本文整理汇总了Java中org.bouncycastle.asn1.x500.X500Name类的典型用法代码示例。如果您正苦于以下问题:Java X500Name类的具体用法?Java X500Name怎么用?Java X500Name使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
X500Name类属于org.bouncycastle.asn1.x500包,在下文中一共展示了X500Name类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generate
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public X509Certificate generate(String dn, KeyPair keyPair) throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
if (subjectAltName != null)
v3CertGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
X509CertificateHolder certificateHolder = v3CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
示例2: getSignerId
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public SignerId getSignerId(X509CertSelector certSelector)
{
try
{
if (certSelector.getSubjectKeyIdentifier() != null)
{
return new SignerId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
}
else
{
return new SignerId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
}
}
catch (IOException e)
{
throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
}
}
示例3: X509v1CertificateBuilder
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
/**
* Create a builder for a version 1 certificate.
*
* @param issuer the certificate issuer
* @param serial the certificate serial number
* @param notBefore the date before which the certificate is not valid
* @param notAfter the date after which the certificate is not valid
* @param subject the certificate subject
* @param publicKeyInfo the info structure for the public key to be associated with this certificate.
*/
public X509v1CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
{
if (issuer == null)
{
throw new IllegalArgumentException("issuer must not be null");
}
if (publicKeyInfo == null)
{
throw new IllegalArgumentException("publicKeyInfo must not be null");
}
tbsGen = new V1TBSCertificateGenerator();
tbsGen.setSerialNumber(new ASN1Integer(serial));
tbsGen.setIssuer(issuer);
tbsGen.setStartDate(new Time(notBefore));
tbsGen.setEndDate(new Time(notAfter));
tbsGen.setSubject(subject);
tbsGen.setSubjectPublicKeyInfo(publicKeyInfo);
}
示例4: toString
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public String toString(X500Name name)
{
StringBuffer buf = new StringBuffer();
boolean first = true;
RDN[] rdns = name.getRDNs();
for (int i = 0; i < rdns.length; i++)
{
if (first)
{
first = false;
}
else
{
buf.append(',');
}
IETFUtils.appendRDN(buf, rdns[i], DefaultSymbols);
}
return buf.toString();
}
示例5: loadCRLEntries
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
private Set loadCRLEntries()
{
Set entrySet = new HashSet();
Enumeration certs = c.getRevokedCertificateEnumeration();
X500Name previousCertificateIssuer = null; // the issuer
while (certs.hasMoreElements())
{
TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry)certs.nextElement();
X509CRLEntryObject crlEntry = new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
entrySet.add(crlEntry);
if (isIndirect && entry.hasExtensions())
{
Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null)
{
previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
}
return entrySet;
}
示例6: areEqual
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public boolean areEqual(X500Name name1, X500Name name2)
{
RDN[] rdns1 = name1.getRDNs();
RDN[] rdns2 = name2.getRDNs();
if (rdns1.length != rdns2.length)
{
return false;
}
for (int i = 0; i != rdns1.length; i++)
{
if (!rdnAreEqual(rdns1[i], rdns2[i]))
{
return false;
}
}
return true;
}
示例7: parse
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
/**
* Parse a {@link CertificateRequest} from an {@link InputStream}.
*
* @param input the {@link InputStream} to parse from.
* @return a {@link CertificateRequest} object.
* @throws IOException
*/
public static CertificateRequest parse(InputStream input)
throws IOException
{
int numTypes = TlsUtils.readUint8(input);
short[] certificateTypes = new short[numTypes];
for (int i = 0; i < numTypes; ++i)
{
certificateTypes[i] = TlsUtils.readUint8(input);
}
byte[] authorities = TlsUtils.readOpaque16(input);
Vector authorityDNs = new Vector();
ByteArrayInputStream bis = new ByteArrayInputStream(authorities);
while (bis.available() > 0)
{
byte[] dnBytes = TlsUtils.readOpaque16(bis);
authorityDNs.addElement(X500Name.getInstance(ASN1Primitive.fromByteArray(dnBytes)));
}
return new CertificateRequest(certificateTypes, authorityDNs);
}
示例8: generateServerCertificate
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public static X500PrivateCredential generateServerCertificate(KeyPair caKeyPair) throws NoSuchAlgorithmException, CertificateException, OperatorCreationException, CertIOException {
X500Name issuerName = new X500Name("CN=bouncrca");
X500Name subjectName = new X500Name("CN=bouncr");
BigInteger serial = BigInteger.valueOf(2);
long t1 = System.currentTimeMillis();
KeyPairGenerator rsa = KeyPairGenerator.getInstance("RSA");
rsa.initialize(2048, SecureRandom.getInstance("NativePRNGNonBlocking"));
KeyPair kp = rsa.generateKeyPair();
System.out.println(System.currentTimeMillis() - t1);
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, kp.getPublic());
DERSequence subjectAlternativeNames = new DERSequence(new ASN1Encodable[] {
new GeneralName(GeneralName.dNSName, "localhost"),
new GeneralName(GeneralName.dNSName, "127.0.0.1")
});
builder.addExtension(Extension.subjectAlternativeName, false, subjectAlternativeNames);
X509Certificate cert = signCertificate(builder, caKeyPair.getPrivate());
return new X500PrivateCredential(cert, kp.getPrivate());
}
示例9: getCommonName
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public static String getCommonName(X500Name name) {
ParamUtil.requireNonNull("name", name);
RDN[] rdns = name.getRDNs(ObjectIdentifiers.DN_CN);
if (rdns != null && rdns.length > 0) {
RDN rdn = rdns[0];
AttributeTypeAndValue atv = null;
if (rdn.isMultiValued()) {
for (AttributeTypeAndValue m : rdn.getTypesAndValues()) {
if (m.getType().equals(ObjectIdentifiers.DN_CN)) {
atv = m;
break;
}
}
} else {
atv = rdn.getFirst();
}
return (atv == null) ? null : rdnValueToString(atv.getValue());
}
return null;
}
示例10: addSelfSignedCertificate
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public void addSelfSignedCertificate(String certificateAlias, String dn, String password) {
try {
KeyPair keys = generateKeyPair();
Calendar start = Calendar.getInstance();
Calendar expiry = Calendar.getInstance();
expiry.add(Calendar.YEAR, 1);
X500Name name = new X500Name(dn);
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(name, BigInteger.ONE,
start.getTime(), expiry.getTime(), name, SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded()));
ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(new BouncyCastleProvider()).build(keys.getPrivate());
X509CertificateHolder holder = certificateBuilder.build(signer);
Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);
Entry entry = new PrivateKeyEntry(keys.getPrivate(), new Certificate[]{ cert });
keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray()));
} catch (GeneralSecurityException | OperatorCreationException ex) {
throw new RuntimeException("Unable to generate self-signed certificate", ex);
}
}
示例11: getInstance
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public static X509Name getInstance(
Object obj)
{
if (obj == null || obj instanceof X509Name)
{
return (X509Name)obj;
}
else if (obj instanceof X500Name)
{
return new X509Name(ASN1Sequence.getInstance(((X500Name)obj).toASN1Primitive()));
}
else if (obj != null)
{
return new X509Name(ASN1Sequence.getInstance(obj));
}
return null;
}
示例12: getKeyTransRecipientId
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public KeyTransRecipientId getKeyTransRecipientId(X509CertSelector certSelector)
{
try
{
if (certSelector.getSubjectKeyIdentifier() != null)
{
return new KeyTransRecipientId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
}
else
{
return new KeyTransRecipientId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
}
}
catch (IOException e)
{
throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
}
}
示例13: getCertificateRequest
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public CertificateRequest getCertificateRequest() throws IOException {
short[] certificateTypes = new short[]{ClientCertificateType.rsa_sign,
ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign};
Vector serverSigAlgs = null;
if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(serverVersion)) {
serverSigAlgs = TlsUtils.getDefaultSupportedSignatureAlgorithms();
}
Vector<X500Name> certificateAuthorities = new Vector<>();
certificateAuthorities.addElement(
cert.getCertificateAt(0).getSubject()
);
return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
}
示例14: genCert
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
/**
* 动态生成服务器证书,并进行CA签授
*
* @param issuer 颁发机构
*/
public static X509Certificate genCert(String issuer, PrivateKey caPriKey, Date caNotBefore,
Date caNotAfter, PublicKey serverPubKey,
String... hosts) throws Exception {
/* String issuer = "C=CN, ST=GD, L=SZ, O=lee, OU=study, CN=ProxyeeRoot";
String subject = "C=CN, ST=GD, L=SZ, O=lee, OU=study, CN=" + host;*/
//根据CA证书subject来动态生成目标服务器证书的issuer和subject
String subject = "C=CN, ST=GD, L=SZ, O=lee, OU=study, CN=" + hosts[0];
//doc from https://www.cryptoworkshop.com/guide/
JcaX509v3CertificateBuilder jv3Builder = new JcaX509v3CertificateBuilder(new X500Name(issuer),
//issue#3 修复ElementaryOS上证书不安全问题(serialNumber为1时证书会提示不安全),避免serialNumber冲突,采用时间戳+4位随机数生成
BigInteger.valueOf(System.currentTimeMillis() + (long) (Math.random() * 10000) + 1000),
caNotBefore,
caNotAfter,
new X500Name(subject),
serverPubKey);
//SAN扩展证书支持的域名,否则浏览器提示证书不安全
GeneralName[] generalNames = new GeneralName[hosts.length];
for (int i = 0; i < hosts.length; i++) {
generalNames[i] = new GeneralName(GeneralName.dNSName, hosts[i]);
}
GeneralNames subjectAltName = new GeneralNames(generalNames);
jv3Builder.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
//SHA256 用SHA1浏览器可能会提示证书不安全
ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(caPriKey);
return new JcaX509CertificateConverter().getCertificate(jv3Builder.build(signer));
}
示例15: calculateHashCode
import org.bouncycastle.asn1.x500.X500Name; //导入依赖的package包/类
public int calculateHashCode(X500Name name)
{
int hashCodeValue = 0;
RDN[] rdns = name.getRDNs();
// this needs to be order independent, like equals
for (int i = 0; i != rdns.length; i++)
{
if (rdns[i].isMultiValued())
{
AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues();
for (int j = 0; j != atv.length; j++)
{
hashCodeValue ^= atv[j].getType().hashCode();
hashCodeValue ^= calcHashCode(atv[j].getValue());
}
}
else
{
hashCodeValue ^= rdns[i].getFirst().getType().hashCode();
hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue());
}
}
return hashCodeValue;
}