本文整理汇总了Java中org.bouncycastle.asn1.x509.SubjectPublicKeyInfo类的典型用法代码示例。如果您正苦于以下问题:Java SubjectPublicKeyInfo类的具体用法?Java SubjectPublicKeyInfo怎么用?Java SubjectPublicKeyInfo使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
SubjectPublicKeyInfo类属于org.bouncycastle.asn1.x509包,在下文中一共展示了SubjectPublicKeyInfo类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generate
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
public X509Certificate generate(String dn, KeyPair keyPair) throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
if (subjectAltName != null)
v3CertGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
X509CertificateHolder certificateHolder = v3CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
示例2: toPublicKey
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
PublicKey toPublicKey(SubjectPublicKeyInfo subjectPublicKeyInfo)
throws CRMFException
{
try
{
X509EncodedKeySpec xspec = new X509EncodedKeySpec(subjectPublicKeyInfo.getEncoded());
AlgorithmIdentifier keyAlg = subjectPublicKeyInfo.getAlgorithm();
return createKeyFactory(keyAlg.getAlgorithm()).generatePublic(xspec);
}
catch (Exception e)
{
throw new CRMFException("invalid key: " + e.getMessage(), e);
}
}
示例3: verifyUserSig
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
@Override
public boolean verifyUserSig(String identifier, String sig)throws QCloudException {
try {
Security.addProvider(new BouncyCastleProvider());
//DeBaseUrl64 urlSig to json
Base64 decoder = new Base64();
byte [] compressBytes = Base64Url.base64DecodeUrl(sig.getBytes(Charset.forName("UTF-8")));
//Decompression
Inflater decompression = new Inflater();
decompression.setInput(compressBytes, 0, compressBytes.length);
byte [] decompressBytes = new byte [1024];
int decompressLength = decompression.inflate(decompressBytes);
decompression.end();
String jsonString = new String(Arrays.copyOfRange(decompressBytes, 0, decompressLength));
//Get TLS.Sig from json
JSONObject jsonObject= JSON.parseObject(jsonString);
String sigTLS = jsonObject.getString("TLS.sig");
//debase64 TLS.Sig to get serailString
byte[] signatureBytes = decoder.decode(sigTLS.getBytes(Charset.forName("UTF-8")));
String strSdkAppid = jsonObject.getString("TLS.sdk_appid");
String sigTime = jsonObject.getString("TLS.time");
String sigExpire = jsonObject.getString("TLS.expire_after");
if (!imConfig.getSdkAppId().equals(strSdkAppid))
{
return false;
}
if ( System.currentTimeMillis()/1000 - Long.parseLong(sigTime) > Long.parseLong(sigExpire)) {
return false;
}
//Get Serial String from json
String SerialString =
"TLS.appid_at_3rd:" + 0 + "\n" +
"TLS.account_type:" + 0 + "\n" +
"TLS.identifier:" + identifier + "\n" +
"TLS.sdk_appid:" + imConfig.getSdkAppId() + "\n" +
"TLS.time:" + sigTime + "\n" +
"TLS.expire_after:" + sigExpire + "\n";
Reader reader = new CharArrayReader(imConfig.getPublicKey().toCharArray());
PEMParser parser = new PEMParser(reader);
JcaPEMKeyConverter converter = new JcaPEMKeyConverter();
Object obj = parser.readObject();
parser.close();
PublicKey pubKeyStruct = converter.getPublicKey((SubjectPublicKeyInfo) obj);
Signature signature = Signature.getInstance("SHA256withECDSA","BC");
signature.initVerify(pubKeyStruct);
signature.update(SerialString.getBytes(Charset.forName("UTF-8")));
return signature.verify(signatureBytes);
}catch (Exception e) {
throw new QCloudException(e);
}
}
示例4: setPublicKey
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
public void setPublicKey(
PublicKey key)
throws IllegalArgumentException
{
try
{
tbsGen.setSubjectPublicKeyInfo(
SubjectPublicKeyInfo.getInstance(new ASN1InputStream(key.getEncoded()).readObject()));
}
catch (Exception e)
{
throw new IllegalArgumentException("unable to process key - " + e.toString());
}
}
示例5: X509v1CertificateBuilder
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
/**
* Create a builder for a version 1 certificate.
*
* @param issuer the certificate issuer
* @param serial the certificate serial number
* @param notBefore the date before which the certificate is not valid
* @param notAfter the date after which the certificate is not valid
* @param subject the certificate subject
* @param publicKeyInfo the info structure for the public key to be associated with this certificate.
*/
public X509v1CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
{
if (issuer == null)
{
throw new IllegalArgumentException("issuer must not be null");
}
if (publicKeyInfo == null)
{
throw new IllegalArgumentException("publicKeyInfo must not be null");
}
tbsGen = new V1TBSCertificateGenerator();
tbsGen.setSerialNumber(new ASN1Integer(serial));
tbsGen.setIssuer(issuer);
tbsGen.setStartDate(new Time(notBefore));
tbsGen.setEndDate(new Time(notAfter));
tbsGen.setSubject(subject);
tbsGen.setSubjectPublicKeyInfo(publicKeyInfo);
}
示例6: calculateIdentifier
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
private byte[] calculateIdentifier(SubjectPublicKeyInfo publicKeyInfo)
{
byte[] bytes = publicKeyInfo.getPublicKeyData().getBytes();
OutputStream cOut = calculator.getOutputStream();
try
{
cOut.write(bytes);
cOut.close();
}
catch (IOException e)
{ // it's hard to imagine this happening, but yes it does!
throw new CertRuntimeException("unable to calculate identifier: " + e.getMessage(), e);
}
return calculator.getDigest();
}
示例7: getPublicKey
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
public PublicKey getPublicKey(SubjectPublicKeyInfo publicKeyInfo)
throws PEMException
{
try
{
String algorithm = publicKeyInfo.getAlgorithm().getAlgorithm().getId();
if (X9ObjectIdentifiers.id_ecPublicKey.getId().equals(algorithm))
{
algorithm = "ECDSA";
}
KeyFactory keyFactory = helper.createKeyFactory(algorithm);
return keyFactory.generatePublic(new X509EncodedKeySpec(publicKeyInfo.getEncoded()));
}
catch (Exception e)
{
throw new PEMException("unable to convert key pair: " + e.getMessage(), e);
}
}
示例8: getEncoded
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
public byte[] getEncoded()
{
try
{
if (dsaSpec == null)
{
return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa), new DERInteger(y)).getEncoded(ASN1Encoding.DER);
}
return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG())), new DERInteger(y)).getEncoded(ASN1Encoding.DER);
}
catch (IOException e)
{
return null;
}
}
示例9: engineGeneratePublic
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
/**
* Converts, if possible, a key specification into a
* {@link BCRainbowPublicKey}. Currently, the following key specifications are
* supported:{@link X509EncodedKeySpec}.
* <p/>
* <p/>
* <p/>
* The ASN.1 definition of a public key's structure is
* <p/>
* <pre>
* RainbowPublicKey ::= SEQUENCE {
* oid OBJECT IDENTIFIER -- OID identifying the algorithm
* docLength Integer -- length of signable msg
* coeffquadratic SEQUENCE OF OCTET STRING -- quadratic (mixed) coefficients
* coeffsingular SEQUENCE OF OCTET STRING -- singular coefficients
* coeffscalar OCTET STRING -- scalar coefficients
* }
* </pre>
* <p/>
* <p/>
*
* @param keySpec the key specification
* @return the Rainbow public key
* @throws InvalidKeySpecException if the KeySpec is not supported.
*/
public PublicKey engineGeneratePublic(KeySpec keySpec)
throws InvalidKeySpecException
{
if (keySpec instanceof RainbowPublicKeySpec)
{
return new BCRainbowPublicKey((RainbowPublicKeySpec)keySpec);
}
else if (keySpec instanceof X509EncodedKeySpec)
{
// get the DER-encoded Key according to X.509 from the spec
byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
// decode the SubjectPublicKeyInfo data structure to the pki object
try
{
return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
}
catch (Exception e)
{
throw new InvalidKeySpecException(e.toString());
}
}
throw new InvalidKeySpecException("Unknown key specification: " + keySpec + ".");
}
示例10: receiveCertificateVerifyMessage
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
protected void receiveCertificateVerifyMessage(ByteArrayInputStream buf)
throws IOException
{
byte[] clientCertificateSignature = TlsUtils.readOpaque16(buf);
assertEmpty(buf);
// Verify the CertificateVerify message contains a correct signature.
try
{
TlsSigner tlsSigner = TlsUtils.createTlsSigner(this.clientCertificateType);
tlsSigner.init(getContext());
org.bouncycastle.asn1.x509.Certificate x509Cert = this.clientCertificate.getCertificateAt(0);
SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
AsymmetricKeyParameter publicKey = PublicKeyFactory.createKey(keyInfo);
tlsSigner.verifyRawSignature(clientCertificateSignature, publicKey, this.certificateVerifyHash);
}
catch (Exception e)
{
throw new TlsFatalAlert(AlertDescription.decrypt_error);
}
}
示例11: getSenderPublicKeyInfo
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
private SubjectPublicKeyInfo getSenderPublicKeyInfo(AlgorithmIdentifier recKeyAlgId,
OriginatorIdentifierOrKey originator)
throws CMSException, IOException
{
OriginatorPublicKey opk = originator.getOriginatorKey();
if (opk != null)
{
return getPublicKeyInfoFromOriginatorPublicKey(recKeyAlgId, opk);
}
OriginatorId origID;
IssuerAndSerialNumber iAndSN = originator.getIssuerAndSerialNumber();
if (iAndSN != null)
{
origID = new OriginatorId(iAndSN.getName(), iAndSN.getSerialNumber().getValue());
}
else
{
SubjectKeyIdentifier ski = originator.getSubjectKeyIdentifier();
origID = new OriginatorId(ski.getKeyIdentifier());
}
return getPublicKeyInfoFromOriginatorId(origID);
}
示例12: addSelfSignedCertificate
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
public void addSelfSignedCertificate(String certificateAlias, String dn, String password) {
try {
KeyPair keys = generateKeyPair();
Calendar start = Calendar.getInstance();
Calendar expiry = Calendar.getInstance();
expiry.add(Calendar.YEAR, 1);
X500Name name = new X500Name(dn);
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(name, BigInteger.ONE,
start.getTime(), expiry.getTime(), name, SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded()));
ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(new BouncyCastleProvider()).build(keys.getPrivate());
X509CertificateHolder holder = certificateBuilder.build(signer);
Certificate cert = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider()).getCertificate(holder);
Entry entry = new PrivateKeyEntry(keys.getPrivate(), new Certificate[]{ cert });
keystore.setEntry(certificateAlias, entry, new PasswordProtection(password.toCharArray()));
} catch (GeneralSecurityException | OperatorCreationException ex) {
throw new RuntimeException("Unable to generate self-signed certificate", ex);
}
}
示例13: engineGeneratePublic
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
protected PublicKey engineGeneratePublic(
KeySpec keySpec)
throws InvalidKeySpecException
{
if (keySpec instanceof X509EncodedKeySpec)
{
try
{
return generatePublic(SubjectPublicKeyInfo.getInstance(((X509EncodedKeySpec)keySpec).getEncoded()));
}
catch (Exception e)
{
throw new InvalidKeySpecException("encoded key spec not recognised");
}
}
else
{
throw new InvalidKeySpecException("key spec not recognised");
}
}
示例14: engineInitVerify
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
protected void engineInitVerify(
PublicKey publicKey)
throws InvalidKeyException
{
CipherParameters param;
if (publicKey instanceof ECPublicKey)
{
param = ECUtil.generatePublicKeyParameter(publicKey);
}
else if (publicKey instanceof GOST3410Key)
{
param = GOST3410Util.generatePublicKeyParameter(publicKey);
}
else
{
try
{
byte[] bytes = publicKey.getEncoded();
publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
if (publicKey instanceof ECPublicKey)
{
param = ECUtil.generatePublicKeyParameter(publicKey);
}
else
{
throw new InvalidKeyException("can't recognise key type in DSA based signer");
}
}
catch (Exception e)
{
throw new InvalidKeyException("can't recognise key type in DSA based signer");
}
}
digest.reset();
signer.init(false, param);
}
示例15: generatePublic
import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo; //导入依赖的package包/类
public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
throws IOException
{
ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement))
{
return new BCDHPublicKey(keyInfo);
}
else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber))
{
return new BCDHPublicKey(keyInfo);
}
else
{
throw new IOException("algorithm identifier " + algOid + " in key not recognised");
}
}