Example 11 with DefaultSignatureAlgorithmIdentifierFinder
use of org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder in project cloudbreak by hortonworks.
the class PkiUtil method selfsign.
private static X509Certificate selfsign(PKCS10CertificationRequest inputCSR, String publicAddress, KeyPair signKey) throws Exception {
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter akp = PrivateKeyFactory.createKey(signKey.getPrivate().getEncoded());
Calendar cal = Calendar.getInstance();
Date currentTime = cal.getTime();
cal.add(Calendar.YEAR, CERT_VALIDITY_YEAR);
Date expiryTime = cal.getTime();
X509v3CertificateBuilder myCertificateGenerator = new X509v3CertificateBuilder(new X500Name(String.format("cn=%s", publicAddress)), new BigInteger("1"), currentTime, expiryTime, inputCSR.getSubject(), inputCSR.getSubjectPublicKeyInfo());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(akp);
X509CertificateHolder holder = myCertificateGenerator.build(sigGen);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(holder.toASN1Structure().getEncoded()));
}
Also used :
Calendar(java.util.Calendar)
ContentSigner(org.bouncycastle.operator.ContentSigner)
X500Name(org.bouncycastle.asn1.x500.X500Name)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
CertificateFactory(java.security.cert.CertificateFactory)
Date(java.util.Date)
X509Certificate(java.security.cert.X509Certificate)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
ByteArrayInputStream(java.io.ByteArrayInputStream)
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
BigInteger(java.math.BigInteger)
Example 12 with DefaultSignatureAlgorithmIdentifierFinder
use of org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder in project platformlayer by platformlayer.
the class Csr method buildCsr.
public static Csr buildCsr(KeyPair keyPair, X500Principal subjectName) {
X500Name subject = BouncyCastleHelpers.toX500Name(subjectName);
SubjectPublicKeyInfo publicKeyInfo = BouncyCastleHelpers.toSubjectPublicKeyInfo(keyPair.getPublic());
PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
BcRSAContentSignerBuilder sigBuild = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
ContentSigner signer;
try {
signer = sigBuild.build(BouncyCastleHelpers.toAsymmetricKeyParameter(keyPair.getPrivate()));
} catch (OperatorCreationException e) {
throw new IllegalArgumentException("Error building content signer", e);
}
PKCS10CertificationRequest csrHolder = csrBuilder.build(signer);
return new Csr(csrHolder);
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
ContentSigner(org.bouncycastle.operator.ContentSigner)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
X500Name(org.bouncycastle.asn1.x500.X500Name)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
Aggregations
DefaultSignatureAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)12
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)9
DefaultDigestAlgorithmIdentifierFinder (org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)9
ContentSigner (org.bouncycastle.operator.ContentSigner)8
BcRSAContentSignerBuilder (org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)8
BigInteger (java.math.BigInteger)7
X500Name (org.bouncycastle.asn1.x500.X500Name)7
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)6
AsymmetricKeyParameter (org.bouncycastle.crypto.params.AsymmetricKeyParameter)6
IOException (java.io.IOException)5
X509Certificate (java.security.cert.X509Certificate)5
Date (java.util.Date)5
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)5
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)4
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)4
SecureRandom (java.security.SecureRandom)3
OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
EOFException (java.io.EOFException)2
GeneralSecurityException (java.security.GeneralSecurityException)2
