API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 31st, 2015
212
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.24 KB | None | 0 0
raw download clone embed print report
  1. import java.io.IOException;
  2. import java.math.BigInteger;
  3. import java.security.KeyPair;
  4. import java.security.PublicKey;
  5. import java.security.cert.Certificate;
  6. import java.security.cert.CertificateException;
  7. import java.security.cert.X509Certificate;
  8. import java.security.interfaces.RSAPublicKey;
  9. import java.sql.Date;
  10.  
  11. import javax.security.auth.x500.X500Principal;
  12.  
  13. import org.bouncycastle.asn1.x500.X500Name;
  14. import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
  15. import org.bouncycastle.cert.X509CertificateHolder;
  16. import org.bouncycastle.cert.X509v1CertificateBuilder;
  17. import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
  18. import org.bouncycastle.crypto.params.RSAKeyParameters;
  19. import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
  20. import org.bouncycastle.jce.provider.BouncyCastleProvider;
  21. import org.bouncycastle.operator.ContentSigner;
  22. import org.bouncycastle.operator.OperatorCreationException;
  23. import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
  24.  
  25. public class SelfSignedCertificateGenerator {
  26.  
  27. private static final JcaX509CertificateConverter CONVERTER = new JcaX509CertificateConverter()
  28. .setProvider(new BouncyCastleProvider());
  29.  
  30. private static final String SIGNATURE_ALGORITHM = "SHA1withRSA";
  31.  
  32. private static final X500Name ISSUER = new X500Name(new X500Principal("CN=Stupid CA Certificate").getName());
  33. private static final X500Name SUBJECT = ISSUER;
  34. private static final Date NOT_AFTER = Date.valueOf("3000-01-01");
  35. private static final Date NOT_BEFORE = Date.valueOf("2000-01-01");
  36. private static final BigInteger SERIAL = new BigInteger("1");
  37.  
  38. public static Certificate[] getCerts(KeyPair keys) {
  39. return new Certificate[] { getCertificate(keys) };
  40. }
  41.  
  42. private static X509Certificate getCertificate(KeyPair keys) {
  43. try {
  44. X509v1CertificateBuilder certificateBuilder = getCertificateBuilder(keys.getPublic());
  45. X509CertificateHolder certificateHolder = certificateBuilder.build(getSigner(keys));
  46. return CONVERTER.getCertificate(certificateHolder);
  47. } catch (CertificateException e) {
  48. throw new RuntimeException(e);
  49. }
  50. }
  51.  
  52. private static X509v1CertificateBuilder getCertificateBuilder(PublicKey publicKey) {
  53. return new X509v1CertificateBuilder(ISSUER, SERIAL, NOT_BEFORE, NOT_AFTER, SUBJECT, getPublicKeyInfo(publicKey));
  54. }
  55.  
  56. private static SubjectPublicKeyInfo getPublicKeyInfo(PublicKey publicKey) {
  57. if (!(publicKey instanceof RSAPublicKey))
  58. throw new RuntimeException("publicKey is not an RSAPublicKey");
  59.  
  60. RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
  61.  
  62. try {
  63. return SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(new RSAKeyParameters(false, rsaPublicKey
  64. .getModulus(), rsaPublicKey.getPublicExponent()));
  65. } catch (IOException e) {
  66. throw new RuntimeException(e);
  67. }
  68. }
  69.  
  70. private static ContentSigner getSigner(KeyPair keys) {
  71. try {
  72. return new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(new BouncyCastleProvider()).build(
  73. keys.getPrivate());
  74. } catch (OperatorCreationException e) {
  75. throw new RuntimeException(e);
  76. }
  77. }
  78. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!