本文整理汇总了Java中org.bouncycastle.jce.provider.X509CertParser类的典型用法代码示例。如果您正苦于以下问题:Java X509CertParser类的具体用法?Java X509CertParser怎么用?Java X509CertParser使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
X509CertParser类属于org.bouncycastle.jce.provider包,在下文中一共展示了X509CertParser类的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: PdfPKCS7
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
/**
* Verifies a signature using the sub-filter adbe.x509.rsa_sha1.
* @param contentsKey the /Contents key
* @param certsKey the /Cert key
* @param provider the provider or <code>null</code> for the default provider
*/
public PdfPKCS7(byte[] contentsKey, byte[] certsKey, String provider) {
try {
this.provider = provider;
X509CertParser cr = new X509CertParser();
cr.engineInit(new ByteArrayInputStream(certsKey));
certs = cr.engineReadAll();
signCerts = certs;
signCert = (X509Certificate)certs.iterator().next();
crls = new ArrayList();
ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(contentsKey));
digest = ((DEROctetString)in.readObject()).getOctets();
if (provider == null)
sig = Signature.getInstance("SHA1withRSA");
else
sig = Signature.getInstance("SHA1withRSA", provider);
sig.initVerify(signCert.getPublicKey());
}
catch (Exception e) {
throw new ExceptionConverter(e);
}
}
示例2: parse
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
public static X509CertificateWrapper parse(final RpslObject rpslObject) {
if (!looksLikeX509Key(rpslObject)) {
throw new IllegalArgumentException("The supplied object has no key");
}
try {
final byte[] bytes = RpslObjectFilter.getCertificateFromKeyCert(rpslObject).getBytes(Charsets.ISO_8859_1);
X509CertParser parser = new X509CertParser();
parser.engineInit(new ByteArrayInputStream(bytes));
X509Certificate result = (X509Certificate) parser.engineRead();
if (result == null) {
throw new IllegalArgumentException("Invalid X509 Certificate");
}
return new X509CertificateWrapper(result);
} catch (StreamParsingException e) {
throw new IllegalArgumentException("Error parsing X509 certificate from key-cert object", e);
}
}
示例3: getEncryptionCredential
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
private Credential getEncryptionCredential(final WsFederationConfiguration config) {
try {
// This will need to contain the private keypair in PEM format
final BufferedReader br = new BufferedReader(new InputStreamReader(config.getEncryptionPrivateKey().getInputStream()));
Security.addProvider(new BouncyCastleProvider());
final PEMParser pemParser = new PEMParser(br);
final Object privateKeyPemObject = pemParser.readObject();
final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());
final KeyPair kp;
if (privateKeyPemObject instanceof PEMEncryptedKeyPair) {
final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyPemObject;
final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
.build(config.getEncryptionPrivateKeyPassword().toCharArray());
kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
} else {
kp = converter.getKeyPair((PEMKeyPair) privateKeyPemObject);
}
final X509CertParser certParser = new X509CertParser();
// This is the certificate shared with ADFS in DER format, i.e certificate.crt
certParser.engineInit(config.getEncryptionCertificate().getInputStream());
final X509CertificateObject cert = (X509CertificateObject) certParser.engineRead();
return new BasicX509Credential(cert, kp.getPrivate());
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例4: createCerts
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
private Set createCerts(List list, X509CertStoreSelector xselector)
throws StoreException
{
Set certSet = new HashSet();
Iterator it = list.iterator();
X509CertParser parser = new X509CertParser();
while (it.hasNext())
{
try
{
parser.engineInit(new ByteArrayInputStream((byte[])it
.next()));
X509Certificate cert = (X509Certificate)parser
.engineRead();
if (xselector.match((Object)cert))
{
certSet.add(cert);
}
}
catch (Exception e)
{
}
}
return certSet;
}
示例5: extractCertificate
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
private X509Certificate extractCertificate(final String[] domains, InputStream inputStream)
throws StreamParsingException {
X509CertParser certParser = new X509CertParser();
certParser.engineInit(inputStream);
X509Certificate certificate = (X509Certificate) certParser.engineRead();
certificateStorage.saveCertificate(domains, certificate);
return certificate;
}
示例6: apply
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
@Override
public Object apply(Object input) {
if (input instanceof String && input.toString().contains("BEGIN CERTIFICATE")) {
try {
X509CertParser x509CertParser = new X509CertParser();
x509CertParser.engineInit(new ByteArrayInputStream(input.toString().getBytes()));
return x509CertParser.engineRead();
} catch (Exception ex) {
return input;
}
}
return input;
}
示例7: getEncryptionCredential
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
private static Credential getEncryptionCredential(final WsFederationConfiguration config) {
try {
// This will need to contain the private keypair in PEM format
LOGGER.debug("Locating encryption credential private key [{}]", config.getEncryptionPrivateKey());
final BufferedReader br = new BufferedReader(new InputStreamReader(
config.getEncryptionPrivateKey().getInputStream(), StandardCharsets.UTF_8));
Security.addProvider(new BouncyCastleProvider());
LOGGER.debug("Parsing credential private key");
final PEMParser pemParser = new PEMParser(br);
final Object privateKeyPemObject = pemParser.readObject();
final JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider(new BouncyCastleProvider());
final KeyPair kp;
if (privateKeyPemObject instanceof PEMEncryptedKeyPair) {
LOGGER.debug("Encryption private key is an encrypted keypair");
final PEMEncryptedKeyPair ckp = (PEMEncryptedKeyPair) privateKeyPemObject;
final PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder()
.build(config.getEncryptionPrivateKeyPassword().toCharArray());
LOGGER.debug("Attempting to decrypt the encrypted keypair based on the provided encryption private key password");
kp = converter.getKeyPair(ckp.decryptKeyPair(decProv));
} else {
LOGGER.debug("Extracting a keypair from the private key");
kp = converter.getKeyPair((PEMKeyPair) privateKeyPemObject);
}
final X509CertParser certParser = new X509CertParser();
// This is the certificate shared with ADFS in DER format, i.e certificate.crt
LOGGER.debug("Locating encryption certificate [{}]", config.getEncryptionCertificate());
certParser.engineInit(config.getEncryptionCertificate().getInputStream());
LOGGER.debug("Invoking certificate engine to parse the certificate [{}]", config.getEncryptionCertificate());
final X509CertificateObject cert = (X509CertificateObject) certParser.engineRead();
LOGGER.debug("Creating final credential based on the certificate [{}] and the private key", cert.getIssuerDN());
return new BasicX509Credential(cert, kp.getPrivate());
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
示例8: init
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
public void init() throws SignatureIntegrityException {
SignatureDictionary signatureDictionary = signatureFieldDictionary.getSignatureDictionary();
announceSignatureType(signatureDictionary);
// start the decode of the raw type.
StringObject stringObject = signatureDictionary.getContents();
// make sure we don't loose any bytes converting the string in the raw.
byte[] cmsData = Utils.convertByteCharSequenceToByteArray(stringObject.getLiteralString());
// get the certificate
stringObject = signatureDictionary.getCertString();
// make sure we don't loose any bytes converting the string in the raw.
byte[] certsKey = Utils.convertByteCharSequenceToByteArray(stringObject.getLiteralString());
try {
X509CertParser x509CertParser = new X509CertParser();
x509CertParser.engineInit(new ByteArrayInputStream(certsKey));
certificateChain = x509CertParser.engineReadAll();
signerCertificate = (X509Certificate) certificateChain.iterator().next();
// content data is encrypted using the cert above.
ASN1InputStream asn1InputStream = new ASN1InputStream(new ByteArrayInputStream(cmsData));
ASN1Primitive tmp = asn1InputStream.readObject();
messageDigest = ((ASN1OctetString) tmp).getOctets();
String provider = signatureDictionary.getFilter().getName();
digestAlgorithmIdentifier = OIWObjectIdentifiers.idSHA1.getId();
signatureAlgorithmIdentifier = PKCSObjectIdentifiers.rsaEncryption.getId();
// basic creation and public key check which should throw any format errors.
createSignature(signerCertificate.getPublicKey(), provider,
signatureAlgorithmIdentifier, digestAlgorithmIdentifier);
// Use RSA/ECB/NoPadding do decrypt the message digest
Cipher asymmetricCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
// initialize your cipher
asymmetricCipher.init(Cipher.DECRYPT_MODE, signerCertificate.getPublicKey());
// assuming, cipherText is a byte array containing your encrypted message
messageDigest = asymmetricCipher.doFinal(messageDigest);
// trim the padding bytes
if (messageDigest.length > 20) {
// You can create the ASN.1 BER encoding of an MD5, SHA-1, or SHA-256 value by prepending these strings to
// the 16-byte or 20-byte hash values, respectively:
// We always assume sha1 which is:
// ref: sha1 : X'30213009 06052B0E 03021A05 000414'
// ref: SHA-256: X'3031300D 06096086 48016503 04020105 000420'
// ref: MD5: X'3020300C 06082A86 4886F70D 02050500 0410'
byte[] trunkedMD = new byte[20];
System.arraycopy(messageDigest, 15, trunkedMD, 0, 20);
messageDigest = trunkedMD;
}
} catch (Exception e) {
throw new SignatureIntegrityException(e);
}
initialized = true;
}
示例9: getCertificate
import org.bouncycastle.jce.provider.X509CertParser; //导入依赖的package包/类
private X509Certificate getCertificate(String certificate) throws StreamParsingException {
X509CertParser parser = new X509CertParser();
parser.engineInit(new ByteArrayInputStream(certificate.getBytes()));
return (X509Certificate) parser.engineRead();
}