Search in sources :

Example 11 with TBSCertificate

use of org.bouncycastle.asn1.x509.TBSCertificate in project robovm by robovm.

the class X509V1CertificateGenerator method generate.

/**
     * generate an X509 certificate, based on the current issuer and subject,
     * using the passed in provider for the signing, and the passed in source
     * of randomness (if required).
     */
public X509Certificate generate(PrivateKey key, String provider, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
    TBSCertificate tbsCert = tbsGen.generateTBSCertificate();
    byte[] signature;
    try {
        signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert);
    } catch (IOException e) {
        throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
    }
    return generateJcaObject(tbsCert, signature);
}
Also used : IOException(java.io.IOException) TBSCertificate(org.bouncycastle.asn1.x509.TBSCertificate)

Example 12 with TBSCertificate

use of org.bouncycastle.asn1.x509.TBSCertificate in project robovm by robovm.

the class X509V1CertificateGenerator method generateJcaObject.

private X509Certificate generateJcaObject(TBSCertificate tbsCert, byte[] signature) throws CertificateEncodingException {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(tbsCert);
    v.add(sigAlgId);
    v.add(new DERBitString(signature));
    try {
        return new X509CertificateObject(Certificate.getInstance(new DERSequence(v)));
    } catch (CertificateParsingException e) {
        throw new ExtCertificateEncodingException("exception producing certificate object", e);
    }
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) CertificateParsingException(java.security.cert.CertificateParsingException) X509CertificateObject(org.bouncycastle.jce.provider.X509CertificateObject) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERBitString(org.bouncycastle.asn1.DERBitString)

Example 13 with TBSCertificate

use of org.bouncycastle.asn1.x509.TBSCertificate in project robovm by robovm.

the class X509V3CertificateGenerator method generateJcaObject.

private X509Certificate generateJcaObject(TBSCertificate tbsCert, byte[] signature) throws CertificateParsingException {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(tbsCert);
    v.add(sigAlgId);
    v.add(new DERBitString(signature));
    return new X509CertificateObject(Certificate.getInstance(new DERSequence(v)));
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) X509CertificateObject(org.bouncycastle.jce.provider.X509CertificateObject) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERBitString(org.bouncycastle.asn1.DERBitString)

Example 14 with TBSCertificate

use of org.bouncycastle.asn1.x509.TBSCertificate in project platform_frameworks_base by android.

the class AndroidKeyStoreKeyPairGeneratorSpi method generateSelfSignedCertificateWithFakeSignature.

@SuppressWarnings("deprecation")
private X509Certificate generateSelfSignedCertificateWithFakeSignature(PublicKey publicKey) throws IOException, CertificateParsingException {
    V3TBSCertificateGenerator tbsGenerator = new V3TBSCertificateGenerator();
    ASN1ObjectIdentifier sigAlgOid;
    AlgorithmIdentifier sigAlgId;
    byte[] signature;
    switch(mKeymasterAlgorithm) {
        case KeymasterDefs.KM_ALGORITHM_EC:
            sigAlgOid = X9ObjectIdentifiers.ecdsa_with_SHA256;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid);
            ASN1EncodableVector v = new ASN1EncodableVector();
            v.add(new DERInteger(0));
            v.add(new DERInteger(0));
            signature = new DERSequence().getEncoded();
            break;
        case KeymasterDefs.KM_ALGORITHM_RSA:
            sigAlgOid = PKCSObjectIdentifiers.sha256WithRSAEncryption;
            sigAlgId = new AlgorithmIdentifier(sigAlgOid, DERNull.INSTANCE);
            signature = new byte[1];
            break;
        default:
            throw new ProviderException("Unsupported key algorithm: " + mKeymasterAlgorithm);
    }
    try (ASN1InputStream publicKeyInfoIn = new ASN1InputStream(publicKey.getEncoded())) {
        tbsGenerator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(publicKeyInfoIn.readObject()));
    }
    tbsGenerator.setSerialNumber(new ASN1Integer(mSpec.getCertificateSerialNumber()));
    X509Principal subject = new X509Principal(mSpec.getCertificateSubject().getEncoded());
    tbsGenerator.setSubject(subject);
    tbsGenerator.setIssuer(subject);
    tbsGenerator.setStartDate(new Time(mSpec.getCertificateNotBefore()));
    tbsGenerator.setEndDate(new Time(mSpec.getCertificateNotAfter()));
    tbsGenerator.setSignature(sigAlgId);
    TBSCertificate tbsCertificate = tbsGenerator.generateTBSCertificate();
    ASN1EncodableVector result = new ASN1EncodableVector();
    result.add(tbsCertificate);
    result.add(sigAlgId);
    result.add(new DERBitString(signature));
    return new X509CertificateObject(Certificate.getInstance(new DERSequence(result)));
}
Also used : ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream) ProviderException(java.security.ProviderException) Time(com.android.org.bouncycastle.asn1.x509.Time) DERBitString(com.android.org.bouncycastle.asn1.DERBitString) ASN1Integer(com.android.org.bouncycastle.asn1.ASN1Integer) AlgorithmIdentifier(com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERInteger(com.android.org.bouncycastle.asn1.DERInteger) DERSequence(com.android.org.bouncycastle.asn1.DERSequence) X509CertificateObject(com.android.org.bouncycastle.jce.provider.X509CertificateObject) X509Principal(com.android.org.bouncycastle.jce.X509Principal) ASN1EncodableVector(com.android.org.bouncycastle.asn1.ASN1EncodableVector) V3TBSCertificateGenerator(com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator) TBSCertificate(com.android.org.bouncycastle.asn1.x509.TBSCertificate) ASN1ObjectIdentifier(com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 15 with TBSCertificate

use of org.bouncycastle.asn1.x509.TBSCertificate in project XobotOS by xamarin.

the class V1TBSCertificateGenerator method generateTBSCertificate.

public TBSCertificateStructure generateTBSCertificate() {
    if ((serialNumber == null) || (signature == null) || (issuer == null) || (startDate == null) || (endDate == null) || (subject == null) || (subjectPublicKeyInfo == null)) {
        throw new IllegalStateException("not all mandatory fields set in V1 TBScertificate generator");
    }
    ASN1EncodableVector seq = new ASN1EncodableVector();
    // seq.add(version); - not required as default value.
    seq.add(serialNumber);
    seq.add(signature);
    seq.add(issuer);
    //
    // before and after dates
    //
    ASN1EncodableVector validity = new ASN1EncodableVector();
    validity.add(startDate);
    validity.add(endDate);
    seq.add(new DERSequence(validity));
    seq.add(subject);
    seq.add(subjectPublicKeyInfo);
    return new TBSCertificateStructure(new DERSequence(seq));
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)

Aggregations

ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)7 DERSequence (org.bouncycastle.asn1.DERSequence)7 ASN1EncodableVector (com.android.org.bouncycastle.asn1.ASN1EncodableVector)5 ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)5 ASN1Integer (com.android.org.bouncycastle.asn1.ASN1Integer)5 ASN1ObjectIdentifier (com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier)5 DERBitString (com.android.org.bouncycastle.asn1.DERBitString)5 DERInteger (com.android.org.bouncycastle.asn1.DERInteger)5 DERSequence (com.android.org.bouncycastle.asn1.DERSequence)5 AlgorithmIdentifier (com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier)5 TBSCertificate (com.android.org.bouncycastle.asn1.x509.TBSCertificate)5 Time (com.android.org.bouncycastle.asn1.x509.Time)5 V3TBSCertificateGenerator (com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator)5 X509Principal (com.android.org.bouncycastle.jce.X509Principal)5 X509CertificateObject (com.android.org.bouncycastle.jce.provider.X509CertificateObject)5 IOException (java.io.IOException)5 ProviderException (java.security.ProviderException)5 TBSCertificate (org.bouncycastle.asn1.x509.TBSCertificate)5 CertificateParsingException (java.security.cert.CertificateParsingException)3 DERBitString (org.bouncycastle.asn1.DERBitString)3