Package eu.emi.security.authn.x509.helpers.proxy

Examples of eu.emi.security.authn.x509.helpers.proxy.X509v3CertificateBuilder

507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
        String keyLengthProp = "1024";
        int keyLength = Integer.parseInt(keyLengthProp);
        String signatureAlgorithm = "SHA1withRSA";

        KeyAndCertCredential caCred = getCACredential(caCertPath, caKeyPath, caPwd);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance(caCred.getKey().getAlgorithm());
        kpg.initialize(keyLength);
        KeyPair pair = kpg.generateKeyPair();

        X500Principal subjectDN = new X500Principal(userDN);
        Random rand = new Random();

        SubjectPublicKeyInfo publicKeyInfo;
        try {
            publicKeyInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(pair.getPublic().getEncoded())
                    .readObject());
        } catch (IOException e) {
            throw new InvalidKeyException("Can not parse the public key"
                    + "being included in the short lived certificate", e);
        }

        X500Name issuerX500Name = CertificateHelpers.toX500Name(caCred.getCertificate().getSubjectX500Principal());

        X500Name subjectX500Name = CertificateHelpers.toX500Name(subjectDN);

        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(issuerX500Name, new BigInteger(20, rand),
                new Date(startTime), new Date(endTime), subjectX500Name, publicKeyInfo);

        AlgorithmIdentifier sigAlgId = X509v3CertificateBuilder.extractAlgorithmId(caCred.getCertificate());

        X509Certificate certificate = certBuilder.build(caCred.getKey(), sigAlgId, signatureAlgorithm, null, null);

        certificate.checkValidity(new Date());
        certificate.verify(caCred.getCertificate().getPublicKey());
        KeyAndCertCredential result = new KeyAndCertCredential(pair.getPrivate(), new X509Certificate[] { certificate,
                caCred.getCertificate() });

        return result;
    }
View Full Code Here
556
557
558
559
560
561
562
        if (isKey != null)
            isKey.close();
        if (isCert != null)
            isCert.close();

        return new KeyAndCertCredential(pk, new X509Certificate[] { caCert });
    }
View Full Code Here
397
398
399
400
401
402
403
404
405
406
407
            }

            String userDN = userID.replaceAll("^\"|\"$", "");

            // TODO: should be changed to default airavata server locations
            KeyAndCertCredential cred = generateShortLivedCertificate(userDN, certLocation
                    + "/cacert.pem", certLocation
                    + "/cakey.pem", "ultrascan3");
            secProperties = new DefaultClientConfiguration(dcValidator, cred);

            // secProperties.doSSLAuthn();
View Full Code Here
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
        String keyLengthProp = "1024";
        int keyLength = Integer.parseInt(keyLengthProp);
        String signatureAlgorithm = "SHA1withRSA";

        KeyAndCertCredential caCred = getCACredential(caCertPath, caKeyPath, caPwd);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance(caCred.getKey().getAlgorithm());
        kpg.initialize(keyLength);
        KeyPair pair = kpg.generateKeyPair();

        X500Principal subjectDN = new X500Principal(userDN);
        Random rand = new Random();

        SubjectPublicKeyInfo publicKeyInfo;
        try {
            publicKeyInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(pair.getPublic().getEncoded())
                    .readObject());
        } catch (IOException e) {
            throw new InvalidKeyException("Can not parse the public key"
                    + "being included in the short lived certificate", e);
        }

        X500Name issuerX500Name = CertificateHelpers.toX500Name(caCred.getCertificate().getSubjectX500Principal());

        X500Name subjectX500Name = CertificateHelpers.toX500Name(subjectDN);

        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(issuerX500Name, new BigInteger(20, rand),
                new Date(startTime), new Date(endTime), subjectX500Name, publicKeyInfo);

        AlgorithmIdentifier sigAlgId = X509v3CertificateBuilder.extractAlgorithmId(caCred.getCertificate());

        X509Certificate certificate = certBuilder.build(caCred.getKey(), sigAlgId, signatureAlgorithm, null, null);

        certificate.checkValidity(new Date());
        certificate.verify(caCred.getCertificate().getPublicKey());
        KeyAndCertCredential result = new KeyAndCertCredential(pair.getPrivate(), new X509Certificate[] { certificate,
                caCred.getCertificate() });

        return result;
    }
View Full Code Here
546
547
548
549
550
551
552
        if (isKey != null)
            isKey.close();
        if (isCert != null)
            isCert.close();

        return new KeyAndCertCredential(pk, new X509Certificate[] { caCert });
    }
View Full Code Here
207
208
209
210
211
212
213
214
215
216
217
      char[] c = null;
     
      DirectoryCertChainValidator dcValidator = new DirectoryCertChainValidator(trustedCert, Encoding.PEM, -1, 60000, null);
      bis = new ByteArrayInputStream(bos.toByteArray());
      bufis = new BufferedInputStream(bis);
      PEMCredential pem = new PEMCredential(bufis, c);
     
      secProperties = new DefaultClientConfiguration(dcValidator, pem);
      secProperties.doSSLAuthn();
     
      String[] outHandlers = secProperties.getOutHandlerClassNames();
View Full Code Here
244
245
246
247
248
249
250
251
252
253
254
      char[] c = null;
     
      DirectoryCertChainValidator dcValidator = new DirectoryCertChainValidator(trustedCert, Encoding.PEM, -1, 60000, null);
      bis = new ByteArrayInputStream(bos.toByteArray());
      bufis = new BufferedInputStream(bis);
      PEMCredential pem = new PEMCredential(bufis, c);
     
      secProperties = new DefaultClientConfiguration(dcValidator, pem);
      secProperties.doSSLAuthn();
     
      String[] outHandlers = secProperties.getOutHandlerClassNames();
View Full Code Here
250
251
252
253
254
255
256
257
258
259
260
      char[] c = null;
     
      DirectoryCertChainValidator dcValidator = new DirectoryCertChainValidator(trustedCert, Encoding.PEM, -1, 60000, null);
      bis = new ByteArrayInputStream(bos.toByteArray());
      bufis = new BufferedInputStream(bis);
      PEMCredential pem = new PEMCredential(bufis, c);
     
      secProperties = new DefaultClientConfiguration(dcValidator, pem);
      secProperties.doSSLAuthn();
     
      String[] outHandlers = secProperties.getOutHandlerClassNames();
View Full Code Here
405
406
407
408
409
410
411
412
413
414
415
     
      ConsolePasswordFinder pf = new ConsolePasswordFinder(prompt);
     
      try {
     
        new PEMCredential(new FileInputStream(keyFile),
          new FileInputStream(certFile), pf);
     
    } catch (Exception e) {
      log.error(e.getMessage(),e);
      throw new PAPException(e.getMessage(),e);
View Full Code Here
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
  }
 

  private KeyManager[] getKeymanagers() throws Exception {

    PEMCredential cred;

    if (proxyFile != null){
      cred = new PEMCredential(new FileInputStream(proxyFile), (char[])null);
    }else{

      if (keyPassword != null)
        cred = new PEMCredential(keyFile, certFile, keyPassword.toCharArray());
      else
        cred = new PEMCredential(keyFile, certFile, null);
    }

    return new KeyManager[] { cred.getKeyManager() };

  }
View Full Code Here
TOP

Related Classes of eu.emi.security.authn.x509.helpers.proxy.X509v3CertificateBuilder

  • org.apache.airavata.gfac.bes.provider.impl.BESProvider
  • org.apache.airavata.gfac.provider.impl.BESProvider
  • org.glite.authz.pap.authz.CurrentAdmin
  • org.glite.authz.pap.client.impl.axis.CANLAxis1SocketFactory
  • org.glite.authz.pap.server.standalone.PAPServer
  • org.glite.authz.pap.ui.cli.ServiceCLI
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.