use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project kafka by apache.
the class TestSslUtils method generateCertificate.
/**
* Create a self-signed X.509 Certificate.
* From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
*
* @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for
* @param algorithm the signing algorithm, eg "SHA1withRSA"
* @return the self-signed certificate
* @throws CertificateException thrown if a security error or an IO error occurred.
*/
public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project platformlayer by platformlayer.
the class SimpleCertificateAuthority method signCertificate.
private static Certificate signCertificate(X500Name signer, PrivateKey signerPrivateKey, X500Name subject, SubjectPublicKeyInfo subjectPublicKeyInfo) throws OpsException {
try {
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(SIGNATURE_ALGORITHM);
AlgorithmIdentifier digestAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
long days = 3650;
long now = System.currentTimeMillis();
Date notBefore = new Date(now - ONE_DAY);
Date notAfter = new Date(notBefore.getTime() + (days * ONE_DAY));
BigInteger serialNumber;
synchronized (SimpleCertificateAuthority.class) {
long nextSerialNumber = System.currentTimeMillis();
serialNumber = BigInteger.valueOf(nextSerialNumber);
}
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(signer, serialNumber, notBefore, notAfter, subject, subjectPublicKeyInfo);
// {
// boolean isCritical = false;
// certificateBuilder.addExtension(X509Extensions.SubjectKeyIdentifier, isCritical,
// csr.getSubjectPublicKeyInfo());
// }
AsymmetricKeyParameter caPrivateKeyParameters = PrivateKeyFactory.createKey(signerPrivateKey.getEncoded());
ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgId, digestAlgId).build(caPrivateKeyParameters);
X509CertificateHolder certificateHolder = certificateBuilder.build(contentSigner);
Certificate certificate = certificateHolder.toASN1Structure();
return certificate;
} catch (OperatorCreationException e) {
throw new OpsException("Error signing certificate", e);
} catch (IOException e) {
throw new OpsException("Error signing certificate", e);
}
}
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.
the class DHBasicAgreement method init.
public void init(CipherParameters param) {
AsymmetricKeyParameter kParam;
if (param instanceof ParametersWithRandom) {
ParametersWithRandom rParam = (ParametersWithRandom) param;
kParam = (AsymmetricKeyParameter) rParam.getParameters();
} else {
kParam = (AsymmetricKeyParameter) param;
}
if (!(kParam instanceof DHPrivateKeyParameters)) {
throw new IllegalArgumentException("DHEngine expects DHPrivateKeyParameters");
}
this.key = (DHPrivateKeyParameters) kParam;
this.dhParams = key.getParameters();
}
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.
the class PKCS1Encoding method init.
public void init(boolean forEncryption, CipherParameters param) {
AsymmetricKeyParameter kParam;
if (param instanceof ParametersWithRandom) {
ParametersWithRandom rParam = (ParametersWithRandom) param;
this.random = rParam.getRandom();
kParam = (AsymmetricKeyParameter) rParam.getParameters();
} else {
this.random = new SecureRandom();
kParam = (AsymmetricKeyParameter) param;
}
engine.init(forEncryption, param);
this.forPrivateKey = kParam.isPrivate();
this.forEncryption = forEncryption;
}
use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.
the class RSADigestSigner method init.
/**
* initialise the signer for signing or verification.
*
* @param forSigning
* true if for signing, false otherwise
* @param parameters
* necessary parameters.
*/
public void init(boolean forSigning, CipherParameters parameters) {
this.forSigning = forSigning;
AsymmetricKeyParameter k;
if (parameters instanceof ParametersWithRandom) {
k = (AsymmetricKeyParameter) ((ParametersWithRandom) parameters).getParameters();
} else {
k = (AsymmetricKeyParameter) parameters;
}
if (forSigning && !k.isPrivate()) {
throw new IllegalArgumentException("signing requires private key");
}
if (!forSigning && k.isPrivate()) {
throw new IllegalArgumentException("verification requires public key");
}
reset();
rsaEngine.init(forSigning, parameters);
}
Aggregations