sun.security.x509.X509Key Java Examples
The following examples show how to use
sun.security.x509.X509Key.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: P11ECUtil.java From dragonwell8_jdk with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #2
| Source File: ECUtil.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 5 votes |
|
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
Example #3
| Source File: ECUtil.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
Example #4
| Source File: P11ECUtil.java From jdk8u_jdk with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #5
| Source File: ECUtil.java From openjdk-8 with GNU General Public License v2.0 | 5 votes |
|
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
Example #6
| Source File: ECUtil.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
Example #7
| Source File: P11ECUtil.java From hottub with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #8
| Source File: P11ECUtil.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #9
| Source File: ECUtil.java From openjdk-jdk9 with GNU General Public License v2.0 | 5 votes |
|
public static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
KeyFactory keyFactory = getKeyFactory();
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)keyFactory.generatePublic(keySpec);
return key.getEncoded();
}
Example #10
| Source File: P11ECUtil.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #11
| Source File: P11ECUtil.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #12
| Source File: P11ECUtil.java From jdk8u60 with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #13
| Source File: P11ECUtil.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
static byte[] x509EncodeECPublicKey(ECPoint w,
ECParameterSpec params) throws InvalidKeySpecException {
ECPublicKeySpec keySpec = new ECPublicKeySpec(w, params);
X509Key key = (X509Key)ECGeneratePublic(keySpec);
return key.getEncoded();
}
Example #14
| Source File: PKCS10.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #15
| Source File: PKCS10.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sigAlg = id.getName();
sig = Signature.getInstance(sigAlg);
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #16
| Source File: PKCS10.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #17
| Source File: PKCS10AttrEncoding.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = {
new ObjectIdentifier("1.2.3.4"),
new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(),
"challenging"
};
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 "
+ "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
Example #18
| Source File: PKCS10.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #19
| Source File: PKCS10AttrEncoding.java From jdk8u_jdk with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = {
new ObjectIdentifier("1.2.3.4"),
new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(),
"challenging"
};
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 "
+ "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
Example #20
| Source File: PKCS10.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sigAlg = id.getName();
sig = Signature.getInstance(sigAlg);
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #21
| Source File: PKCS10.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #22
| Source File: PKCS10AttrEncoding.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = {
new ObjectIdentifier("1.2.3.4"),
new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(),
"challenging"
};
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 "
+ "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
Example #23
| Source File: PKCS10.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #24
| Source File: PKCS10.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sigAlg = id.getName();
sig = Signature.getInstance(sigAlg);
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #25
| Source File: PKCS10.java From hottub with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #26
| Source File: PKCS10AttrEncoding.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = {
new ObjectIdentifier("1.2.3.4"),
new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(),
"challenging"
};
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 "
+ "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
Example #27
| Source File: PKCS10.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sig = Signature.getInstance(id.getName());
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #28
| Source File: PKCS10AttrEncoding.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = {
new ObjectIdentifier("1.2.3.4"),
new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(),
"challenging"
};
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 "
+ "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
Example #29
| Source File: PKCS10.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
|
/**
* Parses an encoded, signed PKCS #10 certificate request, verifying
* the request's signature as it does so. This constructor would
* typically be used by a Certificate Authority, from which a new
* certificate would then be constructed.
*
* @param data the DER-encoded PKCS #10 request.
* @exception IOException for low level errors reading the data
* @exception SignatureException when the signature is invalid
* @exception NoSuchAlgorithmException when the signature
* algorithm is not supported in this environment
*/
public PKCS10(byte[] data)
throws IOException, SignatureException, NoSuchAlgorithmException {
DerInputStream in;
DerValue[] seq;
AlgorithmId id;
byte[] sigData;
Signature sig;
encoded = data;
//
// Outer sequence: request, signature algorithm, signature.
// Parse, and prepare to verify later.
//
in = new DerInputStream(data);
seq = in.getSequence(3);
if (seq.length != 3)
throw new IllegalArgumentException("not a PKCS #10 request");
data = seq[0].toByteArray(); // reusing this variable
id = AlgorithmId.parse(seq[1]);
sigData = seq[2].getBitString();
//
// Inner sequence: version, name, key, attributes
//
BigInteger serial;
DerValue val;
serial = seq[0].data.getBigInteger();
if (!serial.equals(BigInteger.ZERO))
throw new IllegalArgumentException("not PKCS #10 v1");
subject = new X500Name(seq[0].data);
subjectPublicKeyInfo = X509Key.parse(seq[0].data.getDerValue());
// Cope with a somewhat common illegal PKCS #10 format
if (seq[0].data.available() != 0)
attributeSet = new PKCS10Attributes(seq[0].data);
else
attributeSet = new PKCS10Attributes();
if (seq[0].data.available() != 0)
throw new IllegalArgumentException("illegal PKCS #10 data");
//
// OK, we parsed it all ... validate the signature using the
// key and signature algorithm we found.
//
try {
sigAlg = id.getName();
sig = Signature.getInstance(sigAlg);
sig.initVerify(subjectPublicKeyInfo);
sig.update(data);
if (!sig.verify(sigData))
throw new SignatureException("Invalid PKCS #10 signature");
} catch (InvalidKeyException e) {
throw new SignatureException("invalid key");
}
}
Example #30
| Source File: PKCS10AttrEncoding.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = {
new ObjectIdentifier("1.2.3.4"),
new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(),
"challenging"
};
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 "
+ "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
