Package de.trustable.util
Class CryptoUtil
- java.lang.Object
-
- de.trustable.util.CryptoUtil
-
public class CryptoUtil extends java.lang.Object
-
-
Constructor Summary
Constructors Constructor Description CryptoUtil()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description byte[]buildCertificateResponse(org.bouncycastle.asn1.cmp.PKIMessage pkiMessageIn, org.bouncycastle.asn1.crmf.CertReqMsg[] certReqMsgArr, java.lang.String hmacSecret, java.security.cert.Certificate issuingCertificate, org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair keyPair)org.bouncycastle.asn1.cmp.PKIMessagebuildCertRequest(long certReqId, org.bouncycastle.asn1.x500.X500Name subjectDN, java.util.Collection<org.bouncycastle.asn1.x509.Extension> certExtList, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo keyInfo, java.lang.String hmacSecret)byte[]buildErrorResponse(org.bouncycastle.asn1.cmp.PKIMessage pkiMessageIn, java.lang.String hmacSecret, org.bouncycastle.asn1.x500.X500Name issuer)org.bouncycastle.asn1.cmp.PKIMessagebuildGeneralMessageRequest(java.lang.String hmacSecret)byte[]buildRevocationRequest(long certRevId, org.bouncycastle.asn1.x500.X500Name issuerDN, org.bouncycastle.asn1.x500.X500Name subjectDN, java.math.BigInteger serial, org.bouncycastle.asn1.x509.CRLReason crlReason, java.lang.String hmacSecret)byte[]buildRevocationResponse(org.bouncycastle.asn1.cmp.PKIMessage pkiMessageIn, java.lang.String hmacSecret, org.bouncycastle.asn1.x500.X500Name issuer)java.security.cert.X509CertificatebuildSelfsignedCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair keyPair)Deprecated.static java.security.cert.X509CertificateconvertPemToCertificate(java.lang.String pem)org.bouncycastle.cert.X509CertificateHolderconvertPemToCertificateHolder(java.lang.String pem)org.bouncycastle.pkcs.PKCS10CertificationRequestconvertPemToPKCS10CertificationRequest(java.lang.String pem)parse a PEM encoded csr, verify it and return the P10 request objectjava.security.PrivateKeyconvertPemToPrivateKey(java.lang.String pem)java.security.PublicKeyconvertPemToPublicKey(java.lang.String pem)java.lang.StringcrlReasonAsString(org.bouncycastle.asn1.x509.CRLReason crlReason)org.bouncycastle.asn1.x509.CRLReasoncrlReasonFromString(java.lang.String revocationReasonStr)static byte[]generateFingerprint(byte[] ba, java.lang.String algoName)Generate a SHA1 fingerprint from a byte array containing a X.509 certificatestatic byte[]generateMD5Fingerprint(byte[] ba)Generate a MD5 fingerprint from a byte array containing e.g.static byte[]generateSHA1Fingerprint(byte[] ba)Generate a SHA1 fingerprint from a byte array containing e.g.static org.bouncycastle.pkcs.PKCS10CertificationRequestgetCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password)static org.bouncycastle.pkcs.PKCS10CertificationRequestgetCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions)static org.bouncycastle.pkcs.PKCS10CertificationRequestgetCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions, org.bouncycastle.asn1.x509.GeneralName[] sanArray)static org.bouncycastle.pkcs.PKCS10CertificationRequestgetCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions, org.bouncycastle.asn1.x509.GeneralName[] sanArray, java.lang.String signingAlgorithmName)static java.lang.StringgetCsrAsPEM(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password)build a sample csrorg.bouncycastle.asn1.ASN1PrimitivegetDERObject(byte[] ba)java.lang.StringgetDescription(java.security.cert.X509Certificate x509Certificate)Build a descriptive text for certificateorg.bouncycastle.operator.MacCalculatorgetMacCalculator(java.lang.String hmacSecret)build a HMAC calculator from a given secretorg.bouncycastle.cert.crmf.PKMACBuildergetMacCalculatorBuilder()build a PKMACBuilderstatic java.lang.StringgetPaddedSerial(java.lang.String serial)Align a serial number to a default lengthorg.bouncycastle.cert.cmp.ProtectedPKIMessageBuildergetPKIBuilder(org.bouncycastle.asn1.x500.X500Name recipientDN, org.bouncycastle.asn1.x500.X500Name senderDN)org.bouncycastle.cert.cmp.ProtectedPKIMessageBuildergetPKIBuilder(org.bouncycastle.asn1.x500.X500Name recipientDN, org.bouncycastle.asn1.x500.X500Name senderDN, byte[] senderNonce, byte[] recipNonce, byte[] transactionId, byte[] keyId, byte[] recipKeyId)org.bouncycastle.cert.cmp.ProtectedPKIMessageBuildergetPKIResponseBuilder(org.bouncycastle.asn1.x500.X500Name recipientDN, org.bouncycastle.asn1.x500.X500Name senderDN, org.bouncycastle.asn1.cmp.PKIHeader pkiHeader)java.security.PublicKeygetPublicKeyFromCSR(org.bouncycastle.pkcs.PKCS10CertificationRequest p10Req)byte[]getSHA256Digest(byte[] bInArr)java.lang.StringgetSHA256DigestAsString(byte[] bInArr)static org.bouncycastle.asn1.x509.SubjectKeyIdentifier[]getSKI(java.security.cert.X509Certificate x509Cert)find or calculate an SKI from a certificatebyte[]handleCMPRequest(java.lang.String alias, java.lang.String hmacSecret, byte[] requestBytes, java.security.cert.Certificate issuingCertificate, org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair keyPair)java.security.cert.X509CertificateissueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, byte[] issuerPKByteArr, int validityPeriodType, int validityPeriod)java.security.cert.X509CertificateissueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, byte[] issuerPKByteArr, int validityPeriodType, int validityPeriod, PKILevel pkiLevel)java.security.cert.X509CertificateissueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo spkInfo, int validityPeriodType, int validityPeriod, PKILevel pkiLevel)java.security.cert.X509CertificateissueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo spkInfo, int validityPeriodType, int validityPeriod, org.bouncycastle.asn1.x509.GeneralNames subjectAltNames, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions, PKILevel pkiLevel)static java.lang.StringlimitLength(java.lang.String in, int maxLength)Pkcs10RequestHolderparseCertificateRequest(byte[] csr)Pkcs10RequestHolderparseCertificateRequest(java.lang.String csr)parse a PEM encoded csr, verify it and return the P10 request holderPkcs10RequestHolderparseCertificateRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest p10Request)static java.lang.Stringpkcs10RequestToPem(org.bouncycastle.pkcs.PKCS10CertificationRequest req)java.lang.StringpublicKeyToPem(java.security.PublicKey pk)org.bouncycastle.asn1.cmp.GenMsgContentreadGenMsgResponse(byte[] responseBytes, java.lang.String plainSecret)org.bouncycastle.asn1.cmp.RevRepContentreadRevResponse(byte[] responseBytes, java.lang.String plainSecret)static java.lang.StringusageAsString(boolean[] usage)convert the usage-bits to a readable stringjava.lang.Stringx509CertToPem(java.security.cert.X509Certificate cert)
-
-
-
Method Detail
-
getPaddedSerial
public static java.lang.String getPaddedSerial(java.lang.String serial)
Align a serial number to a default length- Parameters:
serial- the serial number- Returns:
- the normalized serial number string
-
generateSHA1Fingerprint
public static byte[] generateSHA1Fingerprint(byte[] ba)
Generate a SHA1 fingerprint from a byte array containing e.g. a X.509 certificate- Parameters:
ba- Byte array containing DER encoded X509Certificate.- Returns:
- Byte array containing SHA1 hash of DER encoded certificate.
-
generateMD5Fingerprint
public static byte[] generateMD5Fingerprint(byte[] ba)
Generate a MD5 fingerprint from a byte array containing e.g. a X.509 certificate- Parameters:
ba- Byte array containing DER encoded X509Certificate.- Returns:
- Byte array containing SHA1 hash of DER encoded certificate.
-
generateFingerprint
public static byte[] generateFingerprint(byte[] ba, java.lang.String algoName)Generate a SHA1 fingerprint from a byte array containing a X.509 certificate- Parameters:
ba- Byte array containing DER encoded X509Certificate.- Returns:
- Byte array containing SHA1 hash of DER encoded certificate.
-
usageAsString
public static java.lang.String usageAsString(boolean[] usage)
convert the usage-bits to a readable string- Parameters:
usage- the array of bits representing the different bits- Returns:
- descriptive text representing the key usage
-
parseCertificateRequest
public Pkcs10RequestHolder parseCertificateRequest(byte[] csr) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
parseCertificateRequest
public Pkcs10RequestHolder parseCertificateRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest p10Request) throws java.io.IOException, java.security.GeneralSecurityException
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
getPublicKeyFromCSR
public java.security.PublicKey getPublicKeyFromCSR(org.bouncycastle.pkcs.PKCS10CertificationRequest p10Req) throws java.io.IOException, java.security.GeneralSecurityException- Parameters:
p10Req- a structure containing the CSR details- Returns:
- the public key requesting to be signed
- Throws:
java.io.IOException- problem parsing the csrjava.security.GeneralSecurityException- some security problem occurred
-
pkcs10RequestToPem
public static java.lang.String pkcs10RequestToPem(org.bouncycastle.pkcs.PKCS10CertificationRequest req) throws java.io.IOException- Parameters:
req- a structure containing the CSR details- Returns:
- a PEM encoded CSR
- Throws:
java.io.IOException- problem parsing the CSR
-
x509CertToPem
public java.lang.String x509CertToPem(java.security.cert.X509Certificate cert) throws java.io.IOException- Parameters:
cert- a certificate object- Returns:
- a PEM encoded certificate
- Throws:
java.io.IOException- problem serializing the certificate
-
publicKeyToPem
public java.lang.String publicKeyToPem(java.security.PublicKey pk) throws java.io.IOException- Parameters:
pk- a public key object- Returns:
- a PEM encoded public key
- Throws:
java.io.IOException- problem serializing the public key
-
parseCertificateRequest
public Pkcs10RequestHolder parseCertificateRequest(java.lang.String csr) throws java.io.IOException, java.security.GeneralSecurityException
parse a PEM encoded csr, verify it and return the P10 request holder- Parameters:
csr- a certificate signing request as base64 string- Returns:
- a holder object containing the CSR details
- Throws:
java.io.IOException- problem parsing the csrjava.security.GeneralSecurityException- some security problem occurred
-
convertPemToPKCS10CertificationRequest
public org.bouncycastle.pkcs.PKCS10CertificationRequest convertPemToPKCS10CertificationRequest(java.lang.String pem) throws java.security.GeneralSecurityExceptionparse a PEM encoded csr, verify it and return the P10 request object- Parameters:
pem- a certificate signing request as base64 string- Returns:
- an object containing the CSR
- Throws:
java.security.GeneralSecurityException- some security problem occurred
-
convertPemToPublicKey
public java.security.PublicKey convertPemToPublicKey(java.lang.String pem) throws java.security.GeneralSecurityException- Parameters:
pem- a PEM encoded public key- Returns:
- a public key object
- Throws:
java.security.GeneralSecurityException- some security problem occurred
-
convertPemToCertificateHolder
public org.bouncycastle.cert.X509CertificateHolder convertPemToCertificateHolder(java.lang.String pem) throws java.security.GeneralSecurityException- Parameters:
pem- a PEM encoded certificate- Returns:
- a certificate details holder object
- Throws:
java.security.GeneralSecurityException- some security problem occurred
-
convertPemToCertificate
public static java.security.cert.X509Certificate convertPemToCertificate(java.lang.String pem) throws java.security.GeneralSecurityException- Parameters:
pem- a PEM encoded certificate- Returns:
- a X509 certificate
- Throws:
java.security.GeneralSecurityException- some security problem occurred
-
convertPemToPrivateKey
public java.security.PrivateKey convertPemToPrivateKey(java.lang.String pem) throws java.security.GeneralSecurityException- Parameters:
pem- a PEM encoded private key- Returns:
- a private key object
- Throws:
java.security.GeneralSecurityException- some security problem occurred
-
getDERObject
public org.bouncycastle.asn1.ASN1Primitive getDERObject(byte[] ba) throws java.io.IOException- Parameters:
ba- a byte array containg an ASN.1 object- Returns:
- the basic ASN.1 object
- Throws:
java.io.IOException- problem parsing the ASN.1 structure
-
getCsrAsPEM
public static java.lang.String getCsrAsPEM(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password) throws java.security.GeneralSecurityException, java.io.IOExceptionbuild a sample csr- Parameters:
subject- the subject of the certificatepubKey- the public ky to be signedpriKey- the corresponding private keypassword- the PKCS#10 password- Returns:
- PEM encoded CSR
- Throws:
java.io.IOException- problem creating the csrjava.security.GeneralSecurityException- some security problem occurred
-
getCsr
public static org.bouncycastle.pkcs.PKCS10CertificationRequest getCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password) throws java.security.GeneralSecurityException, java.io.IOException- Parameters:
subject- the subject of the certificate as X500PrincipalpubKey- the public ky to be signedpriKey- the corresponding private keypassword- the PKCS#10 password- Returns:
- CSR content as PKCS#10 object
- Throws:
java.io.IOException- problem creating the csrjava.security.GeneralSecurityException- some security problem occurred
-
getCsr
public static org.bouncycastle.pkcs.PKCS10CertificationRequest getCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions) throws java.security.GeneralSecurityException, java.io.IOException- Parameters:
subject- the subject of the certificate as X500PrincipalpubKey- the public ky to be signedpriKey- the corresponding private keypassword- the PKCS#10 passwordextensions- a list of attributes- Returns:
- CSR content as PKCS#10 object
- Throws:
java.io.IOException- problem creating the csrjava.security.GeneralSecurityException- some security problem occurred
-
getCsr
public static org.bouncycastle.pkcs.PKCS10CertificationRequest getCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions, org.bouncycastle.asn1.x509.GeneralName[] sanArray) throws java.security.GeneralSecurityException, java.io.IOException- Parameters:
subject- the subject of the certificate as X500PrincipalpubKey- the public ky to be signedpriKey- the corresponding private keypassword- the PKCS#10 passwordextensions- a list of attributessanArray- list of SANs- Returns:
- CSR content as PKCS#10 object
- Throws:
java.io.IOException- problem creating the csrjava.security.GeneralSecurityException- some security problem occurred
-
getCsr
public static org.bouncycastle.pkcs.PKCS10CertificationRequest getCsr(javax.security.auth.x500.X500Principal subject, java.security.PublicKey pubKey, java.security.PrivateKey priKey, char[] password, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions, org.bouncycastle.asn1.x509.GeneralName[] sanArray, java.lang.String signingAlgorithmName) throws java.security.GeneralSecurityException, java.io.IOException- Parameters:
subject- the subject of the certificate as X500PrincipalpubKey- the public ky to be signedpriKey- the corresponding private keypassword- the PKCS#10 passwordextensions- a list of attributessanArray- list of SANssigningAlgorithmName- Name of the signing algorithm to be used- Returns:
- CSR content as PKCS#10 object
- Throws:
java.io.IOException- problem creating the csrjava.security.GeneralSecurityException- some security problem occurred
-
getDescription
public java.lang.String getDescription(java.security.cert.X509Certificate x509Certificate)
Build a descriptive text for certificate- Parameters:
x509Certificate- X509Certificate- Returns:
- String describing the certificate
-
crlReasonFromString
public org.bouncycastle.asn1.x509.CRLReason crlReasonFromString(java.lang.String revocationReasonStr)
- Parameters:
revocationReasonStr- a string describing the revocation reason- Returns:
- CRL reason object
-
crlReasonAsString
public java.lang.String crlReasonAsString(org.bouncycastle.asn1.x509.CRLReason crlReason)
- Parameters:
crlReason- a CRL reason object to be stringified- Returns:
- a string describing the revocation reason
-
limitLength
public static java.lang.String limitLength(java.lang.String in, int maxLength)- Parameters:
in- an input stringmaxLength- the maximum length- Returns:
- the truncated string
-
getSKI
public static org.bouncycastle.asn1.x509.SubjectKeyIdentifier[] getSKI(java.security.cert.X509Certificate x509Cert) throws java.security.NoSuchAlgorithmExceptionfind or calculate an SKI from a certificate- Parameters:
x509Cert- the x509 certificate- Returns:
- the subject key identifier object
- Throws:
java.security.NoSuchAlgorithmException- X509 extension problem
-
getSHA256DigestAsString
public java.lang.String getSHA256DigestAsString(byte[] bInArr) throws java.security.NoSuchAlgorithmException- Throws:
java.security.NoSuchAlgorithmException
-
getSHA256Digest
public byte[] getSHA256Digest(byte[] bInArr) throws java.security.NoSuchAlgorithmException- Throws:
java.security.NoSuchAlgorithmException
-
getPKIBuilder
public org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder getPKIBuilder(org.bouncycastle.asn1.x500.X500Name recipientDN, org.bouncycastle.asn1.x500.X500Name senderDN)
-
getPKIResponseBuilder
public org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder getPKIResponseBuilder(org.bouncycastle.asn1.x500.X500Name recipientDN, org.bouncycastle.asn1.x500.X500Name senderDN, org.bouncycastle.asn1.cmp.PKIHeader pkiHeader)- Parameters:
recipientDN- the recipient of the messagesenderDN- the sender of the messagepkiHeader- the message header- Returns:
- a builder for a ProtectedPKIMessage
-
getPKIBuilder
public org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder getPKIBuilder(org.bouncycastle.asn1.x500.X500Name recipientDN, org.bouncycastle.asn1.x500.X500Name senderDN, byte[] senderNonce, byte[] recipNonce, byte[] transactionId, byte[] keyId, byte[] recipKeyId)
-
getMacCalculatorBuilder
public org.bouncycastle.cert.crmf.PKMACBuilder getMacCalculatorBuilder() throws org.bouncycastle.cert.crmf.CRMFExceptionbuild a PKMACBuilder- Returns:
- the PKMACBuilder object withdefault algorithms
- Throws:
org.bouncycastle.cert.crmf.CRMFException- creation of the calculator failed
-
getMacCalculator
public org.bouncycastle.operator.MacCalculator getMacCalculator(java.lang.String hmacSecret) throws org.bouncycastle.cert.crmf.CRMFExceptionbuild a HMAC calculator from a given secret- Parameters:
hmacSecret- the given secret for this connection- Returns:
- the HMACCalculator object
- Throws:
org.bouncycastle.cert.crmf.CRMFException- creation of the calculator failed
-
buildSelfsignedCertificate
public java.security.cert.X509Certificate buildSelfsignedCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair keyPair) throws java.security.NoSuchAlgorithmException, java.io.IOException, java.security.cert.CertificateExceptionDeprecated.- Throws:
java.security.NoSuchAlgorithmExceptionjava.io.IOExceptionjava.security.cert.CertificateException
-
handleCMPRequest
public byte[] handleCMPRequest(java.lang.String alias, java.lang.String hmacSecret, byte[] requestBytes, java.security.cert.Certificate issuingCertificate, org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair keyPair) throws java.io.IOException, java.security.GeneralSecurityException, org.bouncycastle.cert.crmf.CRMFException, org.bouncycastle.cert.cmp.CMPException- Parameters:
alias-hmacSecret-requestBytes-issuingCertificate-issuer-keyPair-- Returns:
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityExceptionorg.bouncycastle.cert.crmf.CRMFExceptionorg.bouncycastle.cert.cmp.CMPException
-
buildCertificateResponse
public byte[] buildCertificateResponse(org.bouncycastle.asn1.cmp.PKIMessage pkiMessageIn, org.bouncycastle.asn1.crmf.CertReqMsg[] certReqMsgArr, java.lang.String hmacSecret, java.security.cert.Certificate issuingCertificate, org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair keyPair) throws java.io.IOException, org.bouncycastle.cert.crmf.CRMFException, org.bouncycastle.cert.cmp.CMPException, java.security.GeneralSecurityException- Parameters:
pkiMessageIn-certReqMsgArr-hmacSecret-issuingCertificate-issuer-keyPair-- Returns:
- Throws:
java.io.IOExceptionorg.bouncycastle.cert.crmf.CRMFExceptionorg.bouncycastle.cert.cmp.CMPExceptionjava.security.GeneralSecurityException
-
issueCertificate
public java.security.cert.X509Certificate issueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, byte[] issuerPKByteArr, int validityPeriodType, int validityPeriod) throws java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Parameters:
issuer-issuerKeyPair-subject-issuerPKByteArr-validityPeriodType-validityPeriod-- Returns:
- Throws:
java.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjava.io.IOException
-
issueCertificate
public java.security.cert.X509Certificate issueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, byte[] issuerPKByteArr, int validityPeriodType, int validityPeriod, PKILevel pkiLevel) throws java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Parameters:
issuer-issuerKeyPair-subject-issuerPKByteArr-validityPeriodType-validityPeriod-pkiLevel-- Returns:
- Throws:
java.security.NoSuchAlgorithmExceptionjava.security.cert.CertificateExceptionjava.io.IOException
-
issueCertificate
public java.security.cert.X509Certificate issueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo spkInfo, int validityPeriodType, int validityPeriod, PKILevel pkiLevel) throws java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Parameters:
issuer-issuerKeyPair-subject-spkInfo-validityPeriodType-validityPeriod-- Returns:
- Throws:
java.security.NoSuchAlgorithmException- X509 extension problemjava.security.cert.CertificateExceptionjava.io.IOException
-
issueCertificate
public java.security.cert.X509Certificate issueCertificate(org.bouncycastle.asn1.x500.X500Name issuer, java.security.KeyPair issuerKeyPair, org.bouncycastle.asn1.x500.X500Name subject, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo spkInfo, int validityPeriodType, int validityPeriod, org.bouncycastle.asn1.x509.GeneralNames subjectAltNames, java.util.List<java.util.Map<java.lang.String,java.lang.Object>> extensions, PKILevel pkiLevel) throws java.security.NoSuchAlgorithmException, java.security.cert.CertificateException, java.io.IOException- Parameters:
issuer-issuerKeyPair-subject-spkInfo-validityPeriodType-validityPeriod-subjectAltNames-extensions-pkiLevel-- Returns:
- Throws:
java.security.NoSuchAlgorithmException- X509 extension problemjava.security.cert.CertificateExceptionjava.io.IOException
-
buildRevocationResponse
public byte[] buildRevocationResponse(org.bouncycastle.asn1.cmp.PKIMessage pkiMessageIn, java.lang.String hmacSecret, org.bouncycastle.asn1.x500.X500Name issuer) throws java.io.IOException, org.bouncycastle.cert.crmf.CRMFException, org.bouncycastle.cert.cmp.CMPException- Parameters:
pkiMessageIn-hmacSecret-issuer-- Returns:
- Throws:
java.io.IOExceptionorg.bouncycastle.cert.crmf.CRMFExceptionorg.bouncycastle.cert.cmp.CMPException
-
buildErrorResponse
public byte[] buildErrorResponse(org.bouncycastle.asn1.cmp.PKIMessage pkiMessageIn, java.lang.String hmacSecret, org.bouncycastle.asn1.x500.X500Name issuer) throws java.io.IOException, org.bouncycastle.cert.crmf.CRMFException, org.bouncycastle.cert.cmp.CMPException- Parameters:
pkiMessageIn-hmacSecret-issuer-- Returns:
- Throws:
java.io.IOExceptionorg.bouncycastle.cert.crmf.CRMFExceptionorg.bouncycastle.cert.cmp.CMPException
-
readRevResponse
public org.bouncycastle.asn1.cmp.RevRepContent readRevResponse(byte[] responseBytes, java.lang.String plainSecret) throws java.io.IOException, java.security.GeneralSecurityException- Parameters:
responseBytes-- Returns:
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
readGenMsgResponse
public org.bouncycastle.asn1.cmp.GenMsgContent readGenMsgResponse(byte[] responseBytes, java.lang.String plainSecret) throws java.io.IOException, java.security.GeneralSecurityException- Parameters:
responseBytes-- Returns:
- Throws:
java.io.IOExceptionjava.security.GeneralSecurityException
-
buildGeneralMessageRequest
public org.bouncycastle.asn1.cmp.PKIMessage buildGeneralMessageRequest(java.lang.String hmacSecret) throws org.bouncycastle.cert.crmf.CRMFException, org.bouncycastle.cert.cmp.CMPException- Parameters:
hmacSecret-- Returns:
- Throws:
org.bouncycastle.cert.crmf.CRMFExceptionorg.bouncycastle.cert.cmp.CMPException
-
buildCertRequest
public org.bouncycastle.asn1.cmp.PKIMessage buildCertRequest(long certReqId, org.bouncycastle.asn1.x500.X500Name subjectDN, java.util.Collection<org.bouncycastle.asn1.x509.Extension> certExtList, org.bouncycastle.asn1.x509.SubjectPublicKeyInfo keyInfo, java.lang.String hmacSecret) throws java.security.GeneralSecurityException- Parameters:
certReqId-subjectDN-certExtList-keyInfo-hmacSecret-- Returns:
- Throws:
java.security.GeneralSecurityException
-
buildRevocationRequest
public byte[] buildRevocationRequest(long certRevId, org.bouncycastle.asn1.x500.X500Name issuerDN, org.bouncycastle.asn1.x500.X500Name subjectDN, java.math.BigInteger serial, org.bouncycastle.asn1.x509.CRLReason crlReason, java.lang.String hmacSecret) throws java.io.IOException, org.bouncycastle.cert.crmf.CRMFException, org.bouncycastle.cert.cmp.CMPException- Throws:
java.io.IOExceptionorg.bouncycastle.cert.crmf.CRMFExceptionorg.bouncycastle.cert.cmp.CMPException
-
-