本文整理汇总了Java中org.bouncycastle.cert.X509CertificateHolder.getSubject方法的典型用法代码示例。如果您正苦于以下问题:Java X509CertificateHolder.getSubject方法的具体用法?Java X509CertificateHolder.getSubject怎么用?Java X509CertificateHolder.getSubject使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.cert.X509CertificateHolder
的用法示例。
在下文中一共展示了X509CertificateHolder.getSubject方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: newCert
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
public static Certificate newCert(String parentCertFile, String keyFile, String host) {
try {
Date before = Date.from(Instant.now());
Date after = Date.from(Year.now().plus(3, ChronoUnit.YEARS).atDay(1).atStartOfDay(ZoneId.systemDefault()).toInstant());
X509CertificateHolder parent = readPemFromFile(parentCertFile);
PEMKeyPair pemKeyPair = readPemFromFile(keyFile);
KeyPair keyPair = new JcaPEMKeyConverter()
.setProvider(PROVIDER)
.getKeyPair(pemKeyPair);
X509v3CertificateBuilder x509 = new JcaX509v3CertificateBuilder(
parent.getSubject(),
new BigInteger(64, new SecureRandom()),
before,
after,
new X500Name("CN=" + host),
keyPair.getPublic());
ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption")
.build(keyPair.getPrivate());
JcaX509CertificateConverter x509CertificateConverter = new JcaX509CertificateConverter()
.setProvider(PROVIDER);
return new Certificate(
keyPair,
x509CertificateConverter.getCertificate(x509.build(signer)),
x509CertificateConverter.getCertificate(parent));
} catch (Exception e) {
throw new IllegalStateException(e);
}
}
示例2: getEmailFromCert
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
/**
* Extract email addresses from a certificate
*
* @param cert the X509 certificate holder
* @return a List of all email addresses found
* @throws CertificateException
*/
private static List<String> getEmailFromCert(X509CertificateHolder cert)
throws CertificateException {
List<String> res = new ArrayList<>();
X500Name subject = cert.getSubject();
for (RDN emails : subject.getRDNs(BCStyle.EmailAddress)) {
for (AttributeTypeAndValue emailAttr: emails.getTypesAndValues()) {
log.debug("Add email from RDN: " + IETFUtils.valueToString(emailAttr.getValue()));
res.add(IETFUtils.valueToString(emailAttr.getValue()));
}
}
Extension subjectAlternativeNames = cert
.getExtension(Extension.subjectAlternativeName);
if (subjectAlternativeNames != null) {
for (GeneralName name : GeneralNames.getInstance(
subjectAlternativeNames.getParsedValue()).getNames()) {
if (name.getTagNo() == GeneralName.rfc822Name) {
String email = IETFUtils.valueToString(name.getName());
log.debug("Add email from subjectAlternativeName: " + email);
res.add(email);
}
}
}
return res;
}
示例3: testGenerateWithPrincipal
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
private void testGenerateWithPrincipal()
throws Exception
{
X509CertificateHolder iCert = new X509CertificateHolder(signCert);
//
// a sample key pair.
//
RSAKeyParameters pubKey = new RSAKeyParameters(false,
new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
new BigInteger("11", 16));
//
// set up the keys
//
X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
new AttributeCertificateHolder(iCert.getSubject()),
new AttributeCertificateIssuer(new X500Name("cn=test")),
BigInteger.ONE,
new Date(System.currentTimeMillis() - 50000),
new Date(System.currentTimeMillis() + 50000));
// the actual attributes
GeneralName roleName = new GeneralName(GeneralName.rfc822Name, "DAU123456789");
ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
roleSyntax.add(roleName);
// roleSyntax OID: 2.5.24.72
gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(RSA_PRIVATE_KEY);
X509AttributeCertificateHolder aCert = gen.build(sigGen);
if (!aCert.isValidOn(new Date()))
{
fail("certificate invalid");
}
if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(pubKey)))
{
fail("certificate signature not valid");
}
AttributeCertificateHolder holder = aCert.getHolder();
if (holder.getEntityNames() == null)
{
fail("entity names not set when expected");
}
if (holder.getSerialNumber() != null)
{
fail("holder serial number found when none expected");
}
if (holder.getIssuer() != null)
{
fail("holder issuer found when none expected");
}
if (!holder.match(iCert))
{
fail("generated holder not matching holder certificate");
}
X509CertificateHolder sCert = new X509CertificateHolder(holderCertWithBaseCertificateID);
if (holder.match(sCert))
{
fail("principal generated holder matching wrong certificate");
}
equalityAndHashCodeTest(aCert, aCert.getEncoded());
}
示例4: createAttrCert
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
private X509AttributeCertificateHolder createAttrCert() throws Exception
{
X509CertificateHolder iCertHolder = new X509CertificateHolder(holderCert);
//
// a sample key pair.
//
// RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
// new BigInteger(
// "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7",
// 16), new BigInteger("11", 16));
//
// set up the keys
//
X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
new AttributeCertificateHolder(iCertHolder.getSubject()),
new AttributeCertificateIssuer(new X500Name("cn=test")),
BigInteger.valueOf(1),
new Date(System.currentTimeMillis() - 50000),
new Date(System.currentTimeMillis() + 50000));
// the actual attributes
GeneralName roleName = new GeneralName(GeneralName.rfc822Name,
"[email protected]");
ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
roleSyntax.add(roleName);
// roleSyntax OID: 2.5.24.72
gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(RSA_PRIVATE_KEY);
Target targetName = new Target(Target.targetName, new GeneralName(GeneralName.dNSName,
"www.test.com"));
Target targetGroup = new Target(Target.targetGroup, new GeneralName(
GeneralName.directoryName, "o=Test, ou=Test"));
Target[] targets = new Target[2];
targets[0] = targetName;
targets[1] = targetGroup;
TargetInformation targetInformation = new TargetInformation(targets);
gen.addExtension(X509Extension.targetInformation, true, targetInformation);
return gen.build(sigGen);
}
示例5: BcX509v3CertificateBuilder
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
/**
* Initialise the builder using the subject from the passed in issuerCert as the issuer, as well as
* passing through and converting the other objects provided.
*
* @param issuerCert holder for certificate who's subject is the issuer of the certificate we are building.
* @param serial the serial number for the certificate.
* @param notBefore date before which the certificate is not valid.
* @param notAfter date after which the certificate is not valid.
* @param subject principal representing the subject of this certificate.
* @param publicKey the public key to be associated with the certificate.
*/
public BcX509v3CertificateBuilder(X509CertificateHolder issuerCert, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, AsymmetricKeyParameter publicKey)
throws IOException
{
super(issuerCert.getSubject(), serial, notBefore, notAfter, subject, SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
}