Example usage for java.security KeyPairGenerator getInstance

List of usage examples for java.security KeyPairGenerator getInstance

  1. HOME
  2. Java
  3. java
  4. java.security.*
  5. KeyPairGenerator
  6. getInstance

Introduction

In this page you can find the example usage for java.security KeyPairGenerator getInstance.

Prototype

public static KeyPairGenerator getInstance(String algorithm, Provider provider)
        throws NoSuchAlgorithmException

Source Link

Document

Returns a KeyPairGenerator object that generates public/private key pairs for the specified algorithm.

Usage

From source file:org.texai.x509.X509Utils.java

/** Creates a random 2048 bit RSA key pair.
 * @return a random 2048 bit RSA key pair
 * @throws NoSuchAlgorithmException when an invalid algorithm is given
 * @throws NoSuchProviderException  when an invalid provider is given
 * @throws InvalidAlgorithmParameterException when an invalid algorithm parameter is given
 *//*ww  w  .  j a v a  2  s .c  o m*/
public static KeyPair generateRSAKeyPair2048()
        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
    final KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", BOUNCY_CASTLE_PROVIDER);
    final AlgorithmParameterSpec algorithmParameterSpec = new RSAKeyGenParameterSpec(2048,
            RSAKeyGenParameterSpec.F4);
    keyPairGenerator.initialize(algorithmParameterSpec, getSecureRandom());
    return keyPairGenerator.generateKeyPair();
}

From source file:org.xdi.oxauth.model.util.JwtUtil.java

public static KeyPair generateKeyES512()
        throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
    ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("P-521");

    KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA", "BC");
    keyGen.initialize(ecSpec, new SecureRandom());

    return keyGen.generateKeyPair();
}

From source file:com.mirth.connect.server.controllers.DefaultConfigurationController.java

/**
 * Checks for an existing certificate to use for secure communication between the server and
 * client. If no certficate exists, this will generate a new one.
 * //from ww w  .j  a  v a2  s  . c  o  m
 */
private void generateDefaultCertificate(Provider provider, KeyStore keyStore, char[] keyPassword)
        throws Exception {
    final String certificateAlias = "mirthconnect";

    if (!keyStore.containsAlias(certificateAlias)) {
        // Common CA and SSL cert attributes
        Date startDate = new Date(); // time from which certificate is valid
        Date expiryDate = DateUtils.addYears(startDate, 50); // time after which certificate is not valid
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", provider);
        keyPairGenerator.initialize(2048);

        KeyPair caKeyPair = keyPairGenerator.generateKeyPair();
        logger.debug("generated new key pair for CA cert using provider: " + provider.getName());

        // Generate CA cert
        X500Name caSubjectName = new X500Name("CN=Mirth Connect Certificate Authority");
        SubjectPublicKeyInfo caSubjectKey = new SubjectPublicKeyInfo(
                ASN1Sequence.getInstance(caKeyPair.getPublic().getEncoded()));
        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(caSubjectName, BigInteger.ONE,
                startDate, expiryDate, caSubjectName, caSubjectKey);
        certBuilder.addExtension(org.bouncycastle.asn1.x509.Extension.basicConstraints, true,
                new BasicConstraints(0));
        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256withRSA").setProvider(provider)
                .build(caKeyPair.getPrivate());
        Certificate caCert = new JcaX509CertificateConverter().setProvider(provider)
                .getCertificate(certBuilder.build(sigGen));

        // Generate SSL cert
        KeyPair sslKeyPair = keyPairGenerator.generateKeyPair();
        logger.debug("generated new key pair for SSL cert using provider: " + provider.getName());

        X500Name sslSubjectName = new X500Name("CN=mirth-connect");
        SubjectPublicKeyInfo sslSubjectKey = new SubjectPublicKeyInfo(
                ASN1Sequence.getInstance(sslKeyPair.getPublic().getEncoded()));
        X509v3CertificateBuilder sslCertBuilder = new X509v3CertificateBuilder(caSubjectName,
                new BigInteger(50, new SecureRandom()), startDate, expiryDate, sslSubjectName, sslSubjectKey);
        sslCertBuilder.addExtension(org.bouncycastle.asn1.x509.Extension.authorityKeyIdentifier, false,
                new AuthorityKeyIdentifier(caCert.getEncoded()));
        sslCertBuilder.addExtension(org.bouncycastle.asn1.x509.Extension.subjectKeyIdentifier, false,
                new SubjectKeyIdentifier(sslKeyPair.getPublic().getEncoded()));

        sigGen = new JcaContentSignerBuilder("SHA256withRSA").setProvider(provider)
                .build(caKeyPair.getPrivate());
        Certificate sslCert = new JcaX509CertificateConverter().setProvider(provider)
                .getCertificate(sslCertBuilder.build(sigGen));

        logger.debug("generated new certificate with serial number: "
                + ((X509Certificate) sslCert).getSerialNumber());

        // add the generated SSL cert to the keystore using the key password
        keyStore.setKeyEntry(certificateAlias, sslKeyPair.getPrivate(), keyPassword,
                new Certificate[] { sslCert });
    } else {
        logger.debug("found certificate in keystore");
    }
}