本文整理汇总了Java中org.bouncycastle.asn1.x500.style.BCStyle.INSTANCE属性的典型用法代码示例。如果您正苦于以下问题:Java BCStyle.INSTANCE属性的具体用法?Java BCStyle.INSTANCE怎么用?Java BCStyle.INSTANCE使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类org.bouncycastle.asn1.x500.style.BCStyle的用法示例。
在下文中一共展示了BCStyle.INSTANCE属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createCertificateBuilder
private X509v3CertificateBuilder createCertificateBuilder(KeyPair keyPair) throws PropertyConfigurationException, CertIOException {
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, propertyConfigurationService.getConfigValue(CERT_COMMON_NAME_PROPERTY));
nameBuilder.addRDN(BCStyle.O, propertyConfigurationService.getConfigValue(CERT_ORGANISATION_PROPERTY));
nameBuilder.addRDN(BCStyle.OU, propertyConfigurationService.getConfigValue(CERT_ORGANISATIONAL_UNIT_PROPERTY));
nameBuilder.addRDN(BCStyle.C, propertyConfigurationService.getConfigValue(CERT_COUNTRY_PROPERTY));
X500Name x500Name = nameBuilder.build();
BigInteger serial = new BigInteger(CERT_SERIAL_NUMBER_BIT_SIZE, SecureRandomFactory.createPRNG());
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
Date startDate = new Date();
Date endDate = Date.from(startDate.toInstant().plus(propertyConfigurationService.getConfigValueAsInt(CERT_VALIDITY_DAYS_PROPERTY), ChronoUnit.DAYS));
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(x500Name, serial, startDate, endDate, x500Name, publicKeyInfo);
String certFriendlyName = propertyConfigurationService.getConfigValue(CERT_PRIVATE_FRIENDLY_NAME_PROPERTY);
certificateBuilder.addExtension(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, false, new DERBMPString(certFriendlyName));
return certificateBuilder;
}
示例2: generateCertSignRequest
/**
* This method creates the PKCS10 Certificate Sign Request which is to be sent to the SCEP Server using the
* generated PublicKey of the client. The certificate parameters used here are the ones from the AgentManager
* which are the values read from the configurations file.
*
* @return the PKCS10CertificationRequest object created using the client specific configs and the generated
* PublicKey
* @throws AgentCoreOperationException if an error occurs when creating a content signer to sign the CSR.
*/
private PKCS10CertificationRequest generateCertSignRequest() throws AgentCoreOperationException {
// Build the CN for the cert we are requesting.
X500NameBuilder nameBld = new X500NameBuilder(BCStyle.INSTANCE);
nameBld.addRDN(BCStyle.CN, AgentManager.getInstance().getAgentConfigs().getDeviceName());
nameBld.addRDN(BCStyle.O, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
nameBld.addRDN(BCStyle.OU, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
nameBld.addRDN(BCStyle.UNIQUE_IDENTIFIER, AgentManager.getInstance().getAgentConfigs().getDeviceId());
X500Name principal = nameBld.build();
JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SIGNATURE_ALG).setProvider(PROVIDER);
ContentSigner contentSigner;
try {
contentSigner = contentSignerBuilder.build(this.privateKey);
} catch (OperatorCreationException e) {
String errorMsg = "Could not create content signer with private key.";
log.error(errorMsg);
throw new AgentCoreOperationException(errorMsg, e);
}
// Generate the certificate signing request (csr = PKCS10)
PKCS10CertificationRequestBuilder reqBuilder = new JcaPKCS10CertificationRequestBuilder(principal,
this.publicKey);
return reqBuilder.build(contentSigner);
}
示例3: generateKey
private Pair<Key, X509Certificate> generateKey(String name)
throws GeneralSecurityException, OperatorCreationException {
logger.debug("generating self-signed cert for {}", name);
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", provider);
kpGen.initialize(1024, new SecureRandom());
KeyPair pair = kpGen.generateKeyPair();
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.OU, "None");
builder.addRDN(BCStyle.O, "None");
builder.addRDN(BCStyle.CN, name);
Instant now = Instant.now();
Date notBefore = Date.from(now);
Date notAfter = Date.from(now.plus(365, ChronoUnit.DAYS));
BigInteger serial = BigInteger.valueOf(now.getEpochSecond());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), serial, notBefore, notAfter,
builder.build(), pair.getPublic());
ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption")
.setProvider(provider)
.build(pair.getPrivate());
X509Certificate cert = new JcaX509CertificateConverter()
.setProvider(provider)
.getCertificate(certGen.build(sigGen));
return Pair.of(pair.getPrivate(), cert);
}
示例4: generateTestCertificate
public static X509Certificate generateTestCertificate(KeyPair pair) throws CertificateException, OperatorCreationException {
final X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
final X500Name cn = nameBuilder.addRDN(BCStyle.CN, "Test Certificate").build();
final byte[] encoded = pair.getPublic().getEncoded();
final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(encoded));
final X509v1CertificateBuilder certBuilder = new X509v1CertificateBuilder(
cn,
BigInteger.valueOf(System.currentTimeMillis()),
new Date(System.currentTimeMillis() - 10000),
new Date(System.currentTimeMillis() + 10000),
cn,
subjectPublicKeyInfo
);
final JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
final ContentSigner contentSigner = contentSignerBuilder.build(pair.getPrivate());
final X509CertificateHolder certificateHolder = certBuilder.build(contentSigner);
return new JcaX509CertificateConverter().setProvider( "BC" ).getCertificate(certificateHolder);
}
示例5: createEntryValue
private ASN1Encodable createEntryValue(ASN1ObjectIdentifier oid, String value)
{
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(oid, value);
X500Name name = builder.build();
ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive());
seq = (ASN1Sequence)set.getObjectAt(0);
return seq.getObjectAt(1);
}
示例6: createEntryValueFromString
private ASN1Encodable createEntryValueFromString(ASN1ObjectIdentifier oid, String value)
{
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(oid, value);
X500Name name = new X500Name(builder.build().toString());
ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive());
seq = (ASN1Sequence)set.getObjectAt(0);
return seq.getObjectAt(1);
}
示例7: createRootCertificate
public static KeyStore createRootCertificate(Authority authority, String keyStoreType)
throws NoSuchAlgorithmException, NoSuchProviderException, CertIOException, IOException,
OperatorCreationException, CertificateException, KeyStoreException {
KeyPair keyPair = generateKeyPair(ROOT_KEYSIZE);
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, authority.commonName());
nameBuilder.addRDN(BCStyle.O, authority.organization());
nameBuilder.addRDN(BCStyle.OU, authority.organizationalUnitName());
X500Name issuer = nameBuilder.build();
BigInteger serial = BigInteger.valueOf(initRandomSerial());
X500Name subject = issuer;
PublicKey pubKey = keyPair.getPublic();
X509v3CertificateBuilder generator = new JcaX509v3CertificateBuilder(issuer, serial, NOT_BEFORE, NOT_AFTER,
subject, pubKey);
generator.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(pubKey));
generator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment
| KeyUsage.dataEncipherment | KeyUsage.cRLSign);
generator.addExtension(Extension.keyUsage, false, usage);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
generator.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
X509Certificate cert = signCertificate(generator, keyPair.getPrivate());
KeyStore result = KeyStore.getInstance(keyStoreType/* , PROVIDER_NAME */);
result.load(null, null);
result.setKeyEntry(authority.alias(), keyPair.getPrivate(), authority.password(), new Certificate[] { cert });
return result;
}
示例8: createServerCertificate
public static KeyStore createServerCertificate(String commonName,
SubjectAlternativeNameHolder subjectAlternativeNames, Authority authority, Certificate caCert,
PrivateKey caPrivKey)
throws NoSuchAlgorithmException, NoSuchProviderException, IOException, OperatorCreationException,
CertificateException, InvalidKeyException, SignatureException, KeyStoreException {
KeyPair keyPair = generateKeyPair(FAKE_KEYSIZE);
X500Name issuer = new X509CertificateHolder(caCert.getEncoded()).getSubject();
BigInteger serial = BigInteger.valueOf(initRandomSerial());
X500NameBuilder name = new X500NameBuilder(BCStyle.INSTANCE);
name.addRDN(BCStyle.CN, commonName);
name.addRDN(BCStyle.O, authority.certOrganisation());
name.addRDN(BCStyle.OU, authority.certOrganizationalUnitName());
X500Name subject = name.build();
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuer, serial, NOT_BEFORE, NOT_AFTER,
subject, keyPair.getPublic());
builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(keyPair.getPublic()));
builder.addExtension(Extension.basicConstraints, false, new BasicConstraints(false));
subjectAlternativeNames.fillInto(builder);
X509Certificate cert = signCertificate(builder, caPrivKey);
cert.checkValidity(new Date());
cert.verify(caCert.getPublicKey());
KeyStore result = KeyStore.getInstance("PKCS12"
/* , PROVIDER_NAME */);
result.load(null, null);
Certificate[] chain = { cert, caCert };
result.setKeyEntry(authority.alias(), keyPair.getPrivate(), authority.password(), chain);
return result;
}
示例9: initializeKeyStore
public void initializeKeyStore() throws GeneralSecurityException, IOException {
KeyPair keyPair = generateKeyPair(1024);
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, commonName);
nameBuilder.addRDN(BCStyle.O, organization);
nameBuilder.addRDN(BCStyle.OU, organizationalUnitName);
X500Name issuer = nameBuilder.build();
BigInteger serial = BigInteger.valueOf(initRandomSerial());
X500Name subject = issuer;
PublicKey pubKey = keyPair.getPublic();
X509v3CertificateBuilder generator = new JcaX509v3CertificateBuilder(issuer, serial, NOT_BEFORE, NOT_AFTER,
subject, pubKey);
generator.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(pubKey));
generator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment
| KeyUsage.dataEncipherment | KeyUsage.cRLSign);
generator.addExtension(Extension.keyUsage, false, usage);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
generator.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
X509Certificate cert = signCertificate(generator, keyPair.getPrivate());
KeyStore keystore = KeyStore.getInstance(KEY_STORE_TYPE);
keystore.load(null, null);
keystore.setKeyEntry(alias, keyPair.getPrivate(), password, new Certificate[] { cert });
try (OutputStream os = new FileOutputStream(aliasFile(KEY_STORE_FILE_EXTENSION))) {
keystore.store(os, password);
}
exportPem(aliasFile(".pem"), cert);
}
示例10: createX500NameForCertificate
/**
* Creates an X500Name based on the specified certificateInfo.
*
* @param certificateInfo information to populate the X500Name with
* @return a new X500Name object for use as a subject or issuer
*/
private static X500Name createX500NameForCertificate(CertificateInfo certificateInfo) {
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
if (certificateInfo.getCommonName() != null) {
x500NameBuilder.addRDN(BCStyle.CN, certificateInfo.getCommonName());
}
if (certificateInfo.getOrganization() != null) {
x500NameBuilder.addRDN(BCStyle.O, certificateInfo.getOrganization());
}
if (certificateInfo.getOrganizationalUnit() != null) {
x500NameBuilder.addRDN(BCStyle.OU, certificateInfo.getOrganizationalUnit());
}
if (certificateInfo.getEmail() != null) {
x500NameBuilder.addRDN(BCStyle.E, certificateInfo.getEmail());
}
if (certificateInfo.getLocality() != null) {
x500NameBuilder.addRDN(BCStyle.L, certificateInfo.getLocality());
}
if (certificateInfo.getState() != null) {
x500NameBuilder.addRDN(BCStyle.ST, certificateInfo.getState());
}
if (certificateInfo.getCountryCode() != null) {
x500NameBuilder.addRDN(BCStyle.C, certificateInfo.getCountryCode());
}
// TODO: Add more X.509 certificate fields as needed
return x500NameBuilder.build();
}
示例11: getSubject
protected X500Name getSubject(String commonName) {
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
x500NameBuilder.addRDN(BCStyle.CN, commonName);
x500NameBuilder.addRDN(BCStyle.O, _certificateAuthority.getOrganization());
x500NameBuilder.addRDN(BCStyle.OU, _certificateAuthority.getOrganizationalUnit());
return x500NameBuilder.build();
}
示例12: buildDistinguishedName
/**
* Builds a distinguished name from the X509Metadata.
*
* @return a DN
*/
private static X500Name buildDistinguishedName(X509Metadata metadata) {
X500NameBuilder dnBuilder = new X500NameBuilder(BCStyle.INSTANCE);
setOID(dnBuilder, metadata, "C", null);
setOID(dnBuilder, metadata, "ST", null);
setOID(dnBuilder, metadata, "L", null);
setOID(dnBuilder, metadata, "O", "Fathom");
setOID(dnBuilder, metadata, "OU", "Fathom");
setOID(dnBuilder, metadata, "E", metadata.emailAddress);
setOID(dnBuilder, metadata, "CN", metadata.commonName);
X500Name dn = dnBuilder.build();
return dn;
}
示例13: newX500Name
public static X500Name newX500Name(String commonName, String orgName, String ouName) {
X500NameBuilder b = new X500NameBuilder(BCStyle.INSTANCE);
b.addRDN(BCStyle.CN, commonName);
b.addRDN(BCStyle.OU, ouName);
b.addRDN(BCStyle.O, orgName);
return b.build();
}
示例14: buildCertificate
/**
* Build self signed certificate from key pair.
* @param commonName the certificate common name
* @param ipAddress the subject alternative name IP address or null
* @param keyPair the key pair.
* @return the certificate
* @throws Exception if error occurs in certificate generation process.
*/
private static X509Certificate buildCertificate(final String commonName, final String ipAddress,
KeyPair keyPair) throws Exception {
final Date notBefore = new Date(System.currentTimeMillis() - 1000 * 60 * 60 * 24);
final Date notAfter = DateUtils.addYears(notBefore, 100);
final BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
final X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, commonName);
final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(
ASN1Sequence.getInstance(keyPair.getPublic().getEncoded()));
final X509v3CertificateBuilder certGen = new X509v3CertificateBuilder(nameBuilder.build(),
serial, notBefore, notAfter, nameBuilder.build(), subjectPublicKeyInfo);
if (ipAddress != null) {
certGen.addExtension(Extension.subjectAlternativeName,
false, new GeneralNames(
new GeneralName(GeneralName.iPAddress, ipAddress)));
}
final ContentSigner sigGen = new JcaContentSignerBuilder(CERTIFICATE_SIGNATURE_ALGORITHM)
.setProvider(PROVIDER).build(keyPair.getPrivate());
final X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER)
.getCertificate(certGen.build(sigGen));
return cert;
}
示例15: generateSelfSignedCertificate
public static X509Certificate generateSelfSignedCertificate(
String cn, String ou, String o, String l, String s, String c, KeyPair pair, String signatureType) {
try {
// Generate self-signed certificate
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.OU, ou);
builder.addRDN(BCStyle.O, o);
builder.addRDN(BCStyle.L, l);
builder.addRDN(BCStyle.ST, s);
builder.addRDN(BCStyle.CN, cn);
Date notBefore = new Date(System.currentTimeMillis() - 1000L * 60
* 60 * 24 * 30);
Date notAfter = new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 365 * 10));
BigInteger serial = BigInteger.valueOf(System.currentTimeMillis());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
builder.build(), serial, notBefore, notAfter,
builder.build(), pair.getPublic());
ContentSigner sigGen = new JcaContentSignerBuilder(
signatureType).setProvider(BC).build(
pair.getPrivate());
X509Certificate cert = new JcaX509CertificateConverter()
.setProvider(BC).getCertificate(certGen.build(sigGen));
cert.checkValidity(new Date());
cert.verify(cert.getPublicKey());
return cert;
} catch (Throwable t) {
throw new RuntimeException(
"Failed to generate self-signed certificate!", t);
}
}