本文整理汇总了Java中org.bouncycastle.crypto.tls.Certificate类的典型用法代码示例。如果您正苦于以下问题:Java Certificate类的具体用法?Java Certificate怎么用?Java Certificate使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
Certificate类属于org.bouncycastle.crypto.tls包,在下文中一共展示了Certificate类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getCertFingerPrint
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
/**
* @return sha-256 string based on cert in keystore
*/
public static String getCertFingerPrint(String storePath, String alias,String pass) {
try {
Certificate cert = DTLSUtils.loadCert(storePath,
alias,
pass);
byte[] der = cert.getCertificateAt(0).getEncoded();
MessageDigest md = MessageDigest.getInstance("SHA-256");
byte[] dat = md.digest(der);
String fingerprint = createFingerprintString(dat);
logger.info("Local cert signature is {} ",fingerprint);
return fingerprint;
} catch (Exception e) {
logger.error("Failed to create cert fingerprint from {}",storePath ,e);
throw new IllegalStateException("Loading certificate failed");
}
}
示例2: main
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
public static void main(String[] args) throws IOException, CertificateException, NoSuchProviderException {
Security.addProvider(new BouncyCastleProvider());
final X509Certificate clientCertX509 = CertificateClientManagement.loadCertificate("secure/cert/test.crt");
final Certificate clientCert = new Certificate(new org.bouncycastle.asn1.x509.Certificate[] {org.bouncycastle.asn1.x509.Certificate.getInstance(clientCertX509.getEncoded())});
final KeyPair clientKeyPair = CertificateClientManagement.loadKey("secure/cert/test.key", clientCertX509.getPublicKey());
Socket socket = new Socket("localhost", 4444);
TlsClientProtocol tlsClientProtocol = new CustomTlsClientProtocol(socket.getInputStream(), socket.getOutputStream());
tlsClientProtocol.connect(new CustomTlsClient(clientKeyPair, clientCert));
System.out.println("auth finished");
while (true);
}
示例3: fingerprint
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
static String fingerprint(org.bouncycastle.asn1.x509.Certificate c)
throws IOException
{
byte[] der = c.getEncoded();
byte[] sha1 = sha256DigestOf(der);
byte[] hexBytes = Hex.encode(sha1);
String hex = new String(hexBytes, "ASCII").toUpperCase();
StringBuffer fp = new StringBuffer();
int i = 0;
fp.append(hex.substring(i, i + 2));
while ((i += 2) < hex.length())
{
fp.append(':');
fp.append(hex.substring(i, i + 2));
}
return fp.toString();
}
示例4: createServerTransport
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
static DTLSTransport createServerTransport(final RTCCertificate rtcCertificate,
final DatagramTransport transport) throws IOException {
final DefaultTlsServer defaultTlsServer = new DefaultTlsServer() {
private final AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(rtcCertificate.getKeyPair()
.getPrivate()
.getEncoded());
private final Certificate cCert = new Certificate(new org.bouncycastle.asn1.x509.Certificate[]{rtcCertificate.getCertificate().toASN1Structure()});
@Override
protected ProtocolVersion getMaximumVersion() {
return ProtocolVersion.DTLSv10;
}
@Override
protected ProtocolVersion getMinimumVersion() {
return ProtocolVersion.DTLSv10;
}
@Override
protected TlsSignerCredentials getRSASignerCredentials() throws IOException {
return new DefaultTlsSignerCredentials(this.context,
this.cCert,
this.privateKeyAsymKeyParam);
}
};
return new DTLSServerProtocol(SECURE_RANDOM).accept(defaultTlsServer,
transport);
}
示例5: createClientTransport
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
static DTLSTransport createClientTransport(final DatagramTransport transport) throws IOException {
final DefaultTlsClient defaultTlsClient = new DefaultTlsClient() {
@Override
public ProtocolVersion getClientVersion() {
return ProtocolVersion.DTLSv10;
}
@Override
public ProtocolVersion getMinimumVersion() {
return ProtocolVersion.DTLSv10;
}
@Override
public TlsAuthentication getAuthentication() throws IOException {
return new ServerOnlyTlsAuthentication() {
@Override
public void notifyServerCertificate(final Certificate serverCertificate) throws IOException {
//TODO Check if certificate is signed by a trusted party.
}
};
}
};
return new DTLSClientProtocol(SECURE_RANDOM).connect(defaultTlsClient,
transport);
}
示例6: unmarshal
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
@Override
public Certificate unmarshal(String v) throws Exception {
Certificate cert = Certificate.parse(new ByteArrayInputStream(ArrayConverter.hexStringToByteArray(v.replaceAll(
"\\s+", ""))));
return cert;
}
示例7: adjustTLSContext
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
@Override
public void adjustTLSContext(CertificateMessage message) {
Certificate cert;
if (tlsContext.getChooser().getSelectedProtocolVersion().isTLS13()) {
ByteArrayOutputStream stream = new ByteArrayOutputStream();
int certificatesLength = 0;
try {
for (CertificatePair pair : message.getCertificatesList()) {
stream.write(ArrayConverter.intToBytes(pair.getCertificateLength().getValue(),
HandshakeByteLength.CERTIFICATE_LENGTH));
stream.write(pair.getCertificate().getValue());
certificatesLength += pair.getCertificateLength().getValue()
+ HandshakeByteLength.CERTIFICATE_LENGTH;
}
} catch (IOException ex) {
throw new AdjustmentException("Could not concatenate certificates bytes", ex);
}
cert = parseCertificate(certificatesLength, stream.toByteArray());
} else {
cert = parseCertificate(message.getCertificatesListLength().getValue(), message.getCertificatesListBytes()
.getValue());
}
if (tlsContext.getTalkingConnectionEndType() == ConnectionEndType.CLIENT) {
LOGGER.debug("Setting ClientCertificate in Context");
tlsContext.setClientCertificate(cert);
} else {
LOGGER.debug("Setting ServerCertificate in Context");
tlsContext.setServerCertificate(cert);
}
if (cert != null) {
adjustPublicKeyParameters(cert);
}
if (tlsContext.getChooser().getSelectedProtocolVersion().isTLS13()) {
adjustExtensions(message);
}
}
示例8: adjustPublicKeyParameters
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
private void adjustPublicKeyParameters(Certificate cert) {
try {
if (CertificateUtils.hasDHParameters(cert)) {
LOGGER.debug("Adjusting DH PublicKey");
DHPublicKeyParameters dhParameters = CertificateUtils.extractDHPublicKeyParameters(cert);
adjustDHParameters(dhParameters);
} else if (CertificateUtils.hasECParameters(cert)) {
LOGGER.debug("Adjusting EC PublicKey");
ECPublicKeyParameters ecParameters = CertificateUtils.extractECPublicKeyParameters(cert);
adjustECParameters(ecParameters);
} else if (CertificateUtils.hasRSAParameters(cert)) {
LOGGER.debug("Adjusting RSA PublicKey");
if (tlsContext.getTalkingConnectionEndType() == ConnectionEndType.CLIENT) {
tlsContext.setClientRSAPublicKey(CertificateUtils.extractRSAPublicKey(cert));
tlsContext.setClientRSAPrivateKey(tlsContext.getConfig().getDefaultClientRSAPrivateKey());
tlsContext.setClientRsaModulus(CertificateUtils.extractRSAModulus(cert));
} else {
tlsContext.setServerRSAPublicKey(CertificateUtils.extractRSAPublicKey(cert));
tlsContext.setServerRSAPrivateKey(tlsContext.getConfig().getDefaultServerRSAPrivateKey());
tlsContext.setServerRsaModulus(CertificateUtils.extractRSAModulus(cert));
}
} else {
LOGGER.warn("Could not adjust Certificate publicKey");
}
} catch (IOException E) {
throw new AdjustmentException("Could not adjust PublicKey Information from Certificate", E);
}
}
示例9: parseCertificate
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
private Certificate parseCertificate(int lengthBytes, byte[] bytesToParse) {
try {
ByteArrayInputStream stream = new ByteArrayInputStream(ArrayConverter.concatenate(
ArrayConverter.intToBytes(lengthBytes, HandshakeByteLength.CERTIFICATES_LENGTH), bytesToParse));
return Certificate.parse(stream);
} catch (IOException | IllegalArgumentException E) {
LOGGER.warn("Could not parse Certificate bytes into Certificate object:"
+ ArrayConverter.bytesToHexString(bytesToParse, false));
LOGGER.debug(E);
return null;
}
}
示例10: fetchServerCertificate
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
public static Certificate fetchServerCertificate(Config config) {
State state = new State(config);
config.setWorkflowTraceType(WorkflowTraceType.HELLO);
WorkflowExecutor workflowExecutor = WorkflowExecutorFactory.createWorkflowExecutor(
WorkflowExecutorType.DEFAULT, state);
try {
workflowExecutor.executeWorkflow();
} catch (WorkflowExecutionException E) {
LOGGER.warn("Could not fetch ServerCertificate");
LOGGER.debug(E);
}
return state.getTlsContext().getServerCertificate();
}
示例11: parsePublicKey
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
/**
* Parses the leaf Certificate PublicKey from the CertificateStructure
*
* @param cert
* The Certificate from which the PublicKey should be extracted
* @return The parsed PublicKey
*/
public static PublicKey parsePublicKey(Certificate cert) {
try {
X509CertificateObject certObj = new X509CertificateObject(cert.getCertificateAt(0));
return certObj.getPublicKey();
} catch (CertificateParsingException | IllegalArgumentException | ClassCastException ex) {
LOGGER.warn("Could not extract public key from Certificate!");
LOGGER.debug(ex);
return null;
}
}
示例12: hasDHParameters
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
public static boolean hasDHParameters(Certificate cert) {
if (cert.isEmpty()) {
return false;
}
SubjectPublicKeyInfo keyInfo = cert.getCertificateAt(0).getSubjectPublicKeyInfo();
return keyInfo.getAlgorithm().getAlgorithm().equals(X9ObjectIdentifiers.dhpublicnumber);
}
示例13: hasECParameters
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
public static boolean hasECParameters(Certificate cert) {
if (cert.isEmpty()) {
return false;
}
SubjectPublicKeyInfo keyInfo = cert.getCertificateAt(0).getSubjectPublicKeyInfo();
return keyInfo.getAlgorithm().getAlgorithm().equals(X9ObjectIdentifiers.id_ecPublicKey);
}
示例14: hasRSAParameters
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
public static boolean hasRSAParameters(Certificate cert) {
if (cert.isEmpty()) {
return false;
}
PublicKey key = parsePublicKey(cert);
return key != null && key instanceof RSAPublicKey;
}
示例15: extractDHPublicKeyParameters
import org.bouncycastle.crypto.tls.Certificate; //导入依赖的package包/类
public static DHPublicKeyParameters extractDHPublicKeyParameters(Certificate cert) throws IOException {
if (hasDHParameters(cert)) {
SubjectPublicKeyInfo keyInfo = cert.getCertificateAt(0).getSubjectPublicKeyInfo();
return (DHPublicKeyParameters) PublicKeyFactory.createKey(keyInfo);
} else {
throw new IOException();
}
}