Example 41 with Certificate
use of org.openecard.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class X509CRLEntryObject method toString.
public String toString() {
StringBuffer buf = new StringBuffer();
String nl = System.getProperty("line.separator");
buf.append(" userCertificate: ").append(this.getSerialNumber()).append(nl);
buf.append(" revocationDate: ").append(this.getRevocationDate()).append(nl);
buf.append(" certificateIssuer: ").append(this.getCertificateIssuer()).append(nl);
X509Extensions extensions = c.getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
if (e.hasMoreElements()) {
buf.append(" crlEntryExtensions:").append(nl);
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
X509Extension ext = extensions.getExtension(oid);
if (ext.getValue() != null) {
byte[] octs = ext.getValue().getOctets();
ASN1InputStream dIn = new ASN1InputStream(octs);
buf.append(" critical(").append(ext.isCritical()).append(") ");
try {
if (oid.equals(X509Extensions.ReasonCode)) {
buf.append(new CRLReason(DEREnumerated.getInstance(dIn.readObject()))).append(nl);
} else if (oid.equals(X509Extensions.CertificateIssuer)) {
buf.append("Certificate issuer: ").append(new GeneralNames((ASN1Sequence) dIn.readObject())).append(nl);
} else {
buf.append(oid.getId());
buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
}
} catch (Exception ex) {
buf.append(oid.getId());
buf.append(" value = ").append("*****").append(nl);
}
} else {
buf.append(nl);
}
}
}
}
return buf.toString();
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
Enumeration(java.util.Enumeration)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
X509Extension(org.bouncycastle.asn1.x509.X509Extension)
X509Extensions(org.bouncycastle.asn1.x509.X509Extensions)
CRLReason(org.bouncycastle.asn1.x509.CRLReason)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
IOException(java.io.IOException)
CRLException(java.security.cert.CRLException)
Example 42 with Certificate
use of org.openecard.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class X509V1CertificateGenerator method generate.
/**
* generate an X509 certificate, based on the current issuer and subject
* using the default provider and the passed in source of randomness
* <p>
* <b>Note:</b> this differs from the deprecated method in that the default provider is
* used - not "BC".
* </p>
*/
public X509Certificate generate(PrivateKey key, SecureRandom random) throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException {
TBSCertificateStructure tbsCert = tbsGen.generateTBSCertificate();
byte[] signature;
try {
signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCert);
} catch (IOException e) {
throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
}
return generateJcaObject(tbsCert, signature);
}
Also used :
TBSCertificateStructure(org.bouncycastle.asn1.x509.TBSCertificateStructure)
IOException(java.io.IOException)
Example 43 with Certificate
use of org.openecard.bouncycastle.asn1.x509.Certificate in project XobotOS by xamarin.
the class X509V1CertificateGenerator method generateJcaObject.
private X509Certificate generateJcaObject(TBSCertificateStructure tbsCert, byte[] signature) throws CertificateEncodingException {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(tbsCert);
v.add(sigAlgId);
v.add(new DERBitString(signature));
try {
return new X509CertificateObject(new X509CertificateStructure(new DERSequence(v)));
} catch (CertificateParsingException e) {
throw new ExtCertificateEncodingException("exception producing certificate object", e);
}
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
CertificateParsingException(java.security.cert.CertificateParsingException)
X509CertificateObject(org.bouncycastle.jce.provider.X509CertificateObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERBitString(org.bouncycastle.asn1.DERBitString)
X509CertificateStructure(org.bouncycastle.asn1.x509.X509CertificateStructure)
Example 44 with Certificate
use of org.openecard.bouncycastle.asn1.x509.Certificate in project platformlayer by platformlayer.
the class SimpleCertificateAuthority method signCsr.
public X509Certificate signCsr(PKCS10CertificationRequest csr) throws OpsException {
SubjectPublicKeyInfo subjectPublicKeyInfo = csr.getSubjectPublicKeyInfo();
X500Name subject = csr.getSubject();
Certificate certificate = signCertificate(BouncyCastleHelpers.toX500Name(caCertificate[0].getSubjectX500Principal()), caPrivateKey, subject, subjectPublicKeyInfo);
return toX509(certificate);
}
Also used :
X500Name(org.bouncycastle.asn1.x500.X500Name)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Example 45 with Certificate
use of org.openecard.bouncycastle.asn1.x509.Certificate in project platformlayer by platformlayer.
the class SimpleCertificateAuthority method signCertificate.
private static Certificate signCertificate(X500Name signer, PrivateKey signerPrivateKey, X500Name subject, SubjectPublicKeyInfo subjectPublicKeyInfo) throws OpsException {
try {
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(SIGNATURE_ALGORITHM);
AlgorithmIdentifier digestAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
long days = 3650;
long now = System.currentTimeMillis();
Date notBefore = new Date(now - ONE_DAY);
Date notAfter = new Date(notBefore.getTime() + (days * ONE_DAY));
BigInteger serialNumber;
synchronized (SimpleCertificateAuthority.class) {
long nextSerialNumber = System.currentTimeMillis();
serialNumber = BigInteger.valueOf(nextSerialNumber);
}
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(signer, serialNumber, notBefore, notAfter, subject, subjectPublicKeyInfo);
// {
// boolean isCritical = false;
// certificateBuilder.addExtension(X509Extensions.SubjectKeyIdentifier, isCritical,
// csr.getSubjectPublicKeyInfo());
// }
AsymmetricKeyParameter caPrivateKeyParameters = PrivateKeyFactory.createKey(signerPrivateKey.getEncoded());
ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgId, digestAlgId).build(caPrivateKeyParameters);
X509CertificateHolder certificateHolder = certificateBuilder.build(contentSigner);
Certificate certificate = certificateHolder.toASN1Structure();
return certificate;
} catch (OperatorCreationException e) {
throw new OpsException("Error signing certificate", e);
} catch (IOException e) {
throw new OpsException("Error signing certificate", e);
}
}
Also used :
OpsException(org.platformlayer.ops.OpsException)
ContentSigner(org.bouncycastle.operator.ContentSigner)
IOException(java.io.IOException)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
Date(java.util.Date)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
AsymmetricKeyParameter(org.bouncycastle.crypto.params.AsymmetricKeyParameter)
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
BigInteger(java.math.BigInteger)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
X509Certificate(java.security.cert.X509Certificate)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Aggregations
X509Certificate (java.security.cert.X509Certificate)106
IOException (java.io.IOException)93
Date (java.util.Date)59
X500Name (org.bouncycastle.asn1.x500.X500Name)50
BigInteger (java.math.BigInteger)47
CertificateException (java.security.cert.CertificateException)44
GeneralName (org.bouncycastle.asn1.x509.GeneralName)40
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)38
ArrayList (java.util.ArrayList)33
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)32
Certificate (org.bouncycastle.asn1.x509.Certificate)31
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)30
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)30
ContentSigner (org.bouncycastle.operator.ContentSigner)30
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)29
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)27
BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)26
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)26
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)26
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)26
