本文整理汇总了Java中javax.security.auth.x500.X500Principal类的典型用法代码示例。如果您正苦于以下问题:Java X500Principal类的具体用法?Java X500Principal怎么用?Java X500Principal使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
X500Principal类属于javax.security.auth.x500包,在下文中一共展示了X500Principal类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createKeys
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Creates a public and private key and stores it using the AndroidKeyStore,
* so that only this application will be able to access the keys.
*/
@SuppressWarnings("deprecation")
public void createKeys() throws Exception {
KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
keyStore.load(null);
if (keyStore.containsAlias(alias)) {
Log.d(TAG, "[containsAlias]");
return;
}
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 30);
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(context)
.setAlias(alias)
.setSubject(new X500Principal("CN=" + alias))
.setSerialNumber(BigInteger.TEN)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
KeyPairGenerator generator = KeyPairGenerator.getInstance(TYPE_RSA, ANDROID_KEY_STORE);
generator.initialize(spec);
KeyPair keyPair = generator.generateKeyPair();
Log.d(TAG, "Public Key is: " + keyPair.getPublic().toString());
}
示例2: findByIssuerAndSignature
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
@Override public X509Certificate findByIssuerAndSignature(X509Certificate cert) {
X500Principal issuer = cert.getIssuerX500Principal();
Set<X509Certificate> subjectCaCerts = subjectToCaCerts.get(issuer);
if (subjectCaCerts == null) return null;
for (X509Certificate caCert : subjectCaCerts) {
PublicKey publicKey = caCert.getPublicKey();
try {
cert.verify(publicKey);
return caCert;
} catch (Exception ignored) {
}
}
return null;
}
示例3: main
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
public static void main(String[] args) throws Exception {
X500Principal duke = new X500Principal("CN=Duke");
// should not throw NullPointerException
testImplies(duke, (Subject)null, false);
Set<Principal> principals = new HashSet<>();
principals.add(duke);
testImplies(duke, principals, true);
X500Principal tux = new X500Principal("CN=Tux");
principals.add(tux);
testImplies(duke, principals, true);
principals.add(new KerberosPrincipal("[email protected]"));
testImplies(duke, principals, true);
principals.clear();
principals.add(tux);
testImplies(duke, principals, false);
System.out.println("test passed");
}
示例4: getIssuerX500Principal
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Extract the issuer X500Principal from an X509CRL. Parses the encoded
* form of the CRL to preserve the principal's ASN.1 encoding.
*
* Called by java.security.cert.X509CRL.getIssuerX500Principal().
*/
public static X500Principal getIssuerX500Principal(X509CRL crl) {
try {
byte[] encoded = crl.getEncoded();
DerInputStream derIn = new DerInputStream(encoded);
DerValue tbsCert = derIn.getSequence(3)[0];
DerInputStream tbsIn = tbsCert.data;
DerValue tmp;
// skip version number if present
byte nextByte = (byte)tbsIn.peekByte();
if (nextByte == DerValue.tag_Integer) {
tmp = tbsIn.getDerValue();
}
tmp = tbsIn.getDerValue(); // skip signature
tmp = tbsIn.getDerValue(); // issuer
byte[] principalBytes = tmp.toByteArray();
return new X500Principal(principalBytes);
} catch (Exception e) {
throw new RuntimeException("Could not parse issuer", e);
}
}
示例5: verifyHostName
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Returns true if {@code certificate} matches {@code hostName}.
*/
private boolean verifyHostName(String hostName, X509Certificate certificate) {
hostName = hostName.toLowerCase(Locale.US);
boolean hasDns = false;
List<String> altNames = getSubjectAltNames(certificate, ALT_DNS_NAME);
for (int i = 0, size = altNames.size(); i < size; i++) {
hasDns = true;
if (verifyHostName(hostName, altNames.get(i))) {
return true;
}
}
if (!hasDns) {
X500Principal principal = certificate.getSubjectX500Principal();
// RFC 2818 advises using the most specific name for matching.
String cn = new DistinguishedNameParser(principal).findMostSpecific("cn");
if (cn != null) {
return verifyHostName(hostName, cn);
}
}
return false;
}
示例6: ForwardBuilder
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Initialize the builder with the input parameters.
*
* @param params the parameter set used to build a certification path
*/
ForwardBuilder(BuilderParams buildParams, boolean searchAllCertStores) {
super(buildParams);
// populate sets of trusted certificates and subject DNs
trustAnchors = buildParams.trustAnchors();
trustedCerts = new HashSet<X509Certificate>(trustAnchors.size());
trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size());
for (TrustAnchor anchor : trustAnchors) {
X509Certificate trustedCert = anchor.getTrustedCert();
if (trustedCert != null) {
trustedCerts.add(trustedCert);
trustedSubjectDNs.add(trustedCert.getSubjectX500Principal());
} else {
trustedSubjectDNs.add(anchor.getCA());
}
}
this.searchAllCertStores = searchAllCertStores;
}
示例7: testGetCN
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
@Test
public void testGetCN(@Mocked X500Principal aX500Principal, @Mocked MyX509Certificate myX509Certificate) {
new Expectations() {
{
aX500Principal.getName();
result = "CN=Test1234";
myX509Certificate.getSubjectX500Principal();
result = aX500Principal;
}
};
MyX509Certificate xxmyX509Certificate = new MyX509Certificate();
Set<String> strExpect = CertificateUtil.getCN(xxmyX509Certificate);
Assert.assertEquals(true, strExpect.contains("Test1234"));
}
示例8: ResponderId
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Constructs a {@code ResponderId} object from its DER-encoding.
*
* @param encodedData the DER-encoded bytes
*
* @throws IOException if the encodedData is not properly DER encoded
*/
public ResponderId(byte[] encodedData) throws IOException {
DerValue outer = new DerValue(encodedData);
if (outer.isContextSpecific((byte)Type.BY_NAME.value())
&& outer.isConstructed()) {
// Use the X500Principal constructor as a way to sanity
// check the incoming data.
responderName = new X500Principal(outer.getDataBytes());
encodedRid = principalToBytes();
type = Type.BY_NAME;
} else if (outer.isContextSpecific((byte)Type.BY_KEY.value())
&& outer.isConstructed()) {
// Use the KeyIdentifier constructor as a way to sanity
// check the incoming data.
responderKeyId =
new KeyIdentifier(new DerValue(outer.getDataBytes()));
encodedRid = keyIdToBytes();
type = Type.BY_KEY;
} else {
throw new IOException("Invalid ResponderId content");
}
}
示例9: runTest
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
@Override
public Map.Entry<Boolean, String> runTest() {
Boolean pass = Boolean.FALSE;
String message = null;
try {
// Test methods for pulling out the underlying
// X500Principal object
X500Principal testPrincipal =
new X500Principal(RESP_CERT_1_SUBJ);
if (!respByName.getResponderName().equals(testPrincipal)) {
message = "ResponderId Name did not match expected value";
} else if (respByKeyId.getResponderName() != null) {
message = "Non-null responder name returned from " +
"ResponderId constructed byKey";
} else {
pass = Boolean.TRUE;
}
} catch (Exception e) {
e.printStackTrace(System.out);
message = e.getClass().getName();
}
return new AbstractMap.SimpleEntry<>(pass, message);
}
示例10: createNewKeys
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
private static KeyPair createNewKeys(Context ctx, String alias) {
KeyPair keyPair = null;
try {
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 1);
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(ctx)
.setAlias(alias)
.setSubject(new X500Principal("CN=" + alias))
.setSerialNumber(BigInteger.ONE)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA", keyStoreInstance);
generator.initialize(spec);
keyPair = generator.generateKeyPair();
} catch (Exception e) {
Toast.makeText(ctx, "Exception " + e.getMessage() + " occured", Toast.LENGTH_LONG).show();
Log.e(TAG, Log.getStackTraceString(e));
}
return keyPair;
}
示例11: generateKeyPair
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
@TargetApi(Build.VERSION_CODES.JELLY_BEAN_MR2)
private static void generateKeyPair(Context context, String alias)
throws GeneralSecurityException {
final Calendar start = new GregorianCalendar();
final Calendar end = new GregorianCalendar();
end.add(Calendar.YEAR, 100);
final KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
final KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(context)
.setAlias(alias)
.setSubject(new X500Principal("CN=" + alias))
.setSerialNumber(BigInteger.ONE)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
gen.initialize(spec);
gen.generateKeyPair();
}
示例12: setTrustedSubjects
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Populate the trustedSubjects Map using the DN and public keys from
* the list of trusted certificates
*
* @return Map containing each subject DN and one or more public keys
* tied to those DNs.
*/
private Map<X500Principal, List<PublicKey>> setTrustedSubjects() {
Map<X500Principal, List<PublicKey>> subjectMap = new HashMap<>();
for (X509Certificate cert : trustedCerts) {
X500Principal dn = cert.getSubjectX500Principal();
List<PublicKey> keys;
if (subjectMap.containsKey(dn)) {
keys = subjectMap.get(dn);
} else {
keys = new ArrayList<PublicKey>();
subjectMap.put(dn, keys);
}
keys.add(cert.getPublicKey());
}
return subjectMap;
}
示例13: generateAsymmetricKeyPair
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
private static void generateAsymmetricKeyPair() throws SecureStorageException {
try {
if (isRTL()) {
Locale.setDefault(Locale.US);
}
Calendar start = Calendar.getInstance();
Calendar end = Calendar.getInstance();
end.add(Calendar.YEAR, 99);
KeyPairGeneratorSpec spec = new KeyPairGeneratorSpec.Builder(context.get())
.setAlias(KEY_ALIAS)
.setSubject(new X500Principal(KEY_X500PRINCIPAL))
.setSerialNumber(BigInteger.TEN)
.setStartDate(start.getTime())
.setEndDate(end.getTime())
.build();
KeyPairGenerator generator
= KeyPairGenerator.getInstance(KEY_ENCRYPTION_ALGORITHM, KEY_KEYSTORE_NAME);
generator.initialize(spec);
generator.generateKeyPair();
} catch (Exception e) {
throw new SecureStorageException(e.getMessage(), e, KEYSTORE_EXCEPTION);
}
}
示例14: getSubjectX500Name
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Return the subject of a certificate as X500Name, by reparsing if
* necessary. X500Name should only be used if access to name components
* is required, in other cases X500Principal is to be preferred.
*
* This method is currently used from within JSSE, do not remove.
*/
public static X500Name getSubjectX500Name(X509Certificate cert)
throws CertificateParsingException {
try {
Principal subjectDN = cert.getSubjectDN();
if (subjectDN instanceof X500Name) {
return (X500Name)subjectDN;
} else {
X500Principal subjectX500 = cert.getSubjectX500Principal();
return new X500Name(subjectX500.getEncoded());
}
} catch (IOException e) {
throw(CertificateParsingException)
new CertificateParsingException().initCause(e);
}
}
示例15: makeHelloMultiV2andSingle
import javax.security.auth.x500.X500Principal; //导入依赖的package包/类
/**
* Make a TLSv1.2 ClientHello multiple CertStatusReqItemV2s of different
* types. One of the middle items should be acceptable while the others
* have responder IDs. The status_request (v1) should also be acceptable
* but should be overridden in favor of the status_request_v2.
*/
private static ByteBuffer makeHelloMultiV2andSingle() throws IOException {
// Craft the ClientHello byte buffer
HelloExtensions exts = new HelloExtensions();
List<ResponderId> fooRid = Collections.singletonList(
new ResponderId(new X500Principal("CN=Foo")));
List<ResponderId> barRid = Collections.singletonList(
new ResponderId(new X500Principal("CN=Bar")));
List<CertStatusReqItemV2> itemList = new ArrayList<>();
itemList.add(new CertStatusReqItemV2(StatusRequestType.OCSP,
new OCSPStatusRequest(null, null)));
itemList.add(new CertStatusReqItemV2(StatusRequestType.OCSP_MULTI,
new OCSPStatusRequest(fooRid, null)));
itemList.add(new CertStatusReqItemV2(StatusRequestType.OCSP_MULTI,
new OCSPStatusRequest(null, null)));
itemList.add(new CertStatusReqItemV2(StatusRequestType.OCSP_MULTI,
new OCSPStatusRequest(barRid, null)));
exts.add(RNIEXT);
exts.add(SIGALGEXT);
exts.add(new CertStatusReqExtension(StatusRequestType.OCSP,
new OCSPStatusRequest(null, null)));
exts.add(new CertStatusReqListV2Extension(itemList));
return createTlsRecord(Record.ct_handshake, VER_1_2,
createClientHelloMsg(VER_1_2, SID, SUITES, exts));
}