当前位置: 首页>>代码示例>>Java>>正文


Java X509CertInfo类代码示例

本文整理汇总了Java中sun.security.x509.X509CertInfo的典型用法代码示例。如果您正苦于以下问题:Java X509CertInfo类的具体用法?Java X509CertInfo怎么用?Java X509CertInfo使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


X509CertInfo类属于sun.security.x509包,在下文中一共展示了X509CertInfo类的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: createSignedCertificate

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
private X509Certificate createSignedCertificate(X509Certificate cetrificate,
    X509Certificate issuerCertificate,
    PrivateKey issuerPrivateKey) throws Exception {

    Principal issuer = issuerCertificate.getSubjectDN();
    String issuerSigAlg = issuerCertificate.getSigAlgName();

    byte[] inCertBytes = cetrificate.getTBSCertificate();
    X509CertInfo info = new X509CertInfo(inCertBytes);
    info.set(X509CertInfo.ISSUER, issuer);

    //No need to add the BasicContraint for leaf cert
    if (!cetrificate.getSubjectDN().getName().equals("CN=TOP")) {
        CertificateExtensions exts = new CertificateExtensions();
        BasicConstraintsExtension bce = new BasicConstraintsExtension(true, -1);
        exts.set(BasicConstraintsExtension.NAME, new BasicConstraintsExtension(false, bce.getExtensionValue()));
        info.set(X509CertInfo.EXTENSIONS, exts);
    }

    X509CertImpl outCert = new X509CertImpl(info);
    outCert.sign(issuerPrivateKey, issuerSigAlg);

    return outCert;
}
 
开发者ID:jivesoftware,项目名称:routing-bird,代码行数:25,代码来源:RSAKeyPairGenerator.java

示例2: setKeyEntry

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
private static void setKeyEntry(KeyStore ks, String dn, long expire)
		throws GeneralSecurityException, IOException {
	KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
	kpg.initialize(1024);
	KeyPair keyPair = kpg.genKeyPair();
	long now = System.currentTimeMillis();
	X509CertInfo info = new X509CertInfo();
	info.set("version", new CertificateVersion(2));
	info.set("serialNumber", new CertificateSerialNumber(new BigInteger(128, random)));
	info.set("algorithmID",
			new CertificateAlgorithmId(AlgorithmId.get("SHA1withRSA")));
	X500Name x500Name = new X500Name(dn);
	info.set("subject", x500Name);
	info.set("key", new CertificateX509Key(keyPair.getPublic()));
	info.set("validity", new CertificateValidity(new
			Date(now), new Date(now + expire)));
	info.set("issuer", x500Name);
	X509CertImpl cert = new X509CertImpl(info);
	cert.sign(keyPair.getPrivate(), "SHA1withRSA");
	ks.setKeyEntry(Bytes.toHexLower(Bytes.random(16)),
			keyPair.getPrivate(), new char[0], new X509Certificate[] {cert});
}
 
开发者ID:xqbase,项目名称:tuna,代码行数:23,代码来源:TestSNI.java

示例3: populateCertIssuerNames

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
/**
 * Populate array of Issuer DNs from certificates and convert
 * each Principal to type X500Name if necessary.
 */
private void populateCertIssuerNames() {
    if (certificates == null)
        return;

    certIssuerNames = new Principal[certificates.length];
    for (int i = 0; i < certificates.length; i++) {
        X509Certificate cert = certificates[i];
        Principal certIssuerName = cert.getIssuerDN();
        if (!(certIssuerName instanceof X500Name)) {
            // must extract the original encoded form of DN for
            // subsequent name comparison checks (converting to a
            // String and back to an encoded DN could cause the
            // types of String attribute values to be changed)
            try {
                X509CertInfo tbsCert =
                    new X509CertInfo(cert.getTBSCertificate());
                certIssuerName = (Principal)
                    tbsCert.get(X509CertInfo.ISSUER + "." +
                                X509CertInfo.DN_NAME);
            } catch (Exception e) {
                // error generating X500Name object from the cert's
                // issuer DN, leave name as is.
            }
        }
        certIssuerNames[i] = certIssuerName;
    }
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:32,代码来源:PKCS7.java

示例4: createEphemeralCert

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
private String createEphemeralCert(Duration shiftIntoPast)
    throws GeneralSecurityException, IOException {
  Duration validFor = Duration.standardHours(1);
  DateTime notBefore = DateTime.now().minus(shiftIntoPast);
  DateTime notAfter = notBefore.plus(validFor);

  CertificateValidity interval = new CertificateValidity(notBefore.toDate(), notAfter.toDate());

  X509CertInfo info = new X509CertInfo();
  info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
  info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(1));
  info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(AlgorithmId.get("SHA1withRSA")));
  info.set(
      X509CertInfo.SUBJECT, new X500Name("C = US, O = Google\\, Inc, CN=temporary-subject"));
  info.set(X509CertInfo.KEY, new CertificateX509Key(clientKeyPair.getPublic()));
  info.set(X509CertInfo.VALIDITY, interval);
  info.set(
      X509CertInfo.ISSUER,
      new X500Name("C = US, O = Google\\, Inc, CN=Google Cloud SQL Signing CA foo:baz"));

  KeyFactory keyFactory = KeyFactory.getInstance("RSA");
  PKCS8EncodedKeySpec keySpec =
      new PKCS8EncodedKeySpec(DatatypeConverter.parseBase64Binary(
          TestKeys.SIGNING_CA_PRIVATE_KEY));
  PrivateKey signingKey = keyFactory.generatePrivate(keySpec);

  X509CertImpl cert = new X509CertImpl(info);
  cert.sign(signingKey, "SHA1withRSA");

  StringBuilder sb = new StringBuilder();
  sb.append("-----BEGIN CERTIFICATE-----\n");
  sb.append(
      DatatypeConverter.printBase64Binary(cert.getEncoded())
          .replaceAll("(.{64})", "$1\n"));
  sb.append("\n");
  sb.append("-----END CERTIFICATE-----\n");

  return sb.toString();
}
 
开发者ID:GoogleCloudPlatform,项目名称:cloud-sql-jdbc-socket-factory,代码行数:40,代码来源:SslSocketFactoryTest.java

示例5: generateCertificate

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
/**
 * Create a self-signed X.509 Certificate.
 * From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
 *
 * @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
 * @param pair the KeyPair
 * @param days how many days from now the Certificate is valid for
 * @param algorithm the signing algorithm, eg "SHA1withRSA"
 * @return the self-signed certificate
 * @throws IOException thrown if an IO error ocurred.
 * @throws GeneralSecurityException thrown if an Security error ocurred.
 */
public static X509Certificate generateCertificate(String dn, KeyPair pair,
                                                  int days, String algorithm)
  throws GeneralSecurityException, IOException {
  PrivateKey privkey = pair.getPrivate();
  X509CertInfo info = new X509CertInfo();
  Date from = new Date();
  Date to = new Date(from.getTime() + days * 86400000l);
  CertificateValidity interval = new CertificateValidity(from, to);
  BigInteger sn = new BigInteger(64, new SecureRandom());
  X500Name owner = new X500Name(dn);

  info.set(X509CertInfo.VALIDITY, interval);
  info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
  info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
  info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
  info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
  info
    .set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
  AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
  info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));

  // Sign the cert to identify the algorithm that's used.
  X509CertImpl cert = new X509CertImpl(info);
  cert.sign(privkey, algorithm);

  // Update the algorith, and resign.
  algo = (AlgorithmId) cert.get(X509CertImpl.SIG_ALG);
  info
    .set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM,
         algo);
  cert = new X509CertImpl(info);
  cert.sign(privkey, algorithm);
  return cert;
}
 
开发者ID:ict-carch,项目名称:hadoop-plus,代码行数:47,代码来源:KeyStoreTestUtil.java

示例6: populateCertIssuerNames

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
/**
 * Populate array of Issuer DNs from certificates and convert
 * each Principal to type X500Name if necessary.
 */
private void populateCertIssuerNames() {
    if (certificates == null)
        return;

    certIssuerNames = new Principal[certificates.length];
    for (int i = 0; i < certificates.length; i++) {
        X509Certificate cert = certificates[i];
        Principal certIssuerName = cert.getIssuerDN();
        if (!(certIssuerName instanceof X500Name)) {
            // must extract the original encoded form of DN for
            // subsequent name comparison checks (converting to a
            // String and back to an encoded DN could cause the
            // types of String attribute values to be changed)
            try {
                X509CertInfo tbsCert =
                    new X509CertInfo(cert.getTBSCertificate());
                certIssuerName = (Principal)
                    tbsCert.get(CertificateIssuerName.NAME + "." +
                                CertificateIssuerName.DN_NAME);
            } catch (Exception e) {
                // error generating X500Name object from the cert's
                // issuer DN, leave name as is.
            }
        }
        certIssuerNames[i] = certIssuerName;
    }
}
 
开发者ID:openjdk,项目名称:jdk7-jdk,代码行数:32,代码来源:PKCS7.java

示例7: generateCert

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
private static X509Certificate generateCert(
    String hostname, KeyPair kp, boolean isCertAuthority,
    PublicKey signerPublicKey, PrivateKey signerPrivateKey)
    throws IOException, CertificateException, NoSuchProviderException,
    NoSuchAlgorithmException, InvalidKeyException, SignatureException {
  X500Name issuer = new X500Name("CN=root" + issuerDirString);
  X500Name subject;
  if (hostname == null) {
    subject = issuer;
  } else {
    subject = new X500Name("CN=" + hostname + issuerDirString);
  }

  X509CertInfo info = new X509CertInfo();
  Date from = new Date();
  Date to = new Date(from.getTime() + 365 * 86400000l);
  CertificateValidity interval = new CertificateValidity(from, to);
  BigInteger sn = new BigInteger(64, new SecureRandom());

  info.set(X509CertInfo.VALIDITY, interval);
  info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
  info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(subject));
  info.set(X509CertInfo.ISSUER, new CertificateIssuerName(issuer));
  info.set(X509CertInfo.KEY, new CertificateX509Key(kp.getPublic()));
  info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
  AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
  info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));

  // Sign the cert to identify the algorithm that's used.
  X509CertImpl cert = new X509CertImpl(info);
  cert.sign(signerPrivateKey, signingAlgorithm);

  // Update the algorithm, and resign.
  algo = (AlgorithmId)cert.get(X509CertImpl.SIG_ALG);
  info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algo);
  cert = new X509CertImpl(info);
  cert.sign(signerPrivateKey, signingAlgorithm);
  return cert;
}
 
开发者ID:apache,项目名称:incubator-slider,代码行数:40,代码来源:CertUtil.java

示例8: getSSLContext

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
private static SSLContext getSSLContext(String dn, long expire)
		throws IOException, GeneralSecurityException {
	KeyManager[] kms;
	if (dn == null) {
		kms = SSLManagers.DEFAULT_KEY_MANAGERS;
	} else {
		KeyStore ks = KeyStore.getInstance("JKS");
		ks.load(null, null);
		KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
		kpg.initialize(1024);
		KeyPair keyPair = kpg.genKeyPair();
		long now = System.currentTimeMillis();
		X509CertInfo info = new X509CertInfo();
		info.set("version", new CertificateVersion(2));
		info.set("serialNumber", new CertificateSerialNumber(0));
		info.set("algorithmID",
				new CertificateAlgorithmId(AlgorithmId.get("SHA1withRSA")));
		X500Name x500Name = new X500Name(dn);
		info.set("subject", x500Name);
		info.set("key", new CertificateX509Key(keyPair.getPublic()));
		info.set("validity", new CertificateValidity(new
				Date(now), new Date(now + expire)));
		info.set("issuer", x500Name);
		X509CertImpl cert = new X509CertImpl(info);
		cert.sign(keyPair.getPrivate(), "SHA1withRSA");
		ks.setKeyEntry("", keyPair.getPrivate(), new char[0],
				new X509Certificate[] {cert});
		KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
		kmf.init(ks, new char[0]);
		kms = kmf.getKeyManagers();
	}
	SSLContext sslc = SSLContext.getInstance("TLS");
	sslc.init(kms, SSLManagers.DEFAULT_TRUST_MANAGERS, null);
	return sslc;
}
 
开发者ID:xqbase,项目名称:tuna,代码行数:36,代码来源:TunaProxy.java

示例9: get

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
static SSLContext get(String dn, long expire)
		throws IOException, GeneralSecurityException {
	KeyManager[] kms;
	if (dn == null) {
		kms = SSLManagers.DEFAULT_KEY_MANAGERS;
	} else {
		KeyStore ks = KeyStore.getInstance("JKS");
		ks.load(null, null);
		KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
		kpg.initialize(1024);
		KeyPair keyPair = kpg.genKeyPair();
		long now = System.currentTimeMillis();
		X509CertInfo info = new X509CertInfo();
		info.set("version", new CertificateVersion(2));
		info.set("serialNumber", new CertificateSerialNumber(new BigInteger(128, random)));
		info.set("algorithmID",
				new CertificateAlgorithmId(AlgorithmId.get("SHA1withRSA")));
		X500Name x500Name = new X500Name(dn);
		info.set("subject", x500Name);
		info.set("key", new CertificateX509Key(keyPair.getPublic()));
		info.set("validity", new CertificateValidity(new
				Date(now), new Date(now + expire)));
		info.set("issuer", x500Name);
		X509CertImpl cert = new X509CertImpl(info);
		cert.sign(keyPair.getPrivate(), "SHA1withRSA");
		ks.setKeyEntry("", keyPair.getPrivate(), new char[0],
				new X509Certificate[] {cert});
		KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
		kmf.init(ks, new char[0]);
		kms = kmf.getKeyManagers();
	}
	SSLContext sslc = SSLContext.getInstance("TLS");
	sslc.init(kms, SSLManagers.DEFAULT_TRUST_MANAGERS, null);
	return sslc;
}
 
开发者ID:xqbase,项目名称:tuna,代码行数:36,代码来源:SSLContexts.java

示例10: F

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
public F() {
    // jdk internal API
    cert = new X509CertInfo();
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:5,代码来源:F.java

示例11: createCert

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
/**
     * Create an X509 Certificate signed using SHA1withRSA with a 2048 bit key.
     * @param dname Domain Name to represent the certificate
     * @param notBefore The date by which the certificate starts being valid. Cannot be null.
     * @param validity The number of days the certificate is valid after notBefore.
     * @return An X509 certificate setup with properties using the specified parameters.
     * @throws Exception
     */
    public static X509Certificate createCert(String dname, Date notBefore, int validity)
            throws Exception {
        int keysize = 2048;
        String keyAlgName = "RSA";
        String sigAlgName = "SHA1withRSA";

        if (dname == null)
            throw new Exception("Required DN is null. Please specify cert Domain Name via dname");
        if (notBefore == null)
            throw new Exception("Required start date is null. Please specify the date at which the cert is valid via notBefore");
        if (validity < 0)
            throw new Exception("Required validity is negative. Please specify the number of days for which the cert is valid after the start date.");

        // KeyTool#doGenKeyPair
        X500Name x500Name = new X500Name(dname);

        KeyPair keyPair = new KeyPair(keyAlgName, sigAlgName, keysize);
        PrivateKey privKey = keyPair.getPrivateKey();

        X509Certificate oldCert = keyPair.getSelfCertificate(x500Name, notBefore, validity);

        // KeyTool#doSelfCert
        byte[] encoded = oldCert.getEncoded();
        X509CertImpl certImpl = new X509CertImpl(encoded);
        X509CertInfo certInfo = (X509CertInfo) certImpl.get(X509CertImpl.NAME
                + "." + X509CertImpl.INFO);

        Date notAfter = new Date(notBefore.getTime() + validity*1000L*24L*60L*60L);

        CertificateValidity interval = new CertificateValidity(notBefore,
                notAfter);

        certInfo.set(X509CertInfo.VALIDITY, interval);
        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(
                    new java.util.Random().nextInt() & 0x7fffffff));
        certInfo.set(X509CertInfo.SUBJECT + "." + CertificateSubjectName.DN_NAME, x500Name);
        certInfo.set(X509CertInfo.ISSUER + "." + CertificateIssuerName.DN_NAME, x500Name);

        // The inner and outer signature algorithms have to match.
        // The way we achieve that is really ugly, but there seems to be no
        // other solution: We first sign the cert, then retrieve the
        // outer sigalg and use it to set the inner sigalg
        X509CertImpl newCert = new X509CertImpl(certInfo);
        newCert.sign(privKey, sigAlgName);
        AlgorithmId sigAlgid = (AlgorithmId)newCert.get(X509CertImpl.SIG_ALG);
        certInfo.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, sigAlgid);

        certInfo.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));

        // FIXME Figure out extensions
//        CertificateExtensions ext = createV3Extensions(
//                null,
//                (CertificateExtensions)certInfo.get(X509CertInfo.EXTENSIONS),
//                v3ext,
//                oldCert.getPublicKey(),
//                null);
//        certInfo.set(X509CertInfo.EXTENSIONS, ext);

        newCert = new X509CertImpl(certInfo);
        newCert.sign(privKey, sigAlgName);

        return newCert;
    }
 
开发者ID:GITNE,项目名称:icedtea-web,代码行数:72,代码来源:CodeSignerCreator.java

示例12: generateCertificate

import sun.security.x509.X509CertInfo; //导入依赖的package包/类
/**
 * Create a self-signed X.509 Example
 *
 * @param dn
 *            the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
 * @param pair
 *            the KeyPair
 * @param days
 *            how many days from now the Example is valid for
 * @param algorithm
 *            the signing algorithm, eg "SHA1withRSA"
 */
public static CX509Certificate generateCertificate(final String aDn,
		final KeyPair aKeyPair, final int aNbDays, String aAlgorithm)
		throws IOException, CertificateException, InvalidKeyException,
		NoSuchAlgorithmException, NoSuchProviderException,
		SignatureException {
	if (aAlgorithm == null) {
		aAlgorithm = "SHA1withRSA";
	}
	PrivateKey privkey = aKeyPair.getPrivate();
	X509CertInfo wInfo = new X509CertInfo();
	Date from = new Date();
	Date to = new Date(from.getTime() + aNbDays * 86400000l);
	CertificateValidity interval = new CertificateValidity(from, to); // compute
																		// certificate
																		// validatity
	BigInteger sn = new BigInteger(64, new SecureRandom());
	X500Name owner = new X500Name(aDn);

	wInfo.set(X509CertInfo.VALIDITY, interval);
	wInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
	wInfo.set(X509CertInfo.SUBJECT, owner);
	wInfo.set(X509CertInfo.ISSUER, owner);
	wInfo.set(X509CertInfo.KEY,
			new CertificateX509Key(aKeyPair.getPublic()));
	wInfo.set(X509CertInfo.VERSION, new CertificateVersion(
			CertificateVersion.V3));
	AlgorithmId wAlgo = new AlgorithmId(
			AlgorithmId.md5WithRSAEncryption_oid);
	wInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(wAlgo));

	// Sign the cert to identify the algorithm that's used.
	X509CertImpl wCert = new X509CertImpl(wInfo);
	wCert.sign(privkey, aAlgorithm);

	// Update the algorith, and resign.
	wAlgo = (AlgorithmId) wCert.get(X509CertImpl.SIG_ALG);
	wInfo.set(CertificateAlgorithmId.NAME + "."
			+ CertificateAlgorithmId.ALGORITHM, wAlgo);
	wCert = new X509CertImpl(wInfo);
	wCert.sign(privkey, aAlgorithm);
	return new CX509Certificate(wCert);

}
 
开发者ID:isandlaTech,项目名称:cohorte-utilities,代码行数:56,代码来源:CX509CertiicateFactory.java


注:本文中的sun.security.x509.X509CertInfo类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。