View Javadoc

1   /*
2    * The MIT License
3    *
4    * Original work sponsored and donated by National Board of e-Health (NSI), Denmark (http://www.nsi.dk)
5    *
6    * Copyright (C) 2011 National Board of e-Health (NSI), Denmark (http://www.nsi.dk)
7    *
8    * Permission is hereby granted, free of charge, to any person obtaining a copy of
9    * this software and associated documentation files (the "Software"), to deal in
10   * the Software without restriction, including without limitation the rights to
11   * use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies
12   * of the Software, and to permit persons to whom the Software is furnished to do
13   * so, subject to the following conditions:
14   *
15   * The above copyright notice and this permission notice shall be included in all
16   * copies or substantial portions of the Software.
17   *
18   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
19   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
20   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
21   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
22   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
23   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
24   * SOFTWARE.
25   *
26   * $HeadURL: https://svn.softwareborsen.dk/sosi/trunk/modules/seal/src/main/java/dk/sosi/seal/security/BCCertificateRequestHandler.java $
27   * $Id: BCCertificateRequestHandler.java 8697 2011-09-02 10:33:55Z chg@lakeside.dk $
28   */
29  package dk.sosi.seal.security;
30  
31  import org.bouncycastle.asn1.x509.X509Name;
32  import org.bouncycastle.jce.PKCS10CertificationRequest;
33  import org.bouncycastle.jce.provider.BouncyCastleProvider;
34  
35  import java.security.*;
36  
37  /**
38   * Bouncy Castle specifik implementation of CertificateRequestHandler
39   * 
40   * @author ${user}
41   * @author $$LastChangedBy: chg@lakeside.dk $$
42   * @version $$Revision: 8697 $$
43   * @since 1.4.2
44   */
45  public class BCCertificateRequestHandler implements CertificateRequestHandler { //NOPMD
46  
47  	public byte[] getCertificateRequest(PublicKey publicKey, PrivateKey privateKey, String referenceNumber) {
48  		//Remove BC again - we will not add BC as provider unwanted.
49  		boolean bcAdded = false;
50  		if(Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null) {
51  			Security.addProvider(new BouncyCastleProvider());
52  			bcAdded = true;
53  		}
54  		
55  		try {
56  			PKCS10CertificationRequest pkcs10;
57  			pkcs10 = new PKCS10CertificationRequest(
58  					"SHA1WithRSA", new X509Name("CN=" + referenceNumber), publicKey, null, privateKey
59  			);
60  			return pkcs10.getEncoded();
61  		} catch (InvalidKeyException e) {
62  			throw new CryptoFacadeException("Failed to generate keypair", e);
63  		} catch (NoSuchAlgorithmException e) {
64  			throw new CryptoFacadeException("Failed to generate keypair", e);
65  		} catch (NoSuchProviderException e) {
66  			throw new CryptoFacadeException("Failed to generate keypair", e);
67  		} catch (SignatureException e) {
68  			throw new CryptoFacadeException("Failed to generate keypair", e);
69  		} finally {
70  			if(bcAdded) {
71  				Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
72  			}
73  		}
74  	}
75  }