本文整理汇总了Java中org.globus.gsi.CertUtil.generateKeyPair方法的典型用法代码示例。如果您正苦于以下问题:Java CertUtil.generateKeyPair方法的具体用法?Java CertUtil.generateKeyPair怎么用?Java CertUtil.generateKeyPair使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.globus.gsi.CertUtil
的用法示例。
在下文中一共展示了CertUtil.generateKeyPair方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: createAll
import org.globus.gsi.CertUtil; //导入方法依赖的package包/类
private X509Certificate createAll(int index) throws GeneralSecurityException, IOException {
logger.info("Generating CA key pair");
KeyPair ca = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
OpenSSLKey caKey = new BouncyCastleOpenSSLKey(ca.getPrivate());
logger.info("Self-signing CA certificate");
X509Certificate caCert = genCert(ca.getPrivate(), ca.getPublic(), CA_CERT_DN, CA_CERT_DN, null);
logger.info("Generating user key pair");
KeyPair user = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
OpenSSLKey userKey = new BouncyCastleOpenSSLKey(user.getPrivate());
logger.info("Signing user certificate");
X509Certificate userCert = genCert(ca.getPrivate(), user.getPublic(), USER_CERT_DN, CA_CERT_DN,
createExtensions(ca.getPublic(), user.getPublic()));
logger.info("Generating proxy certificate");
GlobusCredential proxy = makeProxy(user, userCert);
try {
logger.info("Writing keys, certificates, and proxy");
writeKey(caKey, makeFile(CA_KEY_NAME_PREFIX, index));
writeCert(caCert, makeFile(CA_CRT_NAME_PREFIX, index));
writeKey(userKey, makeFile(USER_KEY_NAME_PREFIX, index));
writeCert(userCert, makeFile(USER_CRT_NAME_PREFIX, index));
writeProxy(proxy, makeFile(PROXY_NAME_PREFIX, index));
copySigningPolicy(index);
}
catch (GeneralSecurityException e) {
deleteAll(index);
throw e;
}
return cert;
}
示例2: makeProxy
import org.globus.gsi.CertUtil; //导入方法依赖的package包/类
private GlobusCredential makeProxy(KeyPair kp, X509Certificate issuerCert) throws GeneralSecurityException {
BouncyCastleCertProcessingFactory factory = BouncyCastleCertProcessingFactory.getDefault();
KeyPair newKeyPair = CertUtil.generateKeyPair(CA_CERT_ALGORITHM, CA_CERT_BITS);
return factory.createCredential(new X509Certificate[] { issuerCert },
kp.getPrivate(), CA_CERT_BITS, (int) (CA_CERT_LIFETIME / 1000), GSIConstants.DELEGATION_FULL,
(X509ExtensionSet) null);
}
示例3: generateNewCredential
import org.globus.gsi.CertUtil; //导入方法依赖的package包/类
private GlobusCredential generateNewCredential(Key key) throws GlobusCredentialException,
InvalidSecurityContextException, GeneralSecurityException {
GlobusCredential src = GlobusCredential.getDefaultCredential();
if (src == null) {
throw new InvalidSecurityContextException("No default credential found");
}
// If only the security stuff in [email protected] would be
// separable from the WS crap
BouncyCastleCertProcessingFactory factory =
BouncyCastleCertProcessingFactory.getDefault();
int delegType = (key.delegationType == Delegation.FULL_DELEGATION ?
GSIConstants.DELEGATION_FULL : GSIConstants.DELEGATION_LIMITED);
KeyPair newKeyPair = CertUtil.generateKeyPair("RSA", src.getStrength());
X509Certificate[] srcChain = src.getCertificateChain();
X509Certificate newCert = null;
try {
newCert = factory.createProxyCertificate(srcChain[0],
src.getPrivateKey(),
newKeyPair.getPublic(), -1,
key.delegationType == Delegation.FULL_DELEGATION ?
GSIConstants.DELEGATION_FULL
: GSIConstants.DELEGATION_LIMITED,
(X509ExtensionSet) null, null);
}
catch (GeneralSecurityException e) {
throw new InvalidSecurityContextException("Delegation failed", e);
}
X509Certificate[] newChain = new X509Certificate[srcChain.length + 1];
newChain[0] = newCert;
System.arraycopy(srcChain, 0, newChain, 1, srcChain.length);
return new GlobusCredential(newKeyPair.getPrivate(), newChain);
}