AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded()); SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
return new X25519PrivateKeyParameters(getRawKey(keyInfo, X25519PrivateKeyParameters.KEY_SIZE), 0); return new X448PrivateKeyParameters(getRawKey(keyInfo, X448PrivateKeyParameters.KEY_SIZE), 0); return new Ed25519PrivateKeyParameters(getRawKey(keyInfo, Ed25519PrivateKeyParameters.KEY_SIZE), 0); return new Ed448PrivateKeyParameters(getRawKey(keyInfo, Ed448PrivateKeyParameters.KEY_SIZE), 0);
public X509Certificate generate(String dn, KeyPair keyPair) throws CertificateException { try { Security.addProvider(new BouncyCastleProvider()); AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm); AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded()); SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()); ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam); X500Name name = new X500Name(dn); Date from = new Date(); Date to = new Date(from.getTime() + days * 86400000L); BigInteger sn = new BigInteger(64, new SecureRandom()); X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(name, sn, from, to, name, subPubKeyInfo); if (subjectAltName != null) v3CertGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName); X509CertificateHolder certificateHolder = v3CertGen.build(sigGen); return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder); } catch (CertificateException ce) { throw ce; } catch (Exception e) { throw new CertificateException(e); } } }
/** * Signs the certificate being built by the given builder using the given private key and returns the certificate. * @param privateKey the private key to sign the certificate with. * @param builder the cert builder that contains the certificate data. * @return the signed certificate. * @throws IOException * @throws OperatorCreationException * @throws CertificateException */ private static X509Certificate buildAndSignCertificate( PrivateKey privateKey, X509v3CertificateBuilder builder) throws IOException, OperatorCreationException, CertificateException { BcContentSignerBuilder signerBuilder; if (privateKey.getAlgorithm().contains("RSA")) { // a little hacky way to detect key type, but it works AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder().find( "SHA256WithRSAEncryption"); AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find(signatureAlgorithm); signerBuilder = new BcRSAContentSignerBuilder(signatureAlgorithm, digestAlgorithm); } else { // if not RSA, assume EC AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder().find( "SHA256withECDSA"); AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find(signatureAlgorithm); signerBuilder = new BcECContentSignerBuilder(signatureAlgorithm, digestAlgorithm); } AsymmetricKeyParameter privateKeyParam = PrivateKeyFactory.createKey(privateKey.getEncoded()); ContentSigner signer = signerBuilder.build(privateKeyParam); return toX509Cert(builder.build(signer)); }
@Override public PrivateKeyParameters fromKey(PrivateKey privateKey) { try { BcPrivateKeyParameters key = new BcPrivateKeyParameters(PrivateKeyFactory.createKey(privateKey.getEncoded())); String keyType = checkKeyType(key); if (keyType != null) { throw new IllegalArgumentException(String.format(ALGORITHM_ERROR, keyType, PRIVATE, privateKey.getAlgorithm())); } return key; } catch (IOException e) { throw new IllegalArgumentException("Invalid private key: " + privateKey.getClass().getName()); } }
@Override public PrivateKeyParameters fromKey(PrivateKey privateKey) { try { BcPrivateKeyParameters key = new BcPrivateKeyParameters(PrivateKeyFactory.createKey(privateKey.getEncoded())); String keyType = checkKeyType(key); if (keyType != null) { throw new IllegalArgumentException(String.format(ALGORITHM_ERROR, keyType, PRIVATE, privateKey.getAlgorithm())); } return key; } catch (IOException e) { throw new IllegalArgumentException("Invalid private key: " + privateKey.getClass().getName()); } }
@Override public PrivateKeyParameters fromPKCS8(byte[] encoded) throws IOException { BcPrivateKeyParameters key = new BcPrivateKeyParameters(PrivateKeyFactory.createKey(encoded)); String keyType = checkKeyType(key); if (keyType != null) { throw new IllegalArgumentException(String.format(CLASS_ERROR, keyType, PRIVATE, key.getParameters().getClass().getName())); } return key; }
@Override public PrivateKeyParameters fromPKCS8(byte[] encoded) throws IOException { BcPrivateKeyParameters key = new BcPrivateKeyParameters(PrivateKeyFactory.createKey(encoded)); String keyType = checkKeyType(key); if (keyType != null) { throw new IllegalArgumentException(String.format(CLASS_ERROR, keyType, PRIVATE, key.getParameters().getClass().getName())); } return key; }
/** * Convenience method to obtain the private portion of the key. * * @return an AsymmetricKeyParameter that can be used for signing. */ public AsymmetricKeyParameter getPrivate() throws IOException{ if (this.kpr == null) return null; if (this.kpr.getPrivateKeyInfo() == null) return null; return PrivateKeyFactory.createKey(this.kpr.getPrivateKeyInfo()); }
/** * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding. * * @param privateKeyInfoData the PrivateKeyInfo encoding * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(byte[] privateKeyInfoData) throws IOException { return createKey(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(privateKeyInfoData))); }
/** * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding. * * @param privateKeyInfoData the PrivateKeyInfo encoding * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(byte[] privateKeyInfoData) throws IOException { return createKey(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(privateKeyInfoData))); }
/** * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding read from a * stream. * * @param inStr the stream to read the PrivateKeyInfo encoding from * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(InputStream inStr) throws IOException { return createKey(PrivateKeyInfo.getInstance(new ASN1InputStream(inStr).readObject())); }
/** * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding read from a * stream. * * @param inStr the stream to read the PrivateKeyInfo encoding from * @return a suitable private key parameter * @throws IOException on an error decoding the key */ public static AsymmetricKeyParameter createKey(InputStream inStr) throws IOException { return createKey(PrivateKeyInfo.getInstance(new ASN1InputStream(inStr).readObject())); }
AlgorithmIdentifier digestAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); AsymmetricKeyParameter caPrivateKeyParameters = PrivateKeyFactory.createKey(key.getEncoded()); ContentSigner contentSigner = new BcRSAContentSignerBuilder(sigAlgId, digestAlgId) .build(caPrivateKeyParameters);
@Override protected AsymmetricKeyParameter decodeASN1(final byte[] encoded) { try { return PrivateKeyFactory.createKey(new ASN1InputStream(encoded).readObject().getEncoded()); } catch (IOException e) { throw new EncodingException("ASN.1 decoding error", e); } } }
private PKCS10CertificationRequest generateCertificationRequest(String dn, KeyPair kp) throws Exception{ X500Name subject=new X500Name(dn); PublicKey pubKey=kp.getPublic(); PrivateKey privKey=kp.getPrivate(); AsymmetricKeyParameter pubkeyParam = PublicKeyFactory.createKey(pubKey.getEncoded()); SubjectPublicKeyInfo publicKeyInfo=SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(pubkeyParam); PKCS10CertificationRequestBuilder builder=new PKCS10CertificationRequestBuilder(subject, publicKeyInfo); AlgorithmIdentifier signatureAi = new AlgorithmIdentifier(OIWObjectIdentifiers.sha1WithRSA); BcRSAContentSignerBuilder signerBuilder=new BcRSAContentSignerBuilder( signatureAi, AlgorithmIdentifier.getInstance(OIWObjectIdentifiers.idSHA1)); AsymmetricKeyParameter pkParam = PrivateKeyFactory.createKey(privKey.getEncoded()); ContentSigner signer=signerBuilder.build(pkParam); return builder.build(signer); } }
AsymmetricKeyParameter asymmetricKeyParameter; try { asymmetricKeyParameter = PrivateKeyFactory.createKey(this.keyPair .getPrivate().getEncoded()); } catch (IOException e) {
/** * Creates the content signer for generation of Version 1 {@link java.security.cert.X509Certificate}. * * @param privateKey the private key * * @return the content signer */ public static ContentSigner createSigner(PrivateKey privateKey) { try { AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256WithRSAEncryption"); AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); return new BcRSAContentSignerBuilder(sigAlgId, digAlgId) .build(PrivateKeyFactory.createKey(privateKey.getEncoded())); } catch (Exception e) { throw new RuntimeException("Could not create content signer.", e); } } }
/** * Get the certificate builder for this generator. * * @param keyPair The keypair to use for signing. * @return A certificate builder, using the public key. * @throws NoSuchAlgorithmException Thrown if the RSA keygen alg is not * available. * @throws IOException Thrown if the generated key cannot be * read. * @throws OperatorCreationException Thrown if we cannot create a content * signer. */ protected ContentSigner getCertificateSigner(final KeyPair keyPair) throws NoSuchAlgorithmException, IOException, OperatorCreationException { logger.info("Generating Certificate Signer"); // Create the certificate signer. byte[] privateKey = keyPair.getPrivate().getEncoded(); AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder() .find("SHA256WithRSAEncryption"); AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId); return new BcRSAContentSignerBuilder(sigAlgId, digAlgId) .build(PrivateKeyFactory.createKey(privateKey)); }
new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(key.getEncoded()))));