/** * Initialise the builder using a PublicKey. * * @param issuer X500Name representing the issuer of this certificate. * @param serial the serial number for the certificate. * @param notBefore date before which the certificate is not valid. * @param notAfter date after which the certificate is not valid. * @param subject X500Name representing the subject of this certificate. * @param publicKey the public key to be associated with the certificate. */ public JcaX509v3CertificateBuilder( X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, PublicKey publicKey) { super( issuer, serial, notBefore, notAfter, subject, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded())); }
private void testEncoding(ECPrivateKey privKey, ECPublicKey pubKey) throws Exception { KeyFactory kFact = KeyFactory.getInstance("ECDSA", "SC"); byte[] bytes = privKey.getEncoded(); PrivateKeyInfo sInfo = PrivateKeyInfo.getInstance(new ASN1InputStream(bytes).readObject()); if (!sInfo.getPrivateKeyAlgorithm().getParameters().equals(DERNull.INSTANCE)) { fail("private key parameters wrong"); } ECPrivateKey sKey = (ECPrivateKey) kFact.generatePrivate(new PKCS8EncodedKeySpec(bytes)); if (!sKey.equals(privKey)) { fail("private equals failed"); } if (sKey.hashCode() != privKey.hashCode()) { fail("private hashCode failed"); } bytes = pubKey.getEncoded(); SubjectPublicKeyInfo vInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(bytes).readObject()); if (!vInfo.getAlgorithm().getParameters().equals(DERNull.INSTANCE)) { fail("public key parameters wrong"); } ECPublicKey vKey = (ECPublicKey) kFact.generatePublic(new X509EncodedKeySpec(bytes)); if (!vKey.equals(pubKey) || vKey.hashCode() != pubKey.hashCode()) { fail("public equals/hashCode failed"); } testBCParamsAndQ(sKey, vKey); testEC5Params(sKey, vKey); testECDSA(sKey, vKey); }
public static X509Certificate makeOaepCertificate( KeyPair subKP, String _subDN, KeyPair issKP, String _issDN, boolean _ca) throws GeneralSecurityException, IOException, OperatorCreationException { SubjectPublicKeyInfo subPub = SubjectPublicKeyInfo.getInstance(subKP.getPublic().getEncoded()); PrivateKey issPriv = issKP.getPrivate(); PublicKey issPub = issKP.getPublic(); X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder( new X500Name(_issDN), allocateSerialNumber(), new Date(System.currentTimeMillis()), new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)), new X500Name(_subDN), new SubjectPublicKeyInfo( new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new RSAESOAEPparams()), subPub.parsePublicKey())); JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub); v3CertGen.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyId(subPub)); v3CertGen.addExtension(Extension.authorityKeyIdentifier, false, createAuthorityKeyId(issPub)); v3CertGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(_ca)); X509Certificate _cert = new JcaX509CertificateConverter() .setProvider("SC") .getCertificate(v3CertGen.build(contentSignerBuilder.build(issPriv))); _cert.checkValidity(new Date()); _cert.verify(issPub); return _cert; }
static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey) throws IOException { return extUtils.createSubjectKeyIdentifier( SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded())); }