Signing a X.509 certificate in Java -


i want find out how sign x.509 certificate.

i have set openssl ca create demo certificate. certificate fine , can see relevant elements using tool called dumpasn1. theoretically know have sign structure called "tbscertificate" compounds attributes version , serial number signature, issuer, validity, subject, subjectpublickeyinfo , extensions.

however, when try mimic in java, unfortunately not work. is:

  • i read "tbscertificate"-portion of der-encoded certificate
  • then private key issuing ca
  • last try sign tbscertificate-structure using following code:

.

public static void sign(byte [] data) throws exception   {     string algorithm = "sha256withecdsa";     privatekey privkey;     keypair keypair;      keypair = getkeypairfompem();     privkey = keypair.getprivate();      signature ecdsa;     ecdsa = signature.getinstance(algorithm, "bc");     ecdsa.initsign(privkey);     ecdsa.update(data);     byte[] basignature = ecdsa.sign();  } 

unfortunately result not match signature in certificate, made kind of error. signature algorithm same used in certificate (sha256withecdsa), suspect did not choose right portion of tbscertificate structure.

my certificate 530 bytes long. start reading offset 4 (skipping initial sequence tag , length bytes) end of extensions (stopping before begin of certificate section).

can tell if right array of bytes have read "tbscertificate" structure? or other error may have made don't see right now? certificate definitively ok, double checked certificate , signing algorithm using following java code.

public static x509certificate loadcertificate(string filename) {     inputstream in;     byte [] signature;     x509certificate cert = null;     try     {         in = new fileinputstream(filename);         certificatefactory factory = certificatefactory.getinstance("x.509");         cert = (x509certificate) factory.generatecertificate(in);         signature = cert.getsignature();         system.out.println("signature algorithm: " + cert.getsigalgname());         system.out.println(signature);         return cert;     }     catch (filenotfoundexception e)     {         e.printstacktrace();     }     catch (certificateexception e)     {         e.printstacktrace();     }     return cert; } 

ecdsa doesn't produce stable signatures, if test produced same answer won't work. can verify signature on certificate verifying signature presented against tbscertificate data.

your approach work rsa signature, since that's stable signature algorithm (with pkcs1 padding, not pss).

as finding tbscertificate: seem have idea of der encoding is, feel compelled provide guidance based on loose description in question:

the binary encoded form of certificate in der. first byte 0x30 ((constructed) sequence). next byte either how long sequence (< 0x80) or how long length (0x82 => next 2 bytes big-endian length). next byte again 0x30, start of tbscertificate encoded value. can read length of structure, , compute correct end offset tbscertificate.

the certificate structure can found in rfc 3280. (there's update in rfc 5280 i've heard people "that didn't approved standard".) it's available, along attribute certificates, in itu-t x.509 -- x.509 in x.509 certificate comes from. linked 2012 version because 2016 version behind paywall.


Comments

Popular posts from this blog

javascript - Clear button on addentry page doesn't work -

c# - Selenium Authentication Popup preventing driver close or quit -

tensorflow when input_data MNIST_data , zlib.error: Error -3 while decompressing: invalid block type -