本文整理汇总了Java中org.bouncycastle.operator.OperatorCreationException类的典型用法代码示例。如果您正苦于以下问题:Java OperatorCreationException类的具体用法?Java OperatorCreationException怎么用?Java OperatorCreationException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
OperatorCreationException类属于org.bouncycastle.operator包,在下文中一共展示了OperatorCreationException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateSignatureBlock
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
private static byte[] generateSignatureBlock(
SignerConfig signerConfig, byte[] signatureFileBytes)
throws InvalidKeyException, CertificateEncodingException, SignatureException {
JcaCertStore certs = new JcaCertStore(signerConfig.certificates);
X509Certificate signerCert = signerConfig.certificates.get(0);
String jcaSignatureAlgorithm =
getJcaSignatureAlgorithm(
signerCert.getPublicKey(), signerConfig.signatureDigestAlgorithm);
try {
ContentSigner signer =
new JcaContentSignerBuilder(jcaSignatureAlgorithm)
.build(signerConfig.privateKey);
CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
gen.addSignerInfoGenerator(
new SignerInfoGeneratorBuilder(
new JcaDigestCalculatorProviderBuilder().build(),
SignerInfoSignatureAlgorithmFinder.INSTANCE)
.setDirectSignature(true)
.build(signer, new JcaX509CertificateHolder(signerCert)));
gen.addCertificates(certs);
CMSSignedData sigData =
gen.generate(new CMSProcessableByteArray(signatureFileBytes), false);
ByteArrayOutputStream out = new ByteArrayOutputStream();
try (ASN1InputStream asn1 = new ASN1InputStream(sigData.getEncoded())) {
DEROutputStream dos = new DEROutputStream(out);
dos.writeObject(asn1.readObject());
}
return out.toByteArray();
} catch (OperatorCreationException | CMSException | IOException e) {
throw new SignatureException("Failed to generate signature", e);
}
}
示例2: addSelfSignedCertificate
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public void addSelfSignedCertificate(String certificateAlias, String dn, String password) {
try {
KeyPair keys = generateKeyPair();
Calendar start = Calendar.getInstance();
Calendar expiry = Calendar.getInstance();
expiry.add(Calendar.YEAR, 1);
X500Name name = new X500Name(dn);
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(name, BigInteger.ONE,
start.getTime(), expiry.getTime(), name, SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded()));
ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(new BouncyCastleProvider()).build(keys.getPrivate());
X509CertificateHolder holder = certificateBuilder.build(signer);
Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);
Entry entry = new PrivateKeyEntry(keys.getPrivate(), new Certificate[]{ cert });
keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray()));
} catch (GeneralSecurityException | OperatorCreationException ex) {
throw new RuntimeException("Unable to generate self-signed certificate", ex);
}
}
示例3: get
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public DigestCalculator get(final AlgorithmIdentifier algorithm)
throws OperatorCreationException
{
Digest dig = digestProvider.get(algorithm);
final DigestOutputStream stream = new DigestOutputStream(dig);
return new DigestCalculator()
{
public AlgorithmIdentifier getAlgorithmIdentifier()
{
return algorithm;
}
public OutputStream getOutputStream()
{
return stream;
}
public byte[] getDigest()
{
return stream.getDigest();
}
};
}
示例4: build
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public ContentVerifierProvider build(final AsymmetricKeyParameter publicKey)
throws OperatorCreationException
{
return new ContentVerifierProvider()
{
public boolean hasAssociatedCertificate()
{
return false;
}
public X509CertificateHolder getAssociatedCertificate()
{
return null;
}
public ContentVerifier get(AlgorithmIdentifier algorithm)
throws OperatorCreationException
{
BcSignerOutputStream stream = createSignatureStream(algorithm, publicKey);
return new SigVerifier(algorithm, stream);
}
};
}
示例5: createSignatureStream
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
private SignatureOutputStream createSignatureStream(AlgorithmIdentifier algorithm, PublicKey publicKey)
throws OperatorCreationException
{
try
{
Signature sig = helper.createSignature(algorithm);
sig.initVerify(publicKey);
return new SignatureOutputStream(sig);
}
catch (GeneralSecurityException e)
{
throw new OperatorCreationException("exception on setup: " + e, e);
}
}
示例6: get
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public PKCS12MacCalculatorBuilder get(final AlgorithmIdentifier algorithmIdentifier)
{
return new PKCS12MacCalculatorBuilder()
{
public MacCalculator build(final char[] password)
throws OperatorCreationException
{
PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
return PKCS12PBEUtils.createMacCalculator(algorithmIdentifier.getAlgorithm(), digestProvider.get(algorithmIdentifier), pbeParams, password);
}
public AlgorithmIdentifier getDigestAlgorithmIdentifier()
{
return new AlgorithmIdentifier(algorithmIdentifier.getAlgorithm(), DERNull.INSTANCE);
}
};
}
示例7: SignerInfoGenerator
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
SignerInfoGenerator(
SignerIdentifier signerIdentifier,
ContentSigner signer,
DigestCalculatorProvider digesterProvider,
CMSSignatureEncryptionAlgorithmFinder sigEncAlgFinder,
CMSAttributeTableGenerator sAttrGen,
CMSAttributeTableGenerator unsAttrGen)
throws OperatorCreationException
{
this.signerIdentifier = signerIdentifier;
this.signer = signer;
if (digesterProvider != null)
{
this.digester = digesterProvider.get(digAlgFinder.find(signer.getAlgorithmIdentifier()));
}
else
{
this.digester = null;
}
this.sAttrGen = sAttrGen;
this.unsAttrGen = unsAttrGen;
this.sigEncAlgFinder = sigEncAlgFinder;
}
示例8: generateServerCertificate
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public static X500PrivateCredential generateServerCertificate(KeyPair caKeyPair) throws NoSuchAlgorithmException, CertificateException, OperatorCreationException, CertIOException {
X500Name issuerName = new X500Name("CN=bouncrca");
X500Name subjectName = new X500Name("CN=bouncr");
BigInteger serial = BigInteger.valueOf(2);
long t1 = System.currentTimeMillis();
KeyPairGenerator rsa = KeyPairGenerator.getInstance("RSA");
rsa.initialize(2048, SecureRandom.getInstance("NativePRNGNonBlocking"));
KeyPair kp = rsa.generateKeyPair();
System.out.println(System.currentTimeMillis() - t1);
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, kp.getPublic());
DERSequence subjectAlternativeNames = new DERSequence(new ASN1Encodable[] {
new GeneralName(GeneralName.dNSName, "localhost"),
new GeneralName(GeneralName.dNSName, "127.0.0.1")
});
builder.addExtension(Extension.subjectAlternativeName, false, subjectAlternativeNames);
X509Certificate cert = signCertificate(builder, caKeyPair.getPrivate());
return new X500PrivateCredential(cert, kp.getPrivate());
}
示例9: createNewStore
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public static boolean createNewStore(String storeType, File storeFile, char[] storePassword, DN dn) {
if (storeType == null) {
storeType = "jks";
}
try {
KeyStore ks = KeyStore.getInstance(storeType);
ks.load(null, null);
Pair<PrivateKey, X509Certificate> generated = generateKeyAndCertificate("RSA", "SHA1withRSA", dn.validityYears, encodeDN(dn));
ks.setKeyEntry(dn.alias, generated.getFirst(), dn.password, new Certificate[]{generated.getSecond()});
FileOutputStream fos = new FileOutputStream(storeFile);
boolean threw = true;
try {
ks.store(fos, storePassword);
threw = false;
} finally {
Closeables.close(fos, threw);
}
} catch (KeyStoreException | IOException | NoSuchAlgorithmException | CertificateException | OperatorCreationException e) {
return false;
}
return true;
}
示例10: createGenerator
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
private SignerInfoGenerator createGenerator(ContentSigner contentSigner, SignerIdentifier sigId)
throws OperatorCreationException
{
if (directSignature)
{
return new SignerInfoGenerator(sigId, contentSigner, digestProvider, sigEncAlgFinder, true);
}
if (signedGen != null || unsignedGen != null)
{
if (signedGen == null)
{
signedGen = new DefaultSignedAttributeTableGenerator();
}
return new SignerInfoGenerator(sigId, contentSigner, digestProvider, sigEncAlgFinder, signedGen, unsignedGen);
}
return new SignerInfoGenerator(sigId, contentSigner, digestProvider, sigEncAlgFinder);
}
示例11: getMessageImprintDigestCalculator
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
DigestCalculator getMessageImprintDigestCalculator(DigestCalculatorProvider calculatorProvider)
throws OperatorCreationException
{
TimeStampToken token;
try
{
token = this.getTimeStampToken(timeStamps[0]);
TimeStampTokenInfo info = token.getTimeStampInfo();
ASN1ObjectIdentifier algOID = info.getMessageImprintAlgOID();
DigestCalculator calc = calculatorProvider.get(new AlgorithmIdentifier(algOID));
initialiseMessageImprintDigestCalculator(calc);
return calc;
}
catch (CMSException e)
{
throw new OperatorCreationException("unable to extract algorithm ID: " + e.getMessage(), e);
}
}
示例12: generate
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public PemObject generate()
throws PemGenerationException
{
try
{
if (encryptorBuilder != null)
{
outputEncryptor = encryptorBuilder.build();
}
}
catch (OperatorCreationException e)
{
throw new PemGenerationException("unable to create operator: " + e.getMessage(), e);
}
if (outputEncryptor != null)
{
return generate(key, outputEncryptor);
}
else
{
return generate(key, null);
}
}
示例13: createSigner
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
throws OperatorCreationException {
if (!AlgorithmUtil.isRSASigAlgId(sigAlgId)) {
throw new OperatorCreationException(
"the given algorithm is not a valid RSA signature algirthm '"
+ sigAlgId.getAlgorithm().getId() + "'");
}
if (!PKCSObjectIdentifiers.id_RSASSA_PSS.equals(sigAlgId.getAlgorithm())) {
Digest dig = digestProvider.get(digAlgId);
return new RSADigestSigner(dig);
}
try {
return SignerUtil.createPSSRSASigner(sigAlgId);
} catch (XiSecurityException ex) {
throw new OperatorCreationException(ex.getMessage(), ex);
}
}
示例14: addSignedCertificate
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public void addSignedCertificate(final XTFKeyStore signerKeyStore, final String signerAlias, final String signerPassword, final String dn, final String certificateAlias, final String password) {
try {
final X509Certificate caCert = (X509Certificate) signerKeyStore.keystore.getCertificate(signerAlias);
final PrivateKey caKey = (PrivateKey) signerKeyStore.keystore.getKey(signerAlias, signerPassword.toCharArray());
final Calendar start = Calendar.getInstance();
final Calendar expiry = Calendar.getInstance();
expiry.add(Calendar.YEAR, 1);
final KeyPair keyPair = generateKeyPair();
final X500Name certName = new X500Name(dn);
final X500Name issuerName = new X500Name(caCert.getSubjectDN().getName());
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(
issuerName,
BigInteger.valueOf(System.nanoTime()),
start.getTime(),
expiry.getTime(),
certName,
SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
final JcaX509ExtensionUtils u = new JcaX509ExtensionUtils();
certificateBuilder.addExtension(Extension.authorityKeyIdentifier, false,
u.createAuthorityKeyIdentifier(caCert));
certificateBuilder.addExtension(Extension.subjectKeyIdentifier, false,
u.createSubjectKeyIdentifier(keyPair.getPublic()));
ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSA").setProvider(new BouncyCastleProvider()).build(caKey);
X509CertificateHolder holder = certificateBuilder.build(signer);
Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);
Entry entry = new PrivateKeyEntry(keyPair.getPrivate(), new Certificate[] {cert, caCert});
keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray()));
} catch (GeneralSecurityException | OperatorCreationException | CertIOException ex) {
throw new RuntimeException("Unable to generate signed certificate", ex);
}
}
示例15: build
import org.bouncycastle.operator.OperatorCreationException; //导入依赖的package包/类
public CertificateConfirmationContent build(DigestCalculatorProvider digesterProvider)
throws CMPException
{
ASN1EncodableVector v = new ASN1EncodableVector();
for (int i = 0; i != acceptedCerts.size(); i++)
{
X509CertificateHolder certHolder = (X509CertificateHolder)acceptedCerts.get(i);
BigInteger reqID = (BigInteger)acceptedReqIds.get(i);
AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm());
if (digAlg == null)
{
throw new CMPException("cannot find algorithm for digest from signature");
}
DigestCalculator digester;
try
{
digester = digesterProvider.get(digAlg);
}
catch (OperatorCreationException e)
{
throw new CMPException("unable to create digest: " + e.getMessage(), e);
}
CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream());
v.add(new CertStatus(digester.getDigest(), reqID));
}
return new CertificateConfirmationContent(CertConfirmContent.getInstance(new DERSequence(v)), digestAlgFinder);
}