本文整理汇总了Java中org.bouncycastle.asn1.x509.AuthorityKeyIdentifier类的典型用法代码示例。如果您正苦于以下问题:Java AuthorityKeyIdentifier类的具体用法?Java AuthorityKeyIdentifier怎么用?Java AuthorityKeyIdentifier使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
AuthorityKeyIdentifier类属于org.bouncycastle.asn1.x509包,在下文中一共展示了AuthorityKeyIdentifier类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: makeCertificate
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
public static X509Certificate makeCertificate(KeyPair _subKP,
String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
throws Exception
{
PublicKey _subPub = _subKP.getPublic();
PrivateKey _issPriv = _issKP.getPrivate();
PublicKey _issPub = _issKP.getPublic();
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.reset();
_v3CertGen.setSerialNumber(allocateSerialNumber());
_v3CertGen.setIssuerDN(new X509Name(_issDN));
_v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
_v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 100)));
_v3CertGen.setSubjectDN(new X509Name(_subDN));
_v3CertGen.setPublicKey(_subPub);
_v3CertGen.setSignatureAlgorithm(algorithm);
_v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
_v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
X509Certificate _cert = _v3CertGen.generate(_issPriv);
_cert.checkValidity(new Date());
_cert.verify(_issPub);
return _cert;
}
示例2: fromKey
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
private static ASN1Sequence fromKey(
PublicKey pubKey)
throws InvalidKeyException
{
try
{
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
(ASN1Sequence)new ASN1InputStream(pubKey.getEncoded()).readObject());
return (ASN1Sequence)new AuthorityKeyIdentifier(info).toASN1Object();
}
catch (Exception e)
{
throw new InvalidKeyException("can't process key: " + e);
}
}
示例3: getAuthorityKeyId
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
private byte[] getAuthorityKeyId(X509Certificate cert) throws IOException {
byte[] extvalue = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (extvalue == null) {
return null;
}
DEROctetString oct = (DEROctetString) (new ASN1InputStream(new ByteArrayInputStream(extvalue)).readObject());
AuthorityKeyIdentifier keyId = new AuthorityKeyIdentifier(
(ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject());
return keyId.getKeyIdentifier();
}
示例4: prepopulateWithValue
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
private void prepopulateWithValue(byte[] value) throws IOException {
AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(value);
if (authorityKeyIdentifier.getKeyIdentifier() != null) {
jkiKeyIdentifier.setKeyIdentifier(authorityKeyIdentifier.getKeyIdentifier());
}
GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer();
if (authorityCertIssuer != null) {
jgnAuthorityCertIssuer.setGeneralNames(authorityCertIssuer);
}
BigInteger authorityCertSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
if (authorityCertSerialNumber != null) {
jtfAuthorityCertSerialNumber.setText("" + authorityCertSerialNumber.longValue());
jtfAuthorityCertSerialNumber.setCaretPosition(0);
}
}
示例5: getAuthorityKeyIdentifier
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
/**
* Returns the <code>AuthorityKeyIdentifier</code> corresponding
* to a given <code>PublicKey</code>
* @param publicKey the given public key
* @param issuer the certificate issuer
* @param serial the certificate serial number
* @return the authority key identifier of the public key
* @throws IOException
*/
private AuthorityKeyIdentifier getAuthorityKeyIdentifier(PublicKey publicKey,
String issuer,
BigInteger serial)
throws IOException
{
InputStream input;
SubjectPublicKeyInfo keyInfo;
ASN1EncodableVector vector;
input = new ByteArrayInputStream(publicKey.getEncoded());
keyInfo = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(input).readObject());
vector = new ASN1EncodableVector();
vector.add(new GeneralName(new X509Name(issuer)));
return new AuthorityKeyIdentifier(keyInfo, new GeneralNames(new DERSequence(vector)), serial);
}
示例6: generateCACertificate
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
public static X509Certificate generateCACertificate(String provider, X509Name subject, Date start, Date expired,
KeyPair pair, int numberOfCAs, String signartureAlgorthm) throws InvalidKeyException, NoSuchProviderException,
SignatureException, IOException {
// generate the certificate
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
certGen.setIssuerDN(subject);
certGen.setNotBefore(start);
certGen.setNotAfter(expired);
certGen.setSubjectDN(subject);
certGen.setPublicKey(pair.getPublic());
certGen.setSignatureAlgorithm(signartureAlgorthm);
certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(numberOfCAs));
certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature
| KeyUsage.keyCertSign | KeyUsage.cRLSign));
SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(
new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifier(spki));
SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(
new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifier(apki));
return certGen.generateX509Certificate(pair.getPrivate(), provider);
}
示例7: createCRL
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
public static X509CRL createCRL(String provider, X509Certificate caCert, PrivateKey caKey, CRLEntry[] entries,
Date expires, String signatureAlgorithm) throws Exception {
X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
Date now = new Date();
crlGen.setIssuerDN(new X509Name(caCert.getSubjectDN().getName()));
crlGen.setThisUpdate(now);
crlGen.setNextUpdate(expires);
crlGen.setSignatureAlgorithm(signatureAlgorithm);
for (int i = 0; i < entries.length; i++) {
crlGen.addCRLEntry(entries[i].getCertificateSerialNumber(), now, entries[i].getReason());
}
SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(
new ByteArrayInputStream(caCert.getPublicKey().getEncoded())).readObject());
crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifier(apki));
crlGen.addExtension(X509Extensions.CRLNumber, false, new CRLNumber(BigInteger.valueOf(System
.currentTimeMillis())));
return crlGen.generateX509CRL(caKey, provider);
}
示例8: generateCACertificate
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
public static X509Certificate generateCACertificate(String provider, X509Name subject, Date start, Date expired, KeyPair pair, int numberOfCAs, String signatureAlgorthm)
throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, IOException {
// generate the certificate
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
certGen.setIssuerDN(subject);
certGen.setNotBefore(start);
certGen.setNotAfter(expired);
certGen.setSubjectDN(subject);
certGen.setPublicKey(pair.getPublic());
certGen.setSignatureAlgorithm(signatureAlgorthm);
certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(numberOfCAs));
certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifier(spki));
SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifier(apki));
return certGen.generate(pair.getPrivate(), provider);
}
示例9: extractAki
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
public static byte[] extractAki(X509Certificate cert) throws CertificateEncodingException {
byte[] extValue = getCoreExtValue(cert, Extension.authorityKeyIdentifier);
if (extValue == null) {
return null;
}
try {
AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(extValue);
return aki.getKeyIdentifier();
} catch (IllegalArgumentException ex) {
throw new CertificateEncodingException("invalid extension AuthorityKeyIdentifier: "
+ ex.getMessage());
}
}
示例10: KeyIdentifierImpl
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
public KeyIdentifierImpl(X509Certificate cert) throws CertificateException, IOException {
byte[] extVal = cert.getExtensionValue(Extension.authorityKeyIdentifier.getId());
if (extVal == null) {
lock = true;
return;
}
AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
keyIdentifier = aki.getKeyIdentifier();
}
示例11: createAuthorityKeyIdentifier
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
/**
* Create an AuthorityKeyIdentifier from the passed in arguments.
*
* @param certHolder the issuer certificate that the AuthorityKeyIdentifier should refer to.
* @return an AuthorityKeyIdentifier.
*/
public AuthorityKeyIdentifier createAuthorityKeyIdentifier(
X509CertificateHolder certHolder)
{
GeneralName genName = new GeneralName(certHolder.getIssuer());
return new AuthorityKeyIdentifier(
getSubjectKeyIdentifier(certHolder), new GeneralNames(genName), certHolder.getSerialNumber());
}
示例12: fromKey
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
private static ASN1Sequence fromKey(
PublicKey pubKey)
throws InvalidKeyException
{
try
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(pubKey.getEncoded());
return (ASN1Sequence)new AuthorityKeyIdentifier(info).toASN1Primitive();
}
catch (Exception e)
{
throw new InvalidKeyException("can't process key: " + e);
}
}
示例13: generateSelfSignedCertificate
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
private X509Certificate generateSelfSignedCertificate(KeyPair keyPair, String subjectDn, DateTime notBefore,
DateTime notAfter) throws IOException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException,
SignatureException, CertificateException {
PublicKey subjectPublicKey = keyPair.getPublic();
PrivateKey issuerPrivateKey = keyPair.getPrivate();
String signatureAlgorithm = "SHA1WithRSAEncryption";
X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator();
certificateGenerator.reset();
certificateGenerator.setPublicKey(subjectPublicKey);
certificateGenerator.setSignatureAlgorithm(signatureAlgorithm);
certificateGenerator.setNotBefore(notBefore.toDate());
certificateGenerator.setNotAfter(notAfter.toDate());
X509Principal issuerDN = new X509Principal(subjectDn);
certificateGenerator.setIssuerDN(issuerDN);
certificateGenerator.setSubjectDN(new X509Principal(subjectDn));
certificateGenerator.setSerialNumber(new BigInteger(128, new SecureRandom()));
certificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(subjectPublicKey));
PublicKey issuerPublicKey;
issuerPublicKey = subjectPublicKey;
certificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(issuerPublicKey));
certificateGenerator.addExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(true));
X509Certificate certificate;
certificate = certificateGenerator.generate(issuerPrivateKey);
/*
* Next certificate factory trick is needed to make sure that the
* certificate delivered to the caller is provided by the default
* security provider instead of BouncyCastle. If we don't do this trick
* we might run into trouble when trying to use the CertPath validator.
*/
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
return certificate;
}
示例14: checkConstraints
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
private void checkConstraints(final Collection<X509CertExtension> extensions) {
if (CollectionUtils.isEmpty(extensions)) {
return;
}
final Extensions exts = new Extensions(extensions.stream().map(X509CertExtension::toExtension).toArray(Extension[]::new));
checkArgument(AuthorityKeyIdentifier.fromExtensions(exts) == null, "AuthorityKeyIdentifier must not be specified as an extension - it is added automatically");
}
示例15: createAuthorityKeyId
import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier; //导入依赖的package包/类
static AuthorityKeyIdentifier createAuthorityKeyId(
PublicKey pub)
throws IOException
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(pub.getEncoded());
return new AuthorityKeyIdentifier(info);
}