当前位置: 首页>>代码示例>>Java>>正文


Java ExtensionsGenerator类代码示例

本文整理汇总了Java中org.bouncycastle.asn1.x509.ExtensionsGenerator的典型用法代码示例。如果您正苦于以下问题:Java ExtensionsGenerator类的具体用法?Java ExtensionsGenerator怎么用?Java ExtensionsGenerator使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


ExtensionsGenerator类属于org.bouncycastle.asn1.x509包,在下文中一共展示了ExtensionsGenerator类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generateCSR

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
private static byte[] generateCSR(KeyPair keyPair, CertificateNamesGenerator certificateNamesGenerator)
        throws IOException, OperatorCreationException {
    ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
    extensionsGenerator.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature));
    extensionsGenerator.addExtension(Extension.extendedKeyUsage, true,
            new ExtendedKeyUsage(
                    new KeyPurposeId[] {
                            KeyPurposeId.id_kp_clientAuth,
                            KeyPurposeId.id_kp_serverAuth
                    }
            ));
    extensionsGenerator.addExtension(Extension.subjectAlternativeName, true, certificateNamesGenerator.getSANs());

    PKCS10CertificationRequest csr =
            new JcaPKCS10CertificationRequestBuilder(certificateNamesGenerator.getSubject(), keyPair.getPublic())
            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate())
            .build(new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate()));
    return PEMUtils.toPEM(csr);
}
 
开发者ID:mesosphere,项目名称:dcos-commons,代码行数:20,代码来源:TLSArtifactsGenerator.java

示例2: generateCSR

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
public static PKCS10CertificationRequest generateCSR(String[] commonNames, KeyPair pair) throws OperatorCreationException, IOException {
	X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
	namebuilder.addRDN(BCStyle.CN, commonNames[0]);
	
	List<GeneralName> subjectAltNames = new ArrayList<>(commonNames.length);
	for (String cn:commonNames)
		subjectAltNames.add(new GeneralName(GeneralName.dNSName, cn));
	GeneralNames subjectAltName = new GeneralNames(subjectAltNames.toArray(new GeneralName[0]));         
	
	ExtensionsGenerator extGen = new ExtensionsGenerator();
	extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName.toASN1Primitive());
	
	PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), pair.getPublic());
	p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
	JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
	ContentSigner signer = csBuilder.build(pair.getPrivate());
	PKCS10CertificationRequest request = p10Builder.build(signer);
	return request;
}
 
开发者ID:zero11it,项目名称:acme-client,代码行数:20,代码来源:X509Utils.java

示例3: addExtension

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
static void addExtension(ExtensionsGenerator extGenerator, ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value)
    throws CertIOException
{
    try
    {
        extGenerator.addExtension(oid, isCritical, value);
    }
    catch (IOException e)
    {
        throw new CertIOException("cannot encode extension: " + e.getMessage(), e);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:13,代码来源:CertUtils.java

示例4: CertificateRequestMessageBuilder

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
public CertificateRequestMessageBuilder(BigInteger certReqId)
{
    this.certReqId = certReqId;

    this.extGenerator = new ExtensionsGenerator();
    this.templateBuilder = new CertTemplateBuilder();
    this.controls = new ArrayList();
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:9,代码来源:CertificateRequestMessageBuilder.java

示例5: X509v2CRLBuilder

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
/**
 * Basic constructor.
 *
 * @param issuer the issuer this CRL is associated with.
 * @param thisUpdate  the date of this update.
 */
public X509v2CRLBuilder(
    X500Name issuer,
    Date     thisUpdate)
{
    tbsGen = new V2TBSCertListGenerator();
    extGenerator = new ExtensionsGenerator();

    tbsGen.setIssuer(issuer);
    tbsGen.setThisUpdate(new Time(thisUpdate));
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:17,代码来源:X509v2CRLBuilder.java

示例6: X509v3CertificateBuilder

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
/**
 * Create a builder for a version 3 certificate.
 *
 * @param issuer the certificate issuer
 * @param serial the certificate serial number
 * @param notBefore the date before which the certificate is not valid
 * @param notAfter the date after which the certificate is not valid
 * @param subject the certificate subject
 * @param publicKeyInfo the info structure for the public key to be associated with this certificate.
 */
public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
{
    tbsGen = new V3TBSCertificateGenerator();
    tbsGen.setSerialNumber(new ASN1Integer(serial));
    tbsGen.setIssuer(issuer);
    tbsGen.setStartDate(new Time(notBefore));
    tbsGen.setEndDate(new Time(notAfter));
    tbsGen.setSubject(subject);
    tbsGen.setSubjectPublicKeyInfo(publicKeyInfo);

    extGenerator = new ExtensionsGenerator();
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:23,代码来源:X509v3CertificateBuilder.java

示例7: X509v2AttributeCertificateBuilder

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
public X509v2AttributeCertificateBuilder(AttributeCertificateHolder     holder, AttributeCertificateIssuer  issuer, BigInteger      serialNumber, Date notBefore, Date notAfter)
{
    acInfoGen = new V2AttributeCertificateInfoGenerator();
    extGenerator = new ExtensionsGenerator();

    acInfoGen.setHolder(holder.holder);
    acInfoGen.setIssuer(AttCertIssuer.getInstance(issuer.form));
    acInfoGen.setSerialNumber(new ASN1Integer(serialNumber));
    acInfoGen.setStartDate(new ASN1GeneralizedTime(notBefore));
    acInfoGen.setEndDate(new ASN1GeneralizedTime(notAfter));
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:12,代码来源:X509v2AttributeCertificateBuilder.java

示例8: addExtension

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
static void addExtension(ExtensionsGenerator extGenerator, ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value)
    throws TSPIOException
{
    try
    {
        extGenerator.addExtension(oid, isCritical, value);
    }
    catch (IOException e)
    {
        throw new TSPIOException("cannot encode extension: " + e.getMessage(), e);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:13,代码来源:TSPUtil.java

示例9: X509v3CertificateBuilder

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
/**
 * Create a builder for a version 3 certificate.
 *
 * @param issuer the certificate issuer
 * @param serial the certificate serial number
 * @param notBefore the Time before which the certificate is not valid
 * @param notAfter the Time after which the certificate is not valid
 * @param subject the certificate subject
 * @param publicKeyInfo the info structure for the public key to be associated with this certificate.
 */
public X509v3CertificateBuilder(X500Name issuer, BigInteger serial, Time notBefore, Time notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
{
    tbsGen = new V3TBSCertificateGenerator();
    tbsGen.setSerialNumber(new ASN1Integer(serial));
    tbsGen.setIssuer(issuer);
    tbsGen.setStartDate(notBefore);
    tbsGen.setEndDate(notAfter);
    tbsGen.setSubject(subject);
    tbsGen.setSubjectPublicKeyInfo(publicKeyInfo);

    extGenerator = new ExtensionsGenerator();
}
 
开发者ID:ttt43ttt,项目名称:gwt-crypto,代码行数:23,代码来源:X509v3CertificateBuilder.java

示例10: X509v2AttributeCertificateBuilder

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
/**
 * Base constructor.
 *
 * @param holder holder certificate details
 * @param issuer issuer of this attribute certificate.
 * @param serialNumber serial number of this attribute certificate.
 * @param notBefore the date before which the certificate is not valid.
 * @param notAfter the date after which the certificate is not valid.
 */
public X509v2AttributeCertificateBuilder(AttributeCertificateHolder holder, AttributeCertificateIssuer  issuer, BigInteger serialNumber, Date notBefore, Date notAfter)
{
    acInfoGen = new V2AttributeCertificateInfoGenerator();
    extGenerator = new ExtensionsGenerator();

    acInfoGen.setHolder(holder.holder);
    acInfoGen.setIssuer(AttCertIssuer.getInstance(issuer.form));
    acInfoGen.setSerialNumber(new ASN1Integer(serialNumber));
    acInfoGen.setStartDate(new ASN1GeneralizedTime(notBefore));
    acInfoGen.setEndDate(new ASN1GeneralizedTime(notAfter));
}
 
开发者ID:ttt43ttt,项目名称:gwt-crypto,代码行数:21,代码来源:X509v2AttributeCertificateBuilder.java

示例11: generateCSR

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
/**
 * Generate a CSR object.
 *
 * @param dn The CSR's Distinguished Name (DN).
 * @param key The CSR's key pair
 * @param extensions The CRT's extension objects.
 * @param signatureAlgorithm The signature algorithm to use.
 * @return The generated CSR object.
 * @throws IOException if an error occurs during generation.
 */
public static PKCS10CertificateRequest generateCSR(X500Principal dn, KeyPair key,
		List<X509ExtensionData> extensions, SignatureAlgorithm signatureAlgorithm) throws IOException {

	LOG.info("CSR generation ''{0}'' started...", dn);

	// Initialize CSR builder
	PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(dn, key.getPublic());

	// Add custom extension objects
	ExtensionsGenerator extensionGenerator = new ExtensionsGenerator();

	for (X509ExtensionData extensionData : extensions) {
		extensionGenerator.addExtension(new ASN1ObjectIdentifier(extensionData.oid()), extensionData.getCritical(),
				extensionData.encode());
	}
	csrBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionGenerator.generate());

	PKCS10CertificateRequest csr;

	try {
		// Sign CSR
		ContentSigner csrSigner;

		csrSigner = new JcaContentSignerBuilder(signatureAlgorithm.algorithm()).build(key.getPrivate());
		csr = fromPKCS10(csrBuilder.build(csrSigner));
	} catch (OperatorCreationException e) {
		throw new CertProviderException(e);
	}

	LOG.info("CSR generation ''{0}'' done", dn);

	return csr;
}
 
开发者ID:hdecarne,项目名称:certmgr,代码行数:44,代码来源:PKCS10CertificateRequest.java

示例12: test_signing

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
@Test
public void test_signing() throws Exception {
    ExtensionsGenerator extGen = new ExtensionsGenerator();
    String subject = "C=NO,OU=Vespa,CN=" + requestersHostname;
    PKCS10CertificationRequest request = makeRequest(subject, extGen.generate());

    X509Certificate certificate = signer.generateX509Certificate(request, requestersHostname);
    assertCertificate(certificate, subject, Collections.singleton(Extension.basicConstraints.getId()));
}
 
开发者ID:vespa-engine,项目名称:vespa,代码行数:10,代码来源:CertificateSignerTest.java

示例13: extensions_test_subject_alternative_names

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
@Test(expected = IllegalArgumentException.class)
public void extensions_test_subject_alternative_names() throws Exception {
    ExtensionsGenerator extGen = new ExtensionsGenerator();
    extGen.addExtension(Extension.subjectAlternativeName, false, new GeneralNames(new GeneralName[] {
            new GeneralName(GeneralName.dNSName, "some.other.domain.tld")}));
    PKCS10CertificationRequest request = makeRequest("OU=Vespa", extGen.generate());

    CertificateSigner.verifyCertificateExtensions(request);
}
 
开发者ID:vespa-engine,项目名称:vespa,代码行数:10,代码来源:CertificateSignerTest.java

示例14: extensions_allowed

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
@Test
public void extensions_allowed() throws Exception {
    ExtensionsGenerator extGen = new ExtensionsGenerator();
    extGen.addExtension(Extension.certificateIssuer, true, new byte[0]);
    PKCS10CertificationRequest request = makeRequest("OU=Vespa", extGen.generate());

    CertificateSigner.verifyCertificateExtensions(request);
}
 
开发者ID:vespa-engine,项目名称:vespa,代码行数:9,代码来源:CertificateSignerTest.java

示例15: generateX509CSR

import org.bouncycastle.asn1.x509.ExtensionsGenerator; //导入依赖的package包/类
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey,
        String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {

    // Create Distinguished Name

    X500Principal subject = new X500Principal(x500Principal);

    // Create ContentSigner

    JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
    ContentSigner signer = csBuilder.build(privateKey);

    // Create the CSR

    PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
            subject, publicKey);

    // Add SubjectAlternativeNames (SAN) if specified

    if (sanArray != null) {
        ExtensionsGenerator extGen = new ExtensionsGenerator();
        GeneralNames subjectAltNames = new GeneralNames(sanArray);
        extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
        p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
    }
    
    PKCS10CertificationRequest csr = p10Builder.build(signer);

    // write to openssl PEM format

    PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
    StringWriter strWriter;
    try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
        pemWriter.writeObject(pemObject);
    }
    return strWriter.toString();
}
 
开发者ID:yahoo,项目名称:athenz,代码行数:38,代码来源:Crypto.java


注:本文中的org.bouncycastle.asn1.x509.ExtensionsGenerator类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。