Example 1 with PemObjectGenerator
use of org.bouncycastle.util.io.pem.PemObjectGenerator in project Openfire by igniterealtime.
the class CertificateManager method createSigningRequest.
/**
* Creates and returns the content of a new singing request for the specified certificate. Signing
* requests are required by Certificate Authorities as part of their signing process. The signing request
* contains information about the certificate issuer, subject DN, subject alternative names and public key.
* Private keys are not included. After the Certificate Authority verified and signed the certificate a new
* certificate is going to be returned. Use {@link #installReply(java.security.KeyStore, java.security.KeyStore, char[], String, java.io.InputStream)}
* to import the CA reply.
*
* @param cert the certificate to create a signing request.
* @param privKey the private key of the certificate.
* @return the content of a new singing request for the specified certificate.
*/
public static String createSigningRequest(X509Certificate cert, PrivateKey privKey) throws OperatorCreationException, IOException {
JcaPKCS10CertificationRequestBuilder csrBuilder = new //
JcaPKCS10CertificationRequestBuilder(//
cert.getSubjectX500Principal(), //
cert.getPublicKey());
String signatureAlgorithm = "SHA256WITH" + cert.getPublicKey().getAlgorithm();
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).build(privKey);
PKCS10CertificationRequest csr = csrBuilder.build(signer);
StringWriter string = new StringWriter();
PemWriter pemWriter = new PemWriter(string);
PemObjectGenerator objGen = new MiscPEMGenerator(csr);
pemWriter.writeObject(objGen);
pemWriter.close();
return string.toString();
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
MiscPEMGenerator(org.bouncycastle.openssl.MiscPEMGenerator)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
PemObjectGenerator(org.bouncycastle.util.io.pem.PemObjectGenerator)
StringWriter(java.io.StringWriter)
PemWriter(org.bouncycastle.util.io.pem.PemWriter)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ContentSigner(org.bouncycastle.operator.ContentSigner)
Example 2 with PemObjectGenerator
use of org.bouncycastle.util.io.pem.PemObjectGenerator in project XobotOS by xamarin.
the class MiscPEMGenerator method createPemObject.
private PemObject createPemObject(Object o) throws IOException {
String type;
byte[] encoding;
if (o instanceof PemObject) {
return (PemObject) o;
}
if (o instanceof PemObjectGenerator) {
return ((PemObjectGenerator) o).generate();
}
if (o instanceof X509Certificate) {
type = "CERTIFICATE";
try {
encoding = ((X509Certificate) o).getEncoded();
} catch (CertificateEncodingException e) {
throw new PemGenerationException("Cannot encode object: " + e.toString());
}
} else if (o instanceof X509CRL) {
type = "X509 CRL";
try {
encoding = ((X509CRL) o).getEncoded();
} catch (CRLException e) {
throw new PemGenerationException("Cannot encode object: " + e.toString());
}
} else if (o instanceof KeyPair) {
return createPemObject(((KeyPair) o).getPrivate());
} else if (o instanceof PrivateKey) {
PrivateKeyInfo info = new PrivateKeyInfo((ASN1Sequence) ASN1Object.fromByteArray(((Key) o).getEncoded()));
if (o instanceof RSAPrivateKey) {
type = "RSA PRIVATE KEY";
encoding = info.getPrivateKey().getEncoded();
} else if (o instanceof DSAPrivateKey) {
type = "DSA PRIVATE KEY";
DSAParameter p = DSAParameter.getInstance(info.getAlgorithmId().getParameters());
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(new DERInteger(p.getP()));
v.add(new DERInteger(p.getQ()));
v.add(new DERInteger(p.getG()));
BigInteger x = ((DSAPrivateKey) o).getX();
BigInteger y = p.getG().modPow(x, p.getP());
v.add(new DERInteger(y));
v.add(new DERInteger(x));
encoding = new DERSequence(v).getEncoded();
} else if (((PrivateKey) o).getAlgorithm().equals("ECDSA")) {
type = "EC PRIVATE KEY";
encoding = info.getPrivateKey().getEncoded();
} else {
throw new IOException("Cannot identify private key");
}
} else if (o instanceof PublicKey) {
type = "PUBLIC KEY";
encoding = ((PublicKey) o).getEncoded();
} else if (o instanceof X509AttributeCertificate) {
type = "ATTRIBUTE CERTIFICATE";
encoding = ((X509V2AttributeCertificate) o).getEncoded();
} else if (o instanceof PKCS10CertificationRequest) {
type = "CERTIFICATE REQUEST";
encoding = ((PKCS10CertificationRequest) o).getEncoded();
} else if (o instanceof ContentInfo) {
type = "PKCS7";
encoding = ((ContentInfo) o).getEncoded();
} else {
throw new PemGenerationException("unknown object passed - can't encode.");
}
return new PemObject(type, encoding);
}
Also used :
X509CRL(java.security.cert.X509CRL)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
PrivateKey(java.security.PrivateKey)
X509AttributeCertificate(org.bouncycastle.x509.X509AttributeCertificate)
DERInteger(org.bouncycastle.asn1.DERInteger)
PemObjectGenerator(org.bouncycastle.util.io.pem.PemObjectGenerator)
DERSequence(org.bouncycastle.asn1.DERSequence)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DSAParameter(org.bouncycastle.asn1.x509.DSAParameter)
CRLException(java.security.cert.CRLException)
PKCS10CertificationRequest(org.bouncycastle.jce.PKCS10CertificationRequest)
KeyPair(java.security.KeyPair)
PemGenerationException(org.bouncycastle.util.io.pem.PemGenerationException)
PublicKey(java.security.PublicKey)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
IOException(java.io.IOException)
X509V2AttributeCertificate(org.bouncycastle.x509.X509V2AttributeCertificate)
X509Certificate(java.security.cert.X509Certificate)
PemObject(org.bouncycastle.util.io.pem.PemObject)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
BigInteger(java.math.BigInteger)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
PrivateKeyInfo(org.bouncycastle.asn1.pkcs.PrivateKeyInfo)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
RSAPrivateKey(java.security.interfaces.RSAPrivateKey)
PublicKey(java.security.PublicKey)
Key(java.security.Key)
PrivateKey(java.security.PrivateKey)
RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)
Example 3 with PemObjectGenerator
use of org.bouncycastle.util.io.pem.PemObjectGenerator in project platformlayer by platformlayer.
the class Csr method getEncoded.
public String getEncoded() {
StringWriter stringWriter = new StringWriter();
try {
PemWriter writer = new PemWriter(stringWriter);
PemObjectGenerator pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
writer.writeObject(pemObject);
writer.close();
} catch (IOException e) {
throw new IllegalArgumentException("Error generating PEM", e);
}
return stringWriter.toString();
}
Also used :
PemObject(org.bouncycastle.util.io.pem.PemObject)
PemObjectGenerator(org.bouncycastle.util.io.pem.PemObjectGenerator)
StringWriter(java.io.StringWriter)
PemWriter(org.bouncycastle.util.io.pem.PemWriter)
IOException(java.io.IOException)
Aggregations
PemObjectGenerator (org.bouncycastle.util.io.pem.PemObjectGenerator)3
IOException (java.io.IOException)2
StringWriter (java.io.StringWriter)2
PemObject (org.bouncycastle.util.io.pem.PemObject)2
PemWriter (org.bouncycastle.util.io.pem.PemWriter)2
BigInteger (java.math.BigInteger)1
Key (java.security.Key)1
KeyPair (java.security.KeyPair)1
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
CRLException (java.security.cert.CRLException)1
CertificateEncodingException (java.security.cert.CertificateEncodingException)1
X509CRL (java.security.cert.X509CRL)1
X509Certificate (java.security.cert.X509Certificate)1
DSAPrivateKey (java.security.interfaces.DSAPrivateKey)1
RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)1
RSAPrivateKey (java.security.interfaces.RSAPrivateKey)1
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)1
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)1
DERInteger (org.bouncycastle.asn1.DERInteger)1
