use of org.mozilla.jss.pkix.primitive.Name in project jss by dogtagpki.
the class SSLClientAuth method makeCert.
/**
* Method that generates a certificate for given credential
*
* @param issuerName
* @param subjectName
* @param serialNumber
* @param privKey
* @param pubKey
* @param rand
* @param extensions
* @throws java.lang.Exception
* @return Certificate
*/
public static Certificate makeCert(String issuerName, String subjectName, int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand, SEQUENCE extensions) throws Exception {
AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier(sigAlg.toOID());
Name issuer = new Name();
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla");
issuer.addOrganizationalUnitName("JSS Testing" + rand);
issuer.addCommonName(issuerName);
Name subject = new Name();
subject.addCountryName("US");
subject.addOrganizationName("Mozilla");
subject.addOrganizationalUnitName("JSS Testing" + rand);
subject.addCommonName(subjectName);
Calendar cal = Calendar.getInstance();
Date notBefore = cal.getTime();
cal.add(Calendar.YEAR, 1);
Date notAfter = cal.getTime();
SubjectPublicKeyInfo.Template spkiTemp = new SubjectPublicKeyInfo.Template();
SubjectPublicKeyInfo spki = (SubjectPublicKeyInfo) ASN1Util.decode(spkiTemp, pubKey.getEncoded());
CertificateInfo info = new CertificateInfo(CertificateInfo.v3, new INTEGER(serialNumber), sigAlgID, issuer, notBefore, notAfter, subject, spki);
if (extensions != null) {
info.setExtensions(extensions);
}
return new Certificate(info, privKey, sigAlg);
}
use of org.mozilla.jss.pkix.primitive.Name in project jss by dogtagpki.
the class GenerateTestCert method makeCert.
/**
* Method that generates a certificate for given credential
*
* @param issuerName
* @param subjectName
* @param serialNumber
* @param privKey
* @param pubKey
* @param rand
* @param extensions
* @throws java.lang.Exception
* @return
*/
private Certificate makeCert(String issuerName, String subjectName, int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand, SEQUENCE extensions) throws Exception {
AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier(sigAlg.toOID());
Name issuer = new Name();
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla");
issuer.addOrganizationalUnitName("JSS Testing" + rand);
issuer.addCommonName(issuerName);
Name subject = new Name();
subject.addCountryName("US");
subject.addOrganizationName("Mozilla");
subject.addOrganizationalUnitName("JSS Testing" + rand);
subject.addCommonName(subjectName);
Calendar cal = Calendar.getInstance();
Date notBefore = cal.getTime();
cal.add(Calendar.YEAR, 1);
Date notAfter = cal.getTime();
SubjectPublicKeyInfo.Template spkiTemp = new SubjectPublicKeyInfo.Template();
SubjectPublicKeyInfo spki = (SubjectPublicKeyInfo) ASN1Util.decode(spkiTemp, pubKey.getEncoded());
CertificateInfo info = new CertificateInfo(CertificateInfo.v3, new INTEGER(serialNumber), sigAlgID, issuer, notBefore, notAfter, subject, spki);
if (extensions != null) {
info.setExtensions(extensions);
}
return new Certificate(info, privKey, sigAlg);
}
use of org.mozilla.jss.pkix.primitive.Name in project jss by dogtagpki.
the class CertificationRequest method main.
public static void main(String[] argv) {
try {
if (argv.length > 2 || argv.length < 1) {
System.out.println("Usage: CertificationRequest <dbdir> [<certfile>]");
System.exit(0);
}
CryptoManager.initialize(argv[0]);
CryptoManager cm = CryptoManager.getInstance();
CertificationRequest cert;
// read in a cert
FileInputStream fis = new FileInputStream(argv[1]);
try (BufferedInputStream bis = new BufferedInputStream(fis)) {
cert = (CertificationRequest) CertificationRequest.getTemplate().decode(bis);
}
CertificationRequestInfo info = cert.getInfo();
info.print(System.out);
// X509CertificationRequest hardcore = cm.findCertByNickname("Hardcore");
// PublicKey key = hardcore.getPublicKey();
cert.verify();
System.out.println("verified");
FileOutputStream fos = new FileOutputStream("certinfo.der");
info.encode(fos);
fos.close();
// make a new public key
CryptoToken token = cm.getInternalKeyStorageToken();
KeyPairGenerator kpg = token.getKeyPairGenerator(KeyPairAlgorithm.RSA);
kpg.initialize(512);
System.out.println("Generating a new key pair...");
KeyPair kp = kpg.genKeyPair();
System.out.println("Generated key pair");
// set the CertificationRequest's public key
info.setSubjectPublicKeyInfo(kp.getPublic());
// make new Name
Name name = new Name();
name.addCommonName("asldkj");
name.addCountryName("US");
name.addOrganizationName("Some Corp");
name.addOrganizationalUnitName("Some Org Unit");
name.addLocalityName("Silicon Valley");
name.addStateOrProvinceName("California");
info.setSubject(name);
System.out.println("About to create a new cert request...");
// create a new cert requestfrom this certReqinfo
CertificationRequest genCert = new CertificationRequest(info, kp.getPrivate(), SignatureAlgorithm.RSASignatureWithMD5Digest);
System.out.println("Created new cert request");
genCert.verify();
System.out.println("Cert verifies!");
fos = new FileOutputStream("gencert.der");
genCert.encode(fos);
fos.close();
} catch (Exception e) {
e.printStackTrace();
}
}
use of org.mozilla.jss.pkix.primitive.Name in project jss by dogtagpki.
the class CertTemplate method main.
public static void main(String[] args) {
try {
CertTemplate ct = new CertTemplate();
Name name;
ct.setVersion(new INTEGER(5));
ct.setSerialNumber(new INTEGER(13112));
name = new Name();
name.addCommonName("You");
name.addStateOrProvinceName("California");
ct.setIssuer(name);
ct.setNotBefore(new Date());
name = new Name();
name.addCommonName("Me");
name.addCountryName("US");
ct.setSubject(name);
ct.setIssuerUID(new BIT_STRING(new byte[] { 0x00, 0x01 }, 0));
System.out.println("Constructed CertTemplate:");
byte[] encoded = ASN1Util.encode(ct);
try (FileOutputStream fos = new FileOutputStream("certTemplate")) {
fos.write(encoded);
}
ct.print(System.out, 0);
CertTemplate newCt = (CertTemplate) ASN1Util.decode(CertTemplate.getTemplate(), encoded);
System.out.println("\nDecoded CertTemplate:");
newCt.print(System.out, 0);
} catch (Exception e) {
e.printStackTrace();
}
}
use of org.mozilla.jss.pkix.primitive.Name in project jss by dogtagpki.
the class Certificate method main.
public static void main(String[] argv) {
try {
if (argv.length > 2 || argv.length < 1) {
System.out.println("Usage: Certificate <dbdir> [<certfile>]");
System.exit(0);
}
CryptoManager.initialize(argv[0]);
CryptoManager cm = CryptoManager.getInstance();
Certificate cert;
// read in a cert
FileInputStream fis = new FileInputStream(argv[1]);
try (BufferedInputStream bis = new BufferedInputStream(fis)) {
cert = (Certificate) Certificate.getTemplate().decode(bis);
}
CertificateInfo info = cert.getInfo();
info.print(System.out);
// X509Certificate hardcore = cm.findCertByNickname("Hardcore");
// PublicKey key = hardcore.getPublicKey();
cert.verify();
System.out.println("verified");
FileOutputStream fos = new FileOutputStream("certinfo.der");
info.encode(fos);
fos.close();
// make a new public key
CryptoToken token = cm.getInternalKeyStorageToken();
KeyPairGenerator kpg = token.getKeyPairGenerator(KeyPairAlgorithm.RSA);
kpg.initialize(512);
System.out.println("Generating a new key pair...");
KeyPair kp = kpg.genKeyPair();
System.out.println("Generated key pair");
// set the certificate's public key
info.setSubjectPublicKeyInfo(kp.getPublic());
// increment serial number
int newSerial = info.getSerialNumber().intValue() + 1;
info.setSerialNumber(new INTEGER(newSerial));
// make new Name
Name name = new Name();
name.addCommonName("Stra\u00dfenverk\u00e4ufer 'R' Us");
name.addCountryName("US");
name.addOrganizationName("Some Corporation");
name.addOrganizationalUnitName("some org unit?");
name.addLocalityName("Silicon Valley");
name.addStateOrProvinceName("California");
info.setIssuer(name);
info.setSubject(name);
// set validity
Calendar cal = Calendar.getInstance();
cal.set(1997, Calendar.APRIL, 1);
info.setNotBefore(cal.getTime());
cal.set(2010, Calendar.APRIL, 1);
info.setNotAfter(cal.getTime());
System.out.println("About to create a new cert...");
// create a new cert from this certinfo
Certificate genCert = new Certificate(info, kp.getPrivate(), SignatureAlgorithm.RSASignatureWithMD5Digest);
System.out.println("Created new cert");
genCert.verify();
System.out.println("Cert verifies!");
fos = new FileOutputStream("gencert.der");
genCert.encode(fos);
fos.close();
} catch (Exception e) {
e.printStackTrace();
}
}
Aggregations