本文整理汇总了Java中org.bouncycastle.pkcs.PKCS10CertificationRequest.getSubject方法的典型用法代码示例。如果您正苦于以下问题:Java PKCS10CertificationRequest.getSubject方法的具体用法?Java PKCS10CertificationRequest.getSubject怎么用?Java PKCS10CertificationRequest.getSubject使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.pkcs.PKCS10CertificationRequest的用法示例。
在下文中一共展示了PKCS10CertificationRequest.getSubject方法的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: testGenerateInstanceRefreshRequestSubDomain
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
@Test
public void testGenerateInstanceRefreshRequestSubDomain() {
File privkey = new File("./src/test/resources/test_private_k0.pem");
PrivateKey privateKey = Crypto.loadPrivateKey(privkey);
InstanceRefreshRequest req = ZTSClient.generateInstanceRefreshRequest("coretech.system",
"test", privateKey, "aws", 3600);
assertNotNull(req);
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr());
assertEquals("coretech.system.test", Crypto.extractX509CSRCommonName(certReq));
X500Name x500name = certReq.getSubject();
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
assertEquals("coretech.system.test", IETFUtils.valueToString(cnRdn.getFirst().getValue()));
assertEquals("test.coretech-system.aws.athenz.cloud", Crypto.extractX509CSRDnsNames(certReq).get(0));
}
示例2: csrTest
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
/**
* Checks if the CSR contains the right parameters.
* <p>
* This is not supposed to be a Bouncy Castle test. If the
* {@link PKCS10CertificationRequest} contains the right parameters, we assume that
* Bouncy Castle encodes it properly.
*/
@SuppressWarnings("unchecked")
private void csrTest(PKCS10CertificationRequest csr) {
X500Name name = csr.getSubject();
assertThat(name.getRDNs(BCStyle.CN), arrayContaining(new RDNMatcher("abc.de")));
assertThat(name.getRDNs(BCStyle.C), arrayContaining(new RDNMatcher("XX")));
assertThat(name.getRDNs(BCStyle.L), arrayContaining(new RDNMatcher("Testville")));
assertThat(name.getRDNs(BCStyle.O), arrayContaining(new RDNMatcher("Testing Co")));
assertThat(name.getRDNs(BCStyle.OU), arrayContaining(new RDNMatcher("Testunit")));
assertThat(name.getRDNs(BCStyle.ST), arrayContaining(new RDNMatcher("ABC")));
Attribute[] attr = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
assertThat(attr.length, is(1));
ASN1Encodable[] extensions = attr[0].getAttrValues().toArray();
assertThat(extensions.length, is(1));
GeneralNames names = GeneralNames.fromExtensions((Extensions) extensions[0], Extension.subjectAlternativeName);
assertThat(names.getNames(), arrayContaining(new GeneralNameMatcher("abc.de"),
new GeneralNameMatcher("fg.hi"), new GeneralNameMatcher("jklm.no"),
new GeneralNameMatcher("pqr.st"), new GeneralNameMatcher("uv.wx"),
new GeneralNameMatcher("y.z"), new GeneralNameMatcher("*.wild.card")));
}
示例3: testParseCsrRdnWithEMail
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
@Test
public void testParseCsrRdnWithEMail() {
String csrPemStr = this.getCsrWithReverseDnStructureOrder_AndEmail();
PKCS10CertificationRequest req = csrParser.parseCsrPemString(csrPemStr);
X500Name xname = req.getSubject();
System.out.println("" + xname.toString());
assertEquals("C=UK,O=eScienceDev,OU=Manchester,L=MC,CN=grid course eight,[email protected]", xname.toString());
RDN[] rdn = req.getSubject().getRDNs(); // return an array of RDNs in structure order.
assertEquals(rdn[5].getFirst().getType(), email);
/*for (int i = 0; i < rdn.length; i++) {
//System.out.println("ASN1: "+rdn[i].toASN1Primitive());
AttributeTypeAndValue tv = rdn[i].getFirst();
System.out.println("t: " + tv.getType().toString() + " v: " + tv.getValue().toString());
}*/
// Note the order of the RDNs reflects the X500Name
assertEquals(rdn[0].getFirst().getType(), c);
assertEquals(rdn[1].getFirst().getType(), orgname);
assertEquals(rdn[2].getFirst().getType(), ou);
assertEquals(rdn[3].getFirst().getType(), loc);
assertEquals(rdn[4].getFirst().getType(), cn);
assertEquals(rdn[5].getFirst().getType(), email);
}
示例4: extractX509CSRCommonName
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
public static String extractX509CSRCommonName(PKCS10CertificationRequest certReq) {
String cn = null;
X500Name x500name = certReq.getSubject();
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
if (cnRdn != null) {
cn = IETFUtils.valueToString(cnRdn.getFirst().getValue());
}
return cn;
}
示例5: CsrImpl
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
public CsrImpl(final PKCS10CertificationRequest request) {
dn = new BcX500NameDnImpl(request.getSubject());
try {
publicKey = new JcaPEMKeyConverter().getPublicKey(request.getSubjectPublicKeyInfo());
} catch (final PEMException e) {
throw new CaException(e);
}
}
示例6: testCsrWithValidRdnStructureOrder
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
@Test
public void testCsrWithValidRdnStructureOrder()throws Exception {
String csrPemStr = this.getCsrWithReverseDnStructureOrder();
PKCS10CertificationRequest req = csrParser.parseCsrPemString(csrPemStr);
X500Name xname = req.getSubject();
//System.out.println("" + xname.toString());
assertEquals("C=UK,O=eScience,OU=CLRC,L=DL,CN=some valid body", xname.toString());
RDN[] rdn = req.getSubject().getRDNs(); // return an array of RDNs in structure order.
/*for (int i = 0; i < rdn.length; i++) {
//System.out.println("ASN1: "+rdn[i].toASN1Primitive());
AttributeTypeAndValue tv = rdn[i].getFirst();
System.out.println("t: " + tv.getType().toString() + " v: " + tv.getValue().toString());
}*/
// Note the order of the RDNs reflects the X500Name
assertEquals(rdn[0].getFirst().getType(), c);
assertEquals(rdn[1].getFirst().getType(), orgname);
assertEquals(rdn[2].getFirst().getType(), ou);
assertEquals(rdn[3].getFirst().getType(), loc);
assertEquals(rdn[4].getFirst().getType(), cn);
// Validate
CsrRequestValidationConfigParams params = new CsrRequestValidationConfigParams("UK", "eScience");
params.setRalistDao(this.createMockJdbcRalistDao("DL", "CLRC"));
PKCS10SubjectDNValidator validator = new PKCS10SubjectDNValidator(params);
Errors errors = new MapBindingResult(new HashMap<String, String>(), "csrPemStr");
PKCS10_RequestWrapper.Builder builder = new PKCS10_RequestWrapper.Builder(CSR_Flags.Csr_Types.NEW, CSR_Flags.Profile.UKPERSON, csrPemStr, "[email protected]");
PKCS10_RequestWrapper csrWrapper = builder.build();
validator.validate(csrWrapper, errors);
assertTrue(!errors.hasErrors());
}
示例7: testParseCsrRdn
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
@Test
public void testParseCsrRdn() {
String csrPemStr = this.getCsrIrregularOrderDN();
PKCS10CertificationRequest req = csrParser.parseCsrPemString(csrPemStr);
X500Name xname = req.getSubject();
System.out.println("" + req.getSubject().toString());
assertEquals("CN=some body,C=UK,L=DL,O=eScience,OU=CLRC", xname.toString());
RDN[] rdn = req.getSubject().getRDNs(); // return an array of RDNs in structure order.
/*for (int i = 0; i < rdn.length; i++) {
AttributeTypeAndValue tv = rdn[i].getFirst();
System.out.println("t: " + tv.getType().toString() + " v: " + tv.getValue().toString());
//AttributeTypeAndValue[] tvs = rdn[i].getTypesAndValues();
//for(int ii=0; ii<tvs.length; ii++){
// System.out.println("t: "+tvs[ii].getType().toString()+" v: "+tvs[ii].getValue().toString());
//}
}*/
// Note the order of the RDNs reflects the X500Name
assertEquals(rdn[0].getFirst().getType(), cn);
assertEquals(rdn[1].getFirst().getType(), c);
assertEquals(rdn[2].getFirst().getType(), loc);
assertEquals(rdn[3].getFirst().getType(), orgname);
assertEquals(rdn[4].getFirst().getType(), ou);
// ASN1ObjectIdentifier[] ids = xname.getAttributeTypes();
// for(int i=0; i<ids.length; i++){
// System.out.println(""+ids[i].getId());
// }
}
示例8: testGenerateCertificate
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
@Test
public void testGenerateCertificate() throws Exception {
CertRASession certRASession = new CertRASession("[email protected]", "0478/299492");
String ssin = CertRAClient.getSSIN(this.signCertificateChain.get(0));
X500NameBuilder nameBuilder = new X500NameBuilder();
nameBuilder.addRDN(X509ObjectIdentifiers.countryName, new DERPrintableString("BE"));
nameBuilder.addRDN(X509ObjectIdentifiers.organization, new DERPrintableString("Federal Government"));
nameBuilder.addRDN(X509ObjectIdentifiers.organizationalUnitName,
new DERPrintableString("eHealth-platform Belgium"));
nameBuilder.addRDN(X509ObjectIdentifiers.organizationalUnitName, new DERPrintableString("SSIN=" + ssin));
nameBuilder.addRDN(X509ObjectIdentifiers.commonName, new DERPrintableString("SSIN=" + ssin));
X500Name name = nameBuilder.build();
byte[] encodedCsr = certRASession.generateCSR(name);
PKCS10CertificationRequest csr = new PKCS10CertificationRequest(encodedCsr);
LOG.debug("CSR subject: " + csr.getSubject());
X500Name subjectName = csr.getSubject();
RDN[] rdns = subjectName.getRDNs();
for (RDN rdn : rdns) {
LOG.debug("--------");
AttributeTypeAndValue[] attributes = rdn.getTypesAndValues();
for (AttributeTypeAndValue attribute : attributes) {
LOG.debug(attribute.getType() + " = " + attribute.getValue());
LOG.debug("value type: " + attribute.getValue().getClass().getName());
}
}
}
示例9: selfsign
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
private static X509Certificate selfsign(PKCS10CertificationRequest inputCSR, String publicAddress, KeyPair signKey)
throws Exception {
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder()
.find("SHA256withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder()
.find(sigAlgId);
AsymmetricKeyParameter akp = PrivateKeyFactory.createKey(signKey.getPrivate()
.getEncoded());
Calendar cal = Calendar.getInstance();
Date currentTime = cal.getTime();
cal.add(Calendar.YEAR, CERT_VALIDITY_YEAR);
Date expiryTime = cal.getTime();
X509v3CertificateBuilder myCertificateGenerator = new X509v3CertificateBuilder(
new X500Name(String.format("cn=%s", publicAddress)), new BigInteger("1"), currentTime, expiryTime, inputCSR.getSubject(),
inputCSR.getSubjectPublicKeyInfo());
ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId)
.build(akp);
X509CertificateHolder holder = myCertificateGenerator.build(sigGen);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
return (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(holder.toASN1Structure().getEncoded()));
}
示例10: signCSR
import org.bouncycastle.pkcs.PKCS10CertificationRequest; //导入方法依赖的package包/类
/**
* Given a Keystore containing a private key and certificate and a Reader
* containing a PEM-encoded Certificiate Signing Request (CSR), sign the CSR
* with that private key and return the signed certificate as a PEM-encoded
* PKCS#7 signedData object. The returned value can be written to a file and
* imported into a Java KeyStore with "keytool -import -trustcacerts -alias
* subjectalias -file file.pem"
*
* @param pemcsr
* a Reader from which will be read a PEM-encoded CSR (begins
* "-----BEGIN NEW CERTIFICATE REQUEST-----")
* @param validity
* the number of days to sign the Certificate for
*
* @return a String containing the PEM-encoded signed Certificate (begins
* "-----BEGIN PKCS #7 SIGNED DATA-----")
*/
public String signCSR(Reader pemcsr, int validity)
throws Exception {
PEMParser reader = new PEMParser(pemcsr);
PKCS10CertificationRequest csr = new PKCS10CertificationRequest((CertificationRequest) reader.readObject());
reader.close();
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
X500Name issuer = caname;
BigInteger serial = new BigInteger(32, new SecureRandom());
Date from = new Date();
Date to = new Date(System.currentTimeMillis() + (validity * 86400000L));
X509v3CertificateBuilder certgen = new X509v3CertificateBuilder(issuer, serial, from, to, csr.getSubject(),
csr.getSubjectPublicKeyInfo());
certgen.addExtension(Extension.basicConstraints, false, new BasicConstraints(false));
certgen.addExtension(Extension.subjectKeyIdentifier, false,
new SubjectKeyIdentifier(csr.getSubjectPublicKeyInfo().getEncoded()));
certgen.addExtension(Extension.authorityKeyIdentifier, false,
new AuthorityKeyIdentifier(
new GeneralNames(new GeneralName(new X500Name(cacert.getSubjectX500Principal().getName()))),
cacert.getSerialNumber()));
ContentSigner signer = new BcRSAContentSignerBuilder(sigAlgId, digAlgId)
.build(PrivateKeyFactory.createKey(cakey.getEncoded()));
X509CertificateHolder holder = certgen.build(signer);
byte[] certencoded = holder.toASN1Structure().getEncoded();
CMSSignedDataGenerator generator = new CMSSignedDataGenerator();
signer = new JcaContentSignerBuilder("SHA1withRSA").build(cakey);
generator.addSignerInfoGenerator(
new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build()).build(signer,
cacert));
generator.addCertificate(new X509CertificateHolder(certencoded));
generator.addCertificate(new X509CertificateHolder(cacert.getEncoded()));
CMSTypedData content = new CMSProcessableByteArray(certencoded);
CMSSignedData signeddata = generator.generate(content, true);
StringBuilder builder = new StringBuilder();
builder.append("-----BEGIN PKCS #7 SIGNED DATA-----\n");
builder.append(Base64.getEncoder().encodeToString(signeddata.getEncoded()));
builder.append("\n-----END PKCS #7 SIGNED DATA-----\n");
return builder.toString();
}