本文整理汇总了Java中com.yahoo.athenz.auth.util.Crypto.generateX509Certificate方法的典型用法代码示例。如果您正苦于以下问题:Java Crypto.generateX509Certificate方法的具体用法?Java Crypto.generateX509Certificate怎么用?Java Crypto.generateX509Certificate使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类com.yahoo.athenz.auth.util.Crypto的用法示例。
在下文中一共展示了Crypto.generateX509Certificate方法的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testGenerateX509Certificate
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509Certificate() throws IOException {
Path path = Paths.get("src/test/resources/valid.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
X509Certificate caCertificate = Crypto.loadX509Certificate(ecPublicX509Cert);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(privateEncryptedKey, encryptedKeyPassword);
X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey,
caCertificate, 600, false);
assertNotNull(cert);
assertEquals(cert.getIssuerX500Principal().getName(),
"CN=athenz.syncer,O=My Test Company,L=Sunnyvale,ST=CA,C=US");
Date notAfter = cert.getNotAfter();
long diff = notAfter.getTime() - System.currentTimeMillis();
assertTrue(diff <= 600 * 60 * 1000); // convert minutes to milliseconds
}
示例2: testGenerateX509CertificateReqPrivateKey
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509CertificateReqPrivateKey() throws IOException {
Path path = Paths.get("src/test/resources/valid.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
X509Certificate caCertificate = Crypto.loadX509Certificate(ecPublicX509Cert);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(rsaPrivateKey);
X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey,
caCertificate, 600, false);
assertNotNull(cert);
assertEquals(cert.getIssuerX500Principal().getName(),
"CN=athenz.syncer,O=My Test Company,L=Sunnyvale,ST=CA,C=US");
}
示例3: testGenerateX509CertificateInvalid
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509CertificateInvalid() throws IOException {
Path path = Paths.get("src/test/resources/valid.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(rsaPrivateKey);
try {
Crypto.generateX509Certificate(certReq, caPrivateKey, (X500Name) null, 600, true);
fail();
} catch (CryptoException ex) {
assertTrue(true, "Caught excepted exception");
}
}
示例4: createCertificate
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
private static X509Certificate createCertificate(KeyPair keyPair, String subject) throws
OperatorCreationException, IOException {
PKCS10CertificationRequest csr =
Crypto.getPKCS10CertRequest(
Crypto.generateX509CSR(keyPair.getPrivate(), subject, null));
return Crypto.generateX509Certificate(csr, keyPair.getPrivate(), new X500Name(subject), 3600, false);
}
示例5: testGenerateX509CertificateAltNames
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509CertificateAltNames() throws IOException {
Path path = Paths.get("src/test/resources/csr_altnames.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
X509Certificate caCertificate = Crypto.loadX509Certificate(ecPublicX509Cert);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(privateEncryptedKey, encryptedKeyPassword);
X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey,
caCertificate, 600, true);
assertNotNull(cert);
}
示例6: create
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Override
public CertSigner create() {
// extract the private key for this self cert signer
final String pKeyFileName = System.getProperty(ZTSConsts.ZTS_PROP_SELF_SIGNER_PRIVATE_KEY_FNAME);
final String pKeyPassword = System.getProperty(ZTSConsts.ZTS_PROP_SELF_SIGNER_PRIVATE_KEY_PASSWORD);
final String csrDn = System.getProperty(ZTSConsts.ZTS_PROP_SELF_SIGNER_CERT_DN,
"cn=Self Signed Athenz CA,o=Athenz,c=US");
if (pKeyFileName == null) {
LOGGER.error("No private key path available for Self Cert Signer Factory");
return null;
}
File caKey = new File(pKeyFileName);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(caKey, pKeyPassword);
// now generate a CSR for our own CA and self sign it
String csr = null;
try {
csr = Crypto.generateX509CSR(caPrivateKey, csrDn, null);
} catch (OperatorCreationException | IOException ex) {
LOGGER.error("Unable to generate X509 CSR for dn: " + csrDn
+ ", error: " + ex.getMessage());
return null;
}
// generate our self signed certificate
X500Principal subject = new X500Principal(csrDn);
X500Name issuer = X500Name.getInstance(subject.getEncoded());
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
X509Certificate caCertificate = Crypto.generateX509Certificate(certReq,
caPrivateKey, issuer, 30 * 24 * 60, true);
return new SelfCertSigner(caPrivateKey, caCertificate);
}
示例7: generateX509Certificate
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Override
public String generateX509Certificate(String csr, String keyUsage, int expiryTime) {
int certExpiryTime = expiryTime == 0 ? certValidityTime : expiryTime;
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey,
caCertificate, certExpiryTime, false);
return Crypto.convertToPEMFormat(cert);
}