本文整理汇总了Java中org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder.build方法的典型用法代码示例。如果您正苦于以下问题:Java PKCS10CertificationRequestBuilder.build方法的具体用法?Java PKCS10CertificationRequestBuilder.build怎么用?Java PKCS10CertificationRequestBuilder.build使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder的用法示例。
在下文中一共展示了PKCS10CertificationRequestBuilder.build方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: writeCertificationRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
public void writeCertificationRequest(String alias, char[] privateKeyPassword, Writer dest) throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, OperatorCreationException, IOException
{
//reading information from self-signed certificate
X509Certificate cert = (X509Certificate)keystore.getCertificate(alias);
KeyPair keyPair = new KeyPair(cert.getPublicKey(), (PrivateKey)keystore.getKey(alias, privateKeyPassword));
Principal principal = cert.getSubjectDN();
//generate certification request
X500Name x500Name = new X500Name(principal.toString());
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
x500Name, keyPair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(keyPair.getPrivate());
PKCS10CertificationRequest csr = p10Builder.build(signer);
//write certification request
String csrString = csrToString(csr);
dest.write(csrString);
}
示例2: generateCSR
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
public static PKCS10CertificationRequest generateCSR(String[] commonNames, KeyPair pair) throws OperatorCreationException, IOException {
X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
namebuilder.addRDN(BCStyle.CN, commonNames[0]);
List<GeneralName> subjectAltNames = new ArrayList<>(commonNames.length);
for (String cn:commonNames)
subjectAltNames.add(new GeneralName(GeneralName.dNSName, cn));
GeneralNames subjectAltName = new GeneralNames(subjectAltNames.toArray(new GeneralName[0]));
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName.toASN1Primitive());
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), pair.getPublic());
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(pair.getPrivate());
PKCS10CertificationRequest request = p10Builder.build(signer);
return request;
}
示例3: generateRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
@Override
public CsrWithPrivateKey generateRequest(final DistinguishedName dn) {
final KeyPair pair = KeysUtil.generateKeyPair();
try {
final PrivateKey privateKey = pair.getPrivate();
final PublicKey publicKey = pair.getPublic();
final X500Name x500Name = dn.getX500Name();
final ContentSigner signGen = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM)
.build(privateKey);
final PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(
x500Name, publicKey);
final PKCS10CertificationRequest csr = builder.build(signGen);
return new CsrWithPrivateKeyImpl(csr, privateKey);
} catch (final OperatorCreationException e) {
throw new CaException(e);
}
}
示例4: generateCertSignRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
/**
* This method creates the PKCS10 Certificate Sign Request which is to be sent to the SCEP Server using the
* generated PublicKey of the client. The certificate parameters used here are the ones from the AgentManager
* which are the values read from the configurations file.
*
* @return the PKCS10CertificationRequest object created using the client specific configs and the generated
* PublicKey
* @throws AgentCoreOperationException if an error occurs when creating a content signer to sign the CSR.
*/
private PKCS10CertificationRequest generateCertSignRequest() throws AgentCoreOperationException {
// Build the CN for the cert we are requesting.
X500NameBuilder nameBld = new X500NameBuilder(BCStyle.INSTANCE);
nameBld.addRDN(BCStyle.CN, AgentManager.getInstance().getAgentConfigs().getDeviceName());
nameBld.addRDN(BCStyle.O, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
nameBld.addRDN(BCStyle.OU, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
nameBld.addRDN(BCStyle.UNIQUE_IDENTIFIER, AgentManager.getInstance().getAgentConfigs().getDeviceId());
X500Name principal = nameBld.build();
JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SIGNATURE_ALG).setProvider(PROVIDER);
ContentSigner contentSigner;
try {
contentSigner = contentSignerBuilder.build(this.privateKey);
} catch (OperatorCreationException e) {
String errorMsg = "Could not create content signer with private key.";
log.error(errorMsg);
throw new AgentCoreOperationException(errorMsg, e);
}
// Generate the certificate signing request (csr = PKCS10)
PKCS10CertificationRequestBuilder reqBuilder = new JcaPKCS10CertificationRequestBuilder(principal,
this.publicKey);
return reqBuilder.build(contentSigner);
}
示例5: generationTest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
private void generationTest(int keySize, String keyName, String sigName, String provider)
throws Exception
{
KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyName, "BC");
kpg.initialize(keySize);
KeyPair kp = kpg.genKeyPair();
X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);
x500NameBld.addRDN(BCStyle.C, "AU");
x500NameBld.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
x500NameBld.addRDN(BCStyle.L, "Melbourne");
x500NameBld.addRDN(BCStyle.ST, "Victoria");
x500NameBld.addRDN(BCStyle.EmailAddress, "[email protected]");
X500Name subject = x500NameBld.build();
PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, kp.getPublic());
PKCS10CertificationRequest req1 = requestBuilder.build(new JcaContentSignerBuilder(sigName).setProvider(provider).build(kp.getPrivate()));
JcaPKCS10CertificationRequest req2 = new JcaPKCS10CertificationRequest(req1.getEncoded()).setProvider(provider);
if (!req2.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(provider).build(kp.getPublic())))
{
fail(sigName + ": Failed verify check.");
}
if (!Arrays.areEqual(req2.getPublicKey().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
{
fail(keyName + ": Failed public key check.");
}
}
示例6: generateRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
private PKCS10CertificationRequest generateRequest(ConcurrentContentSigner signer,
SubjectPublicKeyInfo subjectPublicKeyInfo, X500Name subjectDn,
Map<ASN1ObjectIdentifier, ASN1Encodable> attributes) throws XiSecurityException {
ParamUtil.requireNonNull("signer", signer);
ParamUtil.requireNonNull("subjectPublicKeyInfo", subjectPublicKeyInfo);
ParamUtil.requireNonNull("subjectDn", subjectDn);
PKCS10CertificationRequestBuilder csrBuilder =
new PKCS10CertificationRequestBuilder(subjectDn, subjectPublicKeyInfo);
if (CollectionUtil.isNonEmpty(attributes)) {
for (ASN1ObjectIdentifier attrType : attributes.keySet()) {
csrBuilder.addAttribute(attrType, attributes.get(attrType));
}
}
ConcurrentBagEntrySigner signer0;
try {
signer0 = signer.borrowSigner();
} catch (NoIdleSignerException ex) {
throw new XiSecurityException(ex.getMessage(), ex);
}
try {
return csrBuilder.build(signer0.value());
} finally {
signer.requiteSigner(signer0);
}
}
示例7: generateCSR
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
public PKCS10CertificationRequest generateCSR(Trans trans) throws IOException, CertException {
PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(x500Name(),keypair(trans).getPublic());
if(challenge!=null) {
DERPrintableString password = new DERPrintableString(challenge);
builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, password);
}
if(sanList.size()>0) {
GeneralName[] gna = new GeneralName[sanList.size()];
int i=-1;
for(String s : sanList) {
gna[++i]=new GeneralName(GeneralName.dNSName,s);
}
builder.addAttribute(
PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
new Extensions(new Extension[] {
new Extension(Extension.subjectAlternativeName,false,new GeneralNames(gna).getEncoded())
})
);
}
// builder.addAttribute(Extension.basicConstraints,new BasicConstraints(false))
// .addAttribute(Extension.keyUsage, new KeyUsage(KeyUsage.digitalSignature
// | KeyUsage.keyEncipherment));
try {
return builder.build(BCFactory.contentSigner(keypair(trans).getPrivate()));
} catch (OperatorCreationException e) {
throw new CertException(e);
}
}
示例8: makeRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
private PKCS10CertificationRequest makeRequest(String subject, Extensions extensions) throws Exception {
PKCS10CertificationRequestBuilder builder = new JcaPKCS10CertificationRequestBuilder(
new X500Name(subject), clientKeyPair.getPublic());
builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensions);
ContentSigner signGen = new JcaContentSignerBuilder(CertificateSigner.SIGNER_ALGORITHM).build(caKeyPair.getPrivate());
return builder.build(signGen);
}
示例9: getCertificateRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
private static PKCS10CertificationRequest getCertificateRequest(PublicKey publicKey, PrivateKey privateKey, String subject, Attribute extensions) {
try {
KeyPair keyPair = new KeyPair(publicKey, privateKey);
PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Principal(subject), keyPair.getPublic());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("sha256WithRSA");
requestBuilder.addAttribute(extensions.getAttrType(), extensions.getAttrValues());
ContentSigner signer = csBuilder.build(keyPair.getPrivate());
return requestBuilder.build(signer);
} catch (OperatorCreationException e) {
e.printStackTrace();
return null;
}
}
示例10: generateX509CSR
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey,
String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {
// Create Distinguished Name
X500Principal subject = new X500Principal(x500Principal);
// Create ContentSigner
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
ContentSigner signer = csBuilder.build(privateKey);
// Create the CSR
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(
subject, publicKey);
// Add SubjectAlternativeNames (SAN) if specified
if (sanArray != null) {
ExtensionsGenerator extGen = new ExtensionsGenerator();
GeneralNames subjectAltNames = new GeneralNames(sanArray);
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
}
PKCS10CertificationRequest csr = p10Builder.build(signer);
// write to openssl PEM format
PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
StringWriter strWriter;
try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
pemWriter.writeObject(pemObject);
}
return strWriter.toString();
}
示例11: sign
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
/**
* Signs the completed CSR.
*
* @param keypair
* {@link KeyPair} to sign the CSR with
*/
public void sign(KeyPair keypair) throws IOException {
Objects.requireNonNull(keypair, "keypair");
if (namelist.isEmpty()) {
throw new IllegalStateException("No domain was set");
}
try {
GeneralName[] gns = new GeneralName[namelist.size()];
for (int ix = 0; ix < namelist.size(); ix++) {
gns[ix] = new GeneralName(GeneralName.dNSName, namelist.get(ix));
}
GeneralNames subjectAltName = new GeneralNames(gns);
PKCS10CertificationRequestBuilder p10Builder =
new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), keypair.getPublic());
ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
extensionsGenerator.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
PrivateKey pk = keypair.getPrivate();
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(
pk instanceof ECKey ? EC_SIGNATURE_ALG : SIGNATURE_ALG);
ContentSigner signer = csBuilder.build(pk);
csr = p10Builder.build(signer);
} catch (OperatorCreationException ex) {
throw new IOException("Could not generate CSR", ex);
}
}
示例12: newCertificateRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
public static PKCS10CertificationRequest newCertificateRequest(X500Name principal, KeyPair p) {
try {
PKCS10CertificationRequestBuilder b = new JcaPKCS10CertificationRequestBuilder(principal, p.getPublic());
ContentSigner s = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider("BC").build(p.getPrivate());
return b.build(s);
} catch(OperatorCreationException ex) {
Logger.getLogger(SSLUtil.class.getName()).log(Level.SEVERE, null, ex);
return null;
}
}
示例13: generateCSR
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
public byte[] generateCSR(X500Name name) throws OperatorCreationException, IOException {
PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(name, this.publicKey);
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(this.privateKey);
PKCS10CertificationRequest csr = csrBuilder.build(signer);
return csr.getEncoded();
}
示例14: generateCertificationRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
private PKCS10CertificationRequest generateCertificationRequest(String dn, KeyPair kp)
throws Exception{
X500Name subject=new X500Name(dn);
PublicKey pubKey=kp.getPublic();
PrivateKey privKey=kp.getPrivate();
AsymmetricKeyParameter pubkeyParam = PublicKeyFactory.createKey(pubKey.getEncoded());
SubjectPublicKeyInfo publicKeyInfo=SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(pubkeyParam);
PKCS10CertificationRequestBuilder builder=new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
AlgorithmIdentifier signatureAi = new AlgorithmIdentifier(OIWObjectIdentifiers.sha1WithRSA);
BcRSAContentSignerBuilder signerBuilder=new BcRSAContentSignerBuilder(
signatureAi, AlgorithmIdentifier.getInstance(OIWObjectIdentifiers.idSHA1));
AsymmetricKeyParameter pkParam = PrivateKeyFactory.createKey(privKey.getEncoded());
ContentSigner signer=signerBuilder.build(pkParam);
return builder.build(signer);
}
示例15: generateCertificationRequest
import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder; //导入方法依赖的package包/类
private org.bouncycastle.pkcs.PKCS10CertificationRequest generateCertificationRequest(String dn, KeyPair kp)
throws Exception{
X500Name subject=new X500Name(dn);
PublicKey pubKey=kp.getPublic();
PrivateKey privKey=kp.getPrivate();
AsymmetricKeyParameter pubkeyParam = PublicKeyFactory.createKey(pubKey.getEncoded());
SubjectPublicKeyInfo publicKeyInfo=SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(pubkeyParam);
PKCS10CertificationRequestBuilder builder=new PKCS10CertificationRequestBuilder(subject, publicKeyInfo);
AlgorithmIdentifier signatureAi = new AlgorithmIdentifier(OIWObjectIdentifiers.sha1WithRSA);
BcRSAContentSignerBuilder signerBuilder=new BcRSAContentSignerBuilder(
signatureAi, AlgorithmIdentifier.getInstance(OIWObjectIdentifiers.idSHA1));
AsymmetricKeyParameter pkParam = PrivateKeyFactory.createKey(privKey.getEncoded());
ContentSigner signer=signerBuilder.build(pkParam);
return builder.build(signer);
}