当前位置: 首页>>代码示例>>Java>>正文


Java CertificationRequestInfo类代码示例

本文整理汇总了Java中org.bouncycastle.asn1.pkcs.CertificationRequestInfo的典型用法代码示例。如果您正苦于以下问题:Java CertificationRequestInfo类的具体用法?Java CertificationRequestInfo怎么用?Java CertificationRequestInfo使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。


CertificationRequestInfo类属于org.bouncycastle.asn1.pkcs包,在下文中一共展示了CertificationRequestInfo类的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: isSignatureValid

import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; //导入依赖的package包/类
/**
 * Validate the signature on the PKCS10 certification request in this holder.
 *
 * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
 * @return true if the signature is valid, false otherwise.
 * @throws PKCSException if the signature cannot be processed or is inappropriate.
 */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider)
    throws PKCSException
{
    CertificationRequestInfo requestInfo = certificationRequest.getCertificationRequestInfo();

    ContentVerifier verifier;

    try
    {
        verifier = verifierProvider.get(certificationRequest.getSignatureAlgorithm());

        OutputStream sOut = verifier.getOutputStream();

        sOut.write(requestInfo.getEncoded(ASN1Encoding.DER));

        sOut.close();
    }
    catch (Exception e)
    {
        throw new PKCSException("unable to process signature: " + e.getMessage(), e);
    }

    return verifier.verify(certificationRequest.getSignature().getBytes());
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:32,代码来源:PKCS10CertificationRequest.java

示例2: isSignatureValid

import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; //导入依赖的package包/类
/**
 * Validate the signature on the PKCS10 certification request in this holder.
 *
 * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
 * @return true if the signature is valid, false otherwise.
 * @throws PKCSException if the signature cannot be processed or is inappropriate.
 */
public boolean isSignatureValid(ContentVerifierProvider verifierProvider)
    throws PKCSException
{
    CertificationRequestInfo requestInfo = certificationRequest.getCertificationRequestInfo();

    ContentVerifier verifier;

    try
    {
        verifier = verifierProvider.get(certificationRequest.getSignatureAlgorithm());

        OutputStream sOut = verifier.getOutputStream();

        sOut.write(requestInfo.getEncoded(ASN1Encoding.DER));

        sOut.close();
    }
    catch (Exception e)
    {
        throw new PKCSException("unable to process signature: " + e.getMessage(), e);
    }

    return verifier.verify(this.getSignature());
}
 
开发者ID:ttt43ttt,项目名称:gwt-crypto,代码行数:32,代码来源:PKCS10CertificationRequest.java

示例3: getExtensions

import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; //导入依赖的package包/类
public static Extensions getExtensions(CertificationRequestInfo csr) {
    ParamUtil.requireNonNull("csr", csr);
    ASN1Set attrs = csr.getAttributes();
    for (int i = 0; i < attrs.size(); i++) {
        Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
        if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) {
            return Extensions.getInstance(attr.getAttributeValues()[0]);
        }
    }
    return null;
}
 
开发者ID:xipki,项目名称:xipki,代码行数:12,代码来源:CaUtil.java

示例4: getChallengePassword

import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; //导入依赖的package包/类
public static String getChallengePassword(CertificationRequestInfo csr) {
    ParamUtil.requireNonNull("csr", csr);
    ASN1Set attrs = csr.getAttributes();
    for (int i = 0; i < attrs.size(); i++) {
        Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
        if (PKCSObjectIdentifiers.pkcs_9_at_challengePassword.equals(attr.getAttrType())) {
            ASN1String str = (ASN1String) attr.getAttributeValues()[0];
            return str.getString();
        }
    }
    return null;
}
 
开发者ID:xipki,项目名称:xipki,代码行数:13,代码来源:CaUtil.java

示例5: execute0

import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; //导入依赖的package包/类
@Override
protected Object execute0() throws Exception {
    Set<String> issuerNames = qaSystemManager.issuerNames();
    if (isEmpty(issuerNames)) {
        throw new IllegalCmdParamException("no issuer is configured");
    }

    if (issuerName == null) {
        if (issuerNames.size() != 1) {
            throw new IllegalCmdParamException("no issuer is specified");
        }

        issuerName = issuerNames.iterator().next();
    }

    if (!issuerNames.contains(issuerName)) {
        throw new IllegalCmdParamException("issuer " + issuerName
                + " is not within the configured issuers " + issuerNames);
    }

    X509IssuerInfo issuerInfo = qaSystemManager.getIssuer(issuerName);

    X509CertprofileQa qa = qaSystemManager.getCertprofile(profileName);
    if (qa == null) {
        throw new IllegalCmdParamException("found no certificate profile named '"
                + profileName + "'");
    }

    CertificationRequest csr = CertificationRequest.getInstance(IoUtil.read(csrFile));
    Extensions extensions = null;
    CertificationRequestInfo reqInfo = csr.getCertificationRequestInfo();
    ASN1Set attrs = reqInfo.getAttributes();
    for (int i = 0; i < attrs.size(); i++) {
        Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
        if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) {
            extensions = Extensions.getInstance(attr.getAttributeValues()[0]);
        }
    }

    byte[] certBytes = IoUtil.read(certFile);
    ValidationResult result = qa.checkCert(certBytes, issuerInfo, reqInfo.getSubject(),
            reqInfo.getSubjectPublicKeyInfo(), extensions);
    StringBuilder sb = new StringBuilder();

    sb.append(certFile).append(" (certprofile ").append(profileName).append(")\n");
    sb.append("\tcertificate is ");
    sb.append(result.isAllSuccessful() ? "valid" : "invalid");

    if (verbose.booleanValue()) {
        for (ValidationIssue issue : result.validationIssues()) {
            sb.append("\n");
            format(issue, "    ", sb);
        }
    }

    println(sb.toString());
    if (!result.isAllSuccessful()) {
        throw new CmdFailure("certificate is invalid");
    }
    return null;
}
 
开发者ID:xipki,项目名称:xipki,代码行数:62,代码来源:CheckCertCmd.java

示例6: processP10cr

import org.bouncycastle.asn1.pkcs.CertificationRequestInfo; //导入依赖的package包/类
/**
 * handle the PKI body with the choice {@code p10cr}<br/>
 * Since it is not possible to add attribute to the PKCS#10 request (CSR), the certificate
 * profile must be specified in the attribute regInfo-utf8Pairs (1.3.6.1.5.5.7.5.2.1) within
 * PKIHeader.generalInfo
 *
 */
private PKIBody processP10cr(PKIMessage request, CmpRequestorInfo requestor,
        ASN1OctetString tid, PKIHeader reqHeader, CertificationRequest p10cr,
        CmpControl cmpControl, String msgId, AuditEvent event) {
    // verify the POP first
    CertResponse certResp;
    ASN1Integer certReqId = new ASN1Integer(-1);

    boolean certGenerated = false;
    X509Ca ca = getCa();

    if (!securityFactory.verifyPopo(p10cr, getCmpControl().popoAlgoValidator())) {
        LOG.warn("could not validate POP for the pkcs#10 requst");
        certResp = buildErrorCertResponse(certReqId, PKIFailureInfo.badPOP, "invalid POP");
    } else {
        CertificationRequestInfo certTemp = p10cr.getCertificationRequestInfo();
        Extensions extensions = CaUtil.getExtensions(certTemp);

        X500Name subject = certTemp.getSubject();
        SubjectPublicKeyInfo publicKeyInfo = certTemp.getSubjectPublicKeyInfo();

        CmpUtf8Pairs keyvalues = CmpUtil.extract(reqHeader.getGeneralInfo());
        String certprofileName = null;
        Date notBefore = null;
        Date notAfter = null;

        if (keyvalues != null) {
            certprofileName = keyvalues.value(CmpUtf8Pairs.KEY_CERT_PROFILE);

            String str = keyvalues.value(CmpUtf8Pairs.KEY_NOT_BEFORE);
            if (str != null) {
                notBefore = DateUtil.parseUtcTimeyyyyMMddhhmmss(str);
            }

            str = keyvalues.value(CmpUtf8Pairs.KEY_NOT_AFTER);
            if (str != null) {
                notAfter = DateUtil.parseUtcTimeyyyyMMddhhmmss(str);
            }
        }

        if (certprofileName == null) {
            certResp = buildErrorCertResponse(certReqId, PKIFailureInfo.badCertTemplate,
                    "badCertTemplate", null);
        } else {
            certprofileName = certprofileName.toUpperCase();
            if (!requestor.isCertProfilePermitted(certprofileName)) {
                String msg = "certprofile " + certprofileName + " is not allowed";
                certResp = buildErrorCertResponse(certReqId,
                        PKIFailureInfo.notAuthorized, msg);
            } else {
                CertTemplateData certTemplateData = new CertTemplateData(subject, publicKeyInfo,
                        notBefore, notAfter, extensions, certprofileName);

                certResp = generateCertificates(Arrays.asList(certTemplateData),
                        Arrays.asList(certReqId), requestor, tid, false, request,
                        cmpControl, msgId, event).get(0);
                certGenerated = true;
            }
        }
    }

    CMPCertificate[] caPubs = null;
    if (certGenerated && cmpControl.sendCaCert()) {
        caPubs = new CMPCertificate[]{ca.caInfo().certInCmpFormat()};
    }
    CertRepMessage repMessage = new CertRepMessage(caPubs, new CertResponse[]{certResp});

    return new PKIBody(PKIBody.TYPE_CERT_REP, repMessage);
}
 
开发者ID:xipki,项目名称:xipki,代码行数:76,代码来源:X509CaCmpResponderImpl.java


注:本文中的org.bouncycastle.asn1.pkcs.CertificationRequestInfo类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。