Common Cryptography utils

Digitally sign given dokument with Xades signature

File tokenFile = new File("token.p12");
KeyStore.PasswordProtection pas = new KeyStore.PasswordProtection("_____token_password_____".toCharArray());;

val signer = new P12Signer(pas, tokenFile);

ByteArrayInputStream is = new ByteArrayInputStream(toSigned);
DSSDocument signedDocument = signer.sign(is);

ByteArrayOutputStream signed = new ByteArrayOutputStream();
signedDocument.writeTo(signed);

Prepare RSA CSR

KeyPair keyPair = RsaUtil.generateKeyPair(4094);

PKCS10CertificationRequest csr = RsaUtil.generateCSR("CN=Adrian Lapierre, OU=Java, O=ITrust sp. z o.o., C=PL, [email protected]",
        KeyUsageEnum.SIGN_ENCRYPT,
        keyPair);

RsaUtil.savePem(csr, Files.newOutputStream(createTmpFile("csr", ".csr").toPath()));
RsaUtil.savePem(keyPair.getPrivate(), "alamakota".toCharArray(), Files.newOutputStream(createTmpFile("id_key", ".pem").toPath()));
RsaUtil.savePem(keyPair.getPublic(), Files.newOutputStream(createTmpFile("public", ".pem").toPath()));

Sign given CSR and pack into .p12 file

val caKey = RsaUtil.loadPrivateKey(new FileReader("src/test/resources/Digital_Signature_CA_PK.pem"));
val cert = RsaUtil.loadPemCert(new FileReader("src/test/resources/Digital_Signature_CA.crt"));
val caCert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(cert);

LocalDate dateTo = LocalDate.now().plusYears(1);

val signed = RsaUtil.createCertificate(
        csr,
        keyPair.getPublic(),
        caCert,
        caKey,
        new Date(),
        java.sql.Date.valueOf(dateTo));

val certChain = Arrays.asList(new X509CertificateHolder(signed.getEncoded()), cert);

RsaUtil.packToPKCS12(createTmpFile("stamp", ".p12"), null, "123ewqasd".toCharArray(),
        keyPair.getPrivate(), certChain);

Generate self-signed CA with no key encryption

openssl req -x509 \
-sha256 -days 9125 \
-nodes \
-newkey rsa:2048 \
-subj "/CN=My test root CA/C=FR/L=St. Tropez/O=My corp" \
-keyout Digital_Signature_CA_PK.pem -out Digital_Signature_CA.crt