Examples of org.bouncycastle.jce.PKCS10CertificationRequest

org.bouncycastle.jce.PKCS10CertificationRequest

A class for verifying and creating PKCS10 Certification requests.

 CertificationRequest ::= SEQUENCE { certificationRequestInfo  CertificationRequestInfo, signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }}, signature                 BIT STRING } CertificationRequestInfo ::= SEQUENCE { version             INTEGER { v1(0) } (v1,...), subject             Name, subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }}, attributes          [0] Attributes{{ CRIAttributes }} } Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }} Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE { type    ATTRIBUTE.&id({IOSet}), values  SET SIZE(1..MAX) OF ATTRIBUTE.&Type({IOSet}{\@type}) }

        if (additionalParameters == null) {
            additionalParameters = new HashMap();
        }
        try {
            KeyPair keyPair = generateKeyPair();
            PKCS10CertificationRequest certReq = createCertRequest(keyPair);
            OA4MPResponse mpdsResponse = new OA4MPResponse();
            mpdsResponse.setPrivateKey(keyPair.getPrivate());
            additionalParameters.put(ClientEnvironment.CERT_REQUEST_KEY, Base64.encodeBase64String(certReq.getDEREncoded()));


            if (additionalParameters.get(getEnvironment().getConstants().get(CALLBACK_URI_KEY)) == null) {
                additionalParameters.put(getEnvironment().getConstants().get(CALLBACK_URI_KEY), getEnvironment().
                        getCallback().toString());
            }

View Full Code Here

        order.addElement(X509Principal.ST);
        order.addElement(X509Principal.EmailAddress);


        X509Name    subject = new X509Name(order, attrs);


        PKCS10CertificationRequest req1 = new PKCS10CertificationRequest(
                                                    sigName,
                                                    subject,
                                                    kp.getPublic(),
                                                    null,
                                                    kp.getPrivate(), provider);
                            
        byte[]  bytes = req1.getEncoded();


        PKCS10CertificationRequest req2 = new PKCS10CertificationRequest(bytes);


        if (!req2.verify(provider))
        {
            fail(sigName + ": Failed verify check.");
        }


        if (!req2.getPublicKey(provider).equals(req1.getPublicKey(provider)))
        {
            fail(keyName + ": Failed public key check.");
        }
    }

View Full Code Here

        KeyPair pair = ecGen.generateKeyPair();


        privKey = pair.getPrivate();
        pubKey = pair.getPublic();


        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC.");
        }


        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC encoded.");
        }
        
        //
        // try with point compression turned off
        //
        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
        
        req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC uncompressed.");
        }
        
        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC uncompressed encoded.");
        }
        
        if (!req.getSignatureAlgorithm().getObjectId().equals(algOid))
        {
            fail("ECDSA oid incorrect.");
        }
        
        if (req.getSignatureAlgorithm().getParameters() != null)
        {
            fail("ECDSA parameters incorrect.");
        }
        
        Signature sig = Signature.getInstance(algorithm, "BC");
        
        sig.initVerify(pubKey);
        
        sig.update(req.getCertificationRequestInfo().getEncoded());
        
        if (!sig.verify(req.getSignature().getBytes()))
        {
            fail("signature not mapped correctly.");
        }
    }

View Full Code Here

        KeyFactory     fact = KeyFactory.getInstance("ECDSA", "BC");


        privKey = fact.generatePrivate(privKeySpec);
        pubKey = fact.generatePublic(pubKeySpec);


        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC.");
        }


        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC encoded.");
        }


        //
        // try with point compression turned off
        //
        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");


        req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC uncompressed.");
        }


        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC uncompressed encoded.");
        }


        if (!req.getSignatureAlgorithm().getObjectId().equals(algOid))
        {
            fail("ECDSA oid incorrect.");
        }


        if (req.getSignatureAlgorithm().getParameters() != null)
        {
            fail("ECDSA parameters incorrect.");
        }


        Signature sig = Signature.getInstance(algorithm, "BC");


        sig.initVerify(pubKey);


        sig.update(req.getCertificationRequestInfo().getEncoded());


        if (!sig.verify(req.getSignature().getBytes()))
        {
            fail("signature not mapped correctly.");
        }
    }

View Full Code Here

        //
        KeyPair             pair = ecGostKpg.generateKeyPair();
        PrivateKey          privKey = pair.getPrivate();
        PublicKey           pubKey = pair.getPublic();


        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC.");
        }


        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC encoded.");
        }


        if (!req.getSignatureAlgorithm().getObjectId().equals(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001))
        {
            fail("ECGOST oid incorrect.");
        }


        if (req.getSignatureAlgorithm().getParameters() != null)
        {
            fail("ECGOST parameters incorrect.");
        }


        Signature sig = Signature.getInstance(algorithm, "BC");


        sig.initVerify(pubKey);


        sig.update(req.getCertificationRequestInfo().getEncoded());


        if (!sig.verify(req.getSignature().getBytes()))
        {
            fail("signature not mapped correctly.");
        }
    }

View Full Code Here

        KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");


        PrivateKey privKey = fact.generatePrivate(privKeySpec);
        PublicKey pubKey = fact.generatePublic(pubKeySpec);


        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check PSS.");
        }


        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check PSS encoded.");
        }


        if (!req.getSignatureAlgorithm().getObjectId().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
        {
            fail("PSS oid incorrect.");
        }


        if (req.getSignatureAlgorithm().getParameters() == null)
        {
            fail("PSS parameters incorrect.");
        }


        Signature sig = Signature.getInstance(algorithm, "BC");


        sig.initVerify(pubKey);


        sig.update(req.getCertificationRequestInfo().getEncoded());


        if (!sig.verify(req.getSignature().getBytes()))
        {
            fail("signature not mapped correctly.");
        }
    }

View Full Code Here

        values.add(ski);


        Attribute attribute = new Attribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
            new DERSet(new X509Extensions(oids, values)));
        
        PKCS10CertificationRequest p1 = new PKCS10CertificationRequest(
            "SHA1WithRSA", new X509Principal("cn=csr"),
            pair.getPublic(), new DERSet(attribute), pair.getPrivate(), "BC");
        PKCS10CertificationRequest p2 = new PKCS10CertificationRequest(
            "SHA1WithRSA", new X509Principal("cn=csr"),
            pair.getPublic(), new DERSet(attribute), pair.getPrivate(), "BC");


        if (!p1.equals(p2))
        {

View Full Code Here

        {
            generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign"); 
        }
        
        // elliptic curve GOST A parameter set
        PKCS10CertificationRequest req = new PKCS10CertificationRequest(gost3410EC_A);
        if (!req.verify())
        {
            fail("Failed verify check gost3410EC_A.");
        }


        // elliptic curve GOST B parameter set
        req = new PKCS10CertificationRequest(gost3410EC_B);
        if (!req.verify())
        {
            fail("Failed verify check gost3410EC_B.");
        }


        // elliptic curve GOST C parameter set
        req = new PKCS10CertificationRequest(gost3410EC_C);
        if (!req.verify())
        {
            fail("Failed verify check gost3410EC_C.");
        }
        
        // elliptic curve GOST ExA parameter set
        req = new PKCS10CertificationRequest(gost3410EC_ExA);
        if (!req.verify())
        {
            fail("Failed verify check gost3410EC_ExA.");
        }


        // elliptic curve GOST ExB parameter set
        req = new PKCS10CertificationRequest(gost3410EC_ExB);
        if (!req.verify())
        {
            fail("Failed verify check gost3410EC_ExA.");
        }


        // elliptic curve openSSL
        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");


        ECCurve curve = new ECCurve.Fp(
            new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b


        ECParameterSpec ecSpec = new ECParameterSpec(
            curve,
            curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
            new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n


        g.initialize(ecSpec, new SecureRandom());


        KeyPair kp = g.generateKeyPair();


        req = new PKCS10CertificationRequest(
                "ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.getPublic(), null, kp.getPrivate());
        if (!req.verify())
        {
            fail("Failed verify check EC.");
        }
        
        createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);

View Full Code Here

        attrs.put(X509Principal.ST, "Victoria");
        attrs.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org");


        X509Name    subject = new X509Name(attrs);


        PKCS10CertificationRequest req1 = new PKCS10CertificationRequest(
                                                    sigName,
                                                    subject,
                                                    kp.getPublic(),
                                                    null,
                                                    kp.getPrivate(), provider);
                            
        byte[]  bytes = req1.getEncoded();


        PKCS10CertificationRequest req2 = new PKCS10CertificationRequest(bytes);


        if (!req2.verify(provider))
        {
            fail(sigName + ": Failed verify check.");
        }


        if (!req2.getPublicKey(provider).equals(req1.getPublicKey(provider)))
        {
            fail(keyName + ": Failed public key check.");
        }
    }

View Full Code Here

        KeyFactory     fact = KeyFactory.getInstance("ECDSA", "BC");


        privKey = fact.generatePrivate(privKeySpec);
        pubKey = fact.generatePublic(pubKeySpec);


        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC.");
        }


        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC encoded.");
        }
        
        //
        // try with point compression turned off
        //
        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
        
        req = new PKCS10CertificationRequest(
                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
        if (!req.verify())
        {
            fail("Failed verify check EC uncompressed.");
        }
        
        req = new PKCS10CertificationRequest(req.getEncoded());
        if (!req.verify())
        {
            fail("Failed verify check EC uncompressed encoded.");
        }
        
        if (!req.getSignatureAlgorithm().getObjectId().equals(algOid))
        {
            fail("ECDSA oid incorrect.");
        }
        
        if (req.getSignatureAlgorithm().getParameters() != null)
        {
            fail("ECDSA parameters incorrect.");
        }
        
        Signature sig = Signature.getInstance(algorithm, "BC");
        
        sig.initVerify(pubKey);
        
        sig.update(req.getCertificationRequestInfo().getEncoded());
        
        if (!sig.verify(req.getSignature().getBytes()))
        {
            fail("signature not mapped correctly.");
        }
    }

View Full Code Here

0 1 2 3 4 5 6 7

TOP

Related Classes of org.bouncycastle.jce.PKCS10CertificationRequest

jp.go.aist.sot.client.security.CsrVerifierUtil

jp.go.aist.sot.client.security.ProxyCertGenerator

org.apache.airavata.credential.store.servlet.CredentialStoreOA4MPServer

org.apache.clerezza.ssl.keygen.bouncy.BouncyKeygenService

org.bouncycastle.asn1.ASN1Encodable

org.bouncycastle.asn1.ASN1InputStream

org.bouncycastle.asn1.ASN1Integer

org.bouncycastle.asn1.ASN1Sequence

org.bouncycastle.asn1.DERBitString

org.bouncycastle.asn1.DEREncodable

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.