本文整理汇总了Java中org.bouncycastle.asn1.x500.style.BCStyle类的典型用法代码示例。如果您正苦于以下问题:Java BCStyle类的具体用法?Java BCStyle怎么用?Java BCStyle使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
BCStyle类属于org.bouncycastle.asn1.x500.style包,在下文中一共展示了BCStyle类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: rolesFromDN
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
private Set<String> rolesFromDN(String userDN) throws LDAPException, GeneralSecurityException {
SearchRequest searchRequest = new SearchRequest(config.getRoleBaseDN(),
SearchScope.SUB, Filter.createEqualityFilter("uniqueMember", userDN));
Set<String> roles = Sets.newLinkedHashSet();
LDAPConnection connection = connectionFactory.getLDAPConnection();
try {
SearchResult sr = connection.search(searchRequest);
for (SearchResultEntry sre : sr.getSearchEntries()) {
X500Name x500Name = new X500Name(sre.getDN());
RDN[] rdns = x500Name.getRDNs(BCStyle.CN);
if (rdns.length == 0) {
logger.error("Could not create X500 Name for role:" + sre.getDN());
} else {
String commonName = IETFUtils.valueToString(rdns[0].getFirst().getValue());
roles.add(commonName);
}
}
} finally {
connection.close();
}
return roles;
}
示例2: buildName
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
static X500Name buildName(String commonName, String organization, String organizationUnit, String locality,
String state, String country) {
X500NameBuilder nameBuilder = new X500NameBuilder();
if (!commonName.isEmpty()) {
nameBuilder.addRDN(BCStyle.CN, commonName);
}
if (!organizationUnit.isEmpty()) {
nameBuilder.addRDN(BCStyle.OU, organizationUnit);
}
if (!organization.isEmpty()) {
nameBuilder.addRDN(BCStyle.O, organization);
}
if (!locality.isEmpty()) {
nameBuilder.addRDN(BCStyle.L, locality);
}
if (!state.isEmpty()) {
nameBuilder.addRDN(BCStyle.ST, state);
}
if (!country.isEmpty()) {
nameBuilder.addRDN(BCStyle.C, country);
}
return nameBuilder.build();
}
示例3: extractJidAndName
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
List<String> emails = new ArrayList<>();
if (alternativeNames != null) {
for(List<?> san : alternativeNames) {
Integer type = (Integer) san.get(0);
if (type == 1) {
emails.add((String) san.get(1));
}
}
}
X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
if (emails.size() == 0) {
emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
}
String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue());
if (emails.size() >= 1) {
return new Pair<>(Jid.fromString(emails.get(0)), name);
} else {
return null;
}
}
示例4: createCertificateBuilder
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
private X509v3CertificateBuilder createCertificateBuilder(KeyPair keyPair) throws PropertyConfigurationException, CertIOException {
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, propertyConfigurationService.getConfigValue(CERT_COMMON_NAME_PROPERTY));
nameBuilder.addRDN(BCStyle.O, propertyConfigurationService.getConfigValue(CERT_ORGANISATION_PROPERTY));
nameBuilder.addRDN(BCStyle.OU, propertyConfigurationService.getConfigValue(CERT_ORGANISATIONAL_UNIT_PROPERTY));
nameBuilder.addRDN(BCStyle.C, propertyConfigurationService.getConfigValue(CERT_COUNTRY_PROPERTY));
X500Name x500Name = nameBuilder.build();
BigInteger serial = new BigInteger(CERT_SERIAL_NUMBER_BIT_SIZE, SecureRandomFactory.createPRNG());
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
Date startDate = new Date();
Date endDate = Date.from(startDate.toInstant().plus(propertyConfigurationService.getConfigValueAsInt(CERT_VALIDITY_DAYS_PROPERTY), ChronoUnit.DAYS));
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(x500Name, serial, startDate, endDate, x500Name, publicKeyInfo);
String certFriendlyName = propertyConfigurationService.getConfigValue(CERT_PRIVATE_FRIENDLY_NAME_PROPERTY);
certificateBuilder.addExtension(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, false, new DERBMPString(certFriendlyName));
return certificateBuilder;
}
示例5: getCommonName
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
/**
* Gets the common name from the given X500Name.
*
* @param name the X.500 name
* @return the common name, null if not found
*/
public static String getCommonName(X500Name name)
{
if (name == null)
{
return null;
}
RDN[] rdns = name.getRDNs(BCStyle.CN);
if (rdns.length == 0)
{
return null;
}
return rdns[0].getFirst().getValue().toString();
}
示例6: x500Name
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
public X500Name x500Name() throws IOException {
if(name==null) {
X500NameBuilder xnb = new X500NameBuilder();
xnb.addRDN(BCStyle.CN,cn);
xnb.addRDN(BCStyle.E,email);
if(environment==null) {
xnb.addRDN(BCStyle.OU,mechID);
} else {
xnb.addRDN(BCStyle.OU,mechID+':'+environment);
}
xnb.addRDN(BCStyle.O,o);
xnb.addRDN(BCStyle.L,l);
xnb.addRDN(BCStyle.ST,st);
xnb.addRDN(BCStyle.C,c);
name = xnb.build();
}
return name;
}
示例7: loadUserByUsername
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
@Override
public UserDetails loadUserByUsername(String certDN) throws UsernameNotFoundException {
logger.debug("certDN: " + certDN);
SimpleGrantedAuthority role = new SimpleGrantedAuthority("ROLE_USER");
Collection<GrantedAuthority> roles = new ArrayList<>();
roles.add(role);
X500Name x500name = new X500Name(certDN);
//User user = new User(getElement(x500name, BCStyle.CN), "", true /*enabled*/, true /* not-expired */, true /* cred-not-expired*/, true /* not-locked*/, roles);
//InetOrgPerson person = new InetOrgPerson();
InetOrgPerson.Essence essence = new InetOrgPerson.Essence();
String name = CertificateHandler.getElement(x500name, BCStyle.CN);
essence.setUsername(name);
essence.setUid(name);
essence.setDn(certDN);
essence.setCn(new String[]{name});
essence.setSn(name);
essence.setO(CertificateHandler.getElement(x500name, BCStyle.O));
essence.setOu(CertificateHandler.getElement(x500name, BCStyle.OU));
essence.setAuthorities(roles);
essence.setDescription(certDN);
logger.debug("Parsed certificate, name: " + name);
return essence.createUserDetails();
}
示例8: getSubject
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
/**
* Returns a Subject for service certificate.
*/
public X500Name getSubject() {
// Create subject CN as pod-name-0-task-name.service-name
String cn = String.format("%s.%s",
EndpointUtils.removeSlashes(EndpointUtils.replaceDotsWithDashes(taskInstanceName)),
EndpointUtils.removeSlashes(EndpointUtils.replaceDotsWithDashes(serviceName)));
if (cn.length() > CN_MAX_LENGTH) {
cn = cn.substring(cn.length() - CN_MAX_LENGTH);
}
return new X500NameBuilder()
.addRDN(BCStyle.CN, cn)
.addRDN(BCStyle.O, "Mesosphere, Inc")
.addRDN(BCStyle.L, "San Francisco")
.addRDN(BCStyle.ST, "CA")
.addRDN(BCStyle.C, "US")
.build();
}
示例9: testSlashesInServiceName
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
@Test
public void testSlashesInServiceName() throws Exception {
String serviceNameWithSlashes = "service/name/with/slashes";
String serviceNameWithoutSlashes = "servicenamewithslashes";
CertificateNamesGenerator certificateNamesGenerator =
new CertificateNamesGenerator(serviceNameWithSlashes, mockTaskSpec, mockPodInstance);
Assert.assertEquals(String.format("%s-%s.%s", POD_NAME, TestConstants.TASK_NAME, serviceNameWithoutSlashes),
certificateNamesGenerator.getSubject().getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
List<String> names = Arrays.stream(certificateNamesGenerator.getSANs().getNames())
.map(name -> name.getName().toString())
.collect(Collectors.toList());
Assert.assertEquals(1, names.size());
Assert.assertTrue(names.contains(taskDnsName(TestConstants.TASK_NAME, serviceNameWithoutSlashes)));
Assert.assertFalse(names.contains(taskDnsName("*", serviceNameWithoutSlashes)));
Assert.assertFalse(names.contains(taskVipName("*", serviceNameWithoutSlashes)));
// echo -n "some-pod-test-task-name.servicenamewithslashes.autoip.dcos.thisdcos.directory" | sha1sum
Assert.assertEquals("c535f13128f2f15d1765f151114908b41c1eed65", certificateNamesGenerator.getSANsHash());
}
示例10: verifyCertificateCommonName
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
static void verifyCertificateCommonName(X500Name subject, String commonName) {
List<AttributeTypeAndValue> attributesAndValues = Arrays.stream(subject.getRDNs())
.flatMap(rdn -> rdn.isMultiValued() ?
Stream.of(rdn.getTypesAndValues()) : Stream.of(rdn.getFirst()))
.filter(attr -> attr.getType() == BCStyle.CN)
.collect(Collectors.toList());
if (attributesAndValues.size() != 1) {
throw new IllegalArgumentException("Only 1 common name should be set");
}
String actualCommonName = DERUTF8String.getInstance(attributesAndValues.get(0).getValue()).getString();
if (! actualCommonName.equals(commonName)) {
throw new IllegalArgumentException("Expected common name to be " + commonName + ", but was " + actualCommonName);
}
}
示例11: testGenerateInstanceRefreshRequestSubDomain
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
@Test
public void testGenerateInstanceRefreshRequestSubDomain() {
File privkey = new File("./src/test/resources/test_private_k0.pem");
PrivateKey privateKey = Crypto.loadPrivateKey(privkey);
InstanceRefreshRequest req = ZTSClient.generateInstanceRefreshRequest("coretech.system",
"test", privateKey, "aws", 3600);
assertNotNull(req);
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr());
assertEquals("coretech.system.test", Crypto.extractX509CSRCommonName(certReq));
X500Name x500name = certReq.getSubject();
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
assertEquals("coretech.system.test", IETFUtils.valueToString(cnRdn.getFirst().getValue()));
assertEquals("test.coretech-system.aws.athenz.cloud", Crypto.extractX509CSRDnsNames(certReq).get(0));
}
示例12: generateCSR
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
public PKCS10CertificationRequest generateCSR(User user, KeyPair key) throws OperatorCreationException {
X500Name x500User = new X500NameBuilder()
.addRDN(BCStyle.C, user.getCountryName())
.addRDN(BCStyle.ST, user.getProvinceName())
.addRDN(BCStyle.L, user.getLocalityName())
.addRDN(BCStyle.O, user.getOrganizationName())
.addRDN(BCStyle.OU, user.getOrganizationUnitName())
.addRDN(BCStyle.CN, user.getCommonName())
.addRDN(BCStyle.EmailAddress, user.getEmailAddress())
.build();
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
x500User, key.getPublic());
user.setPrivateKey(key.getPrivate().getEncoded());
JcaContentSignerBuilder csBuilder= new JcaContentSignerBuilder("SHA512WithRSAEncryption");
ContentSigner signer = csBuilder.build(key.getPrivate());
return p10Builder.build(signer);
}
示例13: generateCSR
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
public static PKCS10CertificationRequest generateCSR(String[] commonNames, KeyPair pair) throws OperatorCreationException, IOException {
X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
namebuilder.addRDN(BCStyle.CN, commonNames[0]);
List<GeneralName> subjectAltNames = new ArrayList<>(commonNames.length);
for (String cn:commonNames)
subjectAltNames.add(new GeneralName(GeneralName.dNSName, cn));
GeneralNames subjectAltName = new GeneralNames(subjectAltNames.toArray(new GeneralName[0]));
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName.toASN1Primitive());
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), pair.getPublic());
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(pair.getPrivate());
PKCS10CertificationRequest request = p10Builder.build(signer);
return request;
}
示例14: setOID
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
private static void setOID(X500NameBuilder dnBuilder, X509Metadata metadata,
String oid, String defaultValue) {
String value = null;
if (metadata.oids != null && metadata.oids.containsKey(oid)) {
value = metadata.oids.get(oid);
}
if (Strings.isNullOrEmpty(value)) {
value = defaultValue;
}
if (!Strings.isNullOrEmpty(value)) {
try {
Field field = BCStyle.class.getField(oid);
ASN1ObjectIdentifier objectId = (ASN1ObjectIdentifier) field.get(null);
dnBuilder.addRDN(objectId, value);
} catch (Exception e) {
logger.error(MessageFormat.format("Failed to set OID \"{0}\"!", oid), e);
}
}
}
示例15: csrTest
import org.bouncycastle.asn1.x500.style.BCStyle; //导入依赖的package包/类
/**
* Checks if the CSR contains the right parameters.
* <p>
* This is not supposed to be a Bouncy Castle test. If the
* {@link PKCS10CertificationRequest} contains the right parameters, we assume that
* Bouncy Castle encodes it properly.
*/
@SuppressWarnings("unchecked")
private void csrTest(PKCS10CertificationRequest csr) {
X500Name name = csr.getSubject();
assertThat(name.getRDNs(BCStyle.CN), arrayContaining(new RDNMatcher("abc.de")));
assertThat(name.getRDNs(BCStyle.C), arrayContaining(new RDNMatcher("XX")));
assertThat(name.getRDNs(BCStyle.L), arrayContaining(new RDNMatcher("Testville")));
assertThat(name.getRDNs(BCStyle.O), arrayContaining(new RDNMatcher("Testing Co")));
assertThat(name.getRDNs(BCStyle.OU), arrayContaining(new RDNMatcher("Testunit")));
assertThat(name.getRDNs(BCStyle.ST), arrayContaining(new RDNMatcher("ABC")));
Attribute[] attr = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
assertThat(attr.length, is(1));
ASN1Encodable[] extensions = attr[0].getAttrValues().toArray();
assertThat(extensions.length, is(1));
GeneralNames names = GeneralNames.fromExtensions((Extensions) extensions[0], Extension.subjectAlternativeName);
assertThat(names.getNames(), arrayContaining(new GeneralNameMatcher("abc.de"),
new GeneralNameMatcher("fg.hi"), new GeneralNameMatcher("jklm.no"),
new GeneralNameMatcher("pqr.st"), new GeneralNameMatcher("uv.wx"),
new GeneralNameMatcher("y.z"), new GeneralNameMatcher("*.wild.card")));
}