Example 1 with AsymmetricKeyParameter
use of org.spongycastle.crypto.params.AsymmetricKeyParameter in project android by nextcloud.
the class CsrHelper method generateCSR.
/**
* Create the certificate signing request (CSR) from private and public keys
*
* @param keyPair the KeyPair with private and public keys
* @param userId userId of CSR owner
* @return PKCS10CertificationRequest with the certificate signing request (CSR) data
* @throws IOException thrown if key cannot be created
* @throws OperatorCreationException thrown if contentSigner cannot be build
*/
private static PKCS10CertificationRequest generateCSR(KeyPair keyPair, String userId) throws IOException, OperatorCreationException {
String principal = "CN=" + userId;
AsymmetricKeyParameter privateKey = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WITHRSA");
AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find("SHA-1");
ContentSigner signer = new BcRSAContentSignerBuilder(signatureAlgorithm, digestAlgorithm).build(privateKey);
PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name(principal), keyPair.getPublic());
ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
extensionsGenerator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
csrBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
return csrBuilder.build(signer);
}
Also used :
BcRSAContentSignerBuilder(org.spongycastle.operator.bc.BcRSAContentSignerBuilder)
JcaPKCS10CertificationRequestBuilder(org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
AsymmetricKeyParameter(org.spongycastle.crypto.params.AsymmetricKeyParameter)
ContentSigner(org.spongycastle.operator.ContentSigner)
PKCS10CertificationRequestBuilder(org.spongycastle.pkcs.PKCS10CertificationRequestBuilder)
JcaPKCS10CertificationRequestBuilder(org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
X500Name(org.spongycastle.asn1.x500.X500Name)
DefaultDigestAlgorithmIdentifierFinder(org.spongycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
BasicConstraints(org.spongycastle.asn1.x509.BasicConstraints)
AlgorithmIdentifier(org.spongycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.spongycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
ExtensionsGenerator(org.spongycastle.asn1.x509.ExtensionsGenerator)
Aggregations
X500Name (org.spongycastle.asn1.x500.X500Name)1
AlgorithmIdentifier (org.spongycastle.asn1.x509.AlgorithmIdentifier)1
BasicConstraints (org.spongycastle.asn1.x509.BasicConstraints)1
ExtensionsGenerator (org.spongycastle.asn1.x509.ExtensionsGenerator)1
AsymmetricKeyParameter (org.spongycastle.crypto.params.AsymmetricKeyParameter)1
ContentSigner (org.spongycastle.operator.ContentSigner)1
DefaultDigestAlgorithmIdentifierFinder (org.spongycastle.operator.DefaultDigestAlgorithmIdentifierFinder)1
DefaultSignatureAlgorithmIdentifierFinder (org.spongycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)1
BcRSAContentSignerBuilder (org.spongycastle.operator.bc.BcRSAContentSignerBuilder)1
PKCS10CertificationRequestBuilder (org.spongycastle.pkcs.PKCS10CertificationRequestBuilder)1
JcaPKCS10CertificationRequestBuilder (org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)1
