Package org.bouncycastle.x509

Examples of org.bouncycastle.x509.X509V3CertificateGenerator

452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
        //

        //
        // create the certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(issuerAttrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
        certGen.setSubjectDN(new X509Principal(subjectAttrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");

        return certGen.generate(privKey);
    }
View Full Code Here
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
     *             on error
     */
    private X509Certificate generateSelfSignedSoftECCert(KeyPair kp,
            boolean compress) throws InvalidKeyException, SignatureException
    {
        X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
        JCEECPrivateKey privECKey = (JCEECPrivateKey)kp.getPrivate();
        JCEECPublicKey pubECKey = (JCEECPublicKey)kp.getPublic();
        if (!compress)
        {
            privECKey.setPointFormat("UNCOMPRESSED");
            pubECKey.setPointFormat("UNCOMPRESSED");
        }
        certGen.setSignatureAlgorithm("ECDSAwithSHA1");
        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal("CN=Software emul (EC Cert)"));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000000));
        certGen.setSubjectDN(new X509Principal("CN=Software emul (EC Cert)"));
        certGen.setPublicKey((PublicKey)pubECKey);

        return certGen.generateX509Certificate((PrivateKey)privECKey);
    }
View Full Code Here
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
        //

        //
        // create the certificate - version 3 - without extensions
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");

        X509Certificate cert = certGen.generate(privKey);

        cert.checkValidity(new Date());

        cert.verify(pubKey);

        Set dummySet = cert.getNonCriticalExtensionOIDs();
        if (dummySet != null)
        {
            fail("non-critical oid set should be null");
        }
        dummySet = cert.getCriticalExtensionOIDs();
        if (dummySet != null)
        {
            fail("critical oid set should be null");
        }

        //
        // create the certificate - version 3 - with extensions
        //
        certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
        certGen.addExtension("2.5.29.15", true,
            new X509KeyUsage(X509KeyUsage.encipherOnly));
        certGen.addExtension("2.5.29.37", true,
            new DERSequence(KeyPurposeId.anyExtendedKeyUsage));
        certGen.addExtension("2.5.29.17", true,
            new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));

        cert = certGen.generate(privKey);

        cert.checkValidity(new Date());

        cert.verify(pubKey);
View Full Code Here
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
        //

        //
        // create the certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("SHA1withDSA");

        try
        {
            X509Certificate cert = certGen.generate(privKey);

            cert.checkValidity(new Date());

            cert.verify(pubKey);

            ByteArrayInputStream    bIn = new ByteArrayInputStream(cert.getEncoded());
            CertificateFactory      fact = CertificateFactory.getInstance("X.509", "BC");

            cert = (X509Certificate)fact.generateCertificate(bIn);

            // System.out.println(cert);
        }
        catch (Exception e)
        {
            fail("error setting generating cert - " + e.toString());
        }

        //
        // create the certificate - version 1
        //
        X509V1CertificateGenerator  certGen1 = new X509V1CertificateGenerator();

        certGen1.setSerialNumber(BigInteger.valueOf(1));
        certGen1.setIssuerDN(new X509Principal(attrs));
        certGen1.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen1.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen1.setSubjectDN(new X509Principal(attrs));
        certGen1.setPublicKey(pubKey);
        certGen1.setSignatureAlgorithm("SHA1withDSA");

        try
        {
            X509Certificate cert = certGen1.generate(privKey);

            cert.checkValidity(new Date());

            cert.verify(pubKey);

            ByteArrayInputStream    bIn = new ByteArrayInputStream(cert.getEncoded());
            CertificateFactory      fact = CertificateFactory.getInstance("X.509", "BC");

            cert = (X509Certificate)fact.generateCertificate(bIn);

            //System.out.println(cert);
        }
        catch (Exception e)
        {
            fail("error setting generating cert - " + e.toString());
        }
       
        //
        // exception test
        //
        try
        {
            certGen.setPublicKey(dudPublicKey);
           
            fail("key without encoding not detected in v1");
        }
        catch (IllegalArgumentException e)
        {
View Full Code Here
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
        }

        //
        // create the certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(order, attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(order, attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("SHA1withECDSA");

        try
        {
            X509Certificate cert = certGen.generate(privKey);

            cert.checkValidity(new Date());

            cert.verify(pubKey);

            ByteArrayInputStream    bIn = new ByteArrayInputStream(cert.getEncoded());
            CertificateFactory      fact = CertificateFactory.getInstance("X.509", "BC");

            cert = (X509Certificate)fact.generateCertificate(bIn);

            //
            // try with point compression turned off
            //
            ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
           
            certGen.setPublicKey(pubKey);
           
            cert = certGen.generate(privKey, "BC");

            cert.checkValidity(new Date());

            cert.verify(pubKey);
View Full Code Here
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
        order.addElement(X509Principal.E);

        //
        // create the certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(order, attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(order, attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm(algorithm);


        X509Certificate cert = certGen.generate(privKey, "BC");

        cert.checkValidity(new Date());

        cert.verify(pubKey);

        ByteArrayInputStream    bIn = new ByteArrayInputStream(cert.getEncoded());
        CertificateFactory      certFact = CertificateFactory.getInstance("X.509", "BC");

        cert = (X509Certificate)certFact.generateCertificate(bIn);

        //
        // try with point compression turned off
        //
        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
       
        certGen.setPublicKey(pubKey);
       
        cert = certGen.generate(privKey, "BC");

        cert.checkValidity(new Date());

        cert.verify(pubKey);
View Full Code Here
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
        //

        //
        // create the certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("GOST3411withGOST3410");

        X509Certificate cert = certGen.generate(privKey, "BC");

        cert.checkValidity(new Date());

        //
        // check verifies in general
View Full Code Here
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
        values.addElement("feedback-crypto@bouncycastle.org");
   
        //
        // create base certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
   
        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
        certGen.addExtension("2.5.29.15", true,
            new X509KeyUsage(X509KeyUsage.encipherOnly));
        certGen.addExtension("2.5.29.37", true,
            new DERSequence(KeyPurposeId.anyExtendedKeyUsage));
        certGen.addExtension("2.5.29.17", true,
            new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
   
        X509Certificate baseCert = certGen.generate(privKey, "BC");
       
        //
        // copy certificate
        //
        certGen = new X509V3CertificateGenerator();
       
        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");

        certGen.copyAndAddExtension(new DERObjectIdentifier("2.5.29.15"), true, baseCert);
        certGen.copyAndAddExtension("2.5.29.37", false, baseCert);
       
        X509Certificate cert = certGen.generate(privKey, "BC");
       
        cert.checkValidity(new Date());
   
        cert.verify(pubKey);
   
        if (!areEqual(baseCert.getExtensionValue("2.5.29.15"), cert.getExtensionValue("2.5.29.15")))
        {
            fail("2.5.29.15 differs");
        }
       
        if (!areEqual(baseCert.getExtensionValue("2.5.29.37"), cert.getExtensionValue("2.5.29.37")))
        {
            fail("2.5.29.37 differs");
        }
       
        //
        // exception test
        //
        try
        {
            certGen.copyAndAddExtension("2.5.99.99", true, baseCert);
           
            fail("exception not thrown on dud extension copy");
        }
        catch (CertificateParsingException e)
        {
            // expected
        }
       
        try
        {
            certGen.setPublicKey(dudPublicKey);
           
            certGen.generate(privKey, "BC");
           
            fail("key without encoding not detected in v3");
        }
        catch (IllegalArgumentException e)
        {
View Full Code Here
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
        values.addElement("feedback-crypto@bouncycastle.org");

        //
        // create base certificate - version 3
        //
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(new X509Principal(attrs));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal(attrs));
        certGen.setPublicKey(pubKey);
        certGen.setSignatureAlgorithm(algorithm);
        certGen.addExtension("2.5.29.15", true,
            new X509KeyUsage(X509KeyUsage.encipherOnly));
        certGen.addExtension("2.5.29.37", true,
            new DERSequence(KeyPurposeId.anyExtendedKeyUsage));
        certGen.addExtension("2.5.29.17", true,
            new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));

        X509Certificate baseCert = certGen.generate(privKey, "BC");

        baseCert.verify(pubKey);
    }
View Full Code Here
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
    }
   
    public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert)
        throws Exception
    {
        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();

        certGen.setSerialNumber(BigInteger.valueOf(1));
        certGen.setIssuerDN(PrincipalUtil.getSubjectX509Principal(caCert));
        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        certGen.setSubjectDN(new X509Principal("CN=Test Intermediate Certificate"));
        certGen.setPublicKey(intKey);
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
   
        certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
        certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
        certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
        certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));

        return certGen.generateX509Certificate(caKey, "BC");
    }
View Full Code Here
TOP

Related Classes of org.bouncycastle.x509.X509V3CertificateGenerator

  • com.drighetto.essai.bouncycastle.certificate.CertificateGenerator
  • cybervillains.ca.CertificateCreator
  • org.bouncycastle.asn1.ASN1Encodable
  • org.bouncycastle.asn1.ASN1EncodableVector
  • org.bouncycastle.asn1.ASN1GeneralizedTime
  • org.bouncycastle.asn1.ASN1InputStream
  • org.bouncycastle.asn1.ASN1Integer
  • org.bouncycastle.asn1.ASN1ObjectIdentifier
  • org.bouncycastle.asn1.ASN1Primitive
  • org.bouncycastle.asn1.ASN1Sequence
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.