本文整理汇总了Java中java.security.cert.CertificateFactory.getInstance方法的典型用法代码示例。如果您正苦于以下问题:Java CertificateFactory.getInstance方法的具体用法?Java CertificateFactory.getInstance怎么用?Java CertificateFactory.getInstance使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.CertificateFactory
的用法示例。
在下文中一共展示了CertificateFactory.getInstance方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: readCertificate
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Reads in a X509Certificate.
*
* @return the X509Certificate
* @throws IOException if an I/O error occured
*/
private X509Certificate readCertificate(
String endMarker)
throws IOException
{
ByteArrayInputStream bIn = new ByteArrayInputStream(readBytes(endMarker));
try
{
CertificateFactory certFact
= CertificateFactory.getInstance("X.509", provider);
return (X509Certificate)certFact.generateCertificate(bIn);
}
catch (Exception e)
{
throw new IOException("problem parsing cert: " + e.toString());
}
}
示例2: isPlayServices
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private boolean isPlayServices(String pkg) {
if (!PLAY_SERVICES_PACKAGE.equals(pkg)) return false;
try {
PackageInfo sigs = pm.getPackageInfo(pkg, GET_SIGNATURES);
// The genuine Play Services app should have a single signature
Signature[] signatures = sigs.signatures;
if (signatures == null || signatures.length != 1) return false;
// Extract the public key from the signature
CertificateFactory certFactory =
CertificateFactory.getInstance("X509");
byte[] signatureBytes = signatures[0].toByteArray();
InputStream in = new ByteArrayInputStream(signatureBytes);
X509Certificate cert =
(X509Certificate) certFactory.generateCertificate(in);
byte[] publicKeyBytes = cert.getPublicKey().getEncoded();
String publicKey = StringUtils.toHexString(publicKeyBytes);
return PLAY_SERVICES_PUBLIC_KEY.equals(publicKey);
} catch (NameNotFoundException | CertificateException e) {
if (LOG.isLoggable(WARNING)) LOG.log(WARNING, e.toString(), e);
return false;
}
}
示例3: URICertStore
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Creates a URICertStore.
*
* @param parameters specifying the URI
*/
URICertStore(CertStoreParameters params)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
super(params);
if (!(params instanceof URICertStoreParameters)) {
throw new InvalidAlgorithmParameterException
("params must be instanceof URICertStoreParameters");
}
this.uri = ((URICertStoreParameters) params).uri;
// if ldap URI, use an LDAPCertStore to fetch certs and CRLs
if (uri.getScheme().toLowerCase(Locale.ENGLISH).equals("ldap")) {
ldap = true;
ldapHelper = CertStoreHelper.getInstance("LDAP");
ldapCertStore = ldapHelper.getCertStore(uri);
ldapPath = uri.getPath();
// strip off leading '/'
if (ldapPath.charAt(0) == '/') {
ldapPath = ldapPath.substring(1);
}
}
try {
factory = CertificateFactory.getInstance("X.509");
} catch (CertificateException e) {
throw new RuntimeException();
}
}
示例4: loadCert
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private X509Certificate loadCert(Session session, long oHandle)
throws PKCS11Exception, CertificateException {
CK_ATTRIBUTE[] attrs = new CK_ATTRIBUTE[]
{ new CK_ATTRIBUTE(CKA_VALUE) };
token.p11.C_GetAttributeValue(session.id(), oHandle, attrs);
byte[] bytes = attrs[0].getByteArray();
if (bytes == null) {
throw new CertificateException
("unexpectedly retrieved null byte array");
}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate)cf.generateCertificate
(new ByteArrayInputStream(bytes));
}
示例5: getTrustedCertificate
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private static X509Certificate getTrustedCertificate() throws Exception {
String sCert =
"-----BEGIN CERTIFICATE-----\n"
+ "MIIBezCCASWgAwIBAgIQyWD8dLUoqpJFyDxrfRlrsTANBgkqhkiG9w0BAQQFADAW\n"
+ "MRQwEgYDVQQDEwtSb290IEFnZW5jeTAeFw0wMTEwMTkxMjU5MjZaFw0zOTEyMzEy\n"
+ "MzU5NTlaMBoxGDAWBgNVBAMTD1Jvb3RDZXJ0aWZpY2F0ZTBcMA0GCSqGSIb3DQEB\n"
+ "AQUAA0sAMEgCQQC+NFKszPjatUZKWmyWaFjir1wB93FX2u5SL+GMjgUsMs1JcTKQ\n"
+ "Kh0cnnQKknNkV4cTW4NPn31YCoB1+0KA3mknAgMBAAGjSzBJMEcGA1UdAQRAMD6A\n"
+ "EBLkCS0GHR1PAI1hIdwWZGOhGDAWMRQwEgYDVQQDEwtSb290IEFnZW5jeYIQBjds\n"
+ "AKoAZIoRz7jUqlw19DANBgkqhkiG9w0BAQQFAANBACJxAfP57yqaT9N+nRgAOugM\n"
+ "JG0aN3/peCIvL3p29epRL2xoWFvxpUUlsH2I39OZ6b8+twWCebhkv1I62segXAk=\n"
+ "-----END CERTIFICATE-----";
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
ByteArrayInputStream bytes = new ByteArrayInputStream(sCert.getBytes());
return (X509Certificate)certFactory.generateCertificate(bytes);
}
示例6: getTrustManagerFactory
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
@Override
public Pair<TrustManagerFactory, KeyManagerFactory> getTrustManagerFactory() {
try {
KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType());
trustStore.load(null);
InputStream stream = this.getAssets().open("server.crt");
BufferedInputStream bis = new BufferedInputStream(stream);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
while (bis.available() > 0) {
Certificate cert = cf.generateCertificate(bis);
trustStore.setCertificateEntry("cert" + bis.available(), cert);
}
KeyManagerFactory kmfactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
kmfactory.init(trustStore, "1234".toCharArray());
TrustManagerFactory tmf=TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
tmf.init(trustStore);
return new Pair<>(tmf, kmfactory);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
示例7: URICertStore
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Creates a URICertStore.
*
* @param parameters specifying the URI
*/
URICertStore(CertStoreParameters params)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
super(params);
if (!(params instanceof URICertStoreParameters)) {
throw new InvalidAlgorithmParameterException
("params must be instanceof URICertStoreParameters");
}
this.uri = ((URICertStoreParameters) params).getURI();
// if ldap URI, use an LDAPCertStore to fetch certs and CRLs
if (uri.getScheme().toLowerCase(Locale.ENGLISH).equals("ldap")) {
ldap = true;
ldapCertStore = CertStore.getInstance("LDAP", params);
}
try {
factory = CertificateFactory.getInstance("X.509");
} catch (CertificateException e) {
throw new RuntimeException();
}
}
示例8: getCRLs
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Load the collection of CRLs.
*
*/
protected Collection<? extends CRL> getCRLs(String crlf)
throws IOException, CRLException, CertificateException {
Collection<? extends CRL> crls = null;
InputStream is = null;
try {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
is = ConfigFileLoader.getInputStream(crlf);
crls = cf.generateCRLs(is);
} catch(IOException iex) {
throw iex;
} catch(CRLException crle) {
throw crle;
} catch(CertificateException ce) {
throw ce;
} finally {
if(is != null) {
try{
is.close();
} catch(Exception ex) {
// Ignore
}
}
}
return crls;
}
示例9: createPath
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static X509Certificate[] createPath(String chain) throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
List list = new ArrayList();
for (Certificate c: cf.generateCertificates(
new FileInputStream(chain))) {
list.add((X509Certificate)c);
}
return (X509Certificate[]) list.toArray(new X509Certificate[0]);
}
示例10: trustManagerForCertificates
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Returns a trust manager that trusts {@code certificates} and none other. HTTPS services whose
* certificates have not been signed by these certificates will fail with a {@code
* SSLHandshakeException}.
*
* <p>This can be used to replace the host platform's built-in trusted certificates with a custom
* set. This is useful in development where certificate authority-trusted certificates aren't
* available. Or in production, to avoid reliance on third-party certificate authorities.
*
* <p>See also {@link CertificatePinner}, which can limit trusted certificates while still using
* the host platform's built-in trust store.
*
* <h3>Warning: Customizing Trusted Certificates is Dangerous!</h3>
*
* <p>Relying on your own trusted certificates limits your server team's ability to update their
* TLS certificates. By installing a specific set of trusted certificates, you take on additional
* operational complexity and limit your ability to migrate between certificate authorities. Do
* not use custom trusted certificates in production without the blessing of your server's TLS
* administrator.
*/
private X509TrustManager trustManagerForCertificates(InputStream in)
throws GeneralSecurityException {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certificates = certificateFactory.generateCertificates(in);
if (certificates.isEmpty()) {
throw new IllegalArgumentException("expected non-empty set of trusted certificates");
}
// Put the certificates a key store.
char[] password = "password".toCharArray(); // Any password will work.
KeyStore keyStore = newEmptyKeyStore(password);
int index = 0;
for (Certificate certificate : certificates) {
String certificateAlias = Integer.toString(index++);
keyStore.setCertificateEntry(certificateAlias, certificate);
}
// Use it to build an X509 trust manager.
KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(
KeyManagerFactory.getDefaultAlgorithm());
keyManagerFactory.init(keyStore, password);
TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
TrustManagerFactory.getDefaultAlgorithm());
trustManagerFactory.init(keyStore);
TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
if (trustManagers.length != 1 || !(trustManagers[0] instanceof X509TrustManager)) {
throw new IllegalStateException("Unexpected default trust managers:"
+ Arrays.toString(trustManagers));
}
return (X509TrustManager) trustManagers[0];
}
示例11: getCertificate
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static Certificate getCertificate(String certificatePath) throws Exception {
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
FileInputStream in = new FileInputStream(certificatePath);
Certificate certificate = certificateFactory.generateCertificate(in);
in.close();
return certificate;
}
示例12: CertificateDecoder
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public CertificateDecoder() throws CertificateException {
factory = CertificateFactory.getInstance("X.509");
}
示例13: main
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
byte[] pattern = "#! java BlacklistedCertsConverter ".getBytes();
String mdAlg = "";
for (int i=0; ; i++) {
int n = System.in.read();
if (n < 0) {
throw new Exception("Unexpected EOF");
}
if (i < pattern.length) {
if (n != pattern[i]) {
throw new Exception("The first line must start with \""
+ new String(pattern) + "\"");
}
} else if (i < pattern.length + 100) {
if (n < 32) {
break;
} else {
mdAlg = mdAlg + String.format("%c", n);
}
}
}
mdAlg = mdAlg.trim();
System.out.println("Algorithm=" + mdAlg);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
Collection<? extends Certificate> certs
= cf.generateCertificates(System.in);
// Output sorted so that it's easy to locate an entry.
Set<String> fingerprints = new TreeSet<>();
for (Certificate cert: certs) {
fingerprints.add(
getCertificateFingerPrint(mdAlg, (X509Certificate)cert));
}
for (String s: fingerprints) {
System.out.println(s);
}
}
示例14: getSSLContext
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private static SSLContext getSSLContext(String trusedCertStr,
String keyCertStr, byte[] modulus,
byte[] privateExponent, char[] passphrase) throws Exception {
// generate certificate from cert string
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream is =
new ByteArrayInputStream(trusedCertStr.getBytes());
Certificate trusedCert = cf.generateCertificate(is);
is.close();
// create a key store
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, null);
// import the trused cert
ks.setCertificateEntry("RSA Export Signer", trusedCert);
if (keyCertStr != null) {
// generate the private key.
RSAPrivateKeySpec priKeySpec = new RSAPrivateKeySpec(
new BigInteger(modulus),
new BigInteger(privateExponent));
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPrivateKey priKey =
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
// generate certificate chain
is = new ByteArrayInputStream(keyCertStr.getBytes());
Certificate keyCert = cf.generateCertificate(is);
is.close();
Certificate[] chain = new Certificate[2];
chain[0] = keyCert;
chain[1] = trusedCert;
// import the key entry.
ks.setKeyEntry("Whatever", priKey, passphrase, chain);
}
// create SSL context
TrustManagerFactory tmf =
TrustManagerFactory.getInstance("SunX509");
tmf.init(ks);
TrustManager tms[] = tmf.getTrustManagers();
if (tms == null || tms.length == 0) {
throw new Exception("unexpected trust manager implementation");
} else {
if (!(tms[0] instanceof X509ExtendedTrustManager)) {
throw new Exception("unexpected trust manager implementation: "
+ tms[0].getClass().getCanonicalName());
}
}
SSLContext ctx = SSLContext.getInstance("TLS");
if (keyCertStr != null) {
KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
} else {
ctx.init(null, tmf.getTrustManagers(), null);
}
return ctx;
}
示例15: generateSSLContext
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private static SSLContext generateSSLContext(boolean isClient)
throws Exception {
// generate certificate from cert string
CertificateFactory cf = CertificateFactory.getInstance("X.509");
// create a key store
KeyStore ks = KeyStore.getInstance("JKS");
ks.load(null, null);
// import the trused cert
ByteArrayInputStream is =
new ByteArrayInputStream(trustedCertStr.getBytes());
Certificate trusedCert = cf.generateCertificate(is);
is.close();
ks.setCertificateEntry("RSA Export Signer", trusedCert);
String[] certStrs = null;
String[] keyStrs = null;
if (isClient) {
certStrs = clientCerts;
keyStrs = clientKeys;
} else {
certStrs = serverCerts;
keyStrs = serverKeys;
}
for (int i = 0; i < certStrs.length; i++) {
// generate the private key.
String keySpecStr = keyStrs[i];
PKCS8EncodedKeySpec priKeySpec = new PKCS8EncodedKeySpec(
Base64.getMimeDecoder().decode(keySpecStr));
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPrivateKey priKey =
(RSAPrivateKey)kf.generatePrivate(priKeySpec);
// generate certificate chain
String keyCertStr = certStrs[i];
is = new ByteArrayInputStream(keyCertStr.getBytes());
Certificate keyCert = cf.generateCertificate(is);
is.close();
Certificate[] chain = new Certificate[2];
chain[0] = keyCert;
chain[1] = trusedCert;
// import the key entry.
ks.setKeyEntry("key-entry-" + i, priKey, passphrase, chain);
}
// create SSL context
TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmAlgorithm);
tmf.init(ks);
SSLContext ctx = SSLContext.getInstance("TLS");
KeyManagerFactory kmf = KeyManagerFactory.getInstance("NewSunX509");
kmf.init(ks, passphrase);
ctx.init(kmf.getKeyManagers(), tmf.getTrustManagers(), null);
ks = null;
return ctx;
}