Package eu.emi.security.authn.x509

Examples of eu.emi.security.authn.x509.X509CertChainValidatorExt


        String keyLengthProp = "1024";
        int keyLength = Integer.parseInt(keyLengthProp);
        String signatureAlgorithm = "SHA1withRSA";

        KeyAndCertCredential caCred = getCACredential(caCertPath, caKeyPath, caPwd);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance(caCred.getKey().getAlgorithm());
        kpg.initialize(keyLength);
        KeyPair pair = kpg.generateKeyPair();

        X500Principal subjectDN = new X500Principal(userDN);
        Random rand = new Random();

        SubjectPublicKeyInfo publicKeyInfo;
        try {
            publicKeyInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(pair.getPublic().getEncoded())
                    .readObject());
        } catch (IOException e) {
            throw new InvalidKeyException("Can not parse the public key"
                    + "being included in the short lived certificate", e);
        }

        X500Name issuerX500Name = CertificateHelpers.toX500Name(caCred.getCertificate().getSubjectX500Principal());

        X500Name subjectX500Name = CertificateHelpers.toX500Name(subjectDN);

        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(issuerX500Name, new BigInteger(20, rand),
                new Date(startTime), new Date(endTime), subjectX500Name, publicKeyInfo);

        AlgorithmIdentifier sigAlgId = X509v3CertificateBuilder.extractAlgorithmId(caCred.getCertificate());

        X509Certificate certificate = certBuilder.build(caCred.getKey(), sigAlgId, signatureAlgorithm, null, null);

        certificate.checkValidity(new Date());
        certificate.verify(caCred.getCertificate().getPublicKey());
        KeyAndCertCredential result = new KeyAndCertCredential(pair.getPrivate(), new X509Certificate[] { certificate,
                caCred.getCertificate() });

        return result;
    }
View Full Code Here


        if (isKey != null)
            isKey.close();
        if (isCert != null)
            isCert.close();

        return new KeyAndCertCredential(pk, new X509Certificate[] { caCert });
    }
View Full Code Here

            }

            String userDN = userID.replaceAll("^\"|\"$", "");

            // TODO: should be changed to default airavata server locations
            KeyAndCertCredential cred = generateShortLivedCertificate(userDN, certLocation
                    + "/cacert.pem", certLocation
                    + "/cakey.pem", "ultrascan3");
            secProperties = new DefaultClientConfiguration(dcValidator, cred);

            // secProperties.doSSLAuthn();
View Full Code Here

        String keyLengthProp = "1024";
        int keyLength = Integer.parseInt(keyLengthProp);
        String signatureAlgorithm = "SHA1withRSA";

        KeyAndCertCredential caCred = getCACredential(caCertPath, caKeyPath, caPwd);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance(caCred.getKey().getAlgorithm());
        kpg.initialize(keyLength);
        KeyPair pair = kpg.generateKeyPair();

        X500Principal subjectDN = new X500Principal(userDN);
        Random rand = new Random();

        SubjectPublicKeyInfo publicKeyInfo;
        try {
            publicKeyInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(pair.getPublic().getEncoded())
                    .readObject());
        } catch (IOException e) {
            throw new InvalidKeyException("Can not parse the public key"
                    + "being included in the short lived certificate", e);
        }

        X500Name issuerX500Name = CertificateHelpers.toX500Name(caCred.getCertificate().getSubjectX500Principal());

        X500Name subjectX500Name = CertificateHelpers.toX500Name(subjectDN);

        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(issuerX500Name, new BigInteger(20, rand),
                new Date(startTime), new Date(endTime), subjectX500Name, publicKeyInfo);

        AlgorithmIdentifier sigAlgId = X509v3CertificateBuilder.extractAlgorithmId(caCred.getCertificate());

        X509Certificate certificate = certBuilder.build(caCred.getKey(), sigAlgId, signatureAlgorithm, null, null);

        certificate.checkValidity(new Date());
        certificate.verify(caCred.getCertificate().getPublicKey());
        KeyAndCertCredential result = new KeyAndCertCredential(pair.getPrivate(), new X509Certificate[] { certificate,
                caCred.getCertificate() });

        return result;
    }
View Full Code Here

        if (isKey != null)
            isKey.close();
        if (isCert != null)
            isCert.close();

        return new KeyAndCertCredential(pk, new X509Certificate[] { caCert });
    }
View Full Code Here

      char[] c = null;
     
      DirectoryCertChainValidator dcValidator = new DirectoryCertChainValidator(trustedCert, Encoding.PEM, -1, 60000, null);
      bis = new ByteArrayInputStream(bos.toByteArray());
      bufis = new BufferedInputStream(bis);
      PEMCredential pem = new PEMCredential(bufis, c);
     
      secProperties = new DefaultClientConfiguration(dcValidator, pem);
      secProperties.doSSLAuthn();
     
      String[] outHandlers = secProperties.getOutHandlerClassNames();
View Full Code Here

      char[] c = null;
     
      DirectoryCertChainValidator dcValidator = new DirectoryCertChainValidator(trustedCert, Encoding.PEM, -1, 60000, null);
      bis = new ByteArrayInputStream(bos.toByteArray());
      bufis = new BufferedInputStream(bis);
      PEMCredential pem = new PEMCredential(bufis, c);
     
      secProperties = new DefaultClientConfiguration(dcValidator, pem);
      secProperties.doSSLAuthn();
     
      String[] outHandlers = secProperties.getOutHandlerClassNames();
View Full Code Here

      char[] c = null;
     
      DirectoryCertChainValidator dcValidator = new DirectoryCertChainValidator(trustedCert, Encoding.PEM, -1, 60000, null);
      bis = new ByteArrayInputStream(bos.toByteArray());
      bufis = new BufferedInputStream(bis);
      PEMCredential pem = new PEMCredential(bufis, c);
     
      secProperties = new DefaultClientConfiguration(dcValidator, pem);
      secProperties.doSSLAuthn();
     
      String[] outHandlers = secProperties.getOutHandlerClassNames();
View Full Code Here

     
      ConsolePasswordFinder pf = new ConsolePasswordFinder(prompt);
     
      try {
     
        new PEMCredential(new FileInputStream(keyFile),
          new FileInputStream(certFile), pf);
     
    } catch (Exception e) {
      log.error(e.getMessage(),e);
      throw new PAPException(e.getMessage(),e);
View Full Code Here

  }
 

  private KeyManager[] getKeymanagers() throws Exception {

    PEMCredential cred;

    if (proxyFile != null){
      cred = new PEMCredential(new FileInputStream(proxyFile), (char[])null);
    }else{

      if (keyPassword != null)
        cred = new PEMCredential(keyFile, certFile, keyPassword.toCharArray());
      else
        cred = new PEMCredential(keyFile, certFile, null);
    }

    return new KeyManager[] { cred.getKeyManager() };

  }
View Full Code Here

TOP

Related Classes of eu.emi.security.authn.x509.X509CertChainValidatorExt

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.