当前位置: 首页>>代码示例>>Java>>正文

Java X509v3CertificateBuilder.addExtension方法代码示例

本文整理汇总了Java中org.spongycastle.cert.X509v3CertificateBuilder.addExtension方法的典型用法代码示例。如果您正苦于以下问题:Java X509v3CertificateBuilder.addExtension方法的具体用法?Java X509v3CertificateBuilder.addExtension怎么用?Java X509v3CertificateBuilder.addExtension使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在org.spongycastle.cert.X509v3CertificateBuilder的用法示例。


在下文中一共展示了X509v3CertificateBuilder.addExtension方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: generateSelfSignedCertChain

import org.spongycastle.cert.X509v3CertificateBuilder; //导入方法依赖的package包/类
private Certificate generateSelfSignedCertChain(KeyPair kp, X500Name subject, String hostname)
        throws CertificateException, OperatorCreationException, IOException {
    SecureRandom rand = new SecureRandom();
    PrivateKey privKey = kp.getPrivate();
    PublicKey pubKey = kp.getPublic();
    ContentSigner sigGen = new JcaContentSignerBuilder(DEFAULT_SIG_ALG).build(privKey);

    SubjectPublicKeyInfo subPubKeyInfo = new SubjectPublicKeyInfo(
            ASN1Sequence.getInstance(pubKey.getEncoded()));

    Date now = new Date(); // now

    /* force it to use a English/Gregorian dates for the cert, hardly anyone
       ever looks at the cert metadata anyway, and its very likely that they
       understand English/Gregorian dates */
    Calendar c = new GregorianCalendar(Locale.ENGLISH);
    c.setTime(now);
    c.add(Calendar.YEAR, 1);
    Time startTime = new Time(now, Locale.ENGLISH);
    Time endTime = new Time(c.getTime(), Locale.ENGLISH);

    X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(
            subject,
            BigInteger.valueOf(rand.nextLong()),
            startTime,
            endTime,
            subject,
            subPubKeyInfo);

    if (hostname != null) {
        GeneralNames subjectAltName = new GeneralNames(
                new GeneralName(GeneralName.iPAddress, hostname));
        v3CertGen.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
    }

    X509CertificateHolder certHolder = v3CertGen.build(sigGen);
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}
开发者ID:f-droid,项目名称:fdroidclient,代码行数:39,代码来源:LocalRepoKeyStore.java

示例2: generateSignedCertificate

import org.spongycastle.cert.X509v3CertificateBuilder; //导入方法依赖的package包/类
public static X509Certificate generateSignedCertificate(X509Certificate caCertificate, PrivateKey caPrivateKey, PublicKey publicKey, String CN) 
		throws NoSuchAlgorithmException, OperatorCreationException, CertificateException, 
		KeyStoreException, UnrecoverableKeyException, IOException, 
		InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException, 
		InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, 
		BadPaddingException {

	X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);

	builder.addRDN(BCStyle.CN, CN);

	// We want this root certificate to be valid for one year
	Calendar calendar = Calendar.getInstance();
	calendar.add(Calendar.YEAR, 1);

	ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(caPrivateKey);
	X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
			caCertificate, 
			new BigInteger(80, new Random()), 
			new Date(System.currentTimeMillis() - 50000),
			calendar.getTime(),
			new X500Principal(builder.build().getEncoded()),
			publicKey);

	// Those are the extensions needed for the certificate to be a leaf certificate that authenticates a SSL server
	certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(X509KeyUsage.keyEncipherment));
	certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new DERSequence(KeyPurposeId.id_kp_serverAuth));

	X509CertificateHolder certificateHolder = certGen.build(sigGen);
	X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);

	return certificate;

}
开发者ID:ghazi94,项目名称:Android_CCTV,代码行数:35,代码来源:ModSSL.java

示例3: generateRootCertificate

import org.spongycastle.cert.X509v3CertificateBuilder; //导入方法依赖的package包/类
public static X509Certificate generateRootCertificate(KeyPair keys, String CN) 
		throws NoSuchAlgorithmException, OperatorCreationException, CertificateException, 
		KeyStoreException, UnrecoverableKeyException, IOException, 
		InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException, 
		InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException, 
		BadPaddingException {

	X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);

	builder.addRDN(BCStyle.CN, CN);

	// We want this root certificate to be valid for one year 
	Calendar calendar = Calendar.getInstance();
	calendar.add( Calendar.YEAR, 1 );

	ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(keys.getPrivate());
	X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
			builder.build(), 
			new BigInteger(80, new Random()), 
			new Date(System.currentTimeMillis() - 50000),
			calendar.getTime(),
			builder.build(),
			keys.getPublic());

	// Those are the extensions needed for a CA certificate
	certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true));
	certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(X509KeyUsage.digitalSignature));
	certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth));

	X509CertificateHolder certificateHolder = certGen.build(sigGen);

	X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);

	return certificate;

}
开发者ID:ghazi94,项目名称:Android_CCTV,代码行数:37,代码来源:ModSSL.java

示例4: generateSelfSignedCertChain

import org.spongycastle.cert.X509v3CertificateBuilder; //导入方法依赖的package包/类
private Certificate generateSelfSignedCertChain(KeyPair kp, X500Name subject, String hostname)
        throws CertificateException, OperatorCreationException, IOException {
    SecureRandom rand = new SecureRandom();
    PrivateKey privKey = kp.getPrivate();
    PublicKey pubKey = kp.getPublic();
    ContentSigner sigGen = new JcaContentSignerBuilder(DEFAULT_SIG_ALG).build(privKey);

    SubjectPublicKeyInfo subPubKeyInfo = new SubjectPublicKeyInfo(
            ASN1Sequence.getInstance(pubKey.getEncoded()));

    Date startDate = new Date(); // now

    Calendar c = Calendar.getInstance();
    c.setTime(startDate);
    c.add(Calendar.YEAR, 1);
    Date endDate = c.getTime();

    X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(
            subject,
            BigInteger.valueOf(rand.nextLong()),
            startDate, endDate,
            subject,
            subPubKeyInfo);

    if (hostname != null) {
        GeneralNames subjectAltName = new GeneralNames(
                new GeneralName(GeneralName.iPAddress, hostname));
        v3CertGen.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
    }

    X509CertificateHolder certHolder = v3CertGen.build(sigGen);
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}
开发者ID:princeofgiri,项目名称:f-droid,代码行数:34,代码来源:LocalRepoKeyStore.java


注:本文中的org.spongycastle.cert.X509v3CertificateBuilder.addExtension方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。