List of usage examples for org.bouncycastle.asn1 DERSequence DERSequence
public DERSequence(ASN1Encodable[] elements)
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * @see com.otterca.common.crypto.X509CertificateBuilder#setPrivateKeyUsagePeriod(Date, * Date)/* w ww .ja v a 2 s . com*/ */ @Override public X509CertificateBuilder setPrivateKeyUsagePeriod(@Nullable Date notBefore, @Nullable Date notAfter) { if ((notBefore == null) && (notAfter == null)) { return this; } DERGeneralizedTime gtNotBefore = (notBefore != null) ? new DERGeneralizedTime(notBefore) : null; DERGeneralizedTime gtNotAfter = (notAfter != null) ? new DERGeneralizedTime(notAfter) : null; DERSequence seq = null; if ((gtNotBefore != null) && (gtNotAfter != null)) { seq = new DERSequence(new DERTaggedObject[] { new DERTaggedObject(0, gtNotBefore), new DERTaggedObject(1, gtNotAfter) }); } else if (gtNotBefore != null) { seq = new DERSequence(new DERTaggedObject[] { new DERTaggedObject(0, gtNotBefore) }); } else { seq = new DERSequence(new DERTaggedObject[] { new DERTaggedObject(1, gtNotAfter) }); } this.privateKeyUsagePeriod = PrivateKeyUsagePeriod.getInstance(seq); return this; }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * Set Authority Information Access (RFC5280 4.2.2) *//* w w w.j a v a2 s.c o m*/ protected void setAuthorityInfoAccess() { if (!ocspLocations.isEmpty() || !caIssuersLocations.isEmpty()) { ASN1Encodable[] values = new ASN1Encodable[ocspLocations.size() + caIssuersLocations.size()]; // add OCSP locations for (int i = 0; i < ocspLocations.size(); i++) { values[i] = new AccessDescription(AccessDescription.id_ad_ocsp, ocspLocations.get(i)); } // add CA Issuers locations int offset = ocspLocations.size(); for (int i = 0; i < caIssuersLocations.size(); i++) { values[i + offset] = new AccessDescription(AccessDescription.id_ad_caIssuers, caIssuersLocations.get(i)); } DERSequence seq = new DERSequence(values); generator.addExtension(X509Extensions.AuthorityInfoAccess, false, seq); } }
From source file:com.otterca.common.crypto.X509CertificateBuilderImpl.java
License:Apache License
/** * Set Subject Information Access (RFC5280 4.2.3) *//* www . j ava 2 s. c o m*/ protected void setSubjectInfoAccess() { if (!caRepositories.isEmpty() || !timestamping.isEmpty()) { ASN1Encodable[] values = new ASN1Encodable[caRepositories.size() + timestamping.size()]; // add CA Repositories for (int i = 0; i < caRepositories.size(); i++) { values[i] = new AccessDescription(id_ad_caRepositories, caRepositories.get(i)); } // add TimeStamping locations. int offset = caRepositories.size(); for (int i = 0; i < timestamping.size(); i++) { values[i + offset] = new AccessDescription(id_ad_timeStamping, timestamping.get(i)); } DERSequence seq = new DERSequence(values); generator.addExtension(X509Extensions.SubjectInfoAccess, false, seq); } }
From source file:com.raphfrk.craftproxyclient.net.protocol.p16x.P16xProtocol.java
License:Open Source License
public byte[] encodeRSAPublicKey(RSAKeyParameters key) { if (((RSAKeyParameters) key).isPrivate()) { return null; }/*from w w w .j a va 2 s . c o m*/ RSAKeyParameters rsaKey = (RSAKeyParameters) key; ASN1EncodableVector encodable = new ASN1EncodableVector(); encodable.add(new ASN1Integer(rsaKey.getModulus())); encodable.add(new ASN1Integer(rsaKey.getExponent())); return KeyUtil.getEncodedSubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new DERSequence(encodable)); }
From source file:com.rcn.service.CertificateService.java
License:Open Source License
private void addCaExtension(JcaX509v3CertificateBuilder v3CertGen) { v3CertGen.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(true)); v3CertGen.addExtension(X509Extension.keyUsage, false, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign)); ASN1EncodableVector intPolicies = new ASN1EncodableVector(); intPolicies.add(new PolicyInformation(new DERObjectIdentifier(ANY_POLICY))); v3CertGen.addExtension(X509Extension.certificatePolicies, false, new DERSequence(intPolicies)); }
From source file:com.rcn.service.CertificateService.java
License:Open Source License
private GeneralNames toGeneralNames(String altName, Map<String, String> generalNameMap) { GeneralName subjectAltName = new GeneralName(GeneralName.rfc822Name, altName); List<GeneralName> generalNameList = new ArrayList<GeneralName>(); generalNameList.add(subjectAltName); generalNameMap.keySet().forEach(oid -> { String value = generalNameMap.get(oid); DERUTF8String derUtf8 = new DERUTF8String(value); ASN1Encodable oidObj = new DERObjectIdentifier(oid); ASN1Encodable valueObj = new DERTaggedObject(true, 0, derUtf8); ASN1Encodable[] asn1Seq = new ASN1Encodable[] { oidObj, valueObj }; generalNameList.add(new GeneralName(GeneralName.otherName, new DERSequence(asn1Seq))); });//from w w w. ja v a 2 s . co m return new GeneralNames(new DERSequence(generalNameList.toArray(new GeneralName[0]))); }
From source file:com.vmware.identity.openidconnect.client.TestUtils.java
License:Open Source License
static X509Certificate generateCertificate(KeyPair keyPair, String dn, String subjectAltName) throws Exception { ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate()); Date startDate = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000); Date endDate = new Date(System.currentTimeMillis() + 365 * 24 * 60 * 60 * 1000); X509v3CertificateBuilder v3CertGen = new JcaX509v3CertificateBuilder(new X500Name("CN=" + dn), new BigInteger(64, new SecureRandom()), startDate, endDate, new X500Name("CN=" + dn), keyPair.getPublic());/* w w w . j av a2s.co m*/ if (subjectAltName != null) { v3CertGen .addExtension(Extension.subjectAlternativeName, true, new GeneralNames(new GeneralName(GeneralName.otherName, new DERSequence(new ASN1Encodable[] { new DERObjectIdentifier("1.3.6.1.4.1.311.20.2.3"), new DERTaggedObject(true, 0, new DERUTF8String(subjectAltName)) })))); } X509CertificateHolder certHolder = v3CertGen.build(sigGen); X509Certificate x509Certificate = new JcaX509CertificateConverter().getCertificate(certHolder); return x509Certificate; }
From source file:com.vmware.identity.rest.core.test.util.CertificateGenerator.java
License:Open Source License
/** * Generate a self-signed X.509 certificate * * @param pair the key pair to use when signing the certificate * @param algorithm the signing algorithm to use * @param dn the X.509 distinguished name for the certificate * @return a self-signed X.509 certificate * @throws NoSuchAlgorithmException/*w ww.ja va 2s. c om*/ * @throws NoSuchProviderException * @throws InvalidKeyException * @throws SignatureException * @throws IOException * @throws CertificateException */ public static X509Certificate generateSelfSignedCertificate(KeyPair pair, AlgorithmName algorithm, String dn) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException, IOException, CertificateException { if (Security.getProvider("BC") == null) { Security.addProvider(new BouncyCastleProvider()); } AtomicLong serialNumber = new AtomicLong(System.currentTimeMillis()); X500Name owner = new X500Name(dn); V1TBSCertificateGenerator generator = new V1TBSCertificateGenerator(); long time = System.currentTimeMillis(); generator.setSerialNumber(new ASN1Integer(serialNumber.getAndIncrement())); generator.setIssuer(owner); generator.setSubject(owner); generator.setStartDate(new Time(new Date(time - 5000))); generator.setEndDate(new Time(new Date(time + 30 * 60 * 1000))); generator.setSignature(ALGORITHM_IDS.get(algorithm)); generator.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded())); Signature sig = Signature.getInstance(algorithm.toString(), "BC"); sig.initSign(pair.getPrivate()); sig.update(generator.generateTBSCertificate().getEncoded(ASN1Encoding.DER)); TBSCertificate tbsCert = generator.generateTBSCertificate(); ASN1EncodableVector v = new ASN1EncodableVector(); v.add(tbsCert); v.add(ALGORITHM_IDS.get(algorithm)); v.add(new DERBitString(sig.sign())); return (X509Certificate) CertificateFactory.getInstance("X.509", "BC") .generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER))); }
From source file:com.vmware.identity.sts.auth.impl.UserCertAuthenticatorTest.java
License:Open Source License
private static X509Certificate generateCertificate(KeyPair keyPair, String dn) throws Exception { ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate()); Date startDate = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000); Date endDate = new Date(System.currentTimeMillis() + 365 * 24 * 60 * 60 * 1000); X509v3CertificateBuilder v3CertGen = new JcaX509v3CertificateBuilder(new X500Name("CN=" + dn), new BigInteger(64, new SecureRandom()), startDate, endDate, new X500Name("CN=" + dn), keyPair.getPublic());//from w ww . j a va 2 s .c o m v3CertGen.addExtension(Extension.subjectAlternativeName, true, new GeneralNames(new GeneralName(GeneralName.otherName, new DERSequence(new ASN1Encodable[] { new DERObjectIdentifier("1.3.6.1.4.1.311.20.2.3"), new DERTaggedObject(true, 0, new DERUTF8String(upn)) })))); X509CertificateHolder certHolder = v3CertGen.build(sigGen); X509Certificate x509Certificate = new JcaX509CertificateConverter().getCertificate(certHolder); return x509Certificate; }
From source file:com.vvote.thirdparty.ximix.util.PartialPublicKeyInfo.java
License:Apache License
@Override public ASN1Primitive toASN1Primitive() { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(sequenceNo)); v.add(partialKeyInfo);/* w ww . j ava 2 s.co m*/ return new DERSequence(v); }