Examples of org.bouncycastle.cert.X509CertificateHolder

• org.bouncycastle.cert.X509CertificateHolder

      Date notAfter = cal.getTime();
      X500Name subject = issuer;
      PublicKey publicKey = idPair.getPublic();
      JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(
          issuer, serial, notBefore, notAfter, subject, publicKey);
      X509CertificateHolder idHolder = certBuilder.build(signerBuilder
          .build(idPair.getPrivate()));
      // Convert Bouncy Castle representation of X509Certificate into
      // something usable
      X509Certificate id = (X509Certificate) CertificateFactory.getInstance(
          "X509").generateCertificate(
          new ByteArrayInputStream(idHolder.getEncoded()));

      // The following variables are used to represent the entity being
      // enrolled
      X500Name entityName = new X500Name("CN=entity");
      KeyPair entityPair = KeyPairGenerator.getInstance("RSA").genKeyPair();

      throw new GeneralSecurityException(e);
    }
    JcaX509v1CertificateBuilder builder = new JcaX509v1CertificateBuilder(
        subject, BigInteger.ONE, notBefore, notAfter, subject,
        keyPair.getPublic());
    X509CertificateHolder holder = builder.build(signer);
    return new JcaX509CertificateConverter().getCertificate(holder);
  }

      try {
    factory = CertificateFactory.getInstance("X.509");
      } catch (CertificateException e) {
    throw new ServletException(e);
      }
      X509CertificateHolder holder = reqCerts.iterator().next();
      ByteArrayInputStream bais = new ByteArrayInputStream(
        holder.getEncoded());
      X509Certificate reqCert;
      try {
    reqCert = (X509Certificate) factory.generateCertificate(bais);
      } catch (CertificateException e) {
    throw new ServletException(e);

      generator.addCertificates(store);
      DigestCalculatorProvider digestProvider = new JcaDigestCalculatorProviderBuilder()
        .build();
      SignerInfoGeneratorBuilder infoGenBuilder = new SignerInfoGeneratorBuilder(
        digestProvider);
      X509CertificateHolder certHolder = new X509CertificateHolder(
        getRecipient().getEncoded());
      ContentSigner contentSigner = new JcaContentSignerBuilder(
        "SHA1withRSA").build(getRecipientKey());
      SignerInfoGenerator infoGen = infoGenBuilder.build(contentSigner,
        certHolder);

      certColl = store.getMatches(signerInfo.getSID());
  } catch (StoreException e) {
      throw new MessageDecodingException(e);
  }
  if (certColl.size() > 0) {
      X509CertificateHolder cert = (X509CertificateHolder) certColl
        .iterator().next();
      LOGGER.debug(
        "Verifying pkiMessage using key belonging to [issuer={}; serial={}]",
        cert.getIssuer(), cert.getSerialNumber());
      SignerInformationVerifier verifier;
      try {
    verifier = new JcaSimpleSignerInfoVerifierBuilder().build(cert);
    signerInfo.verify(verifier);

                recipients = (PdfArray)dic.get(PdfName.RECIPIENTS);
                break;
            default:
              throw new UnsupportedPdfException(MessageLocalization.getComposedMessage("unknown.encryption.type.v.eq.1", vValue));
            }
            X509CertificateHolder certHolder;
            try {
                certHolder = new X509CertificateHolder(certificate.getEncoded());
            }
            catch (Exception f) {
                throw new ExceptionConverter(f);
            }
            if (externalDecryptionProcess == null) {

        continue;
      }
      // check if the issuer matches
      try {
        if (issuerCert == null) issuerCert = signCert;
        if (!resp[i].getCertID().matchesIssuer(new X509CertificateHolder(issuerCert.getEncoded()), new BcDigestCalculatorProvider())) {
          LOGGER.info("OCSP: Issuers doesn't match.");
          continue;
        }
      } catch (OCSPException e) {
        continue;

    try {
      CMSSignedData cmsSignedData = new CMSSignedData(inputStream);
      Collection<X509CertificateHolder> certificates = cmsSignedData.getCertificates().getMatches(null);
      List<Certificate> list = new LinkedList<Certificate>();
      if (certificates.size() > 0) {
        X509CertificateHolder principal = certificates.iterator().next();
        Certificate principalCertificate = BouncyCastleProviderHelper.getCertificate(principal);

        list.add(principalCertificate);

        X509CertificateHolder issuer = this.getIssuer(principal.getIssuer(), certificates);
        while (issuer != null) {
          Certificate issuerCertificate = BouncyCastleProviderHelper.getCertificate(issuer);
          list.add(issuerCertificate);

          if (issuer.getIssuer().equals(issuer.getSubject())) {
            break;
          }

          issuer = this.getIssuer(issuer.getIssuer(), certificates);
        }
      }
      return Collections.toArray(list, Certificate.class);
    } catch (Exception e) {
      throw new CertificateException(e);

      Certificate cert = null;
      if (obj instanceof Certificate) {
        cert = (Certificate) obj;
      } else if (obj instanceof X509CertificateHolder) {
        X509CertificateHolder holder = (X509CertificateHolder) obj;
        cert = Certificates.get(holder.getEncoded());
      } else {
        RockFrameworkLogger.getLogger().warn("Unhandled certificate from store '" + obj.getClass().getCanonicalName() + "'");
      }

      if (cert != null) {

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(request.getSignAlgorithm());
    contentSignerBuilder.setProvider(BouncyCastleProviderHelper.PROVIDER_NAME);
    ContentSigner contentSigner = contentSignerBuilder.build(request.getPrivateKey());

    X509CertificateHolder holder = builder.build(contentSigner);

    X509Certificate certificate = (X509Certificate) Certificates.get(holder.getEncoded());
    PrivateKey privateKey = request.getPrivateKey();
    Identity identity = new Identity(privateKey, new Certificate[] { certificate });
    CertificateResponse response = new CertificateResponse(identity);

    return response;