本文整理汇总了Java中java.security.cert.CertificateFactory.generateCertificates方法的典型用法代码示例。如果您正苦于以下问题:Java CertificateFactory.generateCertificates方法的具体用法?Java CertificateFactory.generateCertificates怎么用?Java CertificateFactory.generateCertificates使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.CertificateFactory
的用法示例。
在下文中一共展示了CertificateFactory.generateCertificates方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getCertificateFromStream
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Generate Collection of Certificate from Input Stream
*
* @param stream InputStream of Certificate data
* @return Collection<X509Certificate>
* @throws PayPalRESTException
*/
@SuppressWarnings("unchecked")
public static Collection<X509Certificate> getCertificateFromStream(InputStream stream) throws PayPalRESTException {
if (stream == null) {
throw new PayPalRESTException("Certificate Not Found");
}
Collection<X509Certificate> certs = null;
try {
// Create a Certificate Factory
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// Read the Trust Certs
certs = (Collection<X509Certificate>) cf.generateCertificates(stream);
} catch (CertificateException ex) {
throw new PayPalRESTException(ex);
}
return certs;
}
示例2: main
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
if (args.length == 0) {
System.out.println("Usage: java BlacklistedCertsConverter SHA-256" +
" < blacklisted.certs.pem > blacklisted.certs");
System.exit(1);
}
String mdAlg = args[0];
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certs
= cf.generateCertificates(System.in);
System.out.println("Algorithm=" + mdAlg);
for (Certificate cert: certs) {
System.out.println(
getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
}
}
示例3: loadCerts
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static X509Certificate[] loadCerts(Buffer buffer) {
if (buffer == null) {
throw new NullPointerException("Missing X.509 certificate");
}
try {
List<byte[]> pems = loadPem(buffer, "CERTIFICATE");
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
List<X509Certificate> certs = new ArrayList<>(pems.size());
for (byte[] pem : pems) {
for (Certificate cert : certFactory.generateCertificates(new ByteArrayInputStream(pem))) {
certs.add((X509Certificate) cert);
}
}
return certs.toArray(new X509Certificate[certs.size()]);
} catch (Exception e) {
throw new RuntimeException("Problem loading certificate certWithChain", e);
}
}
示例4: trustManagerForCertificates
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Returns a trust manager that trusts {@code certificates} and none other. HTTPS services whose
* certificates have not been signed by these certificates will fail with a {@code
* SSLHandshakeException}.
*
* <p>This can be used to replace the host platform's built-in trusted certificates with a custom
* set. This is useful in development where certificate authority-trusted certificates aren't
* available. Or in production, to avoid reliance on third-party certificate authorities.
*
* <p>See also {@link CertificatePinner}, which can limit trusted certificates while still using
* the host platform's built-in trust store.
*
* <h3>Warning: Customizing Trusted Certificates is Dangerous!</h3>
*
* <p>Relying on your own trusted certificates limits your server team's ability to update their
* TLS certificates. By installing a specific set of trusted certificates, you take on additional
* operational complexity and limit your ability to migrate between certificate authorities. Do
* not use custom trusted certificates in production without the blessing of your server's TLS
* administrator.
*/
private X509TrustManager trustManagerForCertificates(InputStream in)
throws GeneralSecurityException {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
char[] password = "password".toCharArray(); // Any password will work.
KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Use it to build an X509 trust manager.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
}
示例5: trustManagerForCertificates
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Returns a trust manager that trusts {@code certificates} and none other. HTTPS services whose
* certificates have not been signed by these certificates will fail with a {@code
* SSLHandshakeException}.
*
* <p>This can be used to replace the host platform's built-in trusted certificates with a custom
* set. This is useful in development where certificate authority-trusted certificates aren't
* available. Or in production, to avoid reliance on third-party certificate authorities.
*
* <p>See also {@link CertificatePinner}, which can limit trusted certificates while still using
* the host platform's built-in trust store.
*
* <h3>Warning: Customizing Trusted Certificates is Dangerous!</h3>
*
* <p>Relying on your own trusted certificates limits your server team's ability to update their
* TLS certificates. By installing a specific set of trusted certificates, you take on additional
* operational complexity and limit your ability to migrate between certificate authorities. Do
* not use custom trusted certificates in production without the blessing of your server's TLS
* administrator.
*/
private X509TrustManager trustManagerForCertificates(InputStream in)
throws GeneralSecurityException {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
char[] password = "password".toCharArray(); // Any password will work.
KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Use it to build an X509 trust manager.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
}
示例6: main
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
/*
* create an empty SignedData content type in ASN.1
* as defined in PKCS#7
*/
byte[] b = { 0x30, 0x23,
/* contentInfo ::= signedData */
0x06, 0x09, 0x2A, (byte)0x86, 0x48,
(byte)0x86, (byte)0xF7, 0x0D,
0x01, 0x07, 0x02,
0x00, 0x16,
0x30, 0x14, /* SignedData */
0x02, 0x01, 0x01, /* version */
0x31, 0x00, /* digestAlgorithms */
0x30, 0x0B, /* contentInfo ::= data */
0x06, 0x09, 0x2A, (byte)0x86, 0x48,
(byte)0x86, (byte)0xF7, 0x0D,
0x01, 0x07, 0x01,
/* certificates are absent */
0x31, 0x00 /* signerInfos */
};
CertificateFactory cf = CertificateFactory.getInstance( "X509", "SUN");
Collection c = cf.generateCertificates( new ByteArrayInputStream(b));
if (!c.isEmpty())
throw new Exception("CertificateFactory.generateCertificates() "
+ "did not return an empty Collection");
}
示例7: createPath
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static X509Certificate[] createPath(String chain) throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
List list = new ArrayList();
for (Certificate c: cf.generateCertificates(
new FileInputStream(chain))) {
list.add((X509Certificate)c);
}
return (X509Certificate[]) list.toArray(new X509Certificate[0]);
}
示例8: trustManagerForCertificates
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private static X509TrustManager trustManagerForCertificates(InputStream in)
throws GeneralSecurityException {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
char[] password = "password".toCharArray(); // Any password will work.
KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Use it to build an X509 trust manager.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
}
示例9: importPrivateKey
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
void importPrivateKey(String keyAlias, String keyPassword, InputStream fl, InputStream certstream)
throws IOException, NoSuchAlgorithmException, InvalidKeySpecException, CertificateException, KeyStoreException
{
KeyInfoManager keyInfoManager = null;
writeLock.lock();
try
{
keyInfoManager = getKeyInfoManager(getKeyMetaDataFileLocation());
KeyStore ks = loadKeyStore(getKeyStoreParameters(), keyInfoManager);
// loading Key
byte[] keyBytes = new byte[fl.available()];
KeyFactory kf = KeyFactory.getInstance("RSA");
fl.read(keyBytes, 0, fl.available());
fl.close();
PKCS8EncodedKeySpec keysp = new PKCS8EncodedKeySpec(keyBytes);
PrivateKey key = kf.generatePrivate(keysp);
// loading CertificateChain
CertificateFactory cf = CertificateFactory.getInstance("X.509");
@SuppressWarnings("rawtypes")
Collection c = cf.generateCertificates(certstream) ;
Certificate[] certs = new Certificate[c.toArray().length];
certs = (Certificate[])c.toArray(new Certificate[0]);
// storing keystore
ks.setKeyEntry(keyAlias, key, keyPassword.toCharArray(), certs);
if(logger.isDebugEnabled())
{
logger.debug("Key and certificate stored.");
logger.debug("Alias:"+ keyAlias);
}
OutputStream keyStoreOutStream = getKeyStoreOutStream();
ks.store(keyStoreOutStream, keyPassword.toCharArray());
// Workaround for MNT-15005
keyStoreOutStream.close();
}
finally
{
if(keyInfoManager != null)
{
keyInfoManager.clear();
}
writeLock.unlock();
}
}
示例10: main
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
byte[] pattern = "#! java BlacklistedCertsConverter ".getBytes();
String mdAlg = "";
for (int i=0; ; i++) {
int n = System.in.read();
if (n < 0) {
throw new Exception("Unexpected EOF");
}
if (i < pattern.length) {
if (n != pattern[i]) {
throw new Exception("The first line must start with \""
+ new String(pattern) + "\"");
}
} else if (i < pattern.length + 100) {
if (n < 32) {
break;
} else {
mdAlg = mdAlg + String.format("%c", n);
}
}
}
mdAlg = mdAlg.trim();
System.out.println("Algorithm=" + mdAlg);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certs
= cf.generateCertificates(System.in);
// Output sorted so that it's easy to locate an entry.
Set<String> fingerprints = new TreeSet<>();
for (Certificate cert: certs) {
fingerprints.add(
getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
}
for (String s: fingerprints) {
System.out.println(s);
}
}