Search in sources :

Example 1 with DefaultDigestAlgorithmIdentifierFinder

use of org.spongycastle.operator.DefaultDigestAlgorithmIdentifierFinder in project android by nextcloud.

the class CsrHelper method generateCSR.

/**
 * Create the certificate signing request (CSR) from private and public keys
 *
 * @param keyPair the KeyPair with private and public keys
 * @param userId userId of CSR owner
 * @return PKCS10CertificationRequest with the certificate signing request (CSR) data
 * @throws IOException thrown if key cannot be created
 * @throws OperatorCreationException thrown if contentSigner cannot be build
 */
private static PKCS10CertificationRequest generateCSR(KeyPair keyPair, String userId) throws IOException, OperatorCreationException {
    String principal = "CN=" + userId;
    AsymmetricKeyParameter privateKey = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
    AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WITHRSA");
    AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find("SHA-1");
    ContentSigner signer = new BcRSAContentSignerBuilder(signatureAlgorithm, digestAlgorithm).build(privateKey);
    PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name(principal), keyPair.getPublic());
    ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
    extensionsGenerator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
    csrBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
    return csrBuilder.build(signer);
}
Also used : BcRSAContentSignerBuilder(org.spongycastle.operator.bc.BcRSAContentSignerBuilder) JcaPKCS10CertificationRequestBuilder(org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) AsymmetricKeyParameter(org.spongycastle.crypto.params.AsymmetricKeyParameter) ContentSigner(org.spongycastle.operator.ContentSigner) PKCS10CertificationRequestBuilder(org.spongycastle.pkcs.PKCS10CertificationRequestBuilder) JcaPKCS10CertificationRequestBuilder(org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) X500Name(org.spongycastle.asn1.x500.X500Name) DefaultDigestAlgorithmIdentifierFinder(org.spongycastle.operator.DefaultDigestAlgorithmIdentifierFinder) BasicConstraints(org.spongycastle.asn1.x509.BasicConstraints) AlgorithmIdentifier(org.spongycastle.asn1.x509.AlgorithmIdentifier) DefaultSignatureAlgorithmIdentifierFinder(org.spongycastle.operator.DefaultSignatureAlgorithmIdentifierFinder) ExtensionsGenerator(org.spongycastle.asn1.x509.ExtensionsGenerator)

Aggregations

X500Name (org.spongycastle.asn1.x500.X500Name)1 AlgorithmIdentifier (org.spongycastle.asn1.x509.AlgorithmIdentifier)1 BasicConstraints (org.spongycastle.asn1.x509.BasicConstraints)1 ExtensionsGenerator (org.spongycastle.asn1.x509.ExtensionsGenerator)1 AsymmetricKeyParameter (org.spongycastle.crypto.params.AsymmetricKeyParameter)1 ContentSigner (org.spongycastle.operator.ContentSigner)1 DefaultDigestAlgorithmIdentifierFinder (org.spongycastle.operator.DefaultDigestAlgorithmIdentifierFinder)1 DefaultSignatureAlgorithmIdentifierFinder (org.spongycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)1 BcRSAContentSignerBuilder (org.spongycastle.operator.bc.BcRSAContentSignerBuilder)1 PKCS10CertificationRequestBuilder (org.spongycastle.pkcs.PKCS10CertificationRequestBuilder)1 JcaPKCS10CertificationRequestBuilder (org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)1