Examples with CertificateSerialNumber sun.security.x509.CertificateSerialNumber used on opensource projects

Search in sources :

Example 6 with CertificateSerialNumber

use of sun.security.x509.CertificateSerialNumber in project baseio by generallycloud.

the class SelfSignedCertificate method generate.

private File[] generate(String fileRoot, String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter) throws Exception {
    PrivateKey key = keypair.getPrivate();
    // Prepare the information required for generating an X.509
    // certificate.
    X509CertInfo info = new X509CertInfo();
    X500Name owner = new X500Name("CN=" + fqdn);
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, random)));
    try {
        info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
    } catch (CertificateException ignore) {
        info.set(X509CertInfo.SUBJECT, owner);
    }
    try {
        info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
    } catch (CertificateException ignore) {
        info.set(X509CertInfo.ISSUER, owner);
    }
    info.set(X509CertInfo.VALIDITY, new CertificateValidity(notBefore, notAfter));
    info.set(X509CertInfo.KEY, new CertificateX509Key(keypair.getPublic()));
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid)));
    // Sign the cert to identify the algorithm that's used.
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(key, "SHA1withRSA");
    // Update the algorithm and sign again.
    info.set(CertificateAlgorithmId.NAME + '.' + CertificateAlgorithmId.ALGORITHM, cert.get(X509CertImpl.SIG_ALG));
    cert = new X509CertImpl(info);
    cert.sign(key, "SHA1withRSA");
    cert.verify(keypair.getPublic());
    return newSelfSignedCertificate(fileRoot, fqdn, key, cert);
}
Also used : CertificateSubjectName(sun.security.x509.CertificateSubjectName) PrivateKey(java.security.PrivateKey) X509CertInfo(sun.security.x509.X509CertInfo) CertificateIssuerName(sun.security.x509.CertificateIssuerName) CertificateVersion(sun.security.x509.CertificateVersion) CertificateException(java.security.cert.CertificateException) CertificateValidity(sun.security.x509.CertificateValidity) X500Name(sun.security.x509.X500Name) CertificateX509Key(sun.security.x509.CertificateX509Key) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) AlgorithmId(sun.security.x509.AlgorithmId) X509CertImpl(sun.security.x509.X509CertImpl) BigInteger(java.math.BigInteger) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)

Example 7 with CertificateSerialNumber

use of sun.security.x509.CertificateSerialNumber in project coprhd-controller by CoprHD.

the class KeyCertificatePairGenerator method generateCertificate.

/**
 * Create a self-signed X.509 Certificate
 *
 * @param pair the KeyPair
 */
private X509Certificate generateCertificate(KeyPair pair) throws GeneralSecurityException, IOException {
    PublicKey pubKey = loadPublicKeyFromBytes(pair.getPublic().getEncoded());
    PrivateKey privkey = pair.getPrivate();
    X509CertInfo info = new X509CertInfo();
    Date from = getNotBefore();
    Date to = new Date(from.getTime() + valuesHolder.getCertificateValidityInDays() * 86400000L);
    CertificateValidity interval = new CertificateValidity(from, to);
    BigInteger sn = new BigInteger(64, new SecureRandom());
    X500Name owner = new X500Name(String.format(CERTIFICATE_COMMON_NAME_FORMAT, valuesHolder.getCertificateCommonName()));
    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
    info.set(X509CertInfo.SUBJECT, owner);
    info.set(X509CertInfo.ISSUER, owner);
    info.set(X509CertInfo.KEY, new CertificateX509Key(pubKey));
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    AlgorithmId keyAlgo = AlgorithmId.get(KeyCertificateAlgorithmValuesHolder.DEFAULT_KEY_ALGORITHM);
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(keyAlgo));
    AlgorithmId signingAlgo = AlgorithmId.get(valuesHolder.getSigningAlgorithm());
    info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, signingAlgo);
    // add extensions
    CertificateExtensions ext = new CertificateExtensions();
    ext.set(SubjectKeyIdentifierExtension.NAME, new SubjectKeyIdentifierExtension(new KeyIdentifier(pubKey).getIdentifier()));
    // CA public key is the same as our public key (self signed)
    ext.set(AuthorityKeyIdentifierExtension.NAME, new AuthorityKeyIdentifierExtension(new KeyIdentifier(pubKey), null, null));
    ext.set(SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(subjectAltNames()));
    info.set(X509CertInfo.EXTENSIONS, ext);
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(privkey, valuesHolder.getSigningAlgorithm());
    return cert;
}
Also used : RSAPrivateKey(java.security.interfaces.RSAPrivateKey) PrivateKey(java.security.PrivateKey) KeyIdentifier(sun.security.x509.KeyIdentifier) X509CertInfo(sun.security.x509.X509CertInfo) PublicKey(java.security.PublicKey) SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension) SecureRandom(java.security.SecureRandom) CertificateVersion(sun.security.x509.CertificateVersion) CertificateValidity(sun.security.x509.CertificateValidity) CertificateExtensions(sun.security.x509.CertificateExtensions) X500Name(sun.security.x509.X500Name) CertificateX509Key(sun.security.x509.CertificateX509Key) Date(java.util.Date) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) SubjectKeyIdentifierExtension(sun.security.x509.SubjectKeyIdentifierExtension) AlgorithmId(sun.security.x509.AlgorithmId) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) X509CertImpl(sun.security.x509.X509CertImpl) BigInteger(java.math.BigInteger) AuthorityKeyIdentifierExtension(sun.security.x509.AuthorityKeyIdentifierExtension) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)

Example 8 with CertificateSerialNumber

use of sun.security.x509.CertificateSerialNumber in project jdk8u_jdk by JetBrains.

the class SimpleSigner method getSelfCert.

private X509Certificate getSelfCert() throws Exception {
    long validity = 1000;
    X509CertImpl certLocal;
    Date firstDate, lastDate;
    firstDate = new Date();
    lastDate = new Date();
    lastDate.setTime(lastDate.getTime() + validity + 1000);
    CertificateValidity interval = new CertificateValidity(firstDate, lastDate);
    X509CertInfo info = new X509CertInfo();
    // Add all mandatory attributes
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V1));
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber((int) (firstDate.getTime() / 1000)));
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algId));
    info.set(X509CertInfo.SUBJECT, agent);
    info.set(X509CertInfo.KEY, new CertificateX509Key(publicKey));
    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.ISSUER, agent);
    certLocal = new X509CertImpl(info);
    certLocal.sign(privateKey, algId.getName());
    return certLocal;
}
Also used : CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) X509CertInfo(sun.security.x509.X509CertInfo) X509CertImpl(sun.security.x509.X509CertImpl) CertificateVersion(sun.security.x509.CertificateVersion) CertificateValidity(sun.security.x509.CertificateValidity) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) CertificateX509Key(sun.security.x509.CertificateX509Key) Date(java.util.Date)

Example 9 with CertificateSerialNumber

use of sun.security.x509.CertificateSerialNumber in project baseio by generallycloud.

the class SelfSignedCertificate method generate.

private File[] generate(String fileRoot, String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter) throws Exception {
    PrivateKey key = keypair.getPrivate();
    // Prepare the information required for generating an X.509
    // certificate.
    X509CertInfo info = new X509CertInfo();
    X500Name owner = new X500Name("CN=" + fqdn);
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(new BigInteger(64, random)));
    try {
        info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
    } catch (CertificateException ignore) {
        info.set(X509CertInfo.SUBJECT, owner);
    }
    try {
        info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
    } catch (CertificateException ignore) {
        info.set(X509CertInfo.ISSUER, owner);
    }
    info.set(X509CertInfo.VALIDITY, new CertificateValidity(notBefore, notAfter));
    info.set(X509CertInfo.KEY, new CertificateX509Key(keypair.getPublic()));
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.sha1WithRSAEncryption_oid)));
    // Sign the cert to identify the algorithm that's used.
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(key, "SHA1withRSA");
    // Update the algorithm and sign again.
    info.set(CertificateAlgorithmId.NAME + '.' + CertificateAlgorithmId.ALGORITHM, cert.get(X509CertImpl.SIG_ALG));
    cert = new X509CertImpl(info);
    cert.sign(key, "SHA1withRSA");
    cert.verify(keypair.getPublic());
    return newSelfSignedCertificate(fileRoot, fqdn, key, cert);
}
Also used : CertificateSubjectName(sun.security.x509.CertificateSubjectName) PrivateKey(java.security.PrivateKey) X509CertInfo(sun.security.x509.X509CertInfo) CertificateIssuerName(sun.security.x509.CertificateIssuerName) CertificateVersion(sun.security.x509.CertificateVersion) CertificateException(java.security.cert.CertificateException) CertificateValidity(sun.security.x509.CertificateValidity) X500Name(sun.security.x509.X500Name) CertificateX509Key(sun.security.x509.CertificateX509Key) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) AlgorithmId(sun.security.x509.AlgorithmId) X509CertImpl(sun.security.x509.X509CertImpl) BigInteger(java.math.BigInteger) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId)

Example 10 with CertificateSerialNumber

use of sun.security.x509.CertificateSerialNumber in project jasn1 by openmuc.

the class AuthorityKeyIdentifier method decode.

public int decode(InputStream is, boolean withTag) throws IOException {
    int codeLength = 0;
    int subCodeLength = 0;
    BerTag berTag = new BerTag();
    if (withTag) {
        codeLength += tag.decodeAndCheck(is);
    }
    BerLength length = new BerLength();
    codeLength += length.decode(is);
    int totalLength = length.val;
    if (totalLength == -1) {
        subCodeLength += berTag.decode(is);
        if (berTag.tagNumber == 0 && berTag.tagClass == 0 && berTag.primitive == 0) {
            int nextByte = is.read();
            if (nextByte != 0) {
                if (nextByte == -1) {
                    throw new EOFException("Unexpected end of input stream.");
                }
                throw new IOException("Decoded sequence has wrong end of contents octets");
            }
            codeLength += subCodeLength + 1;
            return codeLength;
        }
        if (berTag.equals(BerTag.CONTEXT_CLASS, BerTag.PRIMITIVE, 0)) {
            keyIdentifier = new KeyIdentifier();
            subCodeLength += keyIdentifier.decode(is, false);
            subCodeLength += berTag.decode(is);
        }
        if (berTag.tagNumber == 0 && berTag.tagClass == 0 && berTag.primitive == 0) {
            int nextByte = is.read();
            if (nextByte != 0) {
                if (nextByte == -1) {
                    throw new EOFException("Unexpected end of input stream.");
                }
                throw new IOException("Decoded sequence has wrong end of contents octets");
            }
            codeLength += subCodeLength + 1;
            return codeLength;
        }
        if (berTag.equals(BerTag.CONTEXT_CLASS, BerTag.CONSTRUCTED, 1)) {
            authorityCertIssuer = new GeneralNames();
            subCodeLength += authorityCertIssuer.decode(is, false);
            subCodeLength += berTag.decode(is);
        }
        if (berTag.tagNumber == 0 && berTag.tagClass == 0 && berTag.primitive == 0) {
            int nextByte = is.read();
            if (nextByte != 0) {
                if (nextByte == -1) {
                    throw new EOFException("Unexpected end of input stream.");
                }
                throw new IOException("Decoded sequence has wrong end of contents octets");
            }
            codeLength += subCodeLength + 1;
            return codeLength;
        }
        if (berTag.equals(BerTag.CONTEXT_CLASS, BerTag.PRIMITIVE, 2)) {
            authorityCertSerialNumber = new CertificateSerialNumber();
            subCodeLength += authorityCertSerialNumber.decode(is, false);
            subCodeLength += berTag.decode(is);
        }
        int nextByte = is.read();
        if (berTag.tagNumber != 0 || berTag.tagClass != 0 || berTag.primitive != 0 || nextByte != 0) {
            if (nextByte == -1) {
                throw new EOFException("Unexpected end of input stream.");
            }
            throw new IOException("Decoded sequence has wrong end of contents octets");
        }
        codeLength += subCodeLength + 1;
        return codeLength;
    }
    codeLength += totalLength;
    if (totalLength == 0) {
        return codeLength;
    }
    subCodeLength += berTag.decode(is);
    if (berTag.equals(BerTag.CONTEXT_CLASS, BerTag.PRIMITIVE, 0)) {
        keyIdentifier = new KeyIdentifier();
        subCodeLength += keyIdentifier.decode(is, false);
        if (subCodeLength == totalLength) {
            return codeLength;
        }
        subCodeLength += berTag.decode(is);
    }
    if (berTag.equals(BerTag.CONTEXT_CLASS, BerTag.CONSTRUCTED, 1)) {
        authorityCertIssuer = new GeneralNames();
        subCodeLength += authorityCertIssuer.decode(is, false);
        if (subCodeLength == totalLength) {
            return codeLength;
        }
        subCodeLength += berTag.decode(is);
    }
    if (berTag.equals(BerTag.CONTEXT_CLASS, BerTag.PRIMITIVE, 2)) {
        authorityCertSerialNumber = new CertificateSerialNumber();
        subCodeLength += authorityCertSerialNumber.decode(is, false);
        if (subCodeLength == totalLength) {
            return codeLength;
        }
    }
    throw new IOException("Unexpected end of sequence, length tag: " + totalLength + ", actual sequence length: " + subCodeLength);
}
Also used : CertificateSerialNumber(org.openmuc.jasn1.compiler.pkix1explicit88.CertificateSerialNumber) EOFException(java.io.EOFException) IOException(java.io.IOException)

Aggregations

CertificateAlgorithmId (sun.security.x509.CertificateAlgorithmId)9 CertificateSerialNumber (sun.security.x509.CertificateSerialNumber)9 X509CertImpl (sun.security.x509.X509CertImpl)9 BigInteger (java.math.BigInteger)8 CertificateValidity (sun.security.x509.CertificateValidity)8 CertificateVersion (sun.security.x509.CertificateVersion)8 CertificateX509Key (sun.security.x509.CertificateX509Key)8 X500Name (sun.security.x509.X500Name)8 X509CertInfo (sun.security.x509.X509CertInfo)8 AlgorithmId (sun.security.x509.AlgorithmId)7 PrivateKey (java.security.PrivateKey)6 SecureRandom (java.security.SecureRandom)5 CertificateIssuerName (sun.security.x509.CertificateIssuerName)5 CertificateSubjectName (sun.security.x509.CertificateSubjectName)5 Date (java.util.Date)4 CertificateException (java.security.cert.CertificateException)3 KeyPair (java.security.KeyPair)2 KeyPairGenerator (java.security.KeyPairGenerator)2 PublicKey (java.security.PublicKey)2 CertificateDTO (com.stnetix.ariaddna.commonutils.dto.CertificateDTO)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial