本文整理汇总了Java中org.bouncycastle.asn1.x509.SubjectKeyIdentifier类的典型用法代码示例。如果您正苦于以下问题:Java SubjectKeyIdentifier类的具体用法?Java SubjectKeyIdentifier怎么用?Java SubjectKeyIdentifier使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SubjectKeyIdentifier类属于org.bouncycastle.asn1.x509包,在下文中一共展示了SubjectKeyIdentifier类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSki
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
/**
* This method returns SKI bytes from certificate.
*
* @param certificateToken
* {@code CertificateToken}
* @param computeIfMissing
* if the extension is missing and computeIfMissing = true, it will compute the SKI value from the Public
* Key
* @return ski bytes from the given certificate
* @throws DSSException
*/
public static byte[] getSki(final CertificateToken certificateToken, boolean computeIfMissing) throws DSSException {
try {
byte[] sKI = certificateToken.getCertificate().getExtensionValue(Extension.subjectKeyIdentifier.getId());
if (Utils.isArrayNotEmpty(sKI)) {
ASN1Primitive extension = X509ExtensionUtil.fromExtensionValue(sKI);
SubjectKeyIdentifier skiBC = SubjectKeyIdentifier.getInstance(extension);
return skiBC.getKeyIdentifier();
} else if (computeIfMissing) {
// If extension not present, we compute it from the certificate public key
DLSequence seq = (DLSequence) DERSequence.fromByteArray(certificateToken.getPublicKey().getEncoded());
DERBitString item = (DERBitString) seq.getObjectAt(1);
return DSSUtils.digest(DigestAlgorithm.SHA1, item.getOctets());
}
return null;
} catch (Exception e) {
throw new DSSException(e);
}
}
示例2: makeCertificate
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
public static X509Certificate makeCertificate(KeyPair _subKP,
String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
throws Exception
{
PublicKey _subPub = _subKP.getPublic();
PrivateKey _issPriv = _issKP.getPrivate();
PublicKey _issPub = _issKP.getPublic();
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.reset();
_v3CertGen.setSerialNumber(allocateSerialNumber());
_v3CertGen.setIssuerDN(new X509Name(_issDN));
_v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
_v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 100)));
_v3CertGen.setSubjectDN(new X509Name(_subDN));
_v3CertGen.setPublicKey(_subPub);
_v3CertGen.setSignatureAlgorithm(algorithm);
_v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
_v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
X509Certificate _cert = _v3CertGen.generate(_issPriv);
_cert.checkValidity(new Date());
_cert.verify(_issPub);
return _cert;
}
示例3: getSenderPublicKeyInfo
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
private SubjectPublicKeyInfo getSenderPublicKeyInfo(AlgorithmIdentifier recKeyAlgId,
OriginatorIdentifierOrKey originator)
throws CMSException, IOException
{
OriginatorPublicKey opk = originator.getOriginatorKey();
if (opk != null)
{
return getPublicKeyInfoFromOriginatorPublicKey(recKeyAlgId, opk);
}
OriginatorId origID;
IssuerAndSerialNumber iAndSN = originator.getIssuerAndSerialNumber();
if (iAndSN != null)
{
origID = new OriginatorId(iAndSN.getName(), iAndSN.getSerialNumber().getValue());
}
else
{
SubjectKeyIdentifier ski = originator.getSubjectKeyIdentifier();
origID = new OriginatorId(ski.getKeyIdentifier());
}
return getPublicKeyInfoFromOriginatorId(origID);
}
示例4: getSubjectKeyIndentifierStringValue
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
private String getSubjectKeyIndentifierStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectKeyIdentifier ::= KeyIdentifier
*
* KeyIdentifier ::= OCTET STRING
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
SubjectKeyIdentifier subjectKeyIdentifier = SubjectKeyIdentifier.getInstance(value);
// Get key identifier from octet string
byte[] keyIdentifierBytes = subjectKeyIdentifier.getKeyIdentifier();
sb.append(MessageFormat.format(res.getString("SubjectKeyIdentifier"),
HexUtil.getHexString(keyIdentifierBytes)));
sb.append(NEWLINE);
return sb.toString();
}
示例5: okPressed
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
private void okPressed() {
byte[] keyIdentifier = jkiKeyIdentifier.getKeyIdentifier();
if (keyIdentifier == null) {
JOptionPane.showMessageDialog(this, res.getString("DSubjectKeyIdentifier.ValueReq.message"), getTitle(),
JOptionPane.WARNING_MESSAGE);
return;
}
SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(keyIdentifier);
try {
value = subjectKeyIdentifier.getEncoded(ASN1Encoding.DER);
} catch (IOException ex) {
DError dError = new DError(this, ex);
dError.setLocationRelativeTo(this);
dError.setVisible(true);
return;
}
closeDialog();
}
示例6: MinimalCertificateGenerator
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
/**
* Certificate issued under an existing CA.
* @param subjectDN the distinguished name of the subject.
* @param subjectPublicKey the public key of the subject.
* @param issuerCertificate the certificate of the issuer.
* @param duration the validity duration of the certificate.
* @param isCA
* @param allUsage if isCA is true, add "regular" KeyUsage flags, for dual-use cert
* @throws CertificateEncodingException
* @throws IOException
*/
public MinimalCertificateGenerator(String subjectDN, PublicKey subjectPublicKey,
X509Certificate issuerCertificate, long duration,
boolean isCA, Integer chainLength, boolean allUsage) throws CertificateEncodingException, IOException {
this(subjectDN, subjectPublicKey, issuerCertificate.getSubjectX500Principal(), duration, isCA, chainLength, allUsage);
// Pull the existing subject identifier out of the issuer cert.
byte [] subjectKeyID = issuerCertificate.getExtensionValue(X509Extensions.SubjectKeyIdentifier.toString());
if (null == subjectKeyID) {
subjectKeyID = CryptoUtil.generateKeyID(subjectPublicKey);
} else {
// content of extension is wrapped in a DEROctetString
DEROctetString content = (DEROctetString)CryptoUtil.decode(subjectKeyID);
byte [] encapsulatedOctetString = content.getOctets();
DEROctetString octetStringKeyID = (DEROctetString)CryptoUtil.decode(encapsulatedOctetString);
subjectKeyID = octetStringKeyID.getOctets();
}
_aki = new AuthorityKeyIdentifier(subjectKeyID);
}
示例7: performTest
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
public void performTest()
throws IOException
{
SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pubKeyInfo));
SubjectKeyIdentifier ski = x509ExtensionUtils.createSubjectKeyIdentifier(pubInfo);
if (!Arrays.areEqual(shaID, ski.getKeyIdentifier()))
{
fail("SHA-1 ID does not match");
}
ski = x509ExtensionUtils.createTruncatedSubjectKeyIdentifier(pubInfo);
if (!Arrays.areEqual(shaTruncID, ski.getKeyIdentifier()))
{
fail("truncated SHA-1 ID does not match");
}
}
示例8: performTest
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
public void performTest()
throws IOException
{
SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pubKeyInfo));
SubjectKeyIdentifier ski = SubjectKeyIdentifier.createSHA1KeyIdentifier(pubInfo);
if (!Arrays.areEqual(shaID, ski.getKeyIdentifier()))
{
fail("SHA-1 ID does not match");
}
ski = SubjectKeyIdentifier.createTruncatedSHA1KeyIdentifier(pubInfo);
if (!Arrays.areEqual(shaTruncID, ski.getKeyIdentifier()))
{
fail("truncated SHA-1 ID does not match");
}
}
示例9: generateCACertificate
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
public static X509Certificate generateCACertificate(String provider, X509Name subject, Date start, Date expired,
KeyPair pair, int numberOfCAs, String signartureAlgorthm) throws InvalidKeyException, NoSuchProviderException,
SignatureException, IOException {
// generate the certificate
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
certGen.setIssuerDN(subject);
certGen.setNotBefore(start);
certGen.setNotAfter(expired);
certGen.setSubjectDN(subject);
certGen.setPublicKey(pair.getPublic());
certGen.setSignatureAlgorithm(signartureAlgorthm);
certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(numberOfCAs));
certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature
| KeyUsage.keyCertSign | KeyUsage.cRLSign));
SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(
new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifier(spki));
SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence) new DERInputStream(
new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifier(apki));
return certGen.generateX509Certificate(pair.getPrivate(), provider);
}
示例10: generateCACertificate
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
public static X509Certificate generateCACertificate(String provider, X509Name subject, Date start, Date expired, KeyPair pair, int numberOfCAs, String signatureAlgorthm)
throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, IOException {
// generate the certificate
X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
certGen.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
certGen.setIssuerDN(subject);
certGen.setNotBefore(start);
certGen.setNotAfter(expired);
certGen.setSubjectDN(subject);
certGen.setPublicKey(pair.getPublic());
certGen.setSignatureAlgorithm(signatureAlgorthm);
certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(numberOfCAs));
certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
SubjectPublicKeyInfo spki = new SubjectPublicKeyInfo((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifier(spki));
SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence) new ASN1InputStream(new ByteArrayInputStream(pair.getPublic().getEncoded())).readObject());
certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifier(apki));
return certGen.generate(pair.getPrivate(), provider);
}
示例11: fromPublicKey
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
private static ASN1OctetString fromPublicKey(
PublicKey pubKey)
throws InvalidKeyException
{
try
{
SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(pubKey.getEncoded());
return (ASN1OctetString)(new SubjectKeyIdentifier(info).toASN1Object());
}
catch (Exception e)
{
throw new InvalidKeyException("Exception extracting key details: " + e.toString());
}
}
示例12: createTruncatedSubjectKeyIdentifier
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
/**
* Return a RFC 3280 type 2 key identifier. As in:
* <pre>
* (2) The keyIdentifier is composed of a four bit type field with
* the value 0100 followed by the least significant 60 bits of the
* SHA-1 hash of the value of the BIT STRING subjectPublicKey.
* </pre>
* @param publicKeyInfo the key info object containing the subjectPublicKey field.
* @return the key identifier.
*/
public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo)
{
byte[] digest = calculateIdentifier(publicKeyInfo);
byte[] id = new byte[8];
System.arraycopy(digest, digest.length - 8, id, 0, id.length);
id[0] &= 0x0f;
id[0] |= 0x40;
return new SubjectKeyIdentifier(id);
}
示例13: getInstance
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
/**
* return an OriginatorIdentifierOrKey object from the given object.
*
* @param o the object we want converted.
* @exception IllegalArgumentException if the object cannot be converted.
*/
public static OriginatorIdentifierOrKey getInstance(
Object o)
{
if (o == null || o instanceof OriginatorIdentifierOrKey)
{
return (OriginatorIdentifierOrKey)o;
}
if (o instanceof IssuerAndSerialNumber)
{
return new OriginatorIdentifierOrKey((IssuerAndSerialNumber)o);
}
if (o instanceof SubjectKeyIdentifier)
{
return new OriginatorIdentifierOrKey((SubjectKeyIdentifier)o);
}
if (o instanceof OriginatorPublicKey)
{
return new OriginatorIdentifierOrKey((OriginatorPublicKey)o);
}
if (o instanceof ASN1TaggedObject)
{
// TODO Add validation
return new OriginatorIdentifierOrKey((ASN1TaggedObject)o);
}
throw new IllegalArgumentException("Invalid OriginatorIdentifierOrKey: " + o.getClass().getName());
}
示例14: getSubjectKeyIdentifier
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
public SubjectKeyIdentifier getSubjectKeyIdentifier()
{
if (id instanceof ASN1TaggedObject && ((ASN1TaggedObject)id).getTagNo() == 0)
{
return SubjectKeyIdentifier.getInstance((ASN1TaggedObject)id, false);
}
return null;
}
示例15: createSubjectKeyId
import org.bouncycastle.asn1.x509.SubjectKeyIdentifier; //导入依赖的package包/类
private SubjectKeyIdentifier createSubjectKeyId(
PublicKey pubKey)
{
try
{
SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
(ASN1Sequence)ASN1Primitive.fromByteArray(pubKey.getEncoded()));
return new SubjectKeyIdentifier(info);
}
catch (Exception e)
{
throw new RuntimeException("error creating key");
}
}