Package org.bouncycastle.x509

Examples of org.bouncycastle.x509.PKIXCertPathReviewer

2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
    {
        KeyPair pair = generateLongFixedKeys();
        PublicKey pubKey = pair.getPublic();
        PrivateKey privKey = pair.getPrivate();

        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal("CN=Test"));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal("CN=Test"));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
        X509Certificate cert = certGen.generate(privKey, "BC");

        X509CertificateStructure struct = X509CertificateStructure.getInstance(ASN1Primitive.fromByteArray(cert.getEncoded()));

        ASN1Encodable tbsCertificate = struct.getTBSCertificate();
        AlgorithmIdentifier sig = struct.getSignatureAlgorithm();
View Full Code Here
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
        crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
       
        crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
       
        crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
       
        X509CRL    crl = crlGen.generate(pair.getPrivate(), "BC");
       
        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
        {
            fail("failed CRL issuer test");
        }
       
        byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
       
        if (authExt == null)
        {
            fail("failed to find CRL extension");
        }
       
        AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
       
        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
       
        if (entry == null)
        {
View Full Code Here
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
       
        X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
       
        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
       
        crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
       
        X509CRL    crl = crlGen.generate(pair.getPrivate(), "BC");
       
        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
        {
            fail("failed CRL issuer test");
        }
       
        byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
       
        if (authExt == null)
        {
            fail("failed to find CRL extension");
        }
       
        AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
       
        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
       
        if (entry == null)
        {
View Full Code Here
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
       
        X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
       
        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
       
        crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
       
        X509CRL    crl = crlGen.generate(pair.getPrivate(), "BC");
       
        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
        {
            fail("failed CRL issuer test");
        }
       
        byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
       
        if (authExt == null)
        {
            fail("failed to find CRL extension");
        }
       
        AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
       
        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
       
        if (entry == null)
        {
            fail("failed to find CRL entry");
        }
       
        if (!entry.getSerialNumber().equals(BigInteger.ONE))
        {
            fail("CRL cert serial number does not match");
        }
       
        if (!entry.hasExtensions())
        {
            fail("CRL entry extension not found");
        }
   
        byte[]  ext = entry.getExtensionValue(X509Extensions.ReasonCode.getId());
   
        if (ext != null)
        {
            DEREnumerated   reasonCode = (DEREnumerated)X509ExtensionUtil.fromExtensionValue(ext);
                                                                      
            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
            {
                fail("CRL entry reasonCode wrong");
            }
        }
        else
        {
            fail("CRL entry reasonCode not found");
        }
       
        //
        // check loading of existing CRL
        //
        crlGen = new X509V2CRLGenerator();
        now = new Date();
       
        crlGen.setIssuerDN(new X500Principal("CN=Test CA"));
       
        crlGen.setThisUpdate(now);
        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
        crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
       
        crlGen.addCRL(crl);
       
        crlGen.addCRLEntry(BigInteger.valueOf(2), now, entryExtensions);
       
        crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
       
        X509CRL    newCrl = crlGen.generate(pair.getPrivate(), "BC");
       
        int     count = 0;
        boolean oneFound = false;
View Full Code Here
138
139
140
141
142
143
144
145
146
147
148
            new SubjectKeyIdentifierStructure(pubKey));

        v3CertGen.addExtension(
            X509Extensions.AuthorityKeyIdentifier,
            false,
            new AuthorityKeyIdentifierStructure(caCert));

        v3CertGen.addExtension(
            X509Extensions.BasicConstraints,
            true,
            new BasicConstraints(0));
View Full Code Here
231
232
233
234
235
236
237
238
239
240
241
            new SubjectKeyIdentifierStructure(pubKey));

        v3CertGen.addExtension(
            X509Extensions.AuthorityKeyIdentifier,
            false,
            new AuthorityKeyIdentifierStructure(caPubKey));

        X509Certificate cert = v3CertGen.generate(caPrivKey);

        cert.checkValidity(new Date());
View Full Code Here
41
42
43
44
45
46
47
        {
            throw new IllegalArgumentException(
                "Initialization parameters must be an instance of "
                    + X509LDAPCertStoreParameters.class.getName() + ".");
        }
        helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)parameters);
    }
View Full Code Here
41
42
43
44
45
46
47
        {
            throw new IllegalArgumentException(
                "Initialization parameters must be an instance of "
                    + X509LDAPCertStoreParameters.class.getName() + ".");
        }
        helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)params);
    }
View Full Code Here
134
135
136
137
138
139
140
141
                return readDERCertificate(currentStream);
            }
        }
        catch (Exception e)
        {
            throw new StreamParsingException(e.toString(), e);
        }
    }
View Full Code Here
136
137
138
139
140
141
142
143
                return readDERCertificate(currentStream);
            }
        }
        catch (Exception e)
        {
            throw new StreamParsingException(e.toString(), e);
        }
    }
View Full Code Here
TOP

Related Classes of org.bouncycastle.x509.PKIXCertPathReviewer

  • org.bouncycastle.asn1.ASN1InputStream
  • org.bouncycastle.asn1.ASN1Integer
  • org.bouncycastle.asn1.ASN1ObjectIdentifier
  • org.bouncycastle.asn1.ASN1OctetString
  • org.bouncycastle.asn1.ASN1Primitive
  • org.bouncycastle.asn1.ASN1Sequence
  • org.bouncycastle.asn1.ASN1TaggedObject
  • org.bouncycastle.asn1.DERBitString
  • org.bouncycastle.asn1.DEREncodable
  • org.bouncycastle.asn1.DEREnumerated
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.