List of usage examples for org.bouncycastle.asn1 DERSequence DERSequence
public DERSequence(ASN1Encodable[] elements)
From source file:com.vvote.thirdparty.ximix.util.SubjectPublicKeyInfoFactory.java
License:Apache License
/** * Return a SubjectPublicKeyInfo object containing an encoding of BLS public key. * * @param keyParameters the public key to be encoded. * @return a SubjectPublicKeyInfo object containing the public key. * @throws java.io.IOException if the public key cannot be encoded. *//*w ww.j ava2 s.c o m*/ public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(BLS01PublicKeyParameters keyParameters) throws IOException { return new SubjectPublicKeyInfo( new AlgorithmIdentifier(XimixObjectIdentifiers.ximixAlgorithmsExperimental, new DERSequence(new ASN1Encodable[] { new DERUTF8String(keyParameters.getParameters().getCurveParameters().toString()), new DEROctetString(keyParameters.getParameters().getG().toBytes()) })), keyParameters.getPk().toBytes()); }
From source file:com.wandrell.util.ksgen.BouncyCastleKeyStoreFactory.java
License:Open Source License
/** * Returns a certificate builder.//from w w w .j a v a2s . c o m * * @param publicKey * public key for the certificate builder * @param issuer * issuer for the certificate builder * @return a certificate builder * @throws IOException * if any format error occurrs while creating the certificate */ private final X509v3CertificateBuilder getCertificateBuilder(final PublicKey publicKey, final String issuer) throws IOException { final X500Name issuerName; // Issuer name final X500Name subjectName; // Subject name final BigInteger serial; // Serial number final X509v3CertificateBuilder builder; // Certificate builder final Date start; // Certificate start date final Date end; // Certificate end date final KeyUsage usage; // Key usage final ASN1EncodableVector purposes; // Certificate purposes issuerName = new X500Name(issuer); subjectName = issuerName; serial = BigInteger.valueOf(getRandom().nextInt()); // Dates for the certificate start = getOneYearBackDate(); end = getOneHundredYearsFutureDate(); builder = new JcaX509v3CertificateBuilder(issuerName, serial, start, end, subjectName, publicKey); builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(publicKey)); builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign); builder.addExtension(Extension.keyUsage, false, usage); purposes = new ASN1EncodableVector(); purposes.add(KeyPurposeId.id_kp_serverAuth); purposes.add(KeyPurposeId.id_kp_clientAuth); purposes.add(KeyPurposeId.anyExtendedKeyUsage); builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes)); return builder; }
From source file:cybervillains.ca.CertificateCreator.java
License:Open Source License
/** * Creates a typical Certification Authority (CA) certificate. * // ww w . j av a2s .c o m * @throws SecurityException * @throws InvalidKeyException * @throws NoSuchProviderException * @throws NoSuchAlgorithmException * @throws CertificateException */ @SuppressWarnings("deprecation") public static X509Certificate createTypicalMasterCert(final KeyPair keyPair) throws SignatureException, InvalidKeyException, SecurityException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException { X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator(); X509Principal issuer = new X509Principal( "O=CyberVillians.com,OU=CyberVillians Certification Authority,C=US"); // Create v3CertGen.setSerialNumber(BigInteger.valueOf(1)); v3CertGen.setIssuerDN(issuer); v3CertGen.setSubjectDN(issuer); // Set validity period v3CertGen .setNotBefore(new Date(System.currentTimeMillis() - 12 /* months */ * (1000L * 60 * 60 * 24 * 30))); v3CertGen .setNotAfter(new Date(System.currentTimeMillis() + 240 /* months */ * (1000L * 60 * 60 * 24 * 30))); // Set signature algorithm & public key v3CertGen.setPublicKey(keyPair.getPublic()); v3CertGen.setSignatureAlgorithm(CertificateCreator.SIGN_ALGO); // Add typical extensions for signing cert v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(keyPair.getPublic())); v3CertGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0)); v3CertGen.addExtension(X509Extensions.KeyUsage, false, new KeyUsage(KeyUsage.cRLSign | KeyUsage.keyCertSign)); DERSequence typicalCAExtendedKeyUsages = new DERSequence( new ASN1Encodable[] { new DERObjectIdentifier(ExtendedKeyUsageConstants.serverAuth), new DERObjectIdentifier(ExtendedKeyUsageConstants.OCSPSigning), new DERObjectIdentifier(ExtendedKeyUsageConstants.verisignUnknown) }); v3CertGen.addExtension(X509Extensions.ExtendedKeyUsage, false, typicalCAExtendedKeyUsages); X509Certificate cert = v3CertGen.generate(keyPair.getPrivate(), "BC"); cert.checkValidity(new Date()); cert.verify(keyPair.getPublic()); return cert; }
From source file:de.carne.certmgr.store.provider.bouncycastle.BouncyCastleASN1Encoder.java
License:Open Source License
@Override public void asn1EncodeSequence(ASN1Encodable encodable2) { this.sequenceStack.push(new ASN1EncodableVector()); encodable2.asn1Encode(this); ASN1Primitive encoded = new DERSequence(this.sequenceStack.pop()); asn1Encode(encoded);// w w w.j ava 2 s . co m }
From source file:de.fichtelmax.asn1.ASN1PrinterTest.java
License:Open Source License
@Test public void printSequence() throws IOException { String text = "Hello World!"; String oid = "1.2.3.45.10982345"; long number = 12345678901l; DERUTF8String string = new DERUTF8String(text); DERObjectIdentifier objectIdentifier = new DERObjectIdentifier(oid); DERInteger integer = new DERInteger(number); DERSet set = new DERSet(new ASN1Encodable[] { objectIdentifier, integer }); DERSequence sequence = new DERSequence(new ASN1Encodable[] { string, set }); cut.print(sequence.getEncoded());//from www . j a va 2 s. c om verify(out).println(contains(text)); verify(out).println(contains(oid)); verify(out).println(contains(Long.toString(number))); }
From source file:de.fichtelmax.asn1.ber.types.BERSequenceTest.java
License:Open Source License
@Test public void create() throws IOException { DERUTF8String string1 = new DERUTF8String("some string"); DERUTF8String string2 = new DERUTF8String("some other string"); byte[] bcEncoded = new DERSequence(new ASN1Encodable[] { string1, string2 }).getEncoded(); cut = new BERSequence(new byte[] { bcEncoded[1] }, Arrays.copyOfRange(bcEncoded, 2, bcEncoded.length)); assertThat(cut.getEncoded(), is(equalTo(bcEncoded))); Iterator<BERObject> iterator = cut.iterator(); assertThat(iterator.next().getEncoded(), is(equalTo(string1.getEncoded()))); assertThat(iterator.next().getEncoded(), is(equalTo(string2.getEncoded()))); assertThat(iterator.hasNext(), is(false)); }
From source file:de.rub.nds.tlsattacker.tlsserver.KeyStoreGenerator.java
License:Apache License
public static KeyStore createKeyStore(KeyPair keyPair) throws CertificateException, IOException, InvalidKeyException, KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, OperatorCreationException { PublicKey publicKey = keyPair.getPublic(); PrivateKey privateKey = keyPair.getPrivate(); X500Name issuerName = new X500Name("CN=127.0.0.1, O=TLS-Attacker, L=RUB, ST=NRW, C=DE"); X500Name subjectName = issuerName; BigInteger serial = BigInteger.valueOf(new SecureRandom().nextInt()); X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, BEFORE, AFTER, subjectName, publicKey);//from w w w .j a v a 2 s. c o m builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true)); KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment); builder.addExtension(Extension.keyUsage, false, usage); ASN1EncodableVector purposes = new ASN1EncodableVector(); purposes.add(KeyPurposeId.id_kp_serverAuth); purposes.add(KeyPurposeId.id_kp_clientAuth); purposes.add(KeyPurposeId.anyExtendedKeyUsage); builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes)); String algorithm = createSigningAlgorithm(keyPair); X509Certificate cert = signCertificate(algorithm, builder, privateKey); cert.checkValidity(new Date()); cert.verify(publicKey); KeyStore keyStore = KeyStore.getInstance("JKS"); keyStore.load(null, null); keyStore.setKeyEntry(ALIAS, privateKey, PASSWORD.toCharArray(), new java.security.cert.Certificate[] { cert }); return keyStore; }
From source file:edu.tamu.tcat.crypto.bouncycastle.ASN1SeqKeyImpl.java
License:Apache License
private static ASN1Sequence getParameters(ECParameterSpec ecParameterSpec) throws EncodingException { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new ASN1Integer(1)); EllipticCurve curve = ecParameterSpec.getCurve(); ASN1Sequence fieldId = getField(curve.getField()); v.add(fieldId);//from w w w . j a v a 2 s .c om v.add(getCurve(curve)); org.bouncycastle.math.ec.ECPoint g = EC5Util.convertPoint(ecParameterSpec, ecParameterSpec.getGenerator(), false); byte[] encoded = g.getEncoded(); v.add(new DEROctetString(encoded)); v.add(new ASN1Integer(ecParameterSpec.getOrder())); v.add(new ASN1Integer(ecParameterSpec.getCofactor())); return new DERSequence(v); }
From source file:edu.tamu.tcat.crypto.bouncycastle.ASN1SeqKeyImpl.java
License:Apache License
private static ASN1Sequence getField(ECField field) throws EncodingException { ASN1EncodableVector v = new ASN1EncodableVector(); if (field instanceof ECFieldFp) { ECFieldFp fpField = (ECFieldFp) field; v.add(new ASN1ObjectIdentifier("1.2.840.10045.1.1")); v.add(new ASN1Integer(fpField.getP())); } else/* w w w.jav a 2 s . c o m*/ throw new EncodingException("Only know how to encode prime fields"); return new DERSequence(v); }
From source file:edu.tamu.tcat.crypto.bouncycastle.ASN1SeqKeyImpl.java
License:Apache License
private static ASN1Sequence getCurve(EllipticCurve curve) throws EncodingException { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(new DEROctetString(getInteger(curve.getA()))); v.add(new DEROctetString(getInteger(curve.getB()))); byte[] seed = curve.getSeed(); if (seed != null) v.add(new DERBitString(seed)); return new DERSequence(v); }