本文整理汇总了Java中org.bouncycastle.cert.X509v1CertificateBuilder.build方法的典型用法代码示例。如果您正苦于以下问题:Java X509v1CertificateBuilder.build方法的具体用法?Java X509v1CertificateBuilder.build怎么用?Java X509v1CertificateBuilder.build使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.cert.X509v1CertificateBuilder
的用法示例。
在下文中一共展示了X509v1CertificateBuilder.build方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: generateCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
/**
* Create a self-signed X.509 Certificate.
* From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
*
* @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for
* @param algorithm the signing algorithm, eg "SHA1withRSA"
* @return the self-signed certificate
* @throws CertificateException thrown if a security error or an IO error occurred.
*/
public static X509Certificate generateCertificate(String dn, KeyPair pair,
int days, String algorithm)
throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
示例2: generateCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
/**
* Create a self-signed X.509 Certificate.
* From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
*
* @param dn the X.509 Distinguished Name, eg "CN=Test, L=London, C=GB"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for
* @param algorithm the signing algorithm, eg "SHA1withRSA"
* @return the self-signed certificate
* @throws CertificateException thrown if a security error or an IO error occurred.
*/
public static X509Certificate generateCertificate(String dn, KeyPair pair,
int days, String algorithm)
throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
示例3: makeV1Certificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static X509CertificateHolder makeV1Certificate(AsymmetricCipherKeyPair subKP, String _subDN, AsymmetricCipherKeyPair issKP, String _issDN)
throws IOException, OperatorCreationException
{
RSAKeyParameters lwPubKey = (RSAKeyParameters)subKP.getPublic();
X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(
new X500Name(_issDN),
allocateSerialNumber(),
new Date(System.currentTimeMillis()),
new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
new X500Name(_subDN),
new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(lwPubKey.getModulus(), lwPubKey.getExponent()))
);
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1WithRSAEncryption");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build((AsymmetricKeyParameter)issKP.getPrivate());
return v1CertGen.build(sigGen);
}
示例4: getCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static X509Certificate getCertificate(Credential cred) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException, IOException, OperatorCreationException {
X500Name issuer = new X500Name("C=DK, O=test, OU=test");
BigInteger serial = BigInteger.valueOf(34234);
Date notBefore = new Date(System.currentTimeMillis() - 10000);
Date notAfter = new Date(System.currentTimeMillis() + 100000L);
X500Name subject = new X500Name("C=DK, O=test, OU=test");
ByteArrayInputStream bIn = new ByteArrayInputStream(cred.getPublicKey().getEncoded());
SubjectPublicKeyInfo publicKeyInfo = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(bIn).readObject());
X509v1CertificateBuilder gen = new X509v1CertificateBuilder(issuer, serial, notBefore, notAfter, subject, publicKeyInfo);
ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(cred.getPrivateKey());
X509CertificateHolder certificateHolder = gen.build(sigGen);
X509Certificate x509Certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
return x509Certificate;
}
示例5: _createCert
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
/**
* Create a new dummy certificate based on the passed key pair
*
* @param kp
* KeyPair to use. May not be <code>null</code>.
* @return A {@link X509Certificate} for further usage
*/
@Nonnull
private X509Certificate _createCert (@Nonnull final KeyPair kp) throws Exception
{
final PublicKey aPublicKey = kp.getPublic ();
final PrivateKey aPrivateKey = kp.getPrivate ();
final ContentSigner aContentSigner = new JcaContentSignerBuilder ("SHA1withRSA").setProvider (BouncyCastleProvider.PROVIDER_NAME)
.build (aPrivateKey);
// Form yesterday
final Date aStartDate = new Date (System.currentTimeMillis () - 24 * CGlobal.MILLISECONDS_PER_HOUR);
// For one year from now
final Date aEndDate = new Date (System.currentTimeMillis () + 365 * 24 * CGlobal.MILLISECONDS_PER_HOUR);
final X509v1CertificateBuilder aCertBuilder = new JcaX509v1CertificateBuilder (new X500Principal ("CN=TestIssuer"),
BigInteger.ONE,
aStartDate,
aEndDate,
new X500Principal ("CN=TestSubject"),
aPublicKey);
final X509CertificateHolder aCertHolder = aCertBuilder.build (aContentSigner);
// Convert to JCA X509Certificate
return new JcaX509CertificateConverter ().getCertificate (aCertHolder);
}
示例6: generateV1Certificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static X509Certificate generateV1Certificate(final KeyPair keyPair,
final String subject,
final String issuer,
final int validityYears,
final String signatureAlgorithm) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, InvalidKeyException, OperatorCreationException {
final DateTime now = DateTime.now(DateTimeZone.UTC);
final X509v1CertificateBuilder certBuilder = new JcaX509v1CertificateBuilder(
new X500Name(issuer),
generateRandomBigInt(),
now.minusDays(1).toDate(),
now.plusYears(validityYears).toDate(),
new X500Name(subject),
keyPair.getPublic());
final ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).setProvider("BC").build(keyPair.getPrivate());
final X509CertificateHolder certHolder = certBuilder.build(signer);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
}
示例7: generateCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
/**
* Create a self-signed X.509 Certificate.
* From http://bfo.com/blog/2011/03/08/odds_and_ends_creating_a_new_x_509_certificate.html.
*
* @param dn the X.509 Distinguished Name, eg "CN(commonName)=Test, O(organizationName)=Org"
* @param pair the KeyPair
* @param days how many days from now the Certificate is valid for
* @param algorithm the signing algorithm, eg "SHA1withRSA"
* @return the self-signed certificate
* @throws java.security.cert.CertificateException thrown if a security error or an IO error ocurred.
*/
public static X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm)
throws CertificateException {
try {
Security.addProvider(new BouncyCastleProvider());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(pair.getPrivate().getEncoded());
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);
BigInteger sn = new BigInteger(64, new SecureRandom());
X509v1CertificateBuilder v1CertGen = new X509v1CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
X509CertificateHolder certificateHolder = v1CertGen.build(sigGen);
return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
} catch (CertificateException ce) {
throw ce;
} catch (Exception e) {
throw new CertificateException(e);
}
}
示例8: generateTestCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static X509Certificate generateTestCertificate(KeyPair pair) throws CertificateException, OperatorCreationException {
final X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
final X500Name cn = nameBuilder.addRDN(BCStyle.CN, "Test Certificate").build();
final byte[] encoded = pair.getPublic().getEncoded();
final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(encoded));
final X509v1CertificateBuilder certBuilder = new X509v1CertificateBuilder(
cn,
BigInteger.valueOf(System.currentTimeMillis()),
new Date(System.currentTimeMillis() - 10000),
new Date(System.currentTimeMillis() + 10000),
cn,
subjectPublicKeyInfo
);
final JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
final ContentSigner contentSigner = contentSignerBuilder.build(pair.getPrivate());
final X509CertificateHolder certificateHolder = certBuilder.build(contentSigner);
return new JcaX509CertificateConverter().setProvider( "BC" ).getCertificate(certificateHolder);
}
示例9: generateKeyAndCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
private static Pair<PrivateKey, X509Certificate> generateKeyAndCertificate(String asymmetric, String sign, int validityYears, String dn) throws NoSuchAlgorithmException, OperatorCreationException, CertificateException {
Preconditions.checkArgument(validityYears > 0, "validityYears <= 0");
KeyPair keyPair = KeyPairGenerator.getInstance(asymmetric).generateKeyPair();
Date notBefore = new Date(System.currentTimeMillis());
Date notAfter = new Date(System.currentTimeMillis() + validityYears * 31536000000l);
X500Name issuer = new X500Name(new X500Principal(dn).getName());
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
X509v1CertificateBuilder builder = new X509v1CertificateBuilder(issuer, BigInteger.ONE, notBefore, notAfter, issuer, publicKeyInfo);
ContentSigner signer = new JcaContentSignerBuilder(sign).setProvider(new BouncyCastleProvider()).build(keyPair.getPrivate());
X509CertificateHolder holder = builder.build(signer);
JcaX509CertificateConverter converter = new JcaX509CertificateConverter().setProvider(new BouncyCastleProvider());
X509Certificate certificate = converter.getCertificate(holder);
return Pair.of(keyPair.getPrivate(), certificate);
}
示例10: main
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static void main(String[] args) throws IOException, OperatorCreationException, NoSuchAlgorithmException {
// ---------------------- CA Creation ----------------------
// System.out.println("Generating Keys");
KeyPairGenerator rsa = KeyPairGenerator.getInstance("RSA");
rsa.initialize(1024);
KeyPair kp = rsa.generateKeyPair();
Calendar cal = Calendar.getInstance();
cal.add(Calendar.YEAR, 100);
// System.out.println("Getting data");
byte[] pk = kp.getPublic().getEncoded();
SubjectPublicKeyInfo bcPk = SubjectPublicKeyInfo.getInstance(pk);
// System.out.println("Creating cert");
X509v1CertificateBuilder certGen = new X509v1CertificateBuilder(new X500Name("CN=CA Cert"), BigInteger.ONE,
new Date(), cal.getTime(), new X500Name("CN=CA Cert"), bcPk);
X509CertificateHolder certHolder = certGen
.build(new JcaContentSignerBuilder("SHA1withRSA").build(kp.getPrivate()));
StringBuffer s = new StringBuffer();
s.append(X509Factory.BEGIN_CERT + "\n");
s.append(Base64Utils.base64Encode(certHolder.getEncoded()) + "\n");
s.append(X509Factory.END_CERT);
saveFile(s.toString().getBytes());
// ---------------------- ISSUER Creation ----------------------
}
示例11: generateCertificate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static X509Certificate generateCertificate(KeyPair keyPair) {
try {
ContentSigner sigGen = new JcaContentSignerBuilder(AuthenticationUtils.ALGORITHM)
.build(keyPair.getPrivate());
Date startDate = new Date(System.currentTimeMillis() - 24 * 60 * 60 * 1000);
Date endDate = new Date(System.currentTimeMillis() + 365 * 24 * 60 * 60 * 1000);
X509v1CertificateBuilder v1CertGen = new JcaX509v1CertificateBuilder(new X500Principal("CN=User"),
BigInteger.ONE, startDate, endDate, new X500Principal("CN=User"), keyPair.getPublic());
X509CertificateHolder certHolder = v1CertGen.build(sigGen);
return new JcaX509CertificateConverter().getCertificate(certHolder);
} catch (OperatorCreationException | CertificateException ex) {
throw new RuntimeException(ex);
}
}
示例12: generateX509CertificateV1
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
@Override
public X509Certificate generateX509CertificateV1(@NonNull final X509V1CertRequest request, @NonNull final PrivateKey privateKey) {
final ContentSigner signer = contentSigner(privateKey);
final X509v1CertificateBuilder certBuilder = request.x509v1CertificateBuilder();
final X509CertificateHolder certHolder = certBuilder.build(signer);
return toX509Certificate(certHolder);
}
示例13: createMasterCert
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
/**
* we generate the CA's certificate
*/
public static X509Certificate createMasterCert(
PublicKey pubKey,
PrivateKey privKey)
throws Exception
{
//
// signers name
//
String issuer = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";
//
// subjects name - the same as we are self signed.
//
String subject = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";
//
// create the certificate - version 1
//
X509v1CertificateBuilder v1CertBuilder = new JcaX509v1CertificateBuilder(
new X500Name(issuer),
BigInteger.valueOf(1),
new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30),
new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)),
new X500Name(subject),
pubKey);
X509CertificateHolder cert = v1CertBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privKey));
return new JcaX509CertificateConverter().setProvider(BC).getCertificate(cert);
}
示例14: generate
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
public static RTCCertificate generate(String commonName) {
try {
//generate certificate
//TODO sign it by lets-encrypt
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA",
BouncyCastleProvider.PROVIDER_NAME);
kpg.initialize(1024);
KeyPair keyPair = kpg.genKeyPair();
Date startDate = new Date(System.currentTimeMillis());// time from which certificate is valid
Date expiryDate = new Date(System.currentTimeMillis() + 365L * 24L * 60L * 60L * 1000L);// time after which certificate is not valid
BigInteger serialNumber = new BigInteger("1");// serial number for certificate
X500Name dnName = new X500Name("CN=" + commonName);
SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic()
.getEncoded());
final X509v1CertificateBuilder x509v1CertificateBuilder = new X509v1CertificateBuilder(dnName,
serialNumber,
startDate,
expiryDate,
dnName,
subPubKeyInfo);
AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate()
.getEncoded());
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId,
digAlgId).build(privateKeyAsymKeyParam);
final X509CertificateHolder x509CertificateHolder = x509v1CertificateBuilder.build(sigGen);
return new RTCCertificate(fingerprint(x509CertificateHolder),
keyPair,
x509CertificateHolder);
}
catch (IOException | CertificateException | NoSuchAlgorithmException | NoSuchProviderException | OperatorCreationException e) {
throw new RuntimeException(e);
}
}
示例15: checkCreation2
import org.bouncycastle.cert.X509v1CertificateBuilder; //导入方法依赖的package包/类
/**
* we generate a self signed certificate for the sake of testing - DSA
*/
public void checkCreation2()
throws Exception
{
//
// set up the keys
//
AsymmetricKeyParameter privKey;
AsymmetricKeyParameter pubKey;
AsymmetricCipherKeyPairGenerator kpg = new DSAKeyPairGenerator();
BigInteger r = new BigInteger("68076202252361894315274692543577577550894681403");
BigInteger s = new BigInteger("1089214853334067536215539335472893651470583479365");
DSAParametersGenerator pGen = new DSAParametersGenerator();
pGen.init(512, 80, new SecureRandom());
DSAParameters params = pGen.generateParameters();
DSAKeyGenerationParameters genParam = new DSAKeyGenerationParameters(new SecureRandom(), params);
kpg.init(genParam);
AsymmetricCipherKeyPair pair = kpg.generateKeyPair();
privKey = (AsymmetricKeyParameter)pair.getPrivate();
pubKey = (AsymmetricKeyParameter)pair.getPublic();
//
// distinguished name table.
//
X500NameBuilder builder = createStdBuilder();
//
// extensions
//
//
// create the certificate - version 3
//
AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withDSA");
AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
ContentSigner sigGen = new BcDSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
X509v3CertificateBuilder certGen = new BcX509v3CertificateBuilder(builder.build(),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);
X509CertificateHolder cert = certGen.build(sigGen);
assertTrue(cert.isValidOn(new Date()));
assertTrue(cert.isSignatureValid(new BcDSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
//
// create the certificate - version 1
//
sigAlgId = sigAlgFinder.find("SHA1withDSA");
digAlgId = digAlgFinder.find(sigAlgId);
sigGen = new BcDSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
X509v1CertificateBuilder certGen1 = new BcX509v1CertificateBuilder(builder.build(),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);
cert = certGen1.build(sigGen);
assertTrue(cert.isValidOn(new Date()));
assertTrue(cert.isSignatureValid(new BcDSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
CertificateFactory fact = CertificateFactory.getInstance("X.509");
X509Certificate x509cert = (X509Certificate)fact.generateCertificate(bIn);
//System.out.println(cert);
}