Examples with PKCS10CertificationRequest org.bouncycastle.pkcs.PKCS10CertificationRequest used on opensource projects

Search in sources :

Example 46 with PKCS10CertificationRequest

use of org.bouncycastle.pkcs.PKCS10CertificationRequest in project keystore-explorer by kaikramer.

the class SignatureAlgorithmsTest method doTest.

private void doTest(KeyPairType keyPairType, SignatureType signatureType, CsrType csrType, X509CertificateVersion version) throws Exception {
    KeyPair keyPair = null;
    switch(keyPairType) {
        case RSA:
            keyPair = rsaKeyPair;
            break;
        case DSA:
            keyPair = dsaKeyPair;
            break;
        case EC:
            keyPair = ecKeyPair;
            break;
        default:
            throw new InvalidParameterException();
    }
    X500Name name = new X500Name("cn=this");
    PublicKey publicKey = keyPair.getPublic();
    PrivateKey privateKey = keyPair.getPrivate();
    X509Certificate cert = null;
    if (version == X509CertificateVersion.VERSION1) {
        cert = generatorv1.generateSelfSigned(name, 1000, publicKey, privateKey, signatureType, BigInteger.ONE);
    } else {
        cert = generatorv3.generateSelfSigned(name, 1000, publicKey, privateKey, signatureType, BigInteger.ONE);
    }
    if (csrType == CsrType.SPKAC) {
        Spkac spkac = new Spkac("whatever", signatureType, new SpkacSubject(name), publicKey, privateKey);
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        spkac.output(baos);
        spkac = new Spkac(new ByteArrayInputStream(baos.toByteArray()));
        assertThat(spkac.verify()).isTrue();
    } else {
        PKCS10CertificationRequest pkcs10 = Pkcs10Util.generateCsr(cert, privateKey, signatureType, "w/e", "w/e", false, new BouncyCastleProvider());
        byte[] encoded = Pkcs10Util.getCsrEncodedDer(pkcs10);
        pkcs10 = Pkcs10Util.loadCsr(new ByteArrayInputStream(encoded));
        assertThat(Pkcs10Util.verifyCsr(pkcs10)).isTrue();
    }
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) KeyPair(java.security.KeyPair) SpkacSubject(org.kse.crypto.csr.spkac.SpkacSubject) PrivateKey(java.security.PrivateKey) PublicKey(java.security.PublicKey) X500Name(org.bouncycastle.asn1.x500.X500Name) ByteArrayOutputStream(java.io.ByteArrayOutputStream) X509Certificate(java.security.cert.X509Certificate) InvalidParameterException(java.security.InvalidParameterException) ByteArrayInputStream(java.io.ByteArrayInputStream) Spkac(org.kse.crypto.csr.spkac.Spkac) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 47 with PKCS10CertificationRequest

use of org.bouncycastle.pkcs.PKCS10CertificationRequest in project keystore-explorer by kaikramer.

the class ExamineClipboardAction method showCsr.

private void showCsr(InputStream is, CryptoFileType fileType) {
    if (is == null) {
        return;
    }
    try {
        PKCS10CertificationRequest pkcs10Csr = null;
        Spkac spkacCsr = null;
        try {
            if (fileType == CryptoFileType.PKCS10_CSR) {
                pkcs10Csr = Pkcs10Util.loadCsr(is);
            } else if (fileType == CryptoFileType.SPKAC_CSR) {
                spkacCsr = new Spkac(is);
            }
        } catch (Exception ex) {
            String problemStr = res.getString("ExamineClipboardAction.NoOpenCsr.Problem");
            String[] causes = new String[] { res.getString("ExamineClipboardAction.NotCsr.Cause"), res.getString("ExamineClipboardAction.CorruptedCsr.Cause") };
            Problem problem = new Problem(problemStr, causes, ex);
            DProblem dProblem = new DProblem(frame, res.getString("ExamineClipboardAction.ProblemOpeningCsr.Title"), problem);
            dProblem.setLocationRelativeTo(frame);
            dProblem.setVisible(true);
            return;
        }
        if (pkcs10Csr != null) {
            DViewCsr dViewCsr = new DViewCsr(frame, res.getString("ExamineClipboardAction.CsrDetails.Title"), pkcs10Csr);
            dViewCsr.setLocationRelativeTo(frame);
            dViewCsr.setVisible(true);
        } else {
            DViewCsr dViewCsr = new DViewCsr(frame, res.getString("ExamineClipboardAction.CsrDetails.Title"), spkacCsr);
            dViewCsr.setLocationRelativeTo(frame);
            dViewCsr.setVisible(true);
        }
    } catch (Exception ex) {
        DError.displayError(frame, ex);
    }
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) DViewCsr(org.kse.gui.dialogs.DViewCsr) Spkac(org.kse.crypto.csr.spkac.Spkac) Problem(org.kse.gui.error.Problem) DProblem(org.kse.gui.error.DProblem) CryptoException(org.kse.crypto.CryptoException) UnsupportedFlavorException(java.awt.datatransfer.UnsupportedFlavorException) IOException(java.io.IOException) DProblem(org.kse.gui.error.DProblem)

Example 48 with PKCS10CertificationRequest

use of org.bouncycastle.pkcs.PKCS10CertificationRequest in project keystore-explorer by kaikramer.

the class ExamineFileAction method openCsr.

private void openCsr(File file, CryptoFileType fileType) throws CryptoException {
    if (file == null) {
        return;
    }
    PKCS10CertificationRequest pkcs10Csr = null;
    Spkac spkacCsr = null;
    try {
        if (fileType == CryptoFileType.PKCS10_CSR) {
            pkcs10Csr = Pkcs10Util.loadCsr(new FileInputStream(file));
        } else if (fileType == CryptoFileType.SPKAC_CSR) {
            spkacCsr = new Spkac(new FileInputStream(file));
        }
    } catch (Exception ex) {
        String problemStr = MessageFormat.format(res.getString("ExamineFileAction.NoOpenCsr.Problem"), file.getName());
        String[] causes = new String[] { res.getString("ExamineFileAction.NotCsr.Cause"), res.getString("ExamineFileAction.CorruptedCsr.Cause") };
        Problem problem = new Problem(problemStr, causes, ex);
        DProblem dProblem = new DProblem(frame, res.getString("ExamineFileAction.ProblemOpeningCsr.Title"), problem);
        dProblem.setLocationRelativeTo(frame);
        dProblem.setVisible(true);
        return;
    }
    if (pkcs10Csr != null) {
        DViewCsr dViewCsr = new DViewCsr(frame, MessageFormat.format(res.getString("ExamineFileAction.CsrDetailsFile.Title"), file.getName()), pkcs10Csr);
        dViewCsr.setLocationRelativeTo(frame);
        dViewCsr.setVisible(true);
    } else {
        DViewCsr dViewCsr = new DViewCsr(frame, MessageFormat.format(res.getString("ExamineFileAction.CsrDetailsFile.Title"), file.getName()), spkacCsr);
        dViewCsr.setLocationRelativeTo(frame);
        dViewCsr.setVisible(true);
    }
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) DViewCsr(org.kse.gui.dialogs.DViewCsr) Spkac(org.kse.crypto.csr.spkac.Spkac) Problem(org.kse.gui.error.Problem) DProblem(org.kse.gui.error.DProblem) FileInputStream(java.io.FileInputStream) CryptoException(org.kse.crypto.CryptoException) IOException(java.io.IOException) FileNotFoundException(java.io.FileNotFoundException) DProblem(org.kse.gui.error.DProblem)

Example 49 with PKCS10CertificationRequest

use of org.bouncycastle.pkcs.PKCS10CertificationRequest in project keystore-explorer by kaikramer.

the class DSignCsr method main.

// for quick testing
public static void main(String[] args) throws Exception {
    Security.addProvider(new BouncyCastleProvider());
    UIManager.setLookAndFeel(UIManager.getSystemLookAndFeelClassName());
    java.awt.EventQueue.invokeLater(new Runnable() {

        @Override
        public void run() {
            try {
                KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC");
                keyGen.initialize(1024);
                KeyPair keyPair = keyGen.genKeyPair();
                JcaPKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name("cn=test"), keyPair.getPublic());
                PKCS10CertificationRequest csr = csrBuilder.build(new JcaContentSignerBuilder("SHA256withRSA").setProvider("BC").build(keyPair.getPrivate()));
                DSignCsr dialog = new DSignCsr(new javax.swing.JFrame(), csr, new File(System.getProperty("user.dir"), "test.csr"), keyPair.getPrivate(), KeyPairType.RSA, null, new BouncyCastleProvider());
                dialog.addWindowListener(new java.awt.event.WindowAdapter() {

                    @Override
                    public void windowClosing(java.awt.event.WindowEvent e) {
                        System.exit(0);
                    }
                });
                dialog.setVisible(true);
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
    });
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) JcaPKCS10CertificationRequest(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest) KeyPair(java.security.KeyPair) JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) WindowAdapter(java.awt.event.WindowAdapter) KeyPairGenerator(java.security.KeyPairGenerator) X500Name(org.bouncycastle.asn1.x500.X500Name) CryptoException(org.kse.crypto.CryptoException) GeneralSecurityException(java.security.GeneralSecurityException) JFrame(javax.swing.JFrame) WindowEvent(java.awt.event.WindowEvent) File(java.io.File) BouncyCastleProvider(org.bouncycastle.jce.provider.BouncyCastleProvider)

Example 50 with PKCS10CertificationRequest

use of org.bouncycastle.pkcs.PKCS10CertificationRequest in project athenz by yahoo.

the class Crypto method generateX509CSR.

public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {
    // Create Distinguished Name
    X500Principal subject = new X500Principal(x500Principal);
    // Create ContentSigner
    JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
    ContentSigner signer = csBuilder.build(privateKey);
    // Create the CSR
    PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey);
    // /CLOVER:OFF
    if (sanArray != null) {
        // /CLOVER:ON
        ExtensionsGenerator extGen = new ExtensionsGenerator();
        GeneralNames subjectAltNames = new GeneralNames(sanArray);
        extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
        p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
    }
    PKCS10CertificationRequest csr = p10Builder.build(signer);
    // write to openssl PEM format
    PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
    StringWriter strWriter;
    try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
        pemWriter.writeObject(pemObject);
    }
    return strWriter.toString();
}
Also used : PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest) JcaPKCS10CertificationRequest(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest) PemObject(org.bouncycastle.util.io.pem.PemObject) JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) X500Principal(javax.security.auth.x500.X500Principal) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter) ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)

Aggregations

PKCS10CertificationRequest (org.bouncycastle.pkcs.PKCS10CertificationRequest)78 Test (org.testng.annotations.Test)39 Path (java.nio.file.Path)34 DERIA5String (org.bouncycastle.asn1.DERIA5String)19 X509Certificate (java.security.cert.X509Certificate)17 IOException (java.io.IOException)14 X500Name (org.bouncycastle.asn1.x500.X500Name)13 PrivateKey (java.security.PrivateKey)12 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)10 JcaPKCS10CertificationRequestBuilder (org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)10 KeyPair (java.security.KeyPair)9 KeyPairGenerator (java.security.KeyPairGenerator)8 X500Principal (javax.security.auth.x500.X500Principal)8 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)8 File (java.io.File)7 BouncyCastleProvider (org.bouncycastle.jce.provider.BouncyCastleProvider)7 ContentSigner (org.bouncycastle.operator.ContentSigner)7 JcaPKCS10CertificationRequest (org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest)7 PemObject (org.bouncycastle.util.io.pem.PemObject)6 CryptoException (org.kse.crypto.CryptoException)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial