Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package chapter4;
- import java.io.ByteArrayOutputStream;
- import java.io.FileOutputStream;
- import java.io.IOException;
- import java.math.BigInteger;
- import java.security.GeneralSecurityException;
- import java.security.KeyPair;
- import java.security.KeyPairGenerator;
- import java.security.PrivateKey;
- import java.security.PublicKey;
- import java.security.SecureRandom;
- import java.security.Signature;
- import java.security.cert.X509Certificate;
- import java.util.Date;
- import javax.crypto.Cipher;
- import javax.crypto.SecretKey;
- import javax.crypto.SecretKeyFactory;
- import javax.crypto.spec.PBEKeySpec;
- import javax.crypto.spec.PBEParameterSpec;
- import sun.security.x509.AlgorithmId;
- import sun.security.x509.CertificateAlgorithmId;
- import sun.security.x509.CertificateIssuerName;
- import sun.security.x509.CertificateSerialNumber;
- import sun.security.x509.CertificateSubjectName;
- import sun.security.x509.CertificateValidity;
- import sun.security.x509.CertificateVersion;
- import sun.security.x509.CertificateX509Key;
- import sun.security.x509.X500Name;
- import sun.security.x509.X509CertImpl;
- import sun.security.x509.X509CertInfo;
- class GenSigDuplicate {
- public static void main(String[] args) {
- GenSig gensig = new GenSig();
- KeyPair keyPair = gensig.generateKeyPair();
- try {
- X509Certificate certificate = gensig.generateCertificate(
- "CN=Test, L=London, C=GB", keyPair, 3, "SHA1withRSA");
- FileOutputStream pvt = new FileOutputStream("d:\\sureshtest.cer");
- try {
- pvt.write(certificate.getEncoded());
- pvt.flush();
- } finally {
- pvt.close();
- }
- } catch (GeneralSecurityException e) {
- e.printStackTrace();
- } catch (IOException e) {
- e.printStackTrace();
- }
- for (Object obj : java.security.Security.getAlgorithms("Cipher")) {
- System.out.println(obj);
- }
- }
- public KeyPair generateKeyPair() {
- KeyPair pair = null;
- try {
- String password = "1234";
- KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA");
- SecureRandom random = Utils.createFixedRandom();
- keyGen.initialize(1024, random);
- pair = keyGen.generateKeyPair();
- PrivateKey privkey1 = pair.getPrivate();
- PublicKey pubKey1 = pair.getPublic();
- byte[] privateKeyBytes = pair.getPrivate().getEncoded();
- byte[] encryptedPrivateKeyBytes = passwordEncrypt(
- password.toCharArray(), privateKeyBytes);
- Signature dsa = Signature.getInstance("SHA1withRSA");
- dsa.initSign(privkey1);
- Cipher cipher = Cipher
- .getInstance("RSA");
- cipher.init(Cipher.ENCRYPT_MODE, pubKey1, random);
- byte[] input = new byte[] { (byte) 0xbe, (byte) 0xef };
- System.out.println("input : " + Utils.toHex(input));
- byte[] cipherText = cipher.doFinal(input);
- System.out.println("cipher: " + Utils.toHex(cipherText));
- cipher.init(Cipher.DECRYPT_MODE, privkey1);
- byte[] plainText = cipher.doFinal(cipherText);
- System.out.println("plain : " + Utils.toHex(plainText));
- } catch (Exception e) {
- System.err.println("Caught exception " + e.toString());
- }
- return pair;
- }
- X509Certificate generateCertificate(String dn, KeyPair pair, int days,
- String algorithm) throws GeneralSecurityException, IOException {
- PrivateKey privkey = pair.getPrivate();
- X509CertInfo info = new X509CertInfo();
- Date from = new Date();
- Date to = new Date(from.getTime() + days * 86400000l);
- CertificateValidity interval = new CertificateValidity(from, to);
- BigInteger sn = new BigInteger(64, new SecureRandom());
- X500Name owner = new X500Name(dn);
- info.set(X509CertInfo.VALIDITY, interval);
- info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
- info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
- info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
- info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
- info.set(X509CertInfo.VERSION, new CertificateVersion(
- CertificateVersion.V3));
- AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
- info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
- X509CertImpl cert = new X509CertImpl(info);
- cert.sign(privkey, algorithm);
- algo = (AlgorithmId) cert.get(X509CertImpl.SIG_ALG);
- info.set(CertificateAlgorithmId.NAME + "."
- + CertificateAlgorithmId.ALGORITHM, algo);
- cert = new X509CertImpl(info);
- cert.sign(privkey, algorithm);
- return cert;
- }
- static void generateSelfSignedX509Certificate() throws Exception {
- }
- private static byte[] passwordEncrypt(char[] password, byte[] plaintext) {
- ByteArrayOutputStream baos = new ByteArrayOutputStream();
- try {
- int MD5_ITERATIONS = 1000;
- byte[] salt = new byte[8];
- SecureRandom random = new SecureRandom();
- random.nextBytes(salt);
- PBEKeySpec keySpec = new PBEKeySpec(password);
- SecretKeyFactory keyFactory = SecretKeyFactory
- .getInstance("PBEWITHMD5ANDTRIPLEDES"/* "PBEWithSHAAndTwofish-CBC" */);
- SecretKey key = keyFactory.generateSecret(keySpec);
- PBEParameterSpec paramSpec = new PBEParameterSpec(salt,
- MD5_ITERATIONS);
- Cipher cipher = Cipher.getInstance("PBEWITHMD5ANDTRIPLEDES");
- cipher.init(Cipher.ENCRYPT_MODE, key, paramSpec);
- byte[] ciphertext = cipher.doFinal(plaintext);
- baos.write(salt);
- baos.write(ciphertext);
- return baos.toByteArray();
- } catch (Exception e) {
- e.printStackTrace();
- }
- return baos.toByteArray();
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement