当前位置: 首页>>代码示例>>Java>>正文


Java X509CertificateHolder类代码示例

本文整理汇总了Java中org.bouncycastle.cert.X509CertificateHolder的典型用法代码示例。如果您正苦于以下问题:Java X509CertificateHolder类的具体用法?Java X509CertificateHolder怎么用?Java X509CertificateHolder使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


X509CertificateHolder类属于org.bouncycastle.cert包,在下文中一共展示了X509CertificateHolder类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generate

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
public X509Certificate generate(String dn, KeyPair keyPair) throws CertificateException {
    try {
        Security.addProvider(new BouncyCastleProvider());
        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
        AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
        SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
        X500Name name = new X500Name(dn);
        Date from = new Date();
        Date to = new Date(from.getTime() + days * 86400000L);
        BigInteger sn = new BigInteger(64, new SecureRandom());
        X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);

        if (subjectAltName != null)
            v3CertGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
        X509CertificateHolder certificateHolder = v3CertGen.build(sigGen);
        return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
    } catch (CertificateException ce) {
        throw ce;
    } catch (Exception e) {
        throw new CertificateException(e);
    }
}
 
开发者ID:YMCoding,项目名称:kafka-0.11.0.0-src-with-comment,代码行数:25,代码来源:TestSslUtils.java

示例2: getSignersCertificates

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
private Collection<X509Certificate> getSignersCertificates(CMSSignedData previewSignerData) {
	Collection<X509Certificate> result = new HashSet<X509Certificate>();
	Store<?> certStore = previewSignerData.getCertificates();
	SignerInformationStore signers = previewSignerData.getSignerInfos();
	Iterator<?> it = signers.getSigners().iterator();
	while (it.hasNext()) {
		SignerInformation signer = (SignerInformation) it.next();
		@SuppressWarnings("unchecked")
		Collection<?> certCollection = certStore.getMatches(signer.getSID());
		Iterator<?> certIt = certCollection.iterator();
		X509CertificateHolder certificateHolder = (X509CertificateHolder) certIt.next();
		try {
			result.add(new JcaX509CertificateConverter().getCertificate(certificateHolder));
		} catch (CertificateException error) {
		}
	}
	return result;

}
 
开发者ID:demoiselle,项目名称:signer,代码行数:20,代码来源:CAdESSigner.java

示例3: generateP7B

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
public CMSSignedData generateP7B(X509CertificateHolder caCertificate, PrivateKey caPrivateKey) {
	try {
		List<X509CertificateHolder> certChain = new ArrayList<X509CertificateHolder>();
		certChain.add(caCertificate);

		Store certs = new JcaCertStore(certChain);

		CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
		ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BouncyCastleProvider.PROVIDER_NAME).build(caPrivateKey);

		cmsSignedDataGenerator.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(
				new JcaDigestCalculatorProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME).build())
		.build(sha1Signer, caCertificate));
		cmsSignedDataGenerator.addCertificates(certs);

		CMSTypedData chainMessage = new CMSProcessableByteArray("chain".getBytes());
		CMSSignedData sigData = cmsSignedDataGenerator.generate(chainMessage, false);

		return sigData;
		
	} catch(Exception e) {
		throw new RuntimeException("Error while generating certificate chain: " + e.getMessage(), e);
	}
}
 
开发者ID:fabiusks,项目名称:cert-services,代码行数:25,代码来源:P7BService.java

示例4: verifySignature

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
public static boolean verifySignature(CMSSignedData cmsSignedData, X509Certificate cert) {
    try {
        if (Security.getProvider("BC") == null)
            Security.addProvider(new BouncyCastleProvider());

        Collection<SignerInformation> signers = cmsSignedData.getSignerInfos().getSigners();
        X509CertificateHolder ch = new X509CertificateHolder(cert.getEncoded());
        for (SignerInformation si : signers)
            if (si.getSID().match(ch))
                if (si.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(ch)))
                    return true;
    } catch (Exception e) {}
    return false;
}
 
开发者ID:damianofalcioni,项目名称:Websocket-Smart-Card-Signer,代码行数:15,代码来源:PKCS7Manager.java

示例5: createTrustStore

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
/**
 * "ca.pem" from Reader
 */
public static KeyStore createTrustStore(final Reader certReader) throws IOException, CertificateException,
        KeyStoreException, NoSuchAlgorithmException {
    try (PEMParser pemParser = new PEMParser(certReader)) {
        X509CertificateHolder certificateHolder = (X509CertificateHolder) pemParser.readObject();
        Certificate caCertificate = new JcaX509CertificateConverter()
                .setProvider("BC")
                .getCertificate(certificateHolder);

        KeyStore trustStore = KeyStore.getInstance("JKS");
        trustStore.load(null);
        trustStore.setCertificateEntry("ca", caCertificate);

        return trustStore;
    }
}
 
开发者ID:vespa-engine,项目名称:vespa,代码行数:19,代码来源:VespaSSLConfig.java

示例6: fingerprint

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
public static String fingerprint(X509CertificateHolder c)
        throws IOException, CertificateEncodingException {

    byte[] der      = c.getEncoded();
    byte[] sha1     = sha256DigestOf(der);
    byte[] hexBytes = Hex.encode(sha1);
    String hex = new String(hexBytes,
                            "ASCII").toUpperCase();

    final StringBuilder fp = new StringBuilder();
    int                 i  = 0;
    fp.append(hex.substring(i,
                            i + 2));
    while ((i += 2) < hex.length()) {
        fp.append(':');
        fp.append(hex.substring(i,
                                i + 2));
    }
    return fp.toString();
}
 
开发者ID:Zubnix,项目名称:rtcdcjava,代码行数:21,代码来源:RTCCertificate.java

示例7: createAndInitTrustManagerFactory

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
private TrustManagerFactory createAndInitTrustManagerFactory() throws Exception {
    X509Certificate caCertHolder;
    if (caCertFileName != null) {
        caCertHolder = readCertFile(caCert);
    } else {
        caCertHolder = certificateConverter.getCertificate((X509CertificateHolder) readPEMFile(caCert));
    }

    KeyStore caKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    caKeyStore.load(null, null);
    caKeyStore.setCertificateEntry("caCert-cert", caCertHolder);

    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(caKeyStore);
    return trustManagerFactory;
}
 
开发者ID:thingsboard,项目名称:thingsboard-gateway,代码行数:17,代码来源:CertPemClientCredentials.java

示例8: convertHolders

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
private CollectionCertStoreParameters convertHolders(JcaX509CertificateConverter certificateConverter, JcaX509CRLConverter crlConverter)
    throws CertificateException, CRLException
{
    List jcaObjs = new ArrayList(certs.size() + crls.size());

    for (Iterator it = certs.iterator(); it.hasNext();)
    {
        jcaObjs.add(certificateConverter.getCertificate((X509CertificateHolder)it.next()));
    }

    for (Iterator it = crls.iterator(); it.hasNext();)
    {
        jcaObjs.add(crlConverter.getCRL((X509CRLHolder)it.next()));
    }

    return new CollectionCertStoreParameters(jcaObjs);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:18,代码来源:JcaCertStoreBuilder.java

示例9: finaliseMessage

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
private ProtectedPKIMessage finaliseMessage(PKIHeader header, DERBitString protection)
{
    if (!extraCerts.isEmpty())
    {
        CMPCertificate[] cmpCerts = new CMPCertificate[extraCerts.size()];

        for (int i = 0; i != cmpCerts.length; i++)
        {
            cmpCerts[i] = new CMPCertificate(((X509CertificateHolder)extraCerts.get(i)).toASN1Structure());
        }

        return new ProtectedPKIMessage(new PKIMessage(header, body, protection, cmpCerts));
    }
    else
    {
        return new ProtectedPKIMessage(new PKIMessage(header, body, protection));
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:19,代码来源:ProtectedPKIMessageBuilder.java

示例10: isVerified

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
public boolean isVerified(X509CertificateHolder certHolder, DigestCalculatorProvider digesterProvider)
    throws CMPException
{
    AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm());
    if (digAlg == null)
    {
        throw new CMPException("cannot find algorithm for digest from signature");
    }

    DigestCalculator digester;

    try
    {
        digester = digesterProvider.get(digAlg);
    }
    catch (OperatorCreationException e)
    {
        throw new CMPException("unable to create digester: " + e.getMessage(), e);
    }

    CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream());

    return Arrays.areEqual(certStatus.getCertHash().getOctets(), digester.getDigest());
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:25,代码来源:CertificateStatus.java

示例11: getCertificates

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
/**
 * Return the extra certificates associated with this message.
 *
 * @return an array of extra certificates, zero length if none present.
 */
public X509CertificateHolder[] getCertificates()
{
    CMPCertificate[] certs = pkiMessage.getExtraCerts();

    if (certs == null)
    {
        return new X509CertificateHolder[0];
    }

    X509CertificateHolder[] res = new X509CertificateHolder[certs.length];
    for (int i = 0; i != certs.length; i++)
    {
        res[i] = new X509CertificateHolder(certs[i].getX509v3PKCert());
    }

    return res;
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:23,代码来源:ProtectedPKIMessage.java

示例12: build

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
public ContentVerifierProvider build(final AsymmetricKeyParameter publicKey)
    throws OperatorCreationException
{
    return new ContentVerifierProvider()
    {
        public boolean hasAssociatedCertificate()
        {
            return false;
        }

        public X509CertificateHolder getAssociatedCertificate()
        {
            return null;
        }

        public ContentVerifier get(AlgorithmIdentifier algorithm)
            throws OperatorCreationException
        {
            BcSignerOutputStream stream = createSignatureStream(algorithm, publicKey);

            return new SigVerifier(algorithm, stream);
        }
    };
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:25,代码来源:BcContentVerifierProviderBuilder.java

示例13: getCertificates

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
Store getCertificates(ASN1Set certSet)
{
    if (certSet != null)
    {
        List certList = new ArrayList(certSet.size());

        for (Enumeration en = certSet.getObjects(); en.hasMoreElements();)
        {
            ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();

            if (obj instanceof ASN1Sequence)
            {
                certList.add(new X509CertificateHolder(Certificate.getInstance(obj)));
            }
        }

        return new CollectionStore(certList);
    }

    return new CollectionStore(new ArrayList());
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:22,代码来源:CMSSignedHelper.java

示例14: verify

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
/**
 * Verify that the given verifier can successfully verify the signature on
 * this SignerInformation object.
 *
 * @param verifier a suitably configured SignerInformationVerifier.
 * @return true if the signer information is verified, false otherwise.
 * @throws org.bouncycastle.cms.CMSVerifierCertificateNotValidException if the provider has an associated certificate and the certificate is not valid at the time given as the SignerInfo's signing time.
 * @throws org.bouncycastle.cms.CMSException if the verifier is unable to create a ContentVerifiers or DigestCalculators.
 */
public boolean verify(SignerInformationVerifier verifier)
    throws CMSException
{
    Time signingTime = getSigningTime();   // has to be validated if present.

    if (verifier.hasAssociatedCertificate())
    {
        if (signingTime != null)
        {
            X509CertificateHolder dcv = verifier.getAssociatedCertificate();

            if (!dcv.isValidOn(signingTime.getDate()))
            {
                throw new CMSVerifierCertificateNotValidException("verifier not valid at signingTime");
            }
        }
    }

    return doVerify(verifier);
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:30,代码来源:SignerInformation.java

示例15: getCertificatesFromStore

import org.bouncycastle.cert.X509CertificateHolder; //导入依赖的package包/类
static List getCertificatesFromStore(Store certStore)
    throws CMSException
{
    List certs = new ArrayList();

    try
    {
        for (Iterator it = certStore.getMatches(null).iterator(); it.hasNext();)
        {
            X509CertificateHolder c = (X509CertificateHolder)it.next();

            certs.add(c.toASN1Structure());
        }

        return certs;
    }
    catch (ClassCastException e)
    {
        throw new CMSException("error processing certs", e);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:22,代码来源:CMSUtils.java


注:本文中的org.bouncycastle.cert.X509CertificateHolder类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。