Java Code Examples for org.bouncycastle.operator.jcajce.JcaContentSignerBuilder#setProvider()

The following examples show how to use org.bouncycastle.operator.jcajce.JcaContentSignerBuilder#setProvider() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: TestCRLCodec.java    From hadoop-ozone with Apache License 2.0 6 votes vote down vote up 
@Test
public void testGetX509CRLFromCRLHolder() throws IOException,
    OperatorCreationException, CertificateException, CRLException {

  X500Name issuer = x509CertificateHolder.getIssuer();
  Date now = new Date();
  X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, now);
  builder.addCRLEntry(x509CertificateHolder.getSerialNumber(), now,
                      CRLReason.cACompromise);

  JcaContentSignerBuilder contentSignerBuilder =
      new JcaContentSignerBuilder(securityConfig.getSignatureAlgo());

  contentSignerBuilder.setProvider(securityConfig.getProvider());
  PrivateKey privateKey = keyPair.getPrivate();
  X509CRLHolder cRLHolder =
      builder.build(contentSignerBuilder.build(privateKey));

  CRLCodec crlCodec = new CRLCodec(securityConfig);

  X509CRL crl = crlCodec.getX509CRL(cRLHolder);
  assertNotNull(crl);
}
Example 2
Source File: CAImpl.java    From littleca with Apache License 2.0 6 votes vote down vote up 
@Override
public PKCS10CertificationRequest makeUserCertReq(PublicKey publicKey, String userDN, String signAlg) throws CertException {
    try {
        PKCS10CertificationRequestBuilder builder = new PKCS10CertificationRequestBuilder(new X500Name(userDN)
                ,SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
        if(null==signAlg) {
        	signAlg=DEFAULT_SIGN_ALG;
        }
        JcaContentSignerBuilder jcaBuilder = new JcaContentSignerBuilder(signAlg);
        jcaBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
        ContentSigner contentSigner = jcaBuilder.build(privateKey);
        PKCS10CertificationRequest certificationRequest = builder.build(contentSigner);
        return certificationRequest;
    } catch (Exception e) {
    	throw new CertException("makeUserCertReq failed",e);
    } 
}
Example 3
Source File: TestCRLCodec.java    From hadoop-ozone with Apache License 2.0 5 votes vote down vote up 
@Test
public void testGetX509CRL() throws IOException,
    OperatorCreationException, CertificateException, CRLException {

  X500Name issuer = x509CertificateHolder.getIssuer();
  Date now = new Date();
  X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, now);
  builder.addCRLEntry(x509CertificateHolder.getSerialNumber(), now,
                      CRLReason.cACompromise);

  JcaContentSignerBuilder contentSignerBuilder =
      new JcaContentSignerBuilder(securityConfig.getSignatureAlgo());

  contentSignerBuilder.setProvider(securityConfig.getProvider());
  PrivateKey privateKey = keyPair.getPrivate();
  X509CRLHolder cRLHolder =
      builder.build(contentSignerBuilder.build(privateKey));

  CRLCodec crlCodec = new CRLCodec(securityConfig);
  crlCodec.writeCRL(cRLHolder, this.securityConfig.getCrlName(), true);

  X509CRLEntryHolder entryHolder =
      cRLHolder.getRevokedCertificate(BigInteger.ONE);
  assertNotNull(entryHolder);

  String pemEncodedString = crlCodec.getPEMEncodedString(cRLHolder);
  assertNotNull(pemEncodedString);

  // Verify header and footer of PEM encoded String
  String header = "-----BEGIN X509 CRL-----";
  String footer = "-----END X509 CRL-----";
  assertTrue(pemEncodedString.contains(header));
  assertTrue(pemEncodedString.contains(footer));
}
Example 4
Source File: SM2X509CertMaker.java    From gmhelper with Apache License 2.0 5 votes vote down vote up 
private JcaContentSignerBuilder makeContentSignerBuilder(PublicKey issPub) throws Exception {
    if (issPub.getAlgorithm().equals("EC")) {
        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SIGN_ALGO_SM3WITHSM2);
        contentSignerBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
        return contentSignerBuilder;
    }
    throw new Exception("Unsupported PublicKey Algorithm:" + issPub.getAlgorithm());
}
Example 5
Source File: TestCRLCodec.java    From hadoop-ozone with Apache License 2.0 4 votes vote down vote up 
@Test
public void testWriteCRL() throws IOException, OperatorCreationException {

  X500Name issuer = x509CertificateHolder.getIssuer();
  Date now = new Date();
  X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, now);
  builder.addCRLEntry(x509CertificateHolder.getSerialNumber(), now,
                      CRLReason.cACompromise);

  JcaContentSignerBuilder contentSignerBuilder =
      new JcaContentSignerBuilder(securityConfig.getSignatureAlgo());

  contentSignerBuilder.setProvider(securityConfig.getProvider());
  PrivateKey privateKey = keyPair.getPrivate();
  X509CRLHolder cRLHolder =
      builder.build(contentSignerBuilder.build(privateKey));

  CRLCodec crlCodec = new CRLCodec(securityConfig);
  crlCodec.writeCRL(cRLHolder, this.securityConfig.getCrlName(), true);

  X509CRLEntryHolder entryHolder =
      cRLHolder.getRevokedCertificate(BigInteger.ONE);
  assertNotNull(entryHolder);

  // verify file generation
  File crlFile =
      Paths.get(crlCodec.getLocation().toString(),
                this.securityConfig.getCrlName()).toFile();
  assertTrue(crlFile.exists());

  try (BufferedReader reader = new BufferedReader(new FileReader(crlFile))){

    // Verify contents of the file
    String header = reader.readLine();
    assertEquals("-----BEGIN X509 CRL-----", header);

    String footer = null;
    String line = null;
    while ((line = reader.readLine()) != null) {
      footer = line;
    }
    assertEquals("-----END X509 CRL-----", footer);
  }
}
Example 6
Source File: CryptoPrimitives.java    From fabric-sdk-java with Apache License 2.0 4 votes vote down vote up 
/**
 * generateCertificationRequest
 *
 * @param subject The subject to be added to the certificate
 * @param pair    Public private key pair
 * @return PKCS10CertificationRequest Certificate Signing Request.
 * @throws OperatorCreationException
 */

public String generateCertificationRequest(String subject, KeyPair pair)
        throws InvalidArgumentException {

    try {
        PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
                new X500Principal("CN=" + subject), pair.getPublic());

        JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withECDSA");

        if (null != SECURITY_PROVIDER) {
            csBuilder.setProvider(SECURITY_PROVIDER);
        }
        ContentSigner signer = csBuilder.build(pair.getPrivate());

        return certificationRequestToPEM(p10Builder.build(signer));
    } catch (Exception e) {

        logger.error(e);
        throw new InvalidArgumentException(e);

    }

}
Example 7
Source File: SslClientCertificateImplTest.java    From hivemq-community-edition with Apache License 2.0 3 votes vote down vote up 
private Certificate getCertificate(final KeyPair keyPair, final JcaX509v3CertificateBuilder certificateBuilder) throws OperatorCreationException, CertificateException {

        Security.addProvider(new BouncyCastleProvider());

        JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
        signerBuilder = signerBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);

        final ContentSigner contentSigner = signerBuilder.build(keyPair.getPrivate());

        JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
        converter = converter.setProvider(BouncyCastleProvider.PROVIDER_NAME);

        return converter.getCertificate(certificateBuilder.build(contentSigner));
    }