Search in sources :

Example 1 with AsymmetricKeyParameter

use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project kafka by apache.

the class TestSslUtils method generateCertificate.

/**
     * Create a self-signed X.509 Certificate.
     * From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
     *
     * @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
     * @param pair the KeyPair
     * @param days how many days from now the Certificate is valid for
     * @param algorithm the signing algorithm, eg "SHA1withRSA"
     * @return the self-signed certificate
     * @throws CertificateException thrown if a security error or an IO error occurred.
     */
public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm) throws CertificateException {
    try {
        Security.addProvider(new BouncyCastleProvider());
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
        AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
        SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
        X500Name name = new X500Name(dn);
        Date from = new Date();
        Date to = new Date(from.getTime() + days * 86400000L);
        BigInteger sn = new BigInteger(64, new SecureRandom());
        X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
        X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
        return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
    } catch (CertificateException ce) {
        throw ce;
    } catch (Exception e) {
        throw new CertificateException(e);
    }
}
Also used : ContentSigner(org.bouncycastle.operator.ContentSigner) SecureRandom(java.security.SecureRandom) CertificateException(java.security.cert.CertificateException) X500Name(org.bouncycastle.asn1.x500.X500Name) DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date) GeneralSecurityException(java.security.GeneralSecurityException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) EOFException(java.io.EOFException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder) BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder) AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) X509v1CertificateBuilder(org.bouncycastle.cert.X509v1CertificateBuilder) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 2 with AsymmetricKeyParameter

use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project platformlayer by platformlayer.

the class SimpleCertificateAuthority method signCertificate.

private static Certificate signCertificate(X500Name signer, PrivateKey signerPrivateKey, X500Name subject, SubjectPublicKeyInfo subjectPublicKeyInfo) throws OpsException {
    try {
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(SIGNATURE_ALGORITHM);
        AlgorithmIdentifier digestAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
        long days = 3650;
        long now = System.currentTimeMillis();
        Date notBefore = new Date(now - ONE_DAY);
        Date notAfter = new Date(notBefore.getTime() + (days * ONE_DAY));
        BigInteger serialNumber;
        synchronized (SimpleCertificateAuthority.class) {
            long nextSerialNumber = System.currentTimeMillis();
            serialNumber = BigInteger.valueOf(nextSerialNumber);
        }
        X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(signer, serialNumber, notBefore, notAfter, subject, subjectPublicKeyInfo);
        // {
        // boolean isCritical = false;
        // certificateBuilder.addExtension(X509Extensions.SubjectKeyIdentifier, isCritical,
        // csr.getSubjectPublicKeyInfo());
        // }
        AsymmetricKeyParameter caPrivateKeyParameters = PrivateKeyFactory.createKey(signerPrivateKey.getEncoded());
        ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgId, digestAlgId).build(caPrivateKeyParameters);
        X509CertificateHolder certificateHolder = certificateBuilder.build(contentSigner);
        Certificate certificate = certificateHolder.toASN1Structure();
        return certificate;
    } catch (OperatorCreationException e) {
        throw new OpsException("Error signing certificate", e);
    } catch (IOException e) {
        throw new OpsException("Error signing certificate", e);
    }
}
Also used : OpsException(org.platformlayer.ops.OpsException) ContentSigner(org.bouncycastle.operator.ContentSigner) IOException(java.io.IOException) DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder) Date(java.util.Date) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder) BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder) AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) X509Certificate(java.security.cert.X509Certificate) Certificate(org.bouncycastle.asn1.x509.Certificate)

Example 3 with AsymmetricKeyParameter

use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.

the class DHBasicAgreement method init.

public void init(CipherParameters param) {
    AsymmetricKeyParameter kParam;
    if (param instanceof ParametersWithRandom) {
        ParametersWithRandom rParam = (ParametersWithRandom) param;
        kParam = (AsymmetricKeyParameter) rParam.getParameters();
    } else {
        kParam = (AsymmetricKeyParameter) param;
    }
    if (!(kParam instanceof DHPrivateKeyParameters)) {
        throw new IllegalArgumentException("DHEngine expects DHPrivateKeyParameters");
    }
    this.key = (DHPrivateKeyParameters) kParam;
    this.dhParams = key.getParameters();
}
Also used : AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) DHPrivateKeyParameters(org.bouncycastle.crypto.params.DHPrivateKeyParameters) ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom)

Example 4 with AsymmetricKeyParameter

use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.

the class PKCS1Encoding method init.

public void init(boolean forEncryption, CipherParameters param) {
    AsymmetricKeyParameter kParam;
    if (param instanceof ParametersWithRandom) {
        ParametersWithRandom rParam = (ParametersWithRandom) param;
        this.random = rParam.getRandom();
        kParam = (AsymmetricKeyParameter) rParam.getParameters();
    } else {
        this.random = new SecureRandom();
        kParam = (AsymmetricKeyParameter) param;
    }
    engine.init(forEncryption, param);
    this.forPrivateKey = kParam.isPrivate();
    this.forEncryption = forEncryption;
}
Also used : AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom) SecureRandom(java.security.SecureRandom)

Example 5 with AsymmetricKeyParameter

use of org.bouncycastle.crypto.params.AsymmetricKeyParameter in project robovm by robovm.

the class RSADigestSigner method init.

/**
     * initialise the signer for signing or verification.
     *
     * @param forSigning
     *            true if for signing, false otherwise
     * @param parameters
     *            necessary parameters.
     */
public void init(boolean forSigning, CipherParameters parameters) {
    this.forSigning = forSigning;
    AsymmetricKeyParameter k;
    if (parameters instanceof ParametersWithRandom) {
        k = (AsymmetricKeyParameter) ((ParametersWithRandom) parameters).getParameters();
    } else {
        k = (AsymmetricKeyParameter) parameters;
    }
    if (forSigning && !k.isPrivate()) {
        throw new IllegalArgumentException("signing requires private key");
    }
    if (!forSigning && k.isPrivate()) {
        throw new IllegalArgumentException("verification requires public key");
    }
    reset();
    rsaEngine.init(forSigning, parameters);
}
Also used : AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter) ParametersWithRandom(org.bouncycastle.crypto.params.ParametersWithRandom)

Aggregations

AsymmetricKeyParameter (org.bouncycastle.crypto.params.AsymmetricKeyParameter)9 ParametersWithRandom (org.bouncycastle.crypto.params.ParametersWithRandom)7 SecureRandom (java.security.SecureRandom)4 IOException (java.io.IOException)2 BigInteger (java.math.BigInteger)2 Date (java.util.Date)2 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)2 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)2 DHPrivateKeyParameters (org.bouncycastle.crypto.params.DHPrivateKeyParameters)2 ContentSigner (org.bouncycastle.operator.ContentSigner)2 DefaultDigestAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)2 DefaultSignatureAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)2 BcRSAContentSignerBuilder (org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)2 EOFException (java.io.EOFException)1 GeneralSecurityException (java.security.GeneralSecurityException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 CertificateException (java.security.cert.CertificateException)1 X509Certificate (java.security.cert.X509Certificate)1 X500Name (org.bouncycastle.asn1.x500.X500Name)1 Certificate (org.bouncycastle.asn1.x509.Certificate)1