本文整理汇总了Java中org.globus.gsi.CertUtil类的典型用法代码示例。如果您正苦于以下问题:Java CertUtil类的具体用法?Java CertUtil怎么用?Java CertUtil使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
CertUtil类属于org.globus.gsi包,在下文中一共展示了CertUtil类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: doInfo
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private void doInfo() {
int credLifetime = credLifetimeNumDays * 24 * 3600;
CertUtil.init();
boolean bInfOk = false;
MyProxy myProxy = new MyProxy(hostname, MYPROXY_SERVER_PORT);
if( credential == null && keyPassword.length() > 0){
credential = createNewProxy(keyPassword, credLifetime, KEY_LENGTH);
}
CredentialInfo inf = null;
try {
inf = myProxy.info(credential, username, myproxyPassword);
bInfOk = true;
}
catch(MyProxyException e){
appendExceptionDetailsToStatus(e);
}
if( bInfOk ){
appendToStatus(getLocString("msg006") + hostname + " " + inf.getOwner() );
}
}
示例2: doDestroy
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private void doDestroy() {
int credLifetime = credLifetimeNumDays * 24 * 3600;
CertUtil.init();
boolean bDestroyOk = false;
MyProxy myProxy = new MyProxy(hostname, MYPROXY_SERVER_PORT);
if( credential == null ){
credential = createNewProxy(keyPassword, credLifetime, KEY_LENGTH);
}
if( credential != null ){
try {
myProxy.destroy(credential, username, myproxyPassword);
bDestroyOk= true;
}
catch(MyProxyException e){
appendExceptionDetailsToStatus(e);
}
if( bDestroyOk){
appendToStatus(getLocString("msg007") + username );
}
}
}
示例3: doPut
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private void doPut() {
int lifetime = PORTAL_LIFETIME_HOURS * 3600;
int credLifetime = credLifetimeNumDays * 24 * 3600;
CertUtil.init();
boolean bPutOk = false;
MyProxy myProxy = new MyProxy(hostname, MYPROXY_SERVER_PORT);
if( credential == null ) {
credential = createNewProxy(keyPassword, credLifetime, KEY_LENGTH);
}
if( credential != null ){
try {
myProxy.put(credential, username, myproxyPassword, lifetime);
bPutOk = true;
}
catch(MyProxyException e){
appendExceptionDetailsToStatus(e);
}
if( bPutOk ){
appendToStatus(getLocString("msg008") + credLifetime / 3600 + getLocString("msg009") + (credLifetime / (3600 * 24)) + getLocString("msg010") + username + getLocString("msg011") + hostname + ".");
}
}
}
示例4: main
import org.globus.gsi.CertUtil; //导入依赖的package包/类
public static void main(String args[]) {
CertUtil.init();
GridProxyInit gpiFrame = new GridProxyInit(null, true);
gpiFrame.setRunAsApplication(true);
gpiFrame.saveProxy(true);
WindowListener l = new WindowAdapter() {
public void windowClosing(WindowEvent e) {
System.exit(0);
}
};
gpiFrame.addWindowListener(l);
gpiFrame.pack();
UITools.center(null, gpiFrame);
gpiFrame.setVisible(true);
}
示例5: checkIdentity
import org.globus.gsi.CertUtil; //导入依赖的package包/类
protected void checkIdentity(X509Certificate cert, int certType)
throws ProxyPathValidatorException {
if (this.identityCert == null) {
// check if limited
if (CertUtil.isLimitedProxy(certType)) {
this.limited = true;
if (this.rejectLimitedProxyCheck) {
throw new ProxyPathValidatorException(
ProxyPathValidatorException.LIMITED_PROXY_ERROR,
cert,
"Limited Proxies not accepted");
}
}
// set the identity cert
if (!CertUtil.isImpersonationProxy(certType)) {
this.identityCert = cert;
}
}
}
示例6: checkIdentity
import org.globus.gsi.CertUtil; //导入依赖的package包/类
protected void checkIdentity(X509Certificate cert, int certType) throws ProxyPathValidatorException {
if (this.identityCert == null) {
// check if limited
if (CertUtil.isLimitedProxy(certType)) {
this.limited = true;
if (this.rejectLimitedProxyCheck) {
throw new ProxyPathValidatorException(ProxyPathValidatorException.LIMITED_PROXY_ERROR, cert,
"Limited Proxies not accepted");
}
}
// set the identity cert
if (!CertUtil.isImpersonationProxy(certType)) {
this.identityCert = cert;
}
}
}
示例7: checkUnsupportedCriticalExtensions
import org.globus.gsi.CertUtil; //导入依赖的package包/类
protected void checkUnsupportedCriticalExtensions(TBSCertificateStructure crt, int certType,
X509Certificate checkedProxy) throws ProxyPathValidatorException {
logger.debug("enter: checkUnsupportedCriticalExtensions");
X509Extensions extensions = crt.getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
X509Extension ext = extensions.getExtension(oid);
if (ext.isCritical()) {
if (oid.equals(X509Extensions.BasicConstraints) || oid.equals(X509Extensions.KeyUsage)
|| (oid.equals(ProxyCertInfo.OID) && CertUtil.isGsi4Proxy(certType))
|| (oid.equals(ProxyCertInfo.OLD_OID) && CertUtil.isGsi3Proxy(certType))) {
} else {
throw new ProxyPathValidatorException(ProxyPathValidatorException.UNSUPPORTED_EXTENSION,
checkedProxy, "Unsuppored critical exception : " + oid.getId());
}
}
}
}
logger.debug("exit: checkUnsupportedCriticalExtensions");
}
示例8: execute
import org.globus.gsi.CertUtil; //导入依赖的package包/类
@Override
public void execute() throws Exception {
BootstrapperSpringUtils utils = new BootstrapperSpringUtils();
Dorian dorian = utils.getDorian();
X509Certificate certificate = dorian.getCACertificate();
KeyStore trustStore = KeyStore.getInstance("JKS");
trustStore.load(null, null);
trustStore.setCertificateEntry(ALIAS, certificate);
FileOutputStream truststoreStream = new FileOutputStream(
TRUSTSTORE_PATH);
trustStore.store(truststoreStream, STORE_PASSWORD);
truststoreStream.close();
System.out.println("Trust store written to " + TRUSTSTORE_PATH);
String certFile = certificate.getSerialNumber().toString() + ".pem";
FileOutputStream certStream = new FileOutputStream(certFile);
CertUtil.writeCertificate(certStream, certificate);
certStream.close();
System.out.println("Certificate written to " + certFile);
}
示例9: createAll
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private X509Certificate createAll(int index) throws GeneralSecurityException, IOException {
logger.info("Generating CA key pair");
KeyPair ca = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
OpenSSLKey caKey = new BouncyCastleOpenSSLKey(ca.getPrivate());
logger.info("Self-signing CA certificate");
X509Certificate caCert = genCert(ca.getPrivate(), ca.getPublic(), CA_CERT_DN, CA_CERT_DN, null);
logger.info("Generating user key pair");
KeyPair user = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
OpenSSLKey userKey = new BouncyCastleOpenSSLKey(user.getPrivate());
logger.info("Signing user certificate");
X509Certificate userCert = genCert(ca.getPrivate(), user.getPublic(), USER_CERT_DN, CA_CERT_DN,
createExtensions(ca.getPublic(), user.getPublic()));
logger.info("Generating proxy certificate");
GlobusCredential proxy = makeProxy(user, userCert);
try {
logger.info("Writing keys, certificates, and proxy");
writeKey(caKey, makeFile(CA_KEY_NAME_PREFIX, index));
writeCert(caCert, makeFile(CA_CRT_NAME_PREFIX, index));
writeKey(userKey, makeFile(USER_KEY_NAME_PREFIX, index));
writeCert(userCert, makeFile(USER_CRT_NAME_PREFIX, index));
writeProxy(proxy, makeFile(PROXY_NAME_PREFIX, index));
copySigningPolicy(index);
}
catch (GeneralSecurityException e) {
deleteAll(index);
throw e;
}
return cert;
}
示例10: makeProxy
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private GlobusCredential makeProxy(KeyPair kp, X509Certificate issuerCert) throws GeneralSecurityException {
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
KeyPair newKeyPair = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
return factory.createCredential(new X509Certificate[] { issuerCert },
kp.getPrivate(), CA_CERT_BITS, (int) (CA_CERT_LIFETIME / 1000), GSIConstants.DELEGATION_FULL,
(X509ExtensionSet) null);
}
示例11: writeCert
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private void writeCert(X509Certificate cert, File f) throws GeneralSecurityException {
try {
OutputStream fw = openStream(f);
if (!SHARED_PROXIES) {
f.deleteOnExit();
}
CertUtil.writeCertificate(fw, cert);
}
catch (Exception e) {
throw new GeneralSecurityException("Failed to save X509 certificate", e);
}
}
示例12: generateNewCredential
import org.globus.gsi.CertUtil; //导入依赖的package包/类
private GlobusCredential generateNewCredential(Key key) throws GlobusCredentialException,
InvalidSecurityContextException, GeneralSecurityException {
GlobusCredential src = GlobusCredential.getDefaultCredential();
if (src == null) {
throw new InvalidSecurityContextException("No default credential found");
}
// If only the security stuff in [email protected] would be
// separable from the WS crap
BouncyCastleCertProcessingFactory factory =
BouncyCastleCertProcessingFactory.getDefault();
int delegType = (key.delegationType == Delegation.FULL_DELEGATION ?
GSIConstants.DELEGATION_FULL : GSIConstants.DELEGATION_LIMITED);
KeyPair newKeyPair = CertUtil.generateKeyPair("RSA", src.getStrength());
X509Certificate[] srcChain = src.getCertificateChain();
X509Certificate newCert = null;
try {
newCert = factory.createProxyCertificate(srcChain[0],
src.getPrivateKey(),
newKeyPair.getPublic(), -1,
key.delegationType == Delegation.FULL_DELEGATION ?
GSIConstants.DELEGATION_FULL
: GSIConstants.DELEGATION_LIMITED,
(X509ExtensionSet) null, null);
}
catch (GeneralSecurityException e) {
throw new InvalidSecurityContextException("Delegation failed", e);
}
X509Certificate[] newChain = new X509Certificate[srcChain.length + 1];
newChain[0] = newCert;
System.arraycopy(srcChain, 0, newChain, 1, srcChain.length);
return new GlobusCredential(newKeyPair.getPrivate(), newChain);
}
示例13: createProxy
import org.globus.gsi.CertUtil; //导入依赖的package包/类
public GlobusCredential createProxy(String pwd)
throws Exception {
getProperties();
userCert = CertUtil.loadCertificate(props.getUserCertFile());
OpenSSLKey key =
new BouncyCastleOpenSSLKey(props.getUserKeyFile());
if (key.isEncrypted()) {
try {
key.decrypt(pwd);
} catch(GeneralSecurityException e) {
throw new Exception("Wrong password or other security error");
}
}
PrivateKey userKey = key.getPrivateKey();
BouncyCastleCertProcessingFactory factory =
BouncyCastleCertProcessingFactory.getDefault();
int proxyType = (getLimited()) ?
GSIConstants.DELEGATION_LIMITED :
GSIConstants.DELEGATION_FULL;
return factory.createCredential(new X509Certificate[] {userCert},
userKey,
props.getProxyStrength(),
props.getProxyLifeTime() * 3600,
proxyType,
(X509ExtensionSet)null);
}
示例14: loadCert
import org.globus.gsi.CertUtil; //导入依赖的package包/类
public void loadCert(String certFile) {
try {
X509Certificate cert = CertUtil.loadCertificate(certFile);
certificates.addElement(new CertInfo(cert, certFile));
} catch(Exception e) {
}
}
示例15: getIdentityCertificate
import org.globus.gsi.CertUtil; //导入依赖的package包/类
/**
* Finds the identity certificate in the given chain.
* The identity certificate is the first certificate in the
* chain that is not an impersonation proxy (full or limited)
*
* @param chain the certificate chain to find the identity
* certificate in.
* @return the identity certificate.
* @exception CertificateException if something goes wrong.
*/
public static X509Certificate getIdentityCertificate(X509Certificate [] chain)
throws CertificateException {
if (chain == null) {
throw new IllegalArgumentException("chain == null");
}
int certType;
for (int i=0;i<chain.length;i++) {
certType = getCertificateType(chain[i]);
if (!CertUtil.isImpersonationProxy(certType)) {
return chain[i];
}
}
return null;
}