本文整理汇总了Java中com.yahoo.athenz.auth.util.Crypto.getPKCS10CertRequest方法的典型用法代码示例。如果您正苦于以下问题:Java Crypto.getPKCS10CertRequest方法的具体用法?Java Crypto.getPKCS10CertRequest怎么用?Java Crypto.getPKCS10CertRequest使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类com.yahoo.athenz.auth.util.Crypto的用法示例。
在下文中一共展示了Crypto.getPKCS10CertRequest方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testGenerateInstanceRefreshRequestSubDomain
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateInstanceRefreshRequestSubDomain() {
File privkey = new File("./src/test/resources/test_private_k0.pem");
PrivateKey privateKey = Crypto.loadPrivateKey(privkey);
InstanceRefreshRequest req = ZTSClient.generateInstanceRefreshRequest("coretech.system",
"test", privateKey, "aws", 3600);
assertNotNull(req);
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr());
assertEquals("coretech.system.test", Crypto.extractX509CSRCommonName(certReq));
X500Name x500name = certReq.getSubject();
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
assertEquals("coretech.system.test", IETFUtils.valueToString(cnRdn.getFirst().getValue()));
assertEquals("test.coretech-system.aws.athenz.cloud", Crypto.extractX509CSRDnsNames(certReq).get(0));
}
示例2: testGenerateX509Certificate
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509Certificate() throws IOException {
Path path = Paths.get("src/test/resources/valid.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
X509Certificate caCertificate = Crypto.loadX509Certificate(ecPublicX509Cert);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(privateEncryptedKey, encryptedKeyPassword);
X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey,
caCertificate, 600, false);
assertNotNull(cert);
assertEquals(cert.getIssuerX500Principal().getName(),
"CN=athenz.syncer,O=My Test Company,L=Sunnyvale,ST=CA,C=US");
Date notAfter = cert.getNotAfter();
long diff = notAfter.getTime() - System.currentTimeMillis();
assertTrue(diff <= 600 * 60 * 1000); // convert minutes to milliseconds
}
示例3: testGenerateX509CertificateInvalid
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509CertificateInvalid() throws IOException {
Path path = Paths.get("src/test/resources/valid.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(rsaPrivateKey);
try {
Crypto.generateX509Certificate(certReq, caPrivateKey, (X500Name) null, 600, true);
fail();
} catch (CryptoException ex) {
assertTrue(true, "Caught excepted exception");
}
}
示例4: testX509CSRrequestWithPrivateKeyOnly
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test(dataProvider = "x500Principal")
public void testX509CSRrequestWithPrivateKeyOnly(String x500Principal, boolean badRequest) throws Exception {
PrivateKey privateKey = Crypto.loadPrivateKey(rsaPrivateKey);
String certRequest = null;
GeneralName otherName1 = new GeneralName(GeneralName.otherName, new DERIA5String("role1"));
GeneralName otherName2 = new GeneralName(GeneralName.otherName, new DERIA5String("role2"));
GeneralName[] sanArray = new GeneralName[]{otherName1, otherName2};
try {
certRequest = Crypto.generateX509CSR(privateKey, x500Principal, sanArray);
} catch (Exception e){
if (!badRequest){
fail("Should not have failed to create csr");
}
}
if (!badRequest){
//Now validate the csr
Crypto.getPKCS10CertRequest(certRequest);
}
}
示例5: createCertificate
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
private static X509Certificate createCertificate(KeyPair keyPair, String subject) throws
OperatorCreationException, IOException {
PKCS10CertificationRequest csr =
Crypto.getPKCS10CertRequest(
Crypto.generateX509CSR(keyPair.getPrivate(), subject, null));
return Crypto.generateX509Certificate(csr, keyPair.getPrivate(), new X500Name(subject), 3600, false);
}
示例6: testGenerateRoleCertificateRequest
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateRoleCertificateRequest() {
File privkey = new File("./src/test/resources/test_private_k0.pem");
PrivateKey privateKey = Crypto.loadPrivateKey(privkey);
RoleCertificateRequest req = ZTSClient.generateRoleCertificateRequest("coretech",
"test", "sports", "readers", privateKey, "aws", 3600);
assertNotNull(req);
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr());
assertEquals("sports:role.readers", Crypto.extractX509CSRCommonName(certReq));
assertEquals("[email protected]", Crypto.extractX509CSREmail(certReq));
}
示例7: testGenerateInstanceRefreshRequestTopDomain
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateInstanceRefreshRequestTopDomain() {
File privkey = new File("./src/test/resources/test_private_k0.pem");
PrivateKey privateKey = Crypto.loadPrivateKey(privkey);
InstanceRefreshRequest req = ZTSClient.generateInstanceRefreshRequest("coretech",
"test", privateKey, "aws", 3600);
assertNotNull(req);
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr());
assertEquals("coretech.test", Crypto.extractX509CSRCommonName(certReq));
assertEquals("test.coretech.aws.athenz.cloud", Crypto.extractX509CSRDnsNames(certReq).get(0));
}
示例8: testGetPKCS10CertRequest
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGetPKCS10CertRequest() throws IOException {
Path path = Paths.get("src/test/resources/valid.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest req = Crypto.getPKCS10CertRequest(certStr);
assertNotNull(req);
assertEquals(req.getSubject().toString(), "C=US,ST=CA,L=Sunnyvale,O=My Test Company,CN=athenz.syncer");
}
示例9: testGenerateX509CertificateAltNames
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testGenerateX509CertificateAltNames() throws IOException {
Path path = Paths.get("src/test/resources/csr_altnames.csr");
String certStr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(certStr);
X509Certificate caCertificate = Crypto.loadX509Certificate(ecPublicX509Cert);
PrivateKey caPrivateKey = Crypto.loadPrivateKey(privateEncryptedKey, encryptedKeyPassword);
X509Certificate cert = Crypto.generateX509Certificate(certReq, caPrivateKey,
caCertificate, 600, true);
assertNotNull(cert);
}
示例10: testValidateRoleCertificateRequest
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testValidateRoleCertificateRequest() throws IOException {
Path path = Paths.get("src/test/resources/valid_email.csr");
String csr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
Set<String> roles = new HashSet<>();
roles.add("readers");
assertTrue(zts.validateRoleCertificateRequest(certReq, "sports", roles, "sports.scores"));
}
示例11: testVerifyCertificateRequest
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testVerifyCertificateRequest() throws IOException {
Path path = Paths.get("src/test/resources/athenz.instanceid.csr");
String csr = new String(Files.readAllBytes(path));
X509CertRecord certRecord = new X509CertRecord();
certRecord.setService("athenz.production");
certRecord.setInstanceId("1001");
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
boolean result = ZTSUtils.verifyCertificateRequest(certReq, "athenz", "production", certRecord);
assertTrue(result);
certRecord.setService("athenz.production");
certRecord.setInstanceId("1001");
result = ZTSUtils.verifyCertificateRequest(certReq, "athenz2", "production", certRecord);
assertFalse(result);
certRecord.setService("athenz2.production");
certRecord.setInstanceId("1001");
result = ZTSUtils.verifyCertificateRequest(certReq, "athenz", "production", certRecord);
assertFalse(result);
certRecord.setService("athenz.production");
certRecord.setInstanceId("1002");
result = ZTSUtils.verifyCertificateRequest(certReq, "athenz", "production", certRecord);
assertFalse(result);
}
示例12: testValidateCertReqDNSNamesSubdomainInvalid
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testValidateCertReqDNSNamesSubdomainInvalid() throws IOException {
Path path = Paths.get("src/test/resources/subdomain_invalid.csr");
String csr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
boolean result = ZTSUtils.validateCertReqDNSNames(certReq, "athenz.domain", "production");
assertFalse(result);
}
示例13: testExtractCsrFieldsWithRfc822
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testExtractCsrFieldsWithRfc822() throws IOException {
Path path = Paths.get("src/test/resources/valid_email.csr");
String csr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
assertEquals(Crypto.extractX509CSRCommonName(certReq), "sports:role.readers");
assertEquals(Crypto.extractX509CSREmail(certReq), "[email protected]");
}
示例14: testValidateCertReqInstanceIdInvalid
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testValidateCertReqInstanceIdInvalid() throws IOException {
Path path = Paths.get("src/test/resources/invalid_dns.csr");
String csr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
boolean result = ZTSUtils.validateCertReqInstanceId(certReq, "1001");
assertFalse(result);
}
示例15: testExtractX509IPAddressesMultipleAddresses
import com.yahoo.athenz.auth.util.Crypto; //导入方法依赖的package包/类
@Test
public void testExtractX509IPAddressesMultipleAddresses() throws IOException {
Path path = Paths.get("src/test/resources/multiple_ips.csr");
String csr = new String(Files.readAllBytes(path));
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(csr);
List<String> ips = Crypto.extractX509CSRIPAddresses(certReq);
assertEquals(2, ips.size());
assertEquals(ips.get(0), "10.11.12.13");
assertEquals(ips.get(1), "10.11.12.14");
}