本文整理汇总了Java中org.bouncycastle.x509.X509V2CRLGenerator.generate方法的典型用法代码示例。如果您正苦于以下问题:Java X509V2CRLGenerator.generate方法的具体用法?Java X509V2CRLGenerator.generate怎么用?Java X509V2CRLGenerator.generate使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.x509.X509V2CRLGenerator的用法示例。
在下文中一共展示了X509V2CRLGenerator.generate方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createCRL
import org.bouncycastle.x509.X509V2CRLGenerator; //导入方法依赖的package包/类
public static X509CRL createCRL(
X509Certificate caCert,
PrivateKey caKey,
BigInteger serialNumber)
throws Exception
{
X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
Date now = new Date();
BigInteger revokedSerialNumber = BigInteger.valueOf(2);
crlGen.setIssuerDN(PrincipalUtil.getSubjectX509Principal(caCert));
crlGen.setThisUpdate(now);
crlGen.setNextUpdate(new Date(now.getTime() + 100000));
crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.addCRLEntry(serialNumber, now, CRLReason.privilegeWithdrawn);
crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
crlGen.addExtension(X509Extensions.CRLNumber, false, new CRLNumber(BigInteger.valueOf(1)));
return crlGen.generate(caKey, "BC");
}
示例2: generateCrl
import org.bouncycastle.x509.X509V2CRLGenerator; //导入方法依赖的package包/类
public static X509CRL generateCrl(X509Certificate issuer, PrivateKey issuerPrivateKey) throws InvalidKeyException,
CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException {
X509V2CRLGenerator crlGenerator = new X509V2CRLGenerator();
crlGenerator.setIssuerDN(issuer.getSubjectX500Principal());
Date now = new Date();
crlGenerator.setThisUpdate(now);
crlGenerator.setNextUpdate(new Date(now.getTime() + 100000));
crlGenerator.setSignatureAlgorithm("SHA1withRSA");
crlGenerator.addExtension(X509Extensions.CRLNumber, false, new CRLNumber(new BigInteger("1234")));
X509CRL x509Crl = crlGenerator.generate(issuerPrivateKey);
return x509Crl;
}
示例3: checkCRLCreation1
import org.bouncycastle.x509.X509V2CRLGenerator; //导入方法依赖的package包/类
public void checkCRLCreation1()
throws Exception
{
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
Date now = new Date();
KeyPair pair = kpGen.generateKeyPair();
crlGen.setIssuerDN(new X500Principal("CN=Test CA"));
crlGen.setThisUpdate(now);
crlGen.setNextUpdate(new Date(now.getTime() + 100000));
crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
X509CRL crl = crlGen.generate(pair.getPrivate(), "BC");
if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
{
fail("failed CRL issuer test");
}
byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (authExt == null)
{
fail("failed to find CRL extension");
}
AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
if (entry == null)
{
fail("failed to find CRL entry");
}
if (!entry.getSerialNumber().equals(BigInteger.ONE))
{
fail("CRL cert serial number does not match");
}
if (!entry.hasExtensions())
{
fail("CRL entry extension not found");
}
byte[] ext = entry.getExtensionValue(X509Extensions.ReasonCode.getId());
if (ext != null)
{
DEREnumerated reasonCode = (DEREnumerated)X509ExtensionUtil.fromExtensionValue(ext);
if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
{
fail("CRL entry reasonCode wrong");
}
}
else
{
fail("CRL entry reasonCode not found");
}
}
示例4: checkCRLCreation1
import org.bouncycastle.x509.X509V2CRLGenerator; //导入方法依赖的package包/类
public void checkCRLCreation1()
throws Exception
{
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
Date now = new Date();
KeyPair pair = kpGen.generateKeyPair();
crlGen.setIssuerDN(new X509Principal("CN=Test CA"));
crlGen.setThisUpdate(now);
crlGen.setNextUpdate(new Date(now.getTime() + 100000));
crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
X509CRL crl = crlGen.generate(pair.getPrivate(), "BC");
if (!crl.getIssuerDN().equals(new X509Principal("CN=Test CA")))
{
fail("failed CRL issuer test");
}
byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (authExt == null)
{
fail("failed to find CRL extension");
}
AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
if (entry == null)
{
fail("failed to find CRL entry");
}
if (!entry.getSerialNumber().equals(BigInteger.ONE))
{
fail("CRL cert serial number does not match");
}
if (!entry.hasExtensions())
{
fail("CRL entry extension not found");
}
byte[] ext = entry.getExtensionValue(X509Extensions.ReasonCode.getId());
if (ext != null)
{
DEREnumerated reasonCode = (DEREnumerated)X509ExtensionUtil.fromExtensionValue(ext);
if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
{
fail("CRL entry reasonCode wrong");
}
}
else
{
fail("CRL entry reasonCode not found");
}
}