• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    公众号

Java BcRSAContentSignerBuilder类代码示例

原作者: [db:作者] 来自: [db:来源] 收藏 邀请

本文整理汇总了Java中org.bouncycastle.operator.bc.BcRSAContentSignerBuilder的典型用法代码示例。如果您正苦于以下问题:Java BcRSAContentSignerBuilder类的具体用法?Java BcRSAContentSignerBuilder怎么用?Java BcRSAContentSignerBuilder使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。



BcRSAContentSignerBuilder类属于org.bouncycastle.operator.bc包,在下文中一共展示了BcRSAContentSignerBuilder类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Java代码示例。

示例1: generate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public X509Certificate generate(String dn, KeyPair keyPair) throws CertificateException {
    try {
        Security.addProvider(new BouncyCastleProvider());
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
        AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
        SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
        X500Name name = new X500Name(dn);
        Date from = new Date();
        Date to = new Date(from.getTime() + days * 86400000L);
        BigInteger sn = new BigInteger(64, new SecureRandom());
        X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);

        if (subjectAltName != null)
            v3CertGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
        X509CertificateHolder certificateHolder = v3CertGen.build(sigGen);
        return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
    } catch (CertificateException ce) {
        throw ce;
    } catch (Exception e) {
        throw new CertificateException(e);
    }
}
 
开发者ID:YMCoding,项目名称:kafka-0.11.0.0-src-with-comment,代码行数:25,代码来源:TestSslUtils.java


示例2: generateCertificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
/**
 * Create a self-signed X.509 Certificate.
 * From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
 *
 * @param dn        the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
 * @param pair      the KeyPair
 * @param days      how many days from now the Certificate is valid for
 * @param algorithm the signing algorithm, eg "SHA1withRSA"
 * @return the self-signed certificate
 * @throws CertificateException thrown if a security error or an IO error occurred.
 */
public static X509Certificate generateCertificate(String dn, KeyPair pair,
                                                  int days, String algorithm)
    throws CertificateException {

  try {
    Security.addProvider(new BouncyCastleProvider());
    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
    AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
    SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
    X500Name name = new X500Name(dn);
    Date from = new Date();
    Date to = new Date(from.getTime() + days * 86400000L);
    BigInteger sn = new BigInteger(64, new SecureRandom());

    X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
    X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
    return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
  } catch (CertificateException ce) {
    throw ce;
  } catch (Exception e) {
    throw new CertificateException(e);
  }
}
 
开发者ID:becketqin,项目名称:likafka-clients,代码行数:37,代码来源:TestSslUtils.java


示例3: generateCertificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
/**
 * Create a self-signed X.509 Certificate.
 * From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
 *
 * @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
 * @param pair the KeyPair
 * @param days how many days from now the Certificate is valid for
 * @param algorithm the signing algorithm, eg "SHA1withRSA"
 * @return the self-signed certificate
 * @throws CertificateException thrown if a security error or an IO error occurred.
 */
public static X509Certificate generateCertificate(String dn, KeyPair pair,
                                                  int days, String algorithm)
    throws  CertificateException {

    try {
        Security.addProvider(new BouncyCastleProvider());
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
        AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
        SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
        X500Name name = new X500Name(dn);
        Date from = new Date();
        Date to = new Date(from.getTime() + days * 86400000L);
        BigInteger sn = new BigInteger(64, new SecureRandom());

        X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
        X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
        return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
    } catch (CertificateException ce) {
        throw ce;
    } catch (Exception e) {
        throw new CertificateException(e);
    }
}
 
开发者ID:txazo,项目名称:kafka,代码行数:37,代码来源:TestSslUtils.java


示例4: makeV1Certificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public static X509CertificateHolder makeV1Certificate(AsymmetricCipherKeyPair subKP, String _subDN, AsymmetricCipherKeyPair issKP, String _issDN)
    throws IOException, OperatorCreationException
{
    RSAKeyParameters lwPubKey = (RSAKeyParameters)subKP.getPublic();

    X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(
        new X500Name(_issDN),
        allocateSerialNumber(),
        new Date(System.currentTimeMillis()),
        new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
        new X500Name(_subDN),
        new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(lwPubKey.getModulus(), lwPubKey.getExponent()))
    );

    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);

    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build((AsymmetricKeyParameter)issKP.getPrivate());


    return v1CertGen.build(sigGen);
}
 
开发者ID:ttt43ttt,项目名称:gwt-crypto,代码行数:23,代码来源:CMSTestUtil.java


示例5: makeCertificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public static X509CertificateHolder makeCertificate(AsymmetricCipherKeyPair subKP, String _subDN, AsymmetricCipherKeyPair issKP, String _issDN, boolean _ca)
    throws IOException, OperatorCreationException
{
    RSAKeyParameters lwPubKey = (RSAKeyParameters)subKP.getPublic();

    X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(
        new X500Name(_issDN),
        allocateSerialNumber(),
        new Date(System.currentTimeMillis()),
        new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
        new X500Name(_subDN),
        new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(lwPubKey.getModulus(), lwPubKey.getExponent()))
    );

    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);

    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build((AsymmetricKeyParameter)issKP.getPrivate());

    v3CertGen.addExtension(
        X509Extension.basicConstraints,
        false,
        new BasicConstraints(_ca));

    return v3CertGen.build(sigGen);
}
 
开发者ID:ttt43ttt,项目名称:gwt-crypto,代码行数:27,代码来源:CMSTestUtil.java


示例6: generateCertificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public X509Certificate generateCertificate(PKCS10CertificationRequest csr, BigInteger serial, int expireDays) throws NoSuchProviderException, NoSuchAlgorithmException, IOException, OperatorCreationException, CertificateException {
    AlgorithmIdentifier sigAlgorithmId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA512WithRSAEncryption");
    AlgorithmIdentifier digestAlgorithmId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgorithmId);

    X509CertificateHolder caCert = readCertificate();
    System.out.println(caCert.getSubject());

    LocalDateTime startDate = LocalDate.now().atStartOfDay();
    X509v3CertificateBuilder builder= new X509v3CertificateBuilder(
            caCert.getSubject(),
            serial,
            Date.from(startDate.atZone(ZoneId.systemDefault()).toInstant()),
            Date.from(startDate.plusDays(expireDays).atZone(ZoneId.systemDefault()).toInstant()),
            csr.getSubject(),
            SubjectPublicKeyInfo.getInstance(csr.getSubjectPublicKeyInfo()));

    AsymmetricKeyParameter caPrivateKeyParameters = readKey(keyPath);
    ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgorithmId, digestAlgorithmId)
            .build(caPrivateKeyParameters);
    X509CertificateHolder holder = builder.build(contentSigner);
    return new JcaX509CertificateConverter().setProvider("BC").getCertificate(holder);
}
 
开发者ID:kawasima,项目名称:occupy-pub,代码行数:23,代码来源:CertificationAuthority.java


示例7: generateCertificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
/**
 * Create a self-signed X.509 Certificate.
 * From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
 *
 * @param dn the X.509 Distinguished Name, eg "CN(commonName)=Test, O(organizationName)=Org"
 * @param pair the KeyPair
 * @param days how many days from now the Certificate is valid for
 * @param algorithm the signing algorithm, eg "SHA1withRSA"
 * @return the self-signed certificate
 * @throws java.security.cert.CertificateException thrown if a security error or an IO error ocurred.
 */
public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm)
    throws CertificateException {
  try {
    Security.addProvider(new BouncyCastleProvider());
    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
    AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
    SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
    X500Name name = new X500Name(dn);
    Date from = new Date();
    Date to = new Date(from.getTime() + days * 86400000L);
    BigInteger sn = new BigInteger(64, new SecureRandom());

    X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
    X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
    return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
  } catch (CertificateException ce) {
    throw ce;
  } catch (Exception e) {
    throw new CertificateException(e);
  }
}
 
开发者ID:linkedin,项目名称:ambry,代码行数:35,代码来源:TestSSLUtils.java


示例8: newSigner

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private static ContentSigner newSigner(PrivateKey privateKey, String algo) {
    try {
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algo);
        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);

        return new BcRSAContentSignerBuilder(sigAlgId, digAlgId)
                .build(PrivateKeyFactory.createKey(privateKey.getEncoded()));
    } catch (OperatorCreationException | IOException e) {
        throw new RuntimeException(e);
    }
}
 
开发者ID:dremio,项目名称:dremio-oss,代码行数:12,代码来源:ElasticsearchCluster.java


示例9: createSigner

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private ContentSigner createSigner(KeyPair keyPair) throws PropertyConfigurationException, OperatorCreationException {
    ContentSigner signer;
    String hashAlgo = propertyConfigurationService.getConfigValue(CERT_HASH_ALGORITHM);
    if (keyPair.getPrivate() instanceof RSAPrivateKey) {
        RSAPrivateKey privateKey = (RSAPrivateKey) keyPair.getPrivate();
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(hashAlgo + "withRSA");
        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
        signer = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(
                new RSAKeyParameters(true, privateKey.getModulus(), privateKey.getPrivateExponent())
        );
    } else {
        throw new KeyGenerationRuntimeException("Unsupported key type");
    }
    return signer;
}
 
开发者ID:republique-et-canton-de-geneve,项目名称:chvote-1-0,代码行数:16,代码来源:KeyGenerator.java


示例10: signWithSeparatedHashing

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
/**
 * <a href="http://stackoverflow.com/questions/41767351/create-pkcs7-signature-from-file-digest">
 * Create pkcs7 signature from file digest
 * </a>
 * <p>
 * The OP's <code>sign</code> method after fixing some errors. The
 * OP's original method is {@link #signBySnox(InputStream)}. The
 * errors were
 * </p>
 * <ul>
 * <li>multiple attempts at reading the {@link InputStream} parameter;
 * <li>convoluted creation of final CMS container.
 * </ul>
 * <p>
 * Additionally this method uses SHA256 instead of SHA-1.
 * </p>
 */
public byte[] signWithSeparatedHashing(InputStream content) throws IOException
{
    try
    {
        // Digest generation step
        MessageDigest md = MessageDigest.getInstance("SHA256", "BC");
        byte[] digest = md.digest(IOUtils.toByteArray(content));

        // Separate signature container creation step
        List<Certificate> certList = Arrays.asList(chain);
        JcaCertStore certs = new JcaCertStore(certList);

        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();

        Attribute attr = new Attribute(CMSAttributes.messageDigest,
                new DERSet(new DEROctetString(digest)));

        ASN1EncodableVector v = new ASN1EncodableVector();

        v.add(attr);

        SignerInfoGeneratorBuilder builder = new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider())
                .setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));

        AlgorithmIdentifier sha256withRSA = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");

        CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
        InputStream in = new ByteArrayInputStream(chain[0].getEncoded());
        X509Certificate cert = (X509Certificate) certFactory.generateCertificate(in);

        gen.addSignerInfoGenerator(builder.build(
                new BcRSAContentSignerBuilder(sha256withRSA,
                        new DefaultDigestAlgorithmIdentifierFinder().find(sha256withRSA))
                                .build(PrivateKeyFactory.createKey(pk.getEncoded())),
                new JcaX509CertificateHolder(cert)));

        gen.addCertificates(certs);

        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
        return s.getEncoded();
    }
    catch (Exception e)
    {
        e.printStackTrace();
        throw new IOException(e);
    }
}
 
开发者ID:mkl-public,项目名称:testarea-pdfbox2,代码行数:65,代码来源:CreateSignature.java


示例11: generateContentSignerBuilder

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private ContentSigner generateContentSignerBuilder(PrivateKey issuerPrivateKey) throws OperatorCreationException, IOException {
	AsymmetricKeyParameter privateKeyParam = PrivateKeyFactory.createKey(issuerPrivateKey.getEncoded());

	AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(SIG_HASH_ALG);
	AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
	
	return new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyParam);
}
 
开发者ID:fabiusks,项目名称:cert-services,代码行数:9,代码来源:CertificateService.java


示例12: generateCert

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
/**
 * See http://www.programcreek.com/java-api-examples/index.php?api=org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder
 *
 * @param keyPair The RSA keypair with which to generate the certificate
 * @param issuer  The issuer (and subject) to use for the certificate
 * @return An X509 certificate
 * @throws IOException
 * @throws OperatorCreationException
 * @throws CertificateException
 * @throws NoSuchProviderException
 * @throws NoSuchAlgorithmException
 * @throws InvalidKeyException
 * @throws SignatureException
 */
private static X509Certificate generateCert(final KeyPair keyPair, final String issuer) throws IOException, OperatorCreationException,
  CertificateException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException,
  SignatureException {
  final String subject = issuer;
  final X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(
    new X500Name(issuer),
    BigInteger.ONE,
    new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30),
    new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)),
    new X500Name(subject),
    SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded())
  );

  final GeneralNames subjectAltNames = new GeneralNames(new GeneralName(GeneralName.iPAddress, "127.0.0.1"));
  certificateBuilder.addExtension(org.bouncycastle.asn1.x509.Extension.subjectAlternativeName, false, subjectAltNames);

  final AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
  final AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
  final BcContentSignerBuilder signerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
  final AsymmetricKeyParameter keyp = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
  final ContentSigner signer = signerBuilder.build(keyp);
  final X509CertificateHolder x509CertificateHolder = certificateBuilder.build(signer);

  final X509Certificate certificate = new JcaX509CertificateConverter()
    .getCertificate(x509CertificateHolder);
  certificate.checkValidity(new Date());
  certificate.verify(keyPair.getPublic());
  return certificate;
}
 
开发者ID:vert-x3,项目名称:vertx-config,代码行数:44,代码来源:Certificates.java


示例13: generateCertificate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public static X509Certificate generateCertificate(KeyPair keyPair, String distinguishedName) throws Exception {
	X500Name issuerX500Name = new X500Name(distinguishedName);
	X500Name subjectX500Name = new X500Name(distinguishedName);

	SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());

	SecureRandom secureRandom = new SecureRandom();
	byte[] serialValue = new byte[8];
	secureRandom.nextBytes(serialValue);
	BigInteger serial = new BigInteger(serialValue);

	DateTime notBefore = new DateTime();
	DateTime notAfter = notBefore.plusMonths(1);

	X509v3CertificateBuilder x509v3CertificateBuilder = new X509v3CertificateBuilder(issuerX500Name, serial,
			notBefore.toDate(), notAfter.toDate(), subjectX500Name, publicKeyInfo);

	AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
	AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
	AsymmetricKeyParameter asymmetricKeyParameter = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
	ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(asymmetricKeyParameter);
	X509CertificateHolder x509CertificateHolder = x509v3CertificateBuilder.build(contentSigner);

	byte[] encodedCertificate = x509CertificateHolder.getEncoded();

	CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
	X509Certificate certificate = (X509Certificate) certificateFactory
			.generateCertificate(new ByteArrayInputStream(encodedCertificate));
	return certificate;
}
 
开发者ID:e-Contract,项目名称:mycarenet,代码行数:31,代码来源:CMSSignerTest.java


示例14: generateCertificationRequest

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private PKCS10CertificationRequest generateCertificationRequest(String dn, KeyPair kp)
		throws Exception{
	X500Name subject=new X500Name(dn);
	PublicKey pubKey=kp.getPublic();
	PrivateKey privKey=kp.getPrivate();
	AsymmetricKeyParameter pubkeyParam = PublicKeyFactory.createKey(pubKey.getEncoded());
	SubjectPublicKeyInfo publicKeyInfo=SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(pubkeyParam);
	PKCS10CertificationRequestBuilder builder=new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
	AlgorithmIdentifier signatureAi = new AlgorithmIdentifier(OIWObjectIdentifiers.sha1WithRSA);
	BcRSAContentSignerBuilder signerBuilder=new BcRSAContentSignerBuilder(
			signatureAi, AlgorithmIdentifier.getInstance(OIWObjectIdentifiers.idSHA1));
	AsymmetricKeyParameter pkParam = PrivateKeyFactory.createKey(privKey.getEncoded());
	ContentSigner signer=signerBuilder.build(pkParam);
	return builder.build(signer);
}
 
开发者ID:apache,项目名称:airavata,代码行数:16,代码来源:MyProxyLogon.java


示例15: generateCertificationRequest

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private org.bouncycastle.pkcs.PKCS10CertificationRequest generateCertificationRequest(String dn, KeyPair kp)
		throws Exception{
	X500Name subject=new X500Name(dn);
	PublicKey pubKey=kp.getPublic();
	PrivateKey privKey=kp.getPrivate();
	AsymmetricKeyParameter pubkeyParam = PublicKeyFactory.createKey(pubKey.getEncoded());
	SubjectPublicKeyInfo publicKeyInfo=SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(pubkeyParam);
	PKCS10CertificationRequestBuilder builder=new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
	AlgorithmIdentifier signatureAi = new AlgorithmIdentifier(OIWObjectIdentifiers.sha1WithRSA);
	BcRSAContentSignerBuilder signerBuilder=new BcRSAContentSignerBuilder(
			signatureAi, AlgorithmIdentifier.getInstance(OIWObjectIdentifiers.idSHA1));
	AsymmetricKeyParameter pkParam = PrivateKeyFactory.createKey(privKey.getEncoded());
	ContentSigner signer=signerBuilder.build(pkParam);
	return builder.build(signer);
}
 
开发者ID:apache,项目名称:airavata,代码行数:16,代码来源:MyProxyLogon.java


示例16: selfsign

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private static X509Certificate selfsign(PKCS10CertificationRequest inputCSR, String publicAddress, KeyPair signKey)
        throws Exception {

    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder()
            .find("SHA256withRSA");
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder()
            .find(sigAlgId);

    AsymmetricKeyParameter akp = PrivateKeyFactory.createKey(signKey.getPrivate()
            .getEncoded());

    Calendar cal = Calendar.getInstance();
    Date currentTime = cal.getTime();
    cal.add(Calendar.YEAR, CERT_VALIDITY_YEAR);
    Date expiryTime = cal.getTime();

    X509v3CertificateBuilder myCertificateGenerator = new X509v3CertificateBuilder(
            new X500Name(String.format("cn=%s", publicAddress)), new BigInteger("1"), currentTime, expiryTime, inputCSR.getSubject(),
            inputCSR.getSubjectPublicKeyInfo());

    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId)
            .build(akp);

    X509CertificateHolder holder = myCertificateGenerator.build(sigGen);

    CertificateFactory cf = CertificateFactory.getInstance("X.509");

    return (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(holder.toASN1Structure().getEncoded()));
}
 
开发者ID:hortonworks,项目名称:cloudbreak,代码行数:30,代码来源:PkiUtil.java


示例17: createPSSCert

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private void createPSSCert(String algorithm)
    throws Exception
{
    AsymmetricCipherKeyPair pair = generateLongFixedKeys();

    AsymmetricKeyParameter privKey = (AsymmetricKeyParameter)pair.getPrivate();
    AsymmetricKeyParameter pubKey = (AsymmetricKeyParameter)pair.getPublic();

    //
    // distinguished name table.
    //

    X500NameBuilder builder = createStdBuilder();

    //
    // create base certificate - version 3
    //
    BcX509ExtensionUtils extFact = new BcX509ExtensionUtils(new SHA1DigestCalculator());

    AlgorithmIdentifier sigAlgId = sigAlgFinder.find(algorithm);
    AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);

    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
    BcX509v3CertificateBuilder  certGen = new BcX509v3CertificateBuilder(builder.build(),BigInteger.valueOf(1),
    new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);

    certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
        new KeyUsage(KeyUsage.encipherOnly));
    certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
        new DERSequence(KeyPurposeId.anyExtendedKeyUsage));
    certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
        new GeneralNames(new GeneralName(GeneralName.rfc822Name, "[email protected]")));

    certGen.addExtension(Extension.authorityKeyIdentifier, true, extFact.createAuthorityKeyIdentifier(pubKey));

    X509CertificateHolder baseCert = certGen.build(sigGen);

    assertTrue(baseCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:40,代码来源:BcCertTest.java


示例18: testNullDerNullCert

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public void testNullDerNullCert()
    throws Exception
{
    AsymmetricCipherKeyPair pair = generateLongFixedKeys();
    AsymmetricKeyParameter pubKey = (AsymmetricKeyParameter)pair.getPublic();
    AsymmetricKeyParameter privKey = (AsymmetricKeyParameter)pair.getPrivate();

    DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
    DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();

    AlgorithmIdentifier sigAlgId = sigAlgFinder.find("MD5withRSA");
    AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);

    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
    BcX509v3CertificateBuilder  certGen = new BcX509v3CertificateBuilder(new X500Name("CN=Test"),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),new X500Name("CN=Test"),pubKey);
    X509CertificateHolder cert = certGen.build(sigGen);

    Certificate struct = Certificate.getInstance(cert.getEncoded());

    ASN1Object tbsCertificate = struct.getTBSCertificate();
    AlgorithmIdentifier sig = struct.getSignatureAlgorithm();

    ASN1EncodableVector v = new ASN1EncodableVector();

    v.add(tbsCertificate);
    v.add(new AlgorithmIdentifier(sig.getAlgorithm()));
    v.add(struct.getSignature());

    // verify
    ByteArrayInputStream    bIn;
    String                  dump = "";

    bIn = new ByteArrayInputStream(new DERSequence(v).getEncoded());

    cert = new X509CertificateHolder(new DERSequence(v).getEncoded());

    assertTrue(cert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:39,代码来源:BcCertTest.java


示例19: generate

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
public static RTCCertificate generate(String commonName) {

        try {
            //generate certificate
            //TODO sign it by lets-encrypt
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA",
                                                                BouncyCastleProvider.PROVIDER_NAME);
            kpg.initialize(1024);

            KeyPair    keyPair      = kpg.genKeyPair();
            Date       startDate    = new Date(System.currentTimeMillis());// time from which certificate is valid
            Date       expiryDate   = new Date(System.currentTimeMillis() + 365L * 24L * 60L * 60L * 1000L);// time after which certificate is not valid
            BigInteger serialNumber = new BigInteger("1");// serial number for certificate
            X500Name   dnName       = new X500Name("CN=" + commonName);
            SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic()
                                                                                         .getEncoded());


            final X509v1CertificateBuilder x509v1CertificateBuilder = new X509v1CertificateBuilder(dnName,
                                                                                                   serialNumber,
                                                                                                   startDate,
                                                                                                   expiryDate,
                                                                                                   dnName,
                                                                                                   subPubKeyInfo);

            AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate()
                                                                                               .getEncoded());
            AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
            AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
            ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId,
                                                                 digAlgId).build(privateKeyAsymKeyParam);

            final X509CertificateHolder x509CertificateHolder = x509v1CertificateBuilder.build(sigGen);

            return new RTCCertificate(fingerprint(x509CertificateHolder),
                                      keyPair,
                                      x509CertificateHolder);
        }
        catch (IOException | CertificateException | NoSuchAlgorithmException | NoSuchProviderException | OperatorCreationException e) {
            throw new RuntimeException(e);
        }
    }
 
开发者ID:Zubnix,项目名称:rtcdcjava,代码行数:43,代码来源:RTCCertificate.java


示例20: rsaCreationTest

import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder; //导入依赖的package包/类
private void rsaCreationTest()
    throws Exception
{
    //
    // a lightweight key pair.
    //
    RSAKeyParameters lwPubKey = new RSAKeyParameters(
        false,
        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
        new BigInteger("11", 16));

    RSAPrivateCrtKeyParameters lwPrivKey = new RSAPrivateCrtKeyParameters(
        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
        new BigInteger("11", 16),
        new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
        new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
        new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
        new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
        new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
        new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));

    //
    // distinguished name table.
    //
    X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);

    builder.addRDN(BCStyle.C, "AU");
    builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
    builder.addRDN(BCStyle.L, "Melbourne");
    builder.addRDN(BCStyle.ST, "Victoria");
    builder.addRDN(BCStyle.E, "[email protected]");

    //
    // extensions
    //

    //
    // create the certificate - version 3 - without extensions
    //
    AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256WithRSAEncryption");
    AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);

    ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(lwPrivKey);
    SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(lwPubKey.getModulus(), lwPubKey.getExponent()));

    X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);

    x500NameBld.addRDN(BCStyle.C, "AU");
    x500NameBld.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
    x500NameBld.addRDN(BCStyle.L, "Melbourne");
    x500NameBld.addRDN(BCStyle.ST, "Victoria");
    x500NameBld.addRDN(BCStyle.EmailAddress, "[email protected]");

    X500Name    subject = x500NameBld.build();

    PKCS10CertificationRequestBuilder requestBuilder = new PKCS10CertificationRequestBuilder(subject, pubInfo);
                        
    PKCS10CertificationRequest req1 = requestBuilder.build(sigGen);

    PKCS10CertificationRequest req2 = new PKCS10CertificationRequest(req1.getEncoded());

    if (!req2.isSignatureValid(new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(lwPubKey)))
    {
        fail("Failed verify check.");
    }

    if (!Arrays.areEqual(req2.getSubjectPublicKeyInfo().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
    {
        fail("Failed public key check.");
    }
}
 
开发者ID:ttt43ttt,项目名称:gwt-crypto,代码行数:72,代码来源:PKCS10Test.java



注:本文中的org.bouncycastle.operator.bc.BcRSAContentSignerBuilder类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。


鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
上一篇:
Java Size2DSyntax类代码示例发布时间:2022-05-21
下一篇:
Java MemberValuePair类代码示例发布时间:2022-05-21
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap