< prev index next >

src/java.base/share/classes/sun/security/pkcs10/PKCS10.java

Print this page 
rev 51972 : 8215694: keytool cannot generate RSASSA-PSS certificates
Reviewed-by: xuelei
   1 /*
   2  * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 
  27 package sun.security.pkcs10;
  28 
  29 import java.io.PrintStream;
  30 import java.io.IOException;
  31 import java.math.BigInteger;
  32 
  33 import java.security.cert.CertificateException;
  34 import java.security.*;
  35 import java.security.spec.AlgorithmParameterSpec;
  36 
  37 import java.util.Base64;
  38 
  39 import sun.security.util.*;
  40 import sun.security.x509.AlgorithmId;
  41 import sun.security.x509.X509Key;
  42 import sun.security.x509.X500Name;
  43 import sun.security.util.SignatureUtil;
  44 
  45 
  46 /**
  47  * A PKCS #10 certificate request is created and sent to a Certificate
  48  * Authority, which then creates an X.509 certificate and returns it to
  49  * the entity that requested it. A certificate request basically consists
  50  * of the subject's X.500 name, public key, and optionally some attributes,
  51  * signed using the corresponding private key.
  52  *
  53  * The ASN.1 syntax for a Certification Request is:
  54  * <pre>
  55  * CertificationRequest ::= SEQUENCE {


 220         attributeSet.encode(scratch);
 221 
 222         out = new DerOutputStream();
 223         out.write(DerValue.tag_Sequence, scratch);      // wrap it!
 224         certificateRequestInfo = out.toByteArray();
 225         scratch = out;
 226 
 227         /*
 228          * Sign it ...
 229          */
 230         signature.update(certificateRequestInfo, 0,
 231                 certificateRequestInfo.length);
 232         sig = signature.sign();
 233         sigAlg = signature.getAlgorithm();
 234 
 235         /*
 236          * Build guts of SIGNED macro
 237          */
 238         AlgorithmId algId = null;
 239         try {
 240             algId = AlgorithmId.get(signature.getAlgorithm());



 241         } catch (NoSuchAlgorithmException nsae) {
 242             throw new SignatureException(nsae);
 243         }

 244         algId.encode(scratch);     // sig algorithm
 245         scratch.putBitString(sig);                      // sig
 246 
 247         /*
 248          * Wrap those guts in a sequence
 249          */
 250         out = new DerOutputStream();
 251         out.write(DerValue.tag_Sequence, scratch);
 252         encoded = out.toByteArray();
 253     }
 254 
 255     /**
 256      * Returns the subject's name.
 257      */
 258     public X500Name getSubjectName() { return subject; }
 259 
 260     /**
 261      * Returns the subject's public key.
 262      */
 263     public PublicKey getSubjectPublicKeyInfo()


   1 /*
   2  * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * This code is free software; you can redistribute it and/or modify it
   6  * under the terms of the GNU General Public License version 2 only, as
   7  * published by the Free Software Foundation.  Oracle designates this
   8  * particular file as subject to the "Classpath" exception as provided
   9  * by Oracle in the LICENSE file that accompanied this code.
  10  *
  11  * This code is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  14  * version 2 for more details (a copy is included in the LICENSE file that
  15  * accompanied this code).
  16  *
  17  * You should have received a copy of the GNU General Public License version
  18  * 2 along with this work; if not, write to the Free Software Foundation,
  19  * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  20  *
  21  * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  22  * or visit www.oracle.com if you need additional information or have any
  23  * questions.
  24  */
  25 
  26 
  27 package sun.security.pkcs10;
  28 
  29 import java.io.PrintStream;
  30 import java.io.IOException;
  31 import java.math.BigInteger;
  32 
  33 import java.security.cert.CertificateException;
  34 import java.security.*;

  35 
  36 import java.util.Base64;
  37 
  38 import sun.security.util.*;
  39 import sun.security.x509.AlgorithmId;
  40 import sun.security.x509.X509Key;
  41 import sun.security.x509.X500Name;
  42 import sun.security.util.SignatureUtil;
  43 
  44 
  45 /**
  46  * A PKCS #10 certificate request is created and sent to a Certificate
  47  * Authority, which then creates an X.509 certificate and returns it to
  48  * the entity that requested it. A certificate request basically consists
  49  * of the subject's X.500 name, public key, and optionally some attributes,
  50  * signed using the corresponding private key.
  51  *
  52  * The ASN.1 syntax for a Certification Request is:
  53  * <pre>
  54  * CertificationRequest ::= SEQUENCE {


 219         attributeSet.encode(scratch);
 220 
 221         out = new DerOutputStream();
 222         out.write(DerValue.tag_Sequence, scratch);      // wrap it!
 223         certificateRequestInfo = out.toByteArray();
 224         scratch = out;
 225 
 226         /*
 227          * Sign it ...
 228          */
 229         signature.update(certificateRequestInfo, 0,
 230                 certificateRequestInfo.length);
 231         sig = signature.sign();
 232         sigAlg = signature.getAlgorithm();
 233 
 234         /*
 235          * Build guts of SIGNED macro
 236          */
 237         AlgorithmId algId = null;
 238         try {
 239             AlgorithmParameters params = signature.getParameters();
 240             algId = params == null
 241                     ? AlgorithmId.get(signature.getAlgorithm())
 242                     : AlgorithmId.get(params);
 243         } catch (NoSuchAlgorithmException nsae) {
 244             throw new SignatureException(nsae);
 245         }
 246 
 247         algId.encode(scratch);     // sig algorithm
 248         scratch.putBitString(sig);                      // sig
 249 
 250         /*
 251          * Wrap those guts in a sequence
 252          */
 253         out = new DerOutputStream();
 254         out.write(DerValue.tag_Sequence, scratch);
 255         encoded = out.toByteArray();
 256     }
 257 
 258     /**
 259      * Returns the subject's name.
 260      */
 261     public X500Name getSubjectName() { return subject; }
 262 
 263     /**
 264      * Returns the subject's public key.
 265      */
 266     public PublicKey getSubjectPublicKeyInfo()
< prev index next >