Search in sources :

Example 76 with SubjectPublicKeyInfo

use of org.openecard.bouncycastle.asn1.x509.SubjectPublicKeyInfo in project xipki by xipki.

the class CaClientExample method generateDsaKeypair.

protected static MyKeypair generateDsaKeypair() throws Exception {
    // plen: 2048, qlen: 256
    DSAParameterSpec spec = new DSAParameterSpec(P2048_Q256_P, P2048_Q256_Q, P2048_Q256_G);
    KeyPairGenerator kpGen = KeyPairGenerator.getInstance("DSA");
    kpGen.initialize(spec);
    KeyPair kp = kpGen.generateKeyPair();
    DSAPublicKey dsaPubKey = (DSAPublicKey) kp.getPublic();
    ASN1EncodableVector vec = new ASN1EncodableVector();
    vec.add(new ASN1Integer(dsaPubKey.getParams().getP()));
    vec.add(new ASN1Integer(dsaPubKey.getParams().getQ()));
    vec.add(new ASN1Integer(dsaPubKey.getParams().getG()));
    ASN1Sequence dssParams = new DERSequence(vec);
    SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, dssParams), new ASN1Integer(dsaPubKey.getY()));
    return new MyKeypair(kp.getPrivate(), subjectPublicKeyInfo);
}
Also used : DSAParameterSpec(java.security.spec.DSAParameterSpec) KeyPair(java.security.KeyPair) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) KeyPairGenerator(java.security.KeyPairGenerator) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) DSAPublicKey(java.security.interfaces.DSAPublicKey) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 77 with SubjectPublicKeyInfo

use of org.openecard.bouncycastle.asn1.x509.SubjectPublicKeyInfo in project xipki by xipki.

the class KeyUtil method createSubjectPublicKeyInfo.

public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(PublicKey publicKey) throws InvalidKeyException {
    ParamUtil.requireNonNull("publicKey", publicKey);
    if (publicKey instanceof DSAPublicKey) {
        DSAPublicKey dsaPubKey = (DSAPublicKey) publicKey;
        ASN1EncodableVector vec = new ASN1EncodableVector();
        vec.add(new ASN1Integer(dsaPubKey.getParams().getP()));
        vec.add(new ASN1Integer(dsaPubKey.getParams().getQ()));
        vec.add(new ASN1Integer(dsaPubKey.getParams().getG()));
        ASN1Sequence dssParams = new DERSequence(vec);
        try {
            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, dssParams), new ASN1Integer(dsaPubKey.getY()));
        } catch (IOException ex) {
            throw new InvalidKeyException(ex.getMessage(), ex);
        }
    } else if (publicKey instanceof RSAPublicKey) {
        RSAPublicKey rsaPubKey = (RSAPublicKey) publicKey;
        try {
            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(rsaPubKey.getModulus(), rsaPubKey.getPublicExponent()));
        } catch (IOException ex) {
            throw new InvalidKeyException(ex.getMessage(), ex);
        }
    } else if (publicKey instanceof ECPublicKey) {
        ECPublicKey ecPubKey = (ECPublicKey) publicKey;
        ECParameterSpec paramSpec = ecPubKey.getParams();
        ASN1ObjectIdentifier curveOid = detectCurveOid(paramSpec);
        if (curveOid == null) {
            throw new InvalidKeyException("Cannot find namedCurve of the given private key");
        }
        java.security.spec.ECPoint pointW = ecPubKey.getW();
        BigInteger wx = pointW.getAffineX();
        if (wx.signum() != 1) {
            throw new InvalidKeyException("Wx is not positive");
        }
        BigInteger wy = pointW.getAffineY();
        if (wy.signum() != 1) {
            throw new InvalidKeyException("Wy is not positive");
        }
        int keysize = (paramSpec.getOrder().bitLength() + 7) / 8;
        byte[] wxBytes = BigIntegers.asUnsignedByteArray(keysize, wx);
        byte[] wyBytes = BigIntegers.asUnsignedByteArray(keysize, wy);
        byte[] pubKey = new byte[1 + keysize * 2];
        // uncompressed
        pubKey[0] = 4;
        System.arraycopy(wxBytes, 0, pubKey, 1, keysize);
        System.arraycopy(wyBytes, 0, pubKey, 1 + keysize, keysize);
        AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, curveOid);
        return new SubjectPublicKeyInfo(algId, pubKey);
    } else {
        throw new InvalidKeyException("unknown publicKey class " + publicKey.getClass().getName());
    }
}
Also used : ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) InvalidKeyException(java.security.InvalidKeyException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) DSAPublicKey(java.security.interfaces.DSAPublicKey) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) RSAPublicKey(java.security.interfaces.RSAPublicKey) ECPublicKey(java.security.interfaces.ECPublicKey) ECParameterSpec(java.security.spec.ECParameterSpec) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) BigInteger(java.math.BigInteger) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 78 with SubjectPublicKeyInfo

use of org.openecard.bouncycastle.asn1.x509.SubjectPublicKeyInfo in project xipki by xipki.

the class P12KeyGenerator method genRSAKeypair.

// CHECKSTYLE:SKIP
private KeyPairWithSubjectPublicKeyInfo genRSAKeypair(int keysize, BigInteger publicExponent, SecureRandom random) throws Exception {
    KeyPair kp = KeyUtil.generateRSAKeypair(keysize, publicExponent, random);
    java.security.interfaces.RSAPublicKey rsaPubKey = (java.security.interfaces.RSAPublicKey) kp.getPublic();
    SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(rsaPubKey.getModulus(), rsaPubKey.getPublicExponent()));
    return new KeyPairWithSubjectPublicKeyInfo(kp, spki);
}
Also used : KeyPair(java.security.KeyPair) RSAPublicKey(org.bouncycastle.asn1.pkcs.RSAPublicKey) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)

Example 79 with SubjectPublicKeyInfo

use of org.openecard.bouncycastle.asn1.x509.SubjectPublicKeyInfo in project xipki by xipki.

the class P12KeyGenerator method generateIdentity.

private static P12KeyGenerationResult generateIdentity(KeyPairWithSubjectPublicKeyInfo kp, KeystoreGenerationParameters params, String selfSignedCertSubject) throws Exception {
    Date now = new Date();
    // 10 minutes past
    Date notBefore = new Date(now.getTime() - 10 * MIN);
    Date notAfter = new Date(notBefore.getTime() + 3650 * DAY);
    String dnStr = (selfSignedCertSubject == null) ? "CN=DUMMY" : selfSignedCertSubject;
    X500Name subjectDn = new X500Name(dnStr);
    SubjectPublicKeyInfo subjectPublicKeyInfo = kp.getSubjectPublicKeyInfo();
    ContentSigner contentSigner = getContentSigner(kp.getKeypair().getPrivate());
    // Generate keystore
    X509v3CertificateBuilder certGenerator = new X509v3CertificateBuilder(subjectDn, BigInteger.ONE, notBefore, notAfter, subjectDn, subjectPublicKeyInfo);
    KeyAndCertPair identity = new KeyAndCertPair(certGenerator.build(contentSigner), kp.getKeypair().getPrivate());
    KeyStore ks = KeyUtil.getKeyStore("PKCS12");
    ks.load(null, params.getPassword());
    ks.setKeyEntry("main", identity.getKey(), params.getPassword(), new Certificate[] { identity.getJceCert() });
    ByteArrayOutputStream ksStream = new ByteArrayOutputStream();
    try {
        ks.store(ksStream, params.getPassword());
    } finally {
        ksStream.flush();
    }
    P12KeyGenerationResult result = new P12KeyGenerationResult(ksStream.toByteArray());
    result.setKeystoreObject(ks);
    return result;
}
Also used : X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) X500Name(org.bouncycastle.asn1.x500.X500Name) ByteArrayOutputStream(java.io.ByteArrayOutputStream) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) KeyStore(java.security.KeyStore) Date(java.util.Date)

Example 80 with SubjectPublicKeyInfo

use of org.openecard.bouncycastle.asn1.x509.SubjectPublicKeyInfo in project xipki by xipki.

the class CaLoadTestEnroll method nextCertRequests.

private Map<Integer, CertRequest> nextCertRequests() {
    if (maxRequests > 0) {
        int num = processedRequests.getAndAdd(1);
        if (num >= maxRequests) {
            return null;
        }
    }
    Map<Integer, CertRequest> certRequests = new HashMap<>();
    for (int i = 0; i < num; i++) {
        final int certId = i + 1;
        CertTemplateBuilder certTempBuilder = new CertTemplateBuilder();
        long thisIndex = index.getAndIncrement();
        certTempBuilder.setSubject(loadtestEntry.getX500Name(thisIndex));
        SubjectPublicKeyInfo spki = loadtestEntry.getSubjectPublicKeyInfo();
        certTempBuilder.setPublicKey(spki);
        CertTemplate certTemplate = certTempBuilder.build();
        CertRequest certRequest = new CertRequest(certId, certTemplate, null);
        certRequests.put(certId, certRequest);
    }
    return certRequests;
}
Also used : AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CertTemplateBuilder(org.bouncycastle.asn1.crmf.CertTemplateBuilder) HashMap(java.util.HashMap) CertRequest(org.bouncycastle.asn1.crmf.CertRequest) EnrollCertRequest(org.xipki.ca.client.api.dto.EnrollCertRequest) CertTemplate(org.bouncycastle.asn1.crmf.CertTemplate) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)

Aggregations

SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)77 X500Name (org.bouncycastle.asn1.x500.X500Name)37 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)37 Date (java.util.Date)34 IOException (java.io.IOException)31 ContentSigner (org.bouncycastle.operator.ContentSigner)24 BigInteger (java.math.BigInteger)22 KeyPair (java.security.KeyPair)21 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)21 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)19 KeyPairGenerator (java.security.KeyPairGenerator)17 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)17 X509Certificate (java.security.cert.X509Certificate)17 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)16 InvalidKeyException (java.security.InvalidKeyException)15 InvalidKeySpecException (java.security.spec.InvalidKeySpecException)15 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)15 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)13 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)13 PublicKey (java.security.PublicKey)12