/**
  * Initialise the builder using a PublicKey.
  *
  * @param issuer X500Name representing the issuer of this certificate.
  * @param serial the serial number for the certificate.
  * @param notBefore date before which the certificate is not valid.
  * @param notAfter date after which the certificate is not valid.
  * @param subject X500Name representing the subject of this certificate.
  * @param publicKey the public key to be associated with the certificate.
  */
 public JcaX509v3CertificateBuilder(
     X500Name issuer,
     BigInteger serial,
     Date notBefore,
     Date notAfter,
     X500Name subject,
     PublicKey publicKey) {
   super(
       issuer,
       serial,
       notBefore,
       notAfter,
       subject,
       SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
 }
  private void testEncoding(ECPrivateKey privKey, ECPublicKey pubKey) throws Exception {
    KeyFactory kFact = KeyFactory.getInstance("ECDSA", "SC");

    byte[] bytes = privKey.getEncoded();

    PrivateKeyInfo sInfo = PrivateKeyInfo.getInstance(new ASN1InputStream(bytes).readObject());

    if (!sInfo.getPrivateKeyAlgorithm().getParameters().equals(DERNull.INSTANCE)) {
      fail("private key parameters wrong");
    }

    ECPrivateKey sKey = (ECPrivateKey) kFact.generatePrivate(new PKCS8EncodedKeySpec(bytes));

    if (!sKey.equals(privKey)) {
      fail("private equals failed");
    }

    if (sKey.hashCode() != privKey.hashCode()) {
      fail("private hashCode failed");
    }

    bytes = pubKey.getEncoded();

    SubjectPublicKeyInfo vInfo =
        SubjectPublicKeyInfo.getInstance(new ASN1InputStream(bytes).readObject());

    if (!vInfo.getAlgorithm().getParameters().equals(DERNull.INSTANCE)) {
      fail("public key parameters wrong");
    }

    ECPublicKey vKey = (ECPublicKey) kFact.generatePublic(new X509EncodedKeySpec(bytes));

    if (!vKey.equals(pubKey) || vKey.hashCode() != pubKey.hashCode()) {
      fail("public equals/hashCode failed");
    }

    testBCParamsAndQ(sKey, vKey);
    testEC5Params(sKey, vKey);

    testECDSA(sKey, vKey);
  }
Example #3
0
  public static X509Certificate makeOaepCertificate(
      KeyPair subKP, String _subDN, KeyPair issKP, String _issDN, boolean _ca)
      throws GeneralSecurityException, IOException, OperatorCreationException {

    SubjectPublicKeyInfo subPub = SubjectPublicKeyInfo.getInstance(subKP.getPublic().getEncoded());
    PrivateKey issPriv = issKP.getPrivate();
    PublicKey issPub = issKP.getPublic();

    X509v3CertificateBuilder v3CertGen =
        new X509v3CertificateBuilder(
            new X500Name(_issDN),
            allocateSerialNumber(),
            new Date(System.currentTimeMillis()),
            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
            new X500Name(_subDN),
            new SubjectPublicKeyInfo(
                new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new RSAESOAEPparams()),
                subPub.parsePublicKey()));

    JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub);

    v3CertGen.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyId(subPub));

    v3CertGen.addExtension(Extension.authorityKeyIdentifier, false, createAuthorityKeyId(issPub));

    v3CertGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(_ca));

    X509Certificate _cert =
        new JcaX509CertificateConverter()
            .setProvider("SC")
            .getCertificate(v3CertGen.build(contentSignerBuilder.build(issPriv)));

    _cert.checkValidity(new Date());
    _cert.verify(issPub);

    return _cert;
  }
Example #4
0
 static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey) throws IOException {
   return extUtils.createSubjectKeyIdentifier(
       SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
 }