Search in sources :

Example 1 with CertAndKeyGen

use of sun.security.tools.keytool.CertAndKeyGen in project coprhd-controller by CoprHD.

the class VdcControllerTest method setup.

@Before
public void setup() throws Exception {
    vdcController = new VdcControllerImpl();
    MockCoordinatorClient coordinator = new MockCoordinatorClient();
    // setup mock objects for vdc controller test
    dbClient = new MockDbClient();
    vdcController.setDbClient(dbClient);
    InternalApiSignatureKeyGenerator secretKeyGenerator = new InternalApiSignatureKeyGenerator() {

        public synchronized void loadKeys() {
        }

        public SecretKey getSignatureKey(SignatureKeyType type) {
            return SignatureHelper.createKey("test", InternalApiSignatureKeyGenerator.CURRENT_INTERVDC_API_SIGN_ALGO);
        }
    };
    clientManager = new MockGeoClientCacheManager(coordinator, secretKeyGenerator);
    vdcController.setGeoClientManager(clientManager);
    vdcController.setVdcOperationLockHelper(new MockVdcOperationLockHelper());
    keystore = KeyStore.getInstance(KeyStore.getDefaultType());
    password = "some password".toCharArray();
    keystore.load(null, password);
    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
    keyGen.initialize(512, new SecureRandom());
    CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
    X500Name x500Name = new X500Name("EMC", "EMC", "EMC", "EMC", "MA", "US");
    keypair.generate(512);
    PrivateKey privKey = keypair.getPrivateKey();
    chain = new X509Certificate[1];
    chain[0] = keypair.getSelfCertificate(x500Name, new Date(), (long) 365 * 24 * 60 * 60);
    keystore.setKeyEntry(KeystoreEngine.ViPR_KEY_AND_CERTIFICATE_ALIAS, privKey, password, chain);
    vdcController.setKeystore(keystore);
    vdcController.setSignatureGenerator(secretKeyGenerator);
    BasePermissionsHelper permissionsHelper = new BasePermissionsHelper(dbClient);
    vdcController.setPermissionsHelper(permissionsHelper);
    // Setup helper based on mocked db client
    VdcConfigHelper helper = new VdcConfigHelper();
    helper.setDbClient(dbClient);
    helper.setGeoClientCacheManager(clientManager);
    helper.setCoordinatorClient(coordinator);
    vdcController.setVdcHelper(helper);
    VdcUtil.setDbClient(dbClient);
    dbClient.buildGeodbData();
}
Also used : PrivateKey(java.security.PrivateKey) SecureRandom(java.security.SecureRandom) VdcControllerImpl(com.emc.storageos.geo.vdccontroller.impl.VdcControllerImpl) KeyPairGenerator(java.security.KeyPairGenerator) X500Name(sun.security.x509.X500Name) Date(java.util.Date) CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen) InternalApiSignatureKeyGenerator(com.emc.storageos.security.authentication.InternalApiSignatureKeyGenerator) BasePermissionsHelper(com.emc.storageos.security.authorization.BasePermissionsHelper) VdcConfigHelper(com.emc.storageos.geo.service.impl.util.VdcConfigHelper) Before(org.junit.Before)

Example 2 with CertAndKeyGen

use of sun.security.tools.keytool.CertAndKeyGen in project jdk8u_jdk by JetBrains.

the class SmallPrimeExponentP method main.

public static void main(String[] argv) throws Exception {
    String osName = System.getProperty("os.name");
    if (!osName.startsWith("Windows")) {
        System.out.println("Not windows");
        return;
    }
    KeyStore ks = KeyStore.getInstance("Windows-MY");
    ks.load(null, null);
    CertAndKeyGen ckg = new CertAndKeyGen("RSA", "SHA1withRSA");
    ckg.setRandom(new SecureRandom());
    boolean see63 = false, see65 = false;
    while (!see63 || !see65) {
        ckg.generate(1024);
        RSAPrivateCrtKey k = (RSAPrivateCrtKey) ckg.getPrivateKey();
        int len = k.getPrimeExponentP().toByteArray().length;
        if (len == 63 || len == 65) {
            if (len == 63) {
                if (see63)
                    continue;
                else
                    see63 = true;
            }
            if (len == 65) {
                if (see65)
                    continue;
                else
                    see65 = true;
            }
            System.err.print(len);
            ks.setKeyEntry("anything", k, null, new X509Certificate[] { ckg.getSelfCertificate(new X500Name("CN=Me"), 1000) });
        }
        System.err.print('.');
    }
    ks.store(null, null);
}
Also used : RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey) CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen) SecureRandom(java.security.SecureRandom) X500Name(sun.security.x509.X500Name) KeyStore(java.security.KeyStore)

Example 3 with CertAndKeyGen

use of sun.security.tools.keytool.CertAndKeyGen in project jdk8u_jdk by JetBrains.

the class NonStandardNames method main.

public static void main(String[] args) throws Exception {
    byte[] data = "Hello".getBytes();
    X500Name n = new X500Name("cn=Me");
    CertAndKeyGen cakg = new CertAndKeyGen("RSA", "SHA256withRSA");
    cakg.generate(1024);
    X509Certificate cert = cakg.getSelfCertificate(n, 1000);
    MessageDigest md = MessageDigest.getInstance("SHA-256");
    PKCS9Attributes authed = new PKCS9Attributes(new PKCS9Attribute[] { new PKCS9Attribute(PKCS9Attribute.CONTENT_TYPE_OID, ContentInfo.DATA_OID), new PKCS9Attribute(PKCS9Attribute.MESSAGE_DIGEST_OID, md.digest(data)) });
    Signature s = Signature.getInstance("SHA256withRSA");
    s.initSign(cakg.getPrivateKey());
    s.update(authed.getDerEncoding());
    byte[] sig = s.sign();
    SignerInfo signerInfo = new SignerInfo(n, cert.getSerialNumber(), AlgorithmId.get("SHA-256"), authed, AlgorithmId.get("SHA256withRSA"), sig, null);
    PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { signerInfo.getDigestAlgorithmId() }, new ContentInfo(data), new X509Certificate[] { cert }, new SignerInfo[] { signerInfo });
    if (pkcs7.verify(signerInfo, data) == null) {
        throw new Exception("Not verified");
    }
}
Also used : SignerInfo(sun.security.pkcs.SignerInfo) PKCS9Attribute(sun.security.pkcs.PKCS9Attribute) ContentInfo(sun.security.pkcs.ContentInfo) PKCS7(sun.security.pkcs.PKCS7) CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen) Signature(java.security.Signature) X500Name(sun.security.x509.X500Name) MessageDigest(java.security.MessageDigest) PKCS9Attributes(sun.security.pkcs.PKCS9Attributes) X509Certificate(java.security.cert.X509Certificate)

Example 4 with CertAndKeyGen

use of sun.security.tools.keytool.CertAndKeyGen in project meecrowave by apache.

the class Keystores method create.

public static PublicKey create(final File keystore) throws Exception {
    CryptoUtils.installBouncyCastleProvider();
    final KeyStore ks = KeyStore.getInstance("JKS");
    ks.load(null, "password".toCharArray());
    final CertAndKeyGen keyGen = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
    keyGen.generate(2048);
    final PrivateKey rootPrivateKey = keyGen.getPrivateKey();
    X509Certificate rootCertificate = keyGen.getSelfCertificate(new X500Name("cn=root"), (long) 365 * 24 * 60 * 60);
    final CertAndKeyGen keyGen1 = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
    keyGen1.generate(2048);
    final PrivateKey middlePrivateKey = keyGen1.getPrivateKey();
    X509Certificate middleCertificate = keyGen1.getSelfCertificate(new X500Name("CN=MIDDLE"), (long) 365 * 24 * 60 * 60);
    // Generate leaf certificate
    final CertAndKeyGen keyGen2 = new CertAndKeyGen("RSA", "SHA256WithRSA", null);
    keyGen2.generate(2048);
    final PrivateKey topPrivateKey = keyGen2.getPrivateKey();
    X509Certificate topCertificate = keyGen2.getSelfCertificate(new X500Name("cn=root"), (long) 365 * 24 * 60 * 60);
    rootCertificate = createSignedCertificate(rootCertificate, rootCertificate, rootPrivateKey);
    middleCertificate = createSignedCertificate(middleCertificate, rootCertificate, rootPrivateKey);
    topCertificate = createSignedCertificate(topCertificate, middleCertificate, middlePrivateKey);
    final X509Certificate[] chain = new X509Certificate[] { topCertificate, middleCertificate, rootCertificate };
    ks.setKeyEntry("alice", topPrivateKey, "pwd".toCharArray(), chain);
    keystore.getParentFile().mkdirs();
    try (final OutputStream os = new FileOutputStream(keystore)) {
        ks.store(os, "password".toCharArray());
    }
    return keyGen2.getPublicKey();
}
Also used : PrivateKey(java.security.PrivateKey) CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen) OutputStream(java.io.OutputStream) FileOutputStream(java.io.FileOutputStream) FileOutputStream(java.io.FileOutputStream) X500Name(sun.security.x509.X500Name) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate)

Aggregations

CertAndKeyGen (sun.security.tools.keytool.CertAndKeyGen)4 X500Name (sun.security.x509.X500Name)4 KeyStore (java.security.KeyStore)2 PrivateKey (java.security.PrivateKey)2 SecureRandom (java.security.SecureRandom)2 X509Certificate (java.security.cert.X509Certificate)2 VdcConfigHelper (com.emc.storageos.geo.service.impl.util.VdcConfigHelper)1 VdcControllerImpl (com.emc.storageos.geo.vdccontroller.impl.VdcControllerImpl)1 InternalApiSignatureKeyGenerator (com.emc.storageos.security.authentication.InternalApiSignatureKeyGenerator)1 BasePermissionsHelper (com.emc.storageos.security.authorization.BasePermissionsHelper)1 FileOutputStream (java.io.FileOutputStream)1 OutputStream (java.io.OutputStream)1 KeyPairGenerator (java.security.KeyPairGenerator)1 MessageDigest (java.security.MessageDigest)1 Signature (java.security.Signature)1 RSAPrivateCrtKey (java.security.interfaces.RSAPrivateCrtKey)1 Date (java.util.Date)1 Before (org.junit.Before)1 ContentInfo (sun.security.pkcs.ContentInfo)1 PKCS7 (sun.security.pkcs.PKCS7)1