
the class X509CRLEntryObject method toString.
public String toString() {
StringBuffer buf = new StringBuffer();
String nl = System.getProperty("line.separator");
buf.append(" userCertificate: ").append(this.getSerialNumber()).append(nl);
buf.append(" revocationDate: ").append(this.getRevocationDate()).append(nl);
buf.append(" certificateIssuer: ").append(this.getCertificateIssuer()).append(nl);
Extensions extensions = c.getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
if (e.hasMoreElements()) {
buf.append(" crlEntryExtensions:").append(nl);
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
Extension ext = extensions.getExtension(oid);
if (ext.getExtnValue() != null) {
byte[] octs = ext.getExtnValue().getOctets();
ASN1InputStream dIn = new ASN1InputStream(octs);
buf.append(" critical(").append(ext.isCritical()).append(") ");
try {
if (oid.equals(X509Extension.reasonCode)) {
buf.append(CRLReason.getInstance(ASN1Enumerated.getInstance(dIn.readObject()))).append(nl);
} else if (oid.equals(X509Extension.certificateIssuer)) {
buf.append("Certificate issuer: ").append(GeneralNames.getInstance(dIn.readObject())).append(nl);
} else {
buf.append(oid.getId());
buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
}
} catch (Exception ex) {
buf.append(oid.getId());
buf.append(" value = ").append("*****").append(nl);
}
} else {
buf.append(nl);
}
}
}
}
return buf.toString();
}
use of org.bouncycastle.asn1.x509.Certificate in project robovm by robovm.
the class SignerInfoGeneratorBuilder method build.
/**
* Build a generator with the passed in certHolder issuer and serial number as the signerIdentifier.
*
* @param contentSigner operator for generating the final signature in the SignerInfo with.
* @param certHolder carrier for the X.509 certificate related to the contentSigner.
* @return a SignerInfoGenerator
* @throws OperatorCreationException if the generator cannot be built.
*/
public SignerInfoGenerator build(ContentSigner contentSigner, X509CertificateHolder certHolder) throws OperatorCreationException {
SignerIdentifier sigId = new SignerIdentifier(new IssuerAndSerialNumber(certHolder.toASN1Structure()));
SignerInfoGenerator sigInfoGen = createGenerator(contentSigner, sigId);
sigInfoGen.setAssociatedCertificate(certHolder);
return sigInfoGen;
}
Aggregations