Package org.bouncycastle.operator

Examples of org.bouncycastle.operator.ContentSigner


    return response;
  }

  protected CertificateResponse buildV3Certificate(final BouncyCastleCertificateRequest request) throws OperatorCreationException, GeneralSecurityException, IOException {
    JcaX509v3CertificateBuilder builder = null;
    ContentSigner contentSigner = null;

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(request.getSignAlgorithm());
    contentSignerBuilder.setProvider(request.getProvider());

    if ((request.getIssuerPrivateKey() != null) && (request.getIssuerCertificate() != null)) {
View Full Code Here


      Certificate certificate = chain[0];

      JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SignatureType.SHA1_RSA.getAlgorithm());
      contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);

      ContentSigner contentSigner = contentSignerBuilder.build(privateKey);

      JcaDigestCalculatorProviderBuilder digestCalculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder();
      digestCalculatorProviderBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
      DigestCalculatorProvider digestCalculatorProvider = digestCalculatorProviderBuilder.build();
View Full Code Here

      if (this.v3) {
        JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(this.toX500Name(issuer), serialNumber, notBefore, notAfter, this.toX500Name(subject), keyPair.getPublic());

        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signType.getAlgorithm());
        contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        ContentSigner contentSigner = contentSignerBuilder.build(keyPair.getPrivate());

        if (this.keyUsage.size() > 0) {
          int usage = 0;
          for (KeyUsageType keyUsage : this.keyUsage) {
            usage = usage | this.toKeyUsage(keyUsage);
          }
          org.bouncycastle.asn1.x509.KeyUsage ku = new org.bouncycastle.asn1.x509.KeyUsage(usage);
          builder.addExtension(X509Extension.keyUsage, false, ku);
        }

        if (this.extendedKeyUsage.size() > 0) {
          Vector<DERObject> vector = new Vector<DERObject>();
          for (ExtendedKeyUsageType keyUsageType : this.extendedKeyUsage) {
            KeyPurposeId keyPurposeId = this.toExtendedKeyUsage(keyUsageType);
            if (keyPurposeId != null) {
              vector.add(keyPurposeId);
            }
          }
          if (vector.size() > 0) {
            org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = new org.bouncycastle.asn1.x509.ExtendedKeyUsage(vector);
            builder.addExtension(X509Extension.extendedKeyUsage, true, extendedKeyUsage);
          } else {
            org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = new org.bouncycastle.asn1.x509.ExtendedKeyUsage(KeyPurposeId.anyExtendedKeyUsage);
            builder.addExtension(X509Extension.extendedKeyUsage, false, extendedKeyUsage);
          }
        } else {
          org.bouncycastle.asn1.x509.ExtendedKeyUsage extendedKeyUsage = new org.bouncycastle.asn1.x509.ExtendedKeyUsage(KeyPurposeId.anyExtendedKeyUsage);
          builder.addExtension(X509Extension.extendedKeyUsage, false, extendedKeyUsage);
        }

        GeneralNames subjectAltName = new GeneralNames(new GeneralName(GeneralName.rfc822Name, subject));
        builder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);

        SubjectKeyIdentifierStructure subjectKeyIdentifierStructure = new SubjectKeyIdentifierStructure(keyPair.getPublic());
        builder.addExtension(X509Extension.subjectKeyIdentifier, false, subjectKeyIdentifierStructure);

        X509CertificateHolder holder = builder.build(contentSigner);

        certificate = (X509Certificate) SecurityUtils.getCertificateFromFile(holder.getEncoded(), CertificateType.X509);
        privateKey = keyPair.getPrivate();
      } else {
        JcaX509v1CertificateBuilder builder = new JcaX509v1CertificateBuilder(this.toX500Name(issuer), serialNumber, notBefore, notAfter, this.toX500Name(subject), keyPair.getPublic());

        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signType.getAlgorithm());
        contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        ContentSigner contentSigner = contentSignerBuilder.build(keyPair.getPrivate());

        X509CertificateHolder holder = builder.build(contentSigner);

        certificate = (X509Certificate) SecurityUtils.getCertificateFromFile(holder.getEncoded(), CertificateType.X509);
        privateKey = keyPair.getPrivate();
View Full Code Here

        ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>(1);
        certList.add(publicKey);
        JcaCertStore certs = new JcaCertStore(certList);

        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
        ContentSigner signer = new JcaContentSignerBuilder(getSignatureAlgorithm(publicKey))
            .setProvider(sBouncyCastleProvider)
            .build(privateKey);
        gen.addSignerInfoGenerator(
            new JcaSignerInfoGeneratorBuilder(
                new JcaDigestCalculatorProviderBuilder()
View Full Code Here

      if (altNames.size() > 0) {
        GeneralNames subjectAltName = new GeneralNames(altNames.toArray(new GeneralName [altNames.size()]));
        certBuilder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
      }

      ContentSigner caSigner = new JcaContentSignerBuilder(SIGNING_ALGORITHM)
          .setProvider(BC).build(caPrivateKey);
      X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC)
          .getCertificate(certBuilder.build(caSigner));

      cert.checkValidity(new Date());
View Full Code Here

   */
  public static X509Certificate newCertificateAuthority(X509Metadata metadata, File storeFile, X509Log x509log) {
    try {
      KeyPair caPair = newKeyPair();

      ContentSigner caSigner = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPair.getPrivate());

      // clone metadata
      X509Metadata caMetadata = metadata.clone(CA_CN, metadata.password);
      X500Name issuerDN = buildDistinguishedName(caMetadata);

View Full Code Here

      X500Name issuerDN = new X500Name(PrincipalUtil.getIssuerX509Principal(caCert).getName());
      X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(issuerDN, new Date());

      // build and sign CRL with CA private key
      ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);
      X509CRLHolder crl = crlBuilder.build(signer);

      File tmpFile = new File(caRevocationList.getParentFile(), Long.toHexString(System.currentTimeMillis()) + ".tmp");
      FileOutputStream fos = null;
      try {
View Full Code Here

        GeneralNames subjectAltName = new GeneralNames(
                    new GeneralName(GeneralName.rfc822Name, clientMetadata.emailAddress));
        certBuilder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
      }

      ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);

      X509Certificate userCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certBuilder.build(signer));
      PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)pair.getPrivate();
      bagAttr.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId,
          extUtils.createSubjectKeyIdentifier(pair.getPublic()));
View Full Code Here

        crlBuilder.addCRL(crl);
      }
      crlBuilder.addCRLEntry(cert.getSerialNumber(), new Date(), reason.ordinal());

      // build and sign CRL with CA private key
      ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(BC).build(caPrivateKey);
      X509CRLHolder crl = crlBuilder.build(signer);

      File tmpFile = new File(caRevocationList.getParentFile(), Long.toHexString(System.currentTimeMillis()) + ".tmp");
      FileOutputStream fos = null;
      try {
View Full Code Here

                                    * 30), new Date(System.currentTimeMillis()
                            + (1000L * 60 * 60 * 24 * 365 * 10)), new X500Name(
                            "CN=0.0.0.0, OU=None, O=None, L=None, C=None"),
                    SubjectPublicKeyInfo.getInstance(kp.getPublic()
                            .getEncoded()));
            ContentSigner signer = new JcaContentSignerBuilder(
                    "SHA256WithRSAEncryption").build(kp.getPrivate());
            Certificate certificate = new JcaX509CertificateConverter()
                    .getCertificate(v3CertGen.build(signer));

            final KeyStore keystore = KeyStore.getInstance(KeyStore
View Full Code Here

TOP

Related Classes of org.bouncycastle.operator.ContentSigner

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.