Example 81 with X500Name
use of sun.security.x509.X500Name in project keystore-explorer by kaikramer.
the class DGenerateKeyPairCert method generateCertificate.
private boolean generateCertificate() {
Date validityStart = jdtValidityStart.getDateTime();
Date validityEnd = jdtValidityEnd.getDateTime();
String serialNumberStr = jtfSerialNumber.getText().trim();
if (serialNumberStr.length() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DGenerateKeyPairCert.ValReqSerialNumber.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return false;
}
BigInteger serialNumber;
try {
serialNumber = new BigInteger(serialNumberStr);
if (serialNumber.compareTo(BigInteger.ONE) < 0) {
JOptionPane.showMessageDialog(this, res.getString("DGenerateKeyPairCert.SerialNumberNonZero.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return false;
}
} catch (NumberFormatException ex) {
JOptionPane.showMessageDialog(this, res.getString("DGenerateKeyPairCert.SerialNumberNotInteger.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return false;
}
X500Name x500Name = jdnName.getDistinguishedName();
if (x500Name == null || x500Name.toString().isEmpty()) {
JOptionPane.showMessageDialog(this, res.getString("DGenerateKeyPairCert.NameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return false;
}
try {
SignatureType signatureType = ((SignatureType) jcbSignatureAlgorithm.getSelectedItem());
X509CertificateGenerator generator;
if (jrbVersion1.isSelected()) {
generator = new X509CertificateGenerator(VERSION1);
} else {
generator = new X509CertificateGenerator(VERSION3);
}
// self-signed or signed by other key pair?
if (issuerPrivateKey == null) {
certificate = generator.generateSelfSigned(x500Name, validityStart, validityEnd, keyPair.getPublic(), keyPair.getPrivate(), signatureType, serialNumber, extensions, provider);
} else {
certificate = generator.generate(x500Name, X500NameUtils.x500PrincipalToX500Name(issuerCert.getSubjectX500Principal()), validityStart, validityEnd, keyPair.getPublic(), issuerPrivateKey, signatureType, serialNumber, extensions, provider);
}
} catch (CryptoException ex) {
DError dError = new DError(this, ex);
dError.setLocationRelativeTo(getParent());
dError.setVisible(true);
closeDialog();
}
return true;
}
Also used :
BigInteger(java.math.BigInteger)
X500Name(org.bouncycastle.asn1.x500.X500Name)
SignatureType(org.kse.crypto.signing.SignatureType)
CryptoException(org.kse.crypto.CryptoException)
Date(java.util.Date)
X509CertificateGenerator(org.kse.crypto.x509.X509CertificateGenerator)
DError(org.kse.gui.error.DError)
Example 82 with X500Name
use of sun.security.x509.X500Name in project spring-cloud-digital-sign by SpringForAll.
the class ServerPKCSUtil method genCsr.
/**
* genCsr
*
* @param alg0 alg
* 密钥算法
* @return
*/
public static String genCsr(String alg0) {
if ("".equals(alg0)) {
alg = alg0;
}
// 产生秘钥对
KeyPairGenerator kpg = null;
try {
kpg = KeyPairGenerator.getInstance(alg);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
// 根据秘钥算法配置秘钥长度
if ("SM2".equalsIgnoreCase(alg)) {
kpg.initialize(256);
} else {
kpg.initialize(2048);
}
KeyPair kp = kpg.generateKeyPair();
securityKP = kp;
// 获取公钥以及公钥算法
byte[] publickey = kp.getPublic().getEncoded();
String pubAlg = kp.getPublic().getAlgorithm();
String sAlg = null;
try {
sAlg = AlgorithmId.get(pubAlg).getOID().toString();
} catch (NoSuchAlgorithmException e) {
}
SubjectPublicKeyInfo spki = null;
// 区分SM2和RSA
if (sAlg.equals("1.2.156.10197.1.301")) {
spki = SubjectPublicKeyInfo.getInstance(publickey);
} else {
spki = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(publickey));
}
String subject = "CN=defaultName";
X500Name x500 = new X500Name(subject);
// 产生csr构造器
PKCS10CertificationRequestBuilder prb = new PKCS10CertificationRequestBuilder(x500, spki);
// 构建签名信息
ContentSigner signer = null;
PrivateKey privateKey = kp.getPrivate();
Signature sign = null;
try {
if (privateKey.getAlgorithm().equals("SM2")) {
sign = Signature.getInstance("SM3withSM2");
} else {
sign = Signature.getInstance("SHA1withRSA");
}
sign.initSign(privateKey);
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
} catch (InvalidKeyException e) {
e.printStackTrace();
}
final Signature sign1 = sign;
signer = new ContentSigner() {
ByteArrayOutputStream originStream = new ByteArrayOutputStream();
public byte[] getSignature() {
try {
sign1.update(originStream.toByteArray());
return sign1.sign();
} catch (SignatureException e) {
throw new RuntimeException(e);
}
}
public OutputStream getOutputStream() {
return originStream;
}
public AlgorithmIdentifier getAlgorithmIdentifier() {
try {
return new AlgorithmIdentifier(AlgorithmId.get(sign1.getAlgorithm()).getOID().toString());
} catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
}
};
PKCS10CertificationRequestHolder pr = prb.build(signer);
try {
return new String(Base64.encode(pr.getEncoded()));
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
Also used :
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
OutputStream(java.io.OutputStream)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ContentSigner(org.bouncycastle.operator.ContentSigner)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
KeyPairGenerator(java.security.KeyPairGenerator)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
X500Name(org.bouncycastle.asn1.x500.X500Name)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
SignatureException(java.security.SignatureException)
IOException(java.io.IOException)
InvalidKeyException(java.security.InvalidKeyException)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
PKCS10CertificationRequestHolder(org.bouncycastle.pkcs.PKCS10CertificationRequestHolder)
Signature(java.security.Signature)
Example 83 with X500Name
use of sun.security.x509.X500Name in project spring-cloud-digital-sign by SpringForAll.
the class DistinguishNameBuilder method build.
public CertificateBuilder build() throws IOException, CertificateException {
String dn = stringBuilder.toString();
X500Name owner = new X500Name(dn.substring(0, dn.length() - 1));
X509CertInfo info = certificateBuilder.getInfo();
info.set(X509CertInfo.SUBJECT, owner);
info.set(X509CertInfo.ISSUER, owner);
return certificateBuilder;
}
Also used :
X509CertInfo(sun.security.x509.X509CertInfo)
X500Name(sun.security.x509.X500Name)
Example 84 with X500Name
use of sun.security.x509.X500Name in project Pix-Art-Messenger by kriztan.
the class CryptoHelper method extractCertificateInformation.
public static Bundle extractCertificateInformation(X509Certificate certificate) {
Bundle information = new Bundle();
try {
JcaX509CertificateHolder holder = new JcaX509CertificateHolder(certificate);
X500Name subject = holder.getSubject();
try {
information.putString("subject_cn", subject.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
} catch (Exception e) {
// ignored
}
try {
information.putString("subject_o", subject.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
} catch (Exception e) {
// ignored
}
X500Name issuer = holder.getIssuer();
try {
information.putString("issuer_cn", issuer.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
} catch (Exception e) {
// ignored
}
try {
information.putString("issuer_o", issuer.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
} catch (Exception e) {
// ignored
}
try {
information.putString("sha1", getFingerprintCert(certificate.getEncoded()));
} catch (Exception e) {
}
return information;
} catch (CertificateEncodingException e) {
return information;
}
}
Also used :
Bundle(android.os.Bundle)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X500Name(org.bouncycastle.asn1.x500.X500Name)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
InvalidJidException(de.pixart.messenger.xmpp.jid.InvalidJidException)
CertificateParsingException(java.security.cert.CertificateParsingException)
MalformedURLException(java.net.MalformedURLException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
Example 85 with X500Name
use of sun.security.x509.X500Name in project Pix-Art-Messenger by kriztan.
the class CryptoHelper method extractJidAndName.
public static Pair<Jid, String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
List<String> emails = new ArrayList<>();
if (alternativeNames != null) {
for (List<?> san : alternativeNames) {
Integer type = (Integer) san.get(0);
if (type == 1) {
emails.add((String) san.get(1));
}
}
}
X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
if (emails.size() == 0 && x500name.getRDNs(BCStyle.EmailAddress).length > 0) {
emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
}
String name = x500name.getRDNs(BCStyle.CN).length > 0 ? IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()) : null;
if (emails.size() >= 1) {
return new Pair<>(Jid.fromString(emails.get(0)), name);
} else if (name != null) {
try {
Jid jid = Jid.fromString(name);
if (jid.isBareJid() && !jid.isDomainJid()) {
return new Pair<>(jid, null);
}
} catch (InvalidJidException e) {
return null;
}
}
return null;
}
Also used :
Jid(de.pixart.messenger.xmpp.jid.Jid)
InvalidJidException(de.pixart.messenger.xmpp.jid.InvalidJidException)
ArrayList(java.util.ArrayList)
X500Name(org.bouncycastle.asn1.x500.X500Name)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
ArrayList(java.util.ArrayList)
List(java.util.List)
Pair(android.util.Pair)
Aggregations
X500Name (org.bouncycastle.asn1.x500.X500Name)214
X509Certificate (java.security.cert.X509Certificate)94
BigInteger (java.math.BigInteger)69
Date (java.util.Date)69
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)59
X500Name (sun.security.x509.X500Name)55
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)54
ContentSigner (org.bouncycastle.operator.ContentSigner)53
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)51
IOException (java.io.IOException)50
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)48
KeyPair (java.security.KeyPair)42
SubjectPublicKeyInfo (org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)37
PrivateKey (java.security.PrivateKey)36
RDN (org.bouncycastle.asn1.x500.RDN)35
GeneralName (org.bouncycastle.asn1.x509.GeneralName)34
KeyPairGenerator (java.security.KeyPairGenerator)32
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)32
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)30
CertificateException (java.security.cert.CertificateException)29
