Example 1 with CertAndKeyGen
use of sun.security.tools.keytool.CertAndKeyGen in project coprhd-controller by CoprHD.
the class VdcControllerTest method setup.
@Before
public void setup() throws Exception {
vdcController = new VdcControllerImpl();
MockCoordinatorClient coordinator = new MockCoordinatorClient();
// setup mock objects for vdc controller test
dbClient = new MockDbClient();
vdcController.setDbClient(dbClient);
InternalApiSignatureKeyGenerator secretKeyGenerator = new InternalApiSignatureKeyGenerator() {
public synchronized void loadKeys() {
}
public SecretKey getSignatureKey(SignatureKeyType type) {
return SignatureHelper.createKey("test", InternalApiSignatureKeyGenerator.CURRENT_INTERVDC_API_SIGN_ALGO);
}
};
clientManager = new MockGeoClientCacheManager(coordinator, secretKeyGenerator);
vdcController.setGeoClientManager(clientManager);
vdcController.setVdcOperationLockHelper(new MockVdcOperationLockHelper());
keystore = KeyStore.getInstance(KeyStore.getDefaultType());
password = "some password".toCharArray();
keystore.load(null, password);
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
keyGen.initialize(512, new SecureRandom());
CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
X500Name x500Name = new X500Name("EMC", "EMC", "EMC", "EMC", "MA", "US");
keypair.generate(512);
PrivateKey privKey = keypair.getPrivateKey();
chain = new X509Certificate[1];
chain[0] = keypair.getSelfCertificate(x500Name, new Date(), (long) 365 * 24 * 60 * 60);
keystore.setKeyEntry(KeystoreEngine.ViPR_KEY_AND_CERTIFICATE_ALIAS, privKey, password, chain);
vdcController.setKeystore(keystore);
vdcController.setSignatureGenerator(secretKeyGenerator);
BasePermissionsHelper permissionsHelper = new BasePermissionsHelper(dbClient);
vdcController.setPermissionsHelper(permissionsHelper);
// Setup helper based on mocked db client
VdcConfigHelper helper = new VdcConfigHelper();
helper.setDbClient(dbClient);
helper.setGeoClientCacheManager(clientManager);
helper.setCoordinatorClient(coordinator);
vdcController.setVdcHelper(helper);
VdcUtil.setDbClient(dbClient);
dbClient.buildGeodbData();
}
Also used :
PrivateKey(java.security.PrivateKey)
SecureRandom(java.security.SecureRandom)
VdcControllerImpl(com.emc.storageos.geo.vdccontroller.impl.VdcControllerImpl)
KeyPairGenerator(java.security.KeyPairGenerator)
X500Name(sun.security.x509.X500Name)
Date(java.util.Date)
CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen)
InternalApiSignatureKeyGenerator(com.emc.storageos.security.authentication.InternalApiSignatureKeyGenerator)
BasePermissionsHelper(com.emc.storageos.security.authorization.BasePermissionsHelper)
VdcConfigHelper(com.emc.storageos.geo.service.impl.util.VdcConfigHelper)
Before(org.junit.Before)
Example 2 with CertAndKeyGen
use of sun.security.tools.keytool.CertAndKeyGen in project jdk8u_jdk by JetBrains.
the class SmallPrimeExponentP method main.
public static void main(String[] argv) throws Exception {
String osName = System.getProperty("os.name");
if (!osName.startsWith("Windows")) {
System.out.println("Not windows");
return;
}
KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, null);
CertAndKeyGen ckg = new CertAndKeyGen("RSA", "SHA1withRSA");
ckg.setRandom(new SecureRandom());
boolean see63 = false, see65 = false;
while (!see63 || !see65) {
ckg.generate(1024);
RSAPrivateCrtKey k = (RSAPrivateCrtKey) ckg.getPrivateKey();
int len = k.getPrimeExponentP().toByteArray().length;
if (len == 63 || len == 65) {
if (len == 63) {
if (see63)
continue;
else
see63 = true;
}
if (len == 65) {
if (see65)
continue;
else
see65 = true;
}
System.err.print(len);
ks.setKeyEntry("anything", k, null, new X509Certificate[] { ckg.getSelfCertificate(new X500Name("CN=Me"), 1000) });
}
System.err.print('.');
}
ks.store(null, null);
}
Also used :
RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)
CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen)
SecureRandom(java.security.SecureRandom)
X500Name(sun.security.x509.X500Name)
KeyStore(java.security.KeyStore)
Example 3 with CertAndKeyGen
use of sun.security.tools.keytool.CertAndKeyGen in project jdk8u_jdk by JetBrains.
the class NonStandardNames method main.
public static void main(String[] args) throws Exception {
byte[] data = "Hello".getBytes();
X500Name n = new X500Name("cn=Me");
CertAndKeyGen cakg = new CertAndKeyGen("RSA", "SHA256withRSA");
cakg.generate(1024);
X509Certificate cert = cakg.getSelfCertificate(n, 1000);
MessageDigest md = MessageDigest.getInstance("SHA-256");
PKCS9Attributes authed = new PKCS9Attributes(new PKCS9Attribute[] { new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, ContentInfo.DATA_OID), new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, md.digest(data)) });
Signature s = Signature.getInstance("SHA256withRSA");
s.initSign(cakg.getPrivateKey());
s.update(authed.getDerEncoding());
byte[] sig = s.sign();
SignerInfo signerInfo = new SignerInfo(n, cert.getSerialNumber(), AlgorithmId.get("SHA-256"), authed, AlgorithmId.get("SHA256withRSA"), sig, null);
PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { signerInfo.getDigestAlgorithmId() }, new ContentInfo(data), new X509Certificate[] { cert }, new SignerInfo[] { signerInfo });
if (pkcs7.verify(signerInfo, data) == null) {
throw new Exception("Not verified");
}
}
Also used :
SignerInfo(sun.security.pkcs.SignerInfo)
PKCS9Attribute(sun.security.pkcs.PKCS9Attribute)
ContentInfo(sun.security.pkcs.ContentInfo)
PKCS7(sun.security.pkcs.PKCS7)
CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen)
Signature(java.security.Signature)
X500Name(sun.security.x509.X500Name)
MessageDigest(java.security.MessageDigest)
PKCS9Attributes(sun.security.pkcs.PKCS9Attributes)
X509Certificate(java.security.cert.X509Certificate)
Example 4 with CertAndKeyGen
use of sun.security.tools.keytool.CertAndKeyGen in project meecrowave by apache.
the class Keystores method create.
public static PublicKey create(final File keystore) throws Exception {
CryptoUtils.installBouncyCastleProvider();
final KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, "password".toCharArray());
final CertAndKeyGen keyGen = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
keyGen.generate(2048);
final PrivateKey rootPrivateKey = keyGen.getPrivateKey();
X509Certificate rootCertificate = keyGen.getSelfCertificate(new X500Name("cn=root"), (long) 365 * 24 * 60 * 60);
final CertAndKeyGen keyGen1 = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
keyGen1.generate(2048);
final PrivateKey middlePrivateKey = keyGen1.getPrivateKey();
X509Certificate middleCertificate = keyGen1.getSelfCertificate(new X500Name("CN=MIDDLE"), (long) 365 * 24 * 60 * 60);
// Generate leaf certificate
final CertAndKeyGen keyGen2 = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
keyGen2.generate(2048);
final PrivateKey topPrivateKey = keyGen2.getPrivateKey();
X509Certificate topCertificate = keyGen2.getSelfCertificate(new X500Name("cn=root"), (long) 365 * 24 * 60 * 60);
rootCertificate = createSignedCertificate(rootCertificate, rootCertificate, rootPrivateKey);
middleCertificate = createSignedCertificate(middleCertificate, rootCertificate, rootPrivateKey);
topCertificate = createSignedCertificate(topCertificate, middleCertificate, middlePrivateKey);
final X509Certificate[] chain = new X509Certificate[] { topCertificate, middleCertificate, rootCertificate };
ks.setKeyEntry("alice", topPrivateKey, "pwd".toCharArray(), chain);
keystore.getParentFile().mkdirs();
try (final OutputStream os = new FileOutputStream(keystore)) {
ks.store(os, "password".toCharArray());
}
return keyGen2.getPublicKey();
}
Also used :
PrivateKey(java.security.PrivateKey)
CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen)
OutputStream(java.io.OutputStream)
FileOutputStream(java.io.FileOutputStream)
FileOutputStream(java.io.FileOutputStream)
X500Name(sun.security.x509.X500Name)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
CertAndKeyGen (sun.security.tools.keytool.CertAndKeyGen)4
X500Name (sun.security.x509.X500Name)4
KeyStore (java.security.KeyStore)2
PrivateKey (java.security.PrivateKey)2
SecureRandom (java.security.SecureRandom)2
X509Certificate (java.security.cert.X509Certificate)2
VdcConfigHelper (com.emc.storageos.geo.service.impl.util.VdcConfigHelper)1
VdcControllerImpl (com.emc.storageos.geo.vdccontroller.impl.VdcControllerImpl)1
InternalApiSignatureKeyGenerator (com.emc.storageos.security.authentication.InternalApiSignatureKeyGenerator)1
BasePermissionsHelper (com.emc.storageos.security.authorization.BasePermissionsHelper)1
FileOutputStream (java.io.FileOutputStream)1
OutputStream (java.io.OutputStream)1
KeyPairGenerator (java.security.KeyPairGenerator)1
MessageDigest (java.security.MessageDigest)1
Signature (java.security.Signature)1
RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)1
Date (java.util.Date)1
Before (org.junit.Before)1
ContentInfo (sun.security.pkcs.ContentInfo)1
PKCS7 (sun.security.pkcs.PKCS7)1
