Examples of CertificatePair

org.bouncycastle.asn1.x509.CertificatePair
This class helps to support crossCerfificatePairs in a LDAP directory according RFC 2587
```
 crossCertificatePairATTRIBUTE::={ WITH SYNTAX   CertificatePair EQUALITY MATCHING RULE certificatePairExactMatch ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)} 
```
The forward elements of the crossCertificatePair attribute of a CA's directory entry shall be used to store all, except self-issued certificates issued to this CA. Optionally, the reverse elements of the crossCertificatePair attribute, of a CA's directory entry may contain a subset of certificates issued by this CA to other CAs. When both the forward and the reverse elements are present in a single attribute value, issuer name in one certificate shall match the subject name in the other and vice versa, and the subject public key in one certificate shall be capable of verifying the digital signature on the other certificate and vice versa. When a reverse element is present, the forward element value and the reverse element value need not be stored in the same attribute value; in other words, they can be stored in either a single attribute value or two attribute values.
```
 CertificatePair ::= SEQUENCE { forward        [0]    Certificate OPTIONAL, reverse        [1]    Certificate OPTIONAL, -- at least one of the pair shall be present -- }  
```
org.bouncycastle2.asn1.x509.CertificatePair
This class helps to support crossCerfificatePairs in a LDAP directory according RFC 2587
```
 crossCertificatePairATTRIBUTE::={ WITH SYNTAX   CertificatePair EQUALITY MATCHING RULE certificatePairExactMatch ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)} 
```
The forward elements of the crossCertificatePair attribute of a CA's directory entry shall be used to store all, except self-issued certificates issued to this CA. Optionally, the reverse elements of the crossCertificatePair attribute, of a CA's directory entry may contain a subset of certificates issued by this CA to other CAs. When both the forward and the reverse elements are present in a single attribute value, issuer name in one certificate shall match the subject name in the other and vice versa, and the subject public key in one certificate shall be capable of verifying the digital signature on the other certificate and vice versa. When a reverse element is present, the forward element value and the reverse element value need not be stored in the same attribute value; in other words, they can be stored in either a single attribute value or two attribute values.
```
 CertificatePair ::= SEQUENCE { forward        [0]    Certificate OPTIONAL, reverse        [1]    Certificate OPTIONAL, -- at least one of the pair shall be present -- }  
```
org.terasology.identity.CertificatePair
Holds a public/private certificate pair

Examples of org.bouncycastle.asn1.x509.CertificatePair

        InputStream in)
        throws IOException, CertificateParsingException
    {
        ASN1InputStream dIn = new ASN1InputStream(in, ProviderUtil.getReadLimit(in));
        ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
        CertificatePair pair = CertificatePair.getInstance(seq);
        return new X509CertificatePair(pair);
    }

View Full Code Here

Examples of org.bouncycastle.asn1.x509.CertificatePair

            if (reverse != null)
            {
                r = X509CertificateStructure.getInstance(new ASN1InputStream(
                    reverse.getEncoded()).readObject());
            }
            return new CertificatePair(f, r).getDEREncoded();
        }
        catch (IllegalArgumentException e)
        {
            throw new ExtCertificateEncodingException(e.toString(), e);
        }

View Full Code Here

Examples of org.bouncycastle.asn1.x509.CertificatePair

                {
                    // now try it to construct it the forward and reverse
                    // certificate
                    byte[] forward = (byte[])list.get(i);
                    byte[] reverse = (byte[])list.get(i + 1);
                    pair = new X509CertificatePair(new CertificatePair(
                        X509CertificateStructure
                            .getInstance(new ASN1InputStream(
                            forward).readObject()),
                        X509CertificateStructure
                            .getInstance(new ASN1InputStream(

View Full Code Here

Examples of org.bouncycastle2.asn1.x509.CertificatePair

            if (reverse != null)
            {
                r = X509CertificateStructure.getInstance(new ASN1InputStream(
                    reverse.getEncoded()).readObject());
            }
            return new CertificatePair(f, r).getDEREncoded();
        }
        catch (IllegalArgumentException e)
        {
            throw new ExtCertificateEncodingException(e.toString(), e);
        }

View Full Code Here

Examples of org.bouncycastle2.asn1.x509.CertificatePair

        InputStream in)
        throws IOException, CertificateParsingException
    {
        ASN1InputStream dIn = new ASN1InputStream(in, ProviderUtil.getReadLimit(in));
        ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
        CertificatePair pair = CertificatePair.getInstance(seq);
        return new X509CertificatePair(pair);
    }

View Full Code Here

Examples of org.terasology.identity.CertificatePair

            config.getDefaultModSelection().addModule(TerasologyConstants.CORE_MODULE);
        }


        if (!validateServerIdentity()) {
            CertificateGenerator generator = new CertificateGenerator();
            CertificatePair serverIdentity = generator.generateSelfSigned();
            config.getSecurity().setServerCredentials(serverIdentity.getPublicCert(), serverIdentity.getPrivateCert());
            config.save();
        }
        logger.info("Video Settings: " + config.getRendering().toString());
        CoreRegistry.putPermanently(Config.class, config);
    }

View Full Code Here

Examples of org.terasology.identity.CertificatePair


    @Before
    public void setup() throws Exception {
        super.setup();
        CertificateGenerator generator = new CertificateGenerator();
        CertificatePair serverIdentiy = generator.generateSelfSigned();
        CoreRegistry.get(Config.class).getSecurity().setServerCredentials(serverIdentiy.getPublicCert(), serverIdentiy.getPrivateCert());
    }

View Full Code Here

Examples of org.terasology.identity.CertificatePair

        try {
            byte[] preMasterSecret = config.getSecurity().getServerPrivateCertificate().decrypt(newIdentityRequest.getPreMasterSecret().toByteArray());
            byte[] masterSecret = HandshakeCommon.generateMasterSecret(preMasterSecret, newIdentityRequest.getRandom().toByteArray(), serverRandom);


            // Generate a certificate pair for the client
            CertificatePair clientCertificates = new CertificateGenerator().generate(config.getSecurity().getServerPrivateCertificate());


            NetData.CertificateSet certificateData = NetData.CertificateSet.newBuilder()
                    .setPublicCertificate(NetMessageUtil.convert(clientCertificates.getPublicCert()))
                    .setPrivateExponent(ByteString.copyFrom(clientCertificates.getPrivateCert().getExponent().toByteArray()))
                    .build();


            byte[] encryptedCert = null;
            try {
                SecretKeySpec key = HandshakeCommon.generateSymmetricKey(masterSecret, newIdentityRequest.getRandom().toByteArray(), serverRandom);
                Cipher cipher = Cipher.getInstance(IdentityConstants.SYMMETRIC_ENCRYPTION_ALGORITHM);
                cipher.init(Cipher.ENCRYPT_MODE, key);
                encryptedCert = cipher.doFinal(certificateData.toByteArray());
            } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | BadPaddingException | IllegalBlockSizeException e) {
                logger.error("Unexpected error encrypting certificate for sending, ending connection attempt", e);
                ctx.getChannel().close();
                return;
            }


            ctx.getChannel().write(NetData.NetMessage.newBuilder()
                    .setProvisionIdentity(NetData.ProvisionIdentity.newBuilder()
                            .setEncryptedCertificates(ByteString.copyFrom(encryptedCert)))
                    .build());


            // Identity has been established, inform the server handler and withdraw from the pipeline
            ctx.getPipeline().remove(this);
            serverConnectionHandler.channelAuthenticated(clientCertificates.getPublicCert());
        } catch (BadEncryptedDataException e) {
            logger.error("Received invalid encrypted pre-master secret, ending connection attempt");
            ctx.getChannel().close();
        }
    }

View Full Code Here

0 1

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.