当前位置: 首页>>代码示例>>Java>>正文


Java JcaContentSignerBuilder.build方法代码示例

本文整理汇总了Java中org.bouncycastle.operator.jcajce.JcaContentSignerBuilder.build方法的典型用法代码示例。如果您正苦于以下问题:Java JcaContentSignerBuilder.build方法的具体用法?Java JcaContentSignerBuilder.build怎么用?Java JcaContentSignerBuilder.build使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.bouncycastle.operator.jcajce.JcaContentSignerBuilder的用法示例。


在下文中一共展示了JcaContentSignerBuilder.build方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generateCertificate

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
private X509Certificate generateCertificate(KeyPair keyPair) throws DeltaClientException {
    try {
        BigInteger serialNumber = BigInteger.valueOf(System.currentTimeMillis());
        Date startDate = DateTimeUtil.getCurrentDate();
        Date expiryDate = DateTimeUtil.addDays(startDate, DAYS_CERTIFICATE_VALID);
        X500Name issuer = new X500Name(ISSUER);
        X500Name subject = new X500Name(SUBJECT);

        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(
                issuer, serialNumber, startDate, expiryDate, subject,
                SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
        JcaContentSignerBuilder builder = new JcaContentSignerBuilder("SHA256withRSA");
        ContentSigner signer = builder.build(keyPair.getPrivate());


        byte[] certBytes = certBuilder.build(signer).getEncoded();
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        return (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(certBytes));
    } catch (Exception e) {
        LOG.error(e.getMessage());
        throw new DeltaClientException("Error generating certificate", e);
    }
}
 
开发者ID:Covata,项目名称:delta-sdk-java,代码行数:24,代码来源:DeltaKeyStore.java

示例2: writeCertificationRequest

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
public void writeCertificationRequest(String alias, char[] privateKeyPassword, Writer dest) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, OperatorCreationException, IOException
{
	//reading information from self-signed certificate
	X509Certificate cert = (X509Certificate)keystore.getCertificate(alias);
	KeyPair keyPair = new KeyPair(cert.getPublicKey(), (PrivateKey)keystore.getKey(alias, privateKeyPassword));
	Principal principal = cert.getSubjectDN();
	
	//generate certification request
	X500Name x500Name = new X500Name(principal.toString());
	PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
		    x500Name, keyPair.getPublic());
	JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
	ContentSigner signer = csBuilder.build(keyPair.getPrivate());
	PKCS10CertificationRequest csr = p10Builder.build(signer);
	
	//write certification request
	String csrString = csrToString(csr);
	dest.write(csrString);
}
 
开发者ID:aktin,项目名称:ca,代码行数:20,代码来源:CertificateManager.java

示例3: generateCSR

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
public PKCS10CertificationRequest generateCSR(User user, KeyPair key) throws OperatorCreationException {
    X500Name x500User = new X500NameBuilder()
            .addRDN(BCStyle.C, user.getCountryName())
            .addRDN(BCStyle.ST, user.getProvinceName())
            .addRDN(BCStyle.L,  user.getLocalityName())
            .addRDN(BCStyle.O,  user.getOrganizationName())
            .addRDN(BCStyle.OU, user.getOrganizationUnitName())
            .addRDN(BCStyle.CN, user.getCommonName())
            .addRDN(BCStyle.EmailAddress, user.getEmailAddress())
            .build();
    PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
            x500User, key.getPublic());
    user.setPrivateKey(key.getPrivate().getEncoded());
    JcaContentSignerBuilder csBuilder= new JcaContentSignerBuilder("SHA512WithRSAEncryption");
    ContentSigner signer = csBuilder.build(key.getPrivate());
    return p10Builder.build(signer);
}
 
开发者ID:kawasima,项目名称:occupy-pub,代码行数:18,代码来源:CertificationAuthority.java

示例4: generateCA

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
protected void generateCA() throws NoSuchProviderException, NoSuchAlgorithmException, IOException, OperatorCreationException {
    KeyPair pair = generateKey();
    LocalDateTime startDate = LocalDate.now().atStartOfDay();

    X509v3CertificateBuilder builder= new X509v3CertificateBuilder(
            new X500Name("CN=ca"),
            new BigInteger("0"),
            Date.from(startDate.atZone(ZoneId.systemDefault()).toInstant()),
            Date.from(startDate.plusDays(3650).atZone(ZoneId.systemDefault()).toInstant()),
            new X500Name("CN=ca"),
            SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded()));
    JcaContentSignerBuilder csBuilder= new JcaContentSignerBuilder("SHA512WithRSAEncryption");
    ContentSigner signer = csBuilder.build(pair.getPrivate());
    X509CertificateHolder holder = builder.build(signer);
    try (PemWriter writer = new PemWriter(new FileWriter(pemPath.toFile()))) {
        writer.writeObject(new PemObject("CERTIFICATE", holder.toASN1Structure().getEncoded()));
    }
    try (PemWriter writer = new PemWriter(new FileWriter(keyPath.toFile()))) {
        writer.writeObject(new PemObject("PRIVATE KEY", pair.getPrivate().getEncoded()));
    }
}
 
开发者ID:kawasima,项目名称:occupy-pub,代码行数:22,代码来源:CertificationAuthority.java

示例5: generateCSR

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
public static PKCS10CertificationRequest generateCSR(String[] commonNames, KeyPair pair) throws OperatorCreationException, IOException {
	X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
	namebuilder.addRDN(BCStyle.CN, commonNames[0]);
	
	List<GeneralName> subjectAltNames = new ArrayList<>(commonNames.length);
	for (String cn:commonNames)
		subjectAltNames.add(new GeneralName(GeneralName.dNSName, cn));
	GeneralNames subjectAltName = new GeneralNames(subjectAltNames.toArray(new GeneralName[0]));         
	
	ExtensionsGenerator extGen = new ExtensionsGenerator();
	extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName.toASN1Primitive());
	
	PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), pair.getPublic());
	p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
	JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
	ContentSigner signer = csBuilder.build(pair.getPrivate());
	PKCS10CertificationRequest request = p10Builder.build(signer);
	return request;
}
 
开发者ID:zero11it,项目名称:acme-client,代码行数:20,代码来源:X509Utils.java

示例6: generateCertSignRequest

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
/**
 * This method creates the PKCS10 Certificate Sign Request which is to be sent to the SCEP Server using the
 * generated PublicKey of the client. The certificate parameters used here are the ones from the AgentManager
 * which are the values read from the configurations file.
 *
 * @return the PKCS10CertificationRequest object created using the client specific configs and the generated
 * PublicKey
 * @throws AgentCoreOperationException if an error occurs when creating a content signer to sign the CSR.
 */
private PKCS10CertificationRequest generateCertSignRequest() throws AgentCoreOperationException {
    // Build the CN for the cert we are requesting.
    X500NameBuilder nameBld = new X500NameBuilder(BCStyle.INSTANCE);
    nameBld.addRDN(BCStyle.CN, AgentManager.getInstance().getAgentConfigs().getDeviceName());
    nameBld.addRDN(BCStyle.O, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
    nameBld.addRDN(BCStyle.OU, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
    nameBld.addRDN(BCStyle.UNIQUE_IDENTIFIER, AgentManager.getInstance().getAgentConfigs().getDeviceId());
    X500Name principal = nameBld.build();

    JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SIGNATURE_ALG).setProvider(PROVIDER);
    ContentSigner contentSigner;

    try {
        contentSigner = contentSignerBuilder.build(this.privateKey);
    } catch (OperatorCreationException e) {
        String errorMsg = "Could not create content signer with private key.";
        log.error(errorMsg);
        throw new AgentCoreOperationException(errorMsg, e);
    }

    // Generate the certificate signing request (csr = PKCS10)
    PKCS10CertificationRequestBuilder reqBuilder = new JcaPKCS10CertificationRequestBuilder(principal,
                                                                                            this.publicKey);
    return reqBuilder.build(contentSigner);
}
 
开发者ID:wso2-incubator,项目名称:iot-server-agents,代码行数:35,代码来源:EnrollmentManager.java

示例7: generateTestCertificate

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
public static X509Certificate generateTestCertificate(KeyPair pair) throws CertificateException, OperatorCreationException {
    final X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
    final X500Name cn = nameBuilder.addRDN(BCStyle.CN, "Test Certificate").build();

    final byte[] encoded = pair.getPublic().getEncoded();
    final SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(encoded));

    final X509v1CertificateBuilder certBuilder = new X509v1CertificateBuilder(
            cn,
            BigInteger.valueOf(System.currentTimeMillis()),
            new Date(System.currentTimeMillis() - 10000),
            new Date(System.currentTimeMillis() + 10000),
            cn,
            subjectPublicKeyInfo
    );

    final JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
    final ContentSigner contentSigner = contentSignerBuilder.build(pair.getPrivate());
    final X509CertificateHolder certificateHolder = certBuilder.build(contentSigner);

    return new JcaX509CertificateConverter().setProvider( "BC" ).getCertificate(certificateHolder);
}
 
开发者ID:gini,项目名称:jersey-smime,代码行数:23,代码来源:KeyTools.java

示例8: getCertificateRequest

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
private static PKCS10CertificationRequest getCertificateRequest(PublicKey publicKey, PrivateKey privateKey, String subject, Attribute extensions) {
    try {
        KeyPair keyPair = new KeyPair(publicKey, privateKey);
        PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Principal(subject), keyPair.getPublic());
        JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("sha256WithRSA");
        requestBuilder.addAttribute(extensions.getAttrType(), extensions.getAttrValues());
        ContentSigner signer = csBuilder.build(keyPair.getPrivate());
        return requestBuilder.build(signer);
    } catch (OperatorCreationException e) {
        e.printStackTrace();
        return null;
    }
}
 
开发者ID:thedrummeraki,项目名称:Aki-SSL,代码行数:14,代码来源:MakeA.java

示例9: generateX509CSR

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey,
        String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {

    // Create Distinguished Name

    X500Principal subject = new X500Principal(x500Principal);

    // Create ContentSigner

    JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
    ContentSigner signer = csBuilder.build(privateKey);

    // Create the CSR

    PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
            subject, publicKey);

    // Add SubjectAlternativeNames (SAN) if specified

    if (sanArray != null) {
        ExtensionsGenerator extGen = new ExtensionsGenerator();
        GeneralNames subjectAltNames = new GeneralNames(sanArray);
        extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
        p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
    }
    
    PKCS10CertificationRequest csr = p10Builder.build(signer);

    // write to openssl PEM format

    PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
    StringWriter strWriter;
    try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
        pemWriter.writeObject(pemObject);
    }
    return strWriter.toString();
}
 
开发者ID:yahoo,项目名称:athenz,代码行数:38,代码来源:Crypto.java

示例10: sign

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
/**
 * Signs the completed CSR.
 *
 * @param keypair
 *            {@link KeyPair} to sign the CSR with
 */
public void sign(KeyPair keypair) throws IOException {
    Objects.requireNonNull(keypair, "keypair");
    if (namelist.isEmpty()) {
        throw new IllegalStateException("No domain was set");
    }

    try {
        GeneralName[] gns = new GeneralName[namelist.size()];
        for (int ix = 0; ix < namelist.size(); ix++) {
            gns[ix] = new GeneralName(GeneralName.dNSName, namelist.get(ix));
        }
        GeneralNames subjectAltName = new GeneralNames(gns);

        PKCS10CertificationRequestBuilder p10Builder =
                        new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), keypair.getPublic());

        ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
        extensionsGenerator.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
        p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());

        PrivateKey pk = keypair.getPrivate();
        JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(
                        pk instanceof ECKey ? EC_SIGNATURE_ALG : SIGNATURE_ALG);
        ContentSigner signer = csBuilder.build(pk);

        csr = p10Builder.build(signer);
    } catch (OperatorCreationException ex) {
        throw new IOException("Could not generate CSR", ex);
    }
}
 
开发者ID:shred,项目名称:acme4j,代码行数:37,代码来源:CSRBuilder.java

示例11: generateCSR

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
public byte[] generateCSR(X500Name name) throws OperatorCreationException, IOException {
	PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(name, this.publicKey);
	JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
	ContentSigner signer = csBuilder.build(this.privateKey);
	PKCS10CertificationRequest csr = csrBuilder.build(signer);
	return csr.getEncoded();
}
 
开发者ID:e-Contract,项目名称:mycarenet,代码行数:8,代码来源:CertRASession.java

示例12: buildOCSPRequest

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
private byte[] buildOCSPRequest(final CertificateToken signCert, final CertificateToken issuerCert, Extension nonceExtension) throws
    DSSException {
  try {
    logger.debug("Building OCSP request");
    final CertificateID certId = DSSRevocationUtils.getOCSPCertificateID(signCert, issuerCert);
    final OCSPReqBuilder ocspReqBuilder = new OCSPReqBuilder();
    ocspReqBuilder.addRequest(certId);
    ocspReqBuilder.setRequestExtensions(new Extensions(nonceExtension));

    if (configuration.hasToBeOCSPRequestSigned()) {
      logger.info("Using signed OCSP request");
      JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder("SHA1withRSA");

      if (!configuration.isOCSPSigningConfigurationAvailable()) {
        throw new ConfigurationException("Configuration needed for OCSP request signing is not complete.");
      }

      DSSPrivateKeyEntry keyEntry = getOCSPAccessCertificatePrivateKey();
      PrivateKey privateKey = ((KSPrivateKeyEntry) keyEntry).getPrivateKey();
      X509Certificate ocspSignerCert = keyEntry.getCertificate().getCertificate();

      ContentSigner contentSigner = signerBuilder.build(privateKey);
      X509CertificateHolder[] chain = {new X509CertificateHolder(ocspSignerCert.getEncoded())};
      GeneralName generalName = new GeneralName(new JcaX509CertificateHolder(ocspSignerCert).getSubject());
      ocspReqBuilder.setRequestorName(generalName);

      return ocspReqBuilder.build(contentSigner, chain).getEncoded();
    }
    return ocspReqBuilder.build().getEncoded();
  } catch (Exception e) {
    throw new DSSException(e);
  }
}
 
开发者ID:open-eid,项目名称:digidoc4j,代码行数:34,代码来源:SKOnlineOCSPSource.java

示例13: generateCsr

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
private static PKCS10CertificationRequest generateCsr(KeyPair identity, String publicAddress) throws Exception {
    PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
            new X500Principal(String.format("cn=%s", publicAddress)), identity.getPublic());
    JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
    ContentSigner signer = csBuilder.build(identity.getPrivate());
    return p10Builder.build(signer);
}
 
开发者ID:hortonworks,项目名称:cloudbreak,代码行数:8,代码来源:PkiUtil.java

示例14: toSignerInfoGenerator

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
SignerInfoGenerator toSignerInfoGenerator(
    SecureRandom        random,
    Provider sigProvider,
    boolean             addDefaultAttributes)
    throws IOException, CertificateEncodingException, CMSException, OperatorCreationException, NoSuchAlgorithmException
{
    String              digestName = CMSSignedHelper.INSTANCE.getDigestAlgName(digestOID);
    String              signatureName = digestName + "with" + CMSSignedHelper.INSTANCE.getEncryptionAlgName(encOID);

    JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new BcDigestCalculatorProvider());

    if (addDefaultAttributes)
    {
        builder.setSignedAttributeGenerator(sAttr);
    }
    builder.setDirectSignature(!addDefaultAttributes);

    builder.setUnsignedAttributeGenerator(unsAttr);

    JcaContentSignerBuilder signerBuilder;

    try
    {
        signerBuilder = new JcaContentSignerBuilder(signatureName).setSecureRandom(random);
    }
    catch (IllegalArgumentException e)
    {
        throw new NoSuchAlgorithmException(e.getMessage());
    }

    if (sigProvider != null)
    {
        signerBuilder.setProvider(sigProvider);
    }

    ContentSigner contentSigner = signerBuilder.build(key);
    if (signerIdentifier instanceof X509Certificate)
    {
        return builder.build(contentSigner, (X509Certificate)signerIdentifier);
    }
    else
    {
        return builder.build(contentSigner, (byte[])signerIdentifier);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:46,代码来源:CMSSignedDataGenerator.java

示例15: generateCertificationRequest

import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder; //导入方法依赖的package包/类
/**
 * generateCertificationRequest
 *
 * @param subject The subject to be added to the certificate
 * @param pair    Public private key pair
 * @return PKCS10CertificationRequest Certificate Signing Request.
 * @throws OperatorCreationException
 */

public String generateCertificationRequest(String subject, KeyPair pair)
        throws InvalidArgumentException {

    try {
        PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
                new X500Principal("CN=" + subject), pair.getPublic());

        JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withECDSA");

        if (null != SECURITY_PROVIDER) {
            csBuilder.setProvider(SECURITY_PROVIDER);
        }
        ContentSigner signer = csBuilder.build(pair.getPrivate());

        return certificationRequestToPEM(p10Builder.build(signer));
    } catch (Exception e) {

        logger.error(e);
        throw new InvalidArgumentException(e);

    }

}
 
开发者ID:hyperledger,项目名称:fabric-sdk-java,代码行数:33,代码来源:CryptoPrimitives.java


注:本文中的org.bouncycastle.operator.jcajce.JcaContentSignerBuilder.build方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。