Package org.bouncycastle.cert.jcajce

Examples of org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder.build()


      certGen.addExtension(X509Extension.basicConstraints, false,
          new BasicConstraints(0));
      // convert the certificate to a standard one
      final X509Certificate cert = new JcaX509CertificateConverter()
          .setProvider(BouncyCastleProvider.PROVIDER_NAME)
          .getCertificate(certGen.build(sigGen));

      cert.checkValidity(new Date());

      // build key store
      final KeyStore ks = KeyStore.getInstance(KEY_STORE_TYPE,
View Full Code Here


    certGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(isCertAuthority));
    certGen.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(signerPublicKey));
    if (isCertAuthority) {
      certGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign));
    }
    X509CertificateHolder cert = certGen.build(new JcaContentSignerBuilder(signingAlgorithm).build(signerPrivateKey));
    return new X509CertificateObject(cert.toASN1Structure());
  }

  static Certificate findCert(KeyStore keyStore) throws KeyStoreException {
    Enumeration<String> aliases = keyStore.aliases();
View Full Code Here

  try {
      signer = new JcaContentSignerBuilder("SHA1withRSA").build(priKey);
  } catch (OperatorCreationException e) {
      throw new Exception(e);
  }
  X509CertificateHolder holder = builder.build(signer);
  return new JcaX509CertificateConverter().getCertificate(holder);
    }

    @Override
    protected List<X509Certificate> doEnrol(PKCS10CertificationRequest csr,
View Full Code Here

      Date notAfter = cal.getTime();
      X500Name subject = issuer;
      PublicKey publicKey = idPair.getPublic();
      JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(
          issuer, serial, notBefore, notAfter, subject, publicKey);
      X509CertificateHolder idHolder = certBuilder.build(signerBuilder
          .build(idPair.getPrivate()));
      // Convert Bouncy Castle representation of X509Certificate into
      // something usable
      X509Certificate id = (X509Certificate) CertificateFactory.getInstance(
          "X509").generateCertificate(
View Full Code Here

    this.addV3CAExtensions(builder, request);

    // builder.addExtension(MiscObjectIdentifiers.netscapeCertType, false, new
    // NetscapeCertType(NetscapeCertType.objectSigning | NetscapeCertType.smime));

    X509CertificateHolder holder = builder.build(contentSigner);

    X509Certificate certificate = (X509Certificate) Certificates.get(holder.getEncoded());

    if ((request.getIssuerPrivateKey() != null) && (request.getIssuerCertificate() != null)) {
      certificate.verify(request.getIssuerCertificate().getPublicKey());
View Full Code Here

        builder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);

        SubjectKeyIdentifierStructure subjectKeyIdentifierStructure = new SubjectKeyIdentifierStructure(keyPair.getPublic());
        builder.addExtension(X509Extension.subjectKeyIdentifier, false, subjectKeyIdentifierStructure);

        X509CertificateHolder holder = builder.build(contentSigner);

        certificate = (X509Certificate) SecurityUtils.getCertificateFromFile(holder.getEncoded(), CertificateType.X509);
        privateKey = keyPair.getPrivate();
      } else {
        JcaX509v1CertificateBuilder builder = new JcaX509v1CertificateBuilder(this.toX500Name(issuer), serialNumber, notBefore, notAfter, this.toX500Name(subject), keyPair.getPublic());
View Full Code Here

        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(signType.getAlgorithm());
        contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
        ContentSigner contentSigner = contentSignerBuilder.build(keyPair.getPrivate());

        X509CertificateHolder holder = builder.build(contentSigner);

        certificate = (X509Certificate) SecurityUtils.getCertificateFromFile(holder.getEncoded(), CertificateType.X509);
        privateKey = keyPair.getPrivate();
      }
View Full Code Here

      }

      ContentSigner caSigner = new JcaContentSignerBuilder(SIGNING_ALGORITHM)
          .setProvider(BC).build(caPrivateKey);
      X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC)
          .getCertificate(certBuilder.build(caSigner));

      cert.checkValidity(new Date());
      cert.verify(caCert.getPublicKey());

      // Save to keystore
View Full Code Here

      caBuilder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caPair.getPublic()));
      caBuilder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(true));
      caBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));

      JcaX509CertificateConverter converter = new JcaX509CertificateConverter().setProvider(BC);
      X509Certificate cert = converter.getCertificate(caBuilder.build(caSigner));

      // confirm the validity of the CA certificate
      cert.checkValidity(new Date());
      cert.verify(cert.getPublicKey());
View Full Code Here

        certBuilder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
      }

      ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);

      X509Certificate userCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certBuilder.build(signer));
      PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)pair.getPrivate();
      bagAttr.setBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId,
          extUtils.createSubjectKeyIdentifier(pair.getPublic()));

      // confirm the validity of the user certificate
View Full Code Here

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.