本文整理汇总了Java中org.globus.gsi.X509ExtensionSet类的典型用法代码示例。如果您正苦于以下问题:Java X509ExtensionSet类的具体用法?Java X509ExtensionSet怎么用?Java X509ExtensionSet使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
X509ExtensionSet类属于org.globus.gsi包,在下文中一共展示了X509ExtensionSet类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: sign
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
/**
* Sign.
*/
private void sign() {
try {
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
X509ExtensionSet extSet = null;
// if (proxyCertInfo != null) {
// extSet = new X509ExtensionSet();
// if (CertUtil.isGsi4Proxy(proxyType)) {
// // RFC compliant OID
// extSet.add(new ProxyCertInfoExtension(proxyCertInfo));
// } else {
// // old OID
// extSet.add(new GlobusProxyCertInfoExtension(proxyCertInfo));
// }
// }
proxy = factory.createCredential(certificates, userKey, bits, lifetime, proxyType, extSet);
} catch (GeneralSecurityException e) {
System.err.println("Failed to create a proxy: " + e.getMessage());
}
}
示例2: createCertificate
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
/**
* Creates a proxy certificate from the certificate request.
*
* @see #createCertificate(InputStream, X509Certificate, PrivateKey,
* int, int, X509ExtensionSet, String) createCertificate
*/
public X509Certificate createCertificate(InputStream certRequestInputStream,
X509Certificate cert,
PrivateKey privateKey,
int lifetime,
int delegationMode,
X509ExtensionSet extSet)
throws IOException, GeneralSecurityException {
return createCertificate(certRequestInputStream,
cert,
privateKey,
lifetime,
delegationMode,
extSet,
null);
}
示例3: testResctrictedNoProxyCertInfoExt
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public void testResctrictedNoProxyCertInfoExt() throws Exception {
GlobusCredential cred = GlobusCredential.getDefaultCredential();
try {
factory.createCredential(cred.getCertificateChain(),
cred.getPrivateKey(),
512,
60 * 60,
GSIConstants.GSI_3_RESTRICTED_PROXY,
(X509ExtensionSet)null,
null);
fail("Expected to fail");
} catch (IllegalArgumentException e) {
// that's what we expected
}
}
示例4: changeGlobusProxy
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
/**
* Change the type of the Globus Proxy Credential with optional new
* ExtensionSet. Older implementations and for example VOMS enabled proxies
* must be of of GSI_2_PROXY type.
*
* @param proxy
* - original Globus Proxy
* @param proxyType
* - new Proxy Type, for example 'legacy' type:
* <code>GSIConstants.GSI_2_PROXY</code>
* @param extensions
* - X509ExtensionSet, if null extensions will be removed.
* @return new changed GlobusCredential.
* @throws GeneralSecurityException
* @see GSIConstants
*/
public static GlobusCredential changeGlobusProxy(GlobusCredential proxy, int proxyType, X509ExtensionSet extensions)
throws GeneralSecurityException
{
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
if (proxyType <= 0)
{
proxyType = GSIConstants.GSI_2_PROXY;
}
int timeLeft = (int) proxy.getTimeLeft();
int numBits = proxy.getStrength();
GlobusCredential newProxy = factory.createCredential(proxy.getCertificateChain(),
proxy.getPrivateKey(),
numBits,
timeLeft,
proxyType,
extensions,
null);
return newProxy;
}
示例5: makeProxy
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
private GlobusCredential makeProxy(KeyPair kp, X509Certificate issuerCert) throws GeneralSecurityException {
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
KeyPair newKeyPair = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
return factory.createCredential(new X509Certificate[] { issuerCert },
kp.getPrivate(), CA_CERT_BITS, (int) (CA_CERT_LIFETIME / 1000), GSIConstants.DELEGATION_FULL,
(X509ExtensionSet) null);
}
示例6: generateNewCredential
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
private GlobusCredential generateNewCredential(Key key) throws GlobusCredentialException,
InvalidSecurityContextException, GeneralSecurityException {
GlobusCredential src = GlobusCredential.getDefaultCredential();
if (src == null) {
throw new InvalidSecurityContextException("No default credential found");
}
// If only the security stuff in [email protected] would be
// separable from the WS crap
BouncyCastleCertProcessingFactory factory =
BouncyCastleCertProcessingFactory.getDefault();
int delegType = (key.delegationType == Delegation.FULL_DELEGATION ?
GSIConstants.DELEGATION_FULL : GSIConstants.DELEGATION_LIMITED);
KeyPair newKeyPair = CertUtil.generateKeyPair("RSA", src.getStrength());
X509Certificate[] srcChain = src.getCertificateChain();
X509Certificate newCert = null;
try {
newCert = factory.createProxyCertificate(srcChain[0],
src.getPrivateKey(),
newKeyPair.getPublic(), -1,
key.delegationType == Delegation.FULL_DELEGATION ?
GSIConstants.DELEGATION_FULL
: GSIConstants.DELEGATION_LIMITED,
(X509ExtensionSet) null, null);
}
catch (GeneralSecurityException e) {
throw new InvalidSecurityContextException("Delegation failed", e);
}
X509Certificate[] newChain = new X509Certificate[srcChain.length + 1];
newChain[0] = newCert;
System.arraycopy(srcChain, 0, newChain, 1, srcChain.length);
return new GlobusCredential(newKeyPair.getPrivate(), newChain);
}
示例7: createProxy
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public GlobusCredential createProxy(String pwd)
throws Exception {
getProperties();
userCert = CertUtil.loadCertificate(props.getUserCertFile());
OpenSSLKey key =
new BouncyCastleOpenSSLKey(props.getUserKeyFile());
if (key.isEncrypted()) {
try {
key.decrypt(pwd);
} catch(GeneralSecurityException e) {
throw new Exception("Wrong password or other security error");
}
}
PrivateKey userKey = key.getPrivateKey();
BouncyCastleCertProcessingFactory factory =
BouncyCastleCertProcessingFactory.getDefault();
int proxyType = (getLimited()) ?
GSIConstants.DELEGATION_LIMITED :
GSIConstants.DELEGATION_FULL;
return factory.createCredential(new X509Certificate[] {userCert},
userKey,
props.getProxyStrength(),
props.getProxyLifeTime() * 3600,
proxyType,
(X509ExtensionSet)null);
}
示例8: createCredential
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
/**
* Creates a new proxy credential from the specified certificate
* chain and a private key.
*
* @see #createCredential(X509Certificate[], PrivateKey, int,
* int, int, X509ExtensionSet, String) createCredential
*/
public GlobusCredential createCredential(X509Certificate [] certs,
PrivateKey privateKey,
int bits,
int lifetime,
int delegationMode)
throws GeneralSecurityException {
return createCredential(certs, privateKey, bits,
lifetime, delegationMode,
(X509ExtensionSet)null, null);
}
示例9: testExtensions
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public void testExtensions() throws Exception {
GlobusCredential cred = GlobusCredential.getDefaultCredential();
X509Extension ext = null;
String oid1 = "1.2.3.4";
String expectedValue1 = "foo";
boolean critical1 = false;
String oid2 = "5.6.7.8";
String expectedValue2 = "bar";
boolean critical2 = true;
X509ExtensionSet extSet = new X509ExtensionSet();
ext = new X509Extension(oid1, critical1, expectedValue1.getBytes());
extSet.add(ext);
ext = new X509Extension(oid2, critical2, expectedValue2.getBytes());
extSet.add(ext);
GlobusCredential newCred =
factory.createCredential(cred.getCertificateChain(),
cred.getPrivateKey(),
512,
60 * 60,
GSIConstants.GSI_3_IMPERSONATION_PROXY,
extSet,
null);
X509Certificate newCert = newCred.getCertificateChain()[0];
System.out.println(newCert);
verifyExtension(newCert, oid1, expectedValue1, critical1);
verifyExtension(newCert, oid2, expectedValue2, critical2);
}
示例10: create
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public void create() throws GeneralSecurityException
{
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
// No Extensions for legacy proxies:
// Extensions can be used for example to create VOMS enabled proxies.
X509ExtensionSet extSet = null;
proxy = factory.createCredential(userCertificates,
userKey,
bits,
lifetime,
proxyType,
extSet);
}
示例11: createImpersonationProxyCertificate
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public static X509Certificate[] createImpersonationProxyCertificate(String provider, X509Certificate[] certs,
PrivateKey privateKey, PublicKey proxyPublicKey, int lifetimeHours, int lifetimeMinutes, int lifetimeSeconds,
int delegationPathLength, String signatureAlgorithm) throws GeneralSecurityException {
ProxyPolicy policy = new ProxyPolicy(ProxyPolicy.IMPERSONATION);
ProxyCertInfo proxyCertInfo = new ProxyCertInfo(delegationPathLength, policy);
org.globus.gsi.X509Extension x509Ext = new ProxyCertInfoExtension(proxyCertInfo);
X509ExtensionSet extSet = new X509ExtensionSet();
extSet.add(x509Ext);
return createProxyCertificate(provider, certs, privateKey, proxyPublicKey, lifetimeHours, lifetimeMinutes,
lifetimeSeconds, GSIConstants.GSI_4_IMPERSONATION_PROXY, extSet, signatureAlgorithm);
}
示例12: createProxyCertificate
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public static X509Certificate[] createProxyCertificate(X509Certificate[] certs, PrivateKey privateKey,
PublicKey proxyPublicKey, int lifetimeHours, int lifetimeMinutes, int lifetimeSeconds, int proxyType,
X509ExtensionSet extSet) throws GeneralSecurityException {
SecurityUtil.init();
return createProxyCertificate("BC", certs, privateKey, proxyPublicKey, lifetimeHours, lifetimeMinutes,
lifetimeSeconds, proxyType, extSet, SIGNATURE_ALGORITHM);
}
示例13: createCertificate
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
/**
* Creates a proxy certificate from the certificate request.
*
* @see #createCertificate(InputStream, X509Certificate, PrivateKey, int,
* int, X509ExtensionSet, String) createCertificate
*/
public X509Certificate createCertificate(String provider, InputStream certRequestInputStream, X509Certificate cert,
PrivateKey privateKey, int lifetime, int delegationMode, String signatureAlgorithm) throws IOException,
GeneralSecurityException {
return createCertificate(provider, certRequestInputStream, cert, privateKey, lifetime, delegationMode,
(X509ExtensionSet) null, null, signatureAlgorithm);
}
示例14: createProxyCertificate
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
public static X509Certificate[] createProxyCertificate(X509Certificate[] certs, PrivateKey privateKey,
PublicKey proxyPublicKey, int lifetimeHours, int lifetimeMinutes, int lifetimeSeconds, int proxyType,
X509ExtensionSet extSet) throws GeneralSecurityException {
SecurityUtil.init();
return createProxyCertificate("BC", certs, privateKey, proxyPublicKey, lifetimeHours, lifetimeMinutes,
lifetimeSeconds, proxyType, extSet, certs[0].getSigAlgName());
}
示例15: createCredential
import org.globus.gsi.X509ExtensionSet; //导入依赖的package包/类
/**
* Creates a new proxy credential from the specified certificate chain and a
* private key. A set of X.509 extensions can be optionally included in the
* new proxy certificate. This function automatically creates a "RSA"-based
* key pair.
*
* @see #createProxyCertificate(X509Certificate, PrivateKey, PublicKey, int,
* int, X509ExtensionSet, String) createProxyCertificate
* @param certs
* the certificate chain for the new proxy credential. The
* top-most certificate <code>cert[0]</code> will be designated
* as the issuing certificate.
* @param privateKey
* the private key of the issuing certificate. The new proxy
* certificate will be signed with that private key.
* @param bits
* the strength of the key pair for the new proxy certificate.
* @param lifetime
* lifetime of the new certificate in seconds. If 0 (or less
* then) the new certificate will have the same lifetime as the
* issuing certificate.
* @param delegationMode
* the type of proxy credential to create
* @param extSet
* a set of X.509 extensions to be included in the new proxy
* certificate. Can be null. If delegation mode is
* {@link GSIConstants#GSI_3_RESTRICTED_PROXY
* GSIConstants.GSI_3_RESTRICTED_PROXY} then
* {@link org.globus.gsi.proxy.ext.ProxyCertInfoExtension
* ProxyCertInfoExtension} must be present in the extension set.
* @param cnValue
* the value of the CN component of the subject of the new proxy
* credential. If null, the defaults will be used depending on
* the proxy certificate type created.
* @return <code>GlobusCredential</code> the new proxy credential.
* @exception GeneralSecurityException
* if a security error occurs.
*/
public GlobusCredential createCredential(String provider, X509Certificate[] certs, PrivateKey privateKey, int bits,
int lifetime, int delegationMode, X509ExtensionSet extSet, String cnValue, String signatureAlgorithm)
throws GeneralSecurityException {
KeyPairGenerator keyGen = null;
keyGen = KeyPairGenerator.getInstance("RSA", "BC");
keyGen.initialize(bits);
KeyPair keyPair = keyGen.genKeyPair();
X509Certificate newCert = createProxyCertificate(provider, certs[0], privateKey, keyPair.getPublic(), lifetime,
delegationMode, extSet, cnValue, signatureAlgorithm);
X509Certificate[] newCerts = new X509Certificate[certs.length + 1];
newCerts[0] = newCert;
System.arraycopy(certs, 0, newCerts, 1, certs.length);
return new GlobusCredential(keyPair.getPrivate(), newCerts);
}