本文整理匯總了Java中org.bouncycastle.asn1.x500.X500NameBuilder.build方法的典型用法代碼示例。如果您正苦於以下問題:Java X500NameBuilder.build方法的具體用法?Java X500NameBuilder.build怎麽用?Java X500NameBuilder.build使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類org.bouncycastle.asn1.x500.X500NameBuilder的用法示例。
在下文中一共展示了X500NameBuilder.build方法的15個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: buildName
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
static X500Name buildName(String commonName, String organization, String organizationUnit, String locality,
String state, String country) {
X500NameBuilder nameBuilder = new X500NameBuilder();
if (!commonName.isEmpty()) {
nameBuilder.addRDN(BCStyle.CN, commonName);
}
if (!organizationUnit.isEmpty()) {
nameBuilder.addRDN(BCStyle.OU, organizationUnit);
}
if (!organization.isEmpty()) {
nameBuilder.addRDN(BCStyle.O, organization);
}
if (!locality.isEmpty()) {
nameBuilder.addRDN(BCStyle.L, locality);
}
if (!state.isEmpty()) {
nameBuilder.addRDN(BCStyle.ST, state);
}
if (!country.isEmpty()) {
nameBuilder.addRDN(BCStyle.C, country);
}
return nameBuilder.build();
}
示例2: createCertificateBuilder
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
private X509v3CertificateBuilder createCertificateBuilder(KeyPair keyPair) throws PropertyConfigurationException, CertIOException {
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, propertyConfigurationService.getConfigValue(CERT_COMMON_NAME_PROPERTY));
nameBuilder.addRDN(BCStyle.O, propertyConfigurationService.getConfigValue(CERT_ORGANISATION_PROPERTY));
nameBuilder.addRDN(BCStyle.OU, propertyConfigurationService.getConfigValue(CERT_ORGANISATIONAL_UNIT_PROPERTY));
nameBuilder.addRDN(BCStyle.C, propertyConfigurationService.getConfigValue(CERT_COUNTRY_PROPERTY));
X500Name x500Name = nameBuilder.build();
BigInteger serial = new BigInteger(CERT_SERIAL_NUMBER_BIT_SIZE, SecureRandomFactory.createPRNG());
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
Date startDate = new Date();
Date endDate = Date.from(startDate.toInstant().plus(propertyConfigurationService.getConfigValueAsInt(CERT_VALIDITY_DAYS_PROPERTY), ChronoUnit.DAYS));
X509v3CertificateBuilder certificateBuilder = new X509v3CertificateBuilder(x500Name, serial, startDate, endDate, x500Name, publicKeyInfo);
String certFriendlyName = propertyConfigurationService.getConfigValue(CERT_PRIVATE_FRIENDLY_NAME_PROPERTY);
certificateBuilder.addExtension(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, false, new DERBMPString(certFriendlyName));
return certificateBuilder;
}
示例3: x500Name
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
public X500Name x500Name() throws IOException {
if(name==null) {
X500NameBuilder xnb = new X500NameBuilder();
xnb.addRDN(BCStyle.CN,cn);
xnb.addRDN(BCStyle.E,email);
if(environment==null) {
xnb.addRDN(BCStyle.OU,mechID);
} else {
xnb.addRDN(BCStyle.OU,mechID+':'+environment);
}
xnb.addRDN(BCStyle.O,o);
xnb.addRDN(BCStyle.L,l);
xnb.addRDN(BCStyle.ST,st);
xnb.addRDN(BCStyle.C,c);
name = xnb.build();
}
return name;
}
示例4: generateCSR
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
public static PKCS10CertificationRequest generateCSR(String[] commonNames, KeyPair pair) throws OperatorCreationException, IOException {
X500NameBuilder namebuilder = new X500NameBuilder(X500Name.getDefaultStyle());
namebuilder.addRDN(BCStyle.CN, commonNames[0]);
List<GeneralName> subjectAltNames = new ArrayList<>(commonNames.length);
for (String cn:commonNames)
subjectAltNames.add(new GeneralName(GeneralName.dNSName, cn));
GeneralNames subjectAltName = new GeneralNames(subjectAltNames.toArray(new GeneralName[0]));
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName.toASN1Primitive());
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(namebuilder.build(), pair.getPublic());
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder("SHA256withRSA");
ContentSigner signer = csBuilder.build(pair.getPrivate());
PKCS10CertificationRequest request = p10Builder.build(signer);
return request;
}
示例5: generateCertSignRequest
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
/**
* This method creates the PKCS10 Certificate Sign Request which is to be sent to the SCEP Server using the
* generated PublicKey of the client. The certificate parameters used here are the ones from the AgentManager
* which are the values read from the configurations file.
*
* @return the PKCS10CertificationRequest object created using the client specific configs and the generated
* PublicKey
* @throws AgentCoreOperationException if an error occurs when creating a content signer to sign the CSR.
*/
private PKCS10CertificationRequest generateCertSignRequest() throws AgentCoreOperationException {
// Build the CN for the cert we are requesting.
X500NameBuilder nameBld = new X500NameBuilder(BCStyle.INSTANCE);
nameBld.addRDN(BCStyle.CN, AgentManager.getInstance().getAgentConfigs().getDeviceName());
nameBld.addRDN(BCStyle.O, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
nameBld.addRDN(BCStyle.OU, AgentManager.getInstance().getAgentConfigs().getDeviceOwner());
nameBld.addRDN(BCStyle.UNIQUE_IDENTIFIER, AgentManager.getInstance().getAgentConfigs().getDeviceId());
X500Name principal = nameBld.build();
JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder(SIGNATURE_ALG).setProvider(PROVIDER);
ContentSigner contentSigner;
try {
contentSigner = contentSignerBuilder.build(this.privateKey);
} catch (OperatorCreationException e) {
String errorMsg = "Could not create content signer with private key.";
log.error(errorMsg);
throw new AgentCoreOperationException(errorMsg, e);
}
// Generate the certificate signing request (csr = PKCS10)
PKCS10CertificationRequestBuilder reqBuilder = new JcaPKCS10CertificationRequestBuilder(principal,
this.publicKey);
return reqBuilder.build(contentSigner);
}
示例6: generateKey
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
private Pair<Key, X509Certificate> generateKey(String name)
throws GeneralSecurityException, OperatorCreationException {
logger.debug("generating self-signed cert for {}", name);
BouncyCastleProvider provider = new BouncyCastleProvider();
Security.addProvider(provider);
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", provider);
kpGen.initialize(1024, new SecureRandom());
KeyPair pair = kpGen.generateKeyPair();
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.OU, "None");
builder.addRDN(BCStyle.O, "None");
builder.addRDN(BCStyle.CN, name);
Instant now = Instant.now();
Date notBefore = Date.from(now);
Date notAfter = Date.from(now.plus(365, ChronoUnit.DAYS));
BigInteger serial = BigInteger.valueOf(now.getEpochSecond());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), serial, notBefore, notAfter,
builder.build(), pair.getPublic());
ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption")
.setProvider(provider)
.build(pair.getPrivate());
X509Certificate cert = new JcaX509CertificateConverter()
.setProvider(provider)
.getCertificate(certGen.build(sigGen));
return Pair.of(pair.getPrivate(), cert);
}
示例7: generationTest
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
private void generationTest(int keySize, String keyName, String sigName, String provider)
throws Exception
{
KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyName, "BC");
kpg.initialize(keySize);
KeyPair kp = kpg.genKeyPair();
X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);
x500NameBld.addRDN(BCStyle.C, "AU");
x500NameBld.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
x500NameBld.addRDN(BCStyle.L, "Melbourne");
x500NameBld.addRDN(BCStyle.ST, "Victoria");
x500NameBld.addRDN(BCStyle.EmailAddress, "[email protected]");
X500Name subject = x500NameBld.build();
PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, kp.getPublic());
PKCS10CertificationRequest req1 = requestBuilder.build(new JcaContentSignerBuilder(sigName).setProvider(provider).build(kp.getPrivate()));
JcaPKCS10CertificationRequest req2 = new JcaPKCS10CertificationRequest(req1.getEncoded()).setProvider(provider);
if (!req2.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(provider).build(kp.getPublic())))
{
fail(sigName + ": Failed verify check.");
}
if (!Arrays.areEqual(req2.getPublicKey().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
{
fail(keyName + ": Failed public key check.");
}
}
示例8: createEntryValue
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
private ASN1Encodable createEntryValue(ASN1ObjectIdentifier oid, String value)
{
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(oid, value);
X500Name name = builder.build();
ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive());
seq = (ASN1Sequence)set.getObjectAt(0);
return seq.getObjectAt(1);
}
示例9: createRootCertificate
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
public static KeyStore createRootCertificate(Authority authority, String keyStoreType)
throws NoSuchAlgorithmException, NoSuchProviderException, CertIOException, IOException,
OperatorCreationException, CertificateException, KeyStoreException {
KeyPair keyPair = generateKeyPair(ROOT_KEYSIZE);
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, authority.commonName());
nameBuilder.addRDN(BCStyle.O, authority.organization());
nameBuilder.addRDN(BCStyle.OU, authority.organizationalUnitName());
X500Name issuer = nameBuilder.build();
BigInteger serial = BigInteger.valueOf(initRandomSerial());
X500Name subject = issuer;
PublicKey pubKey = keyPair.getPublic();
X509v3CertificateBuilder generator = new JcaX509v3CertificateBuilder(issuer, serial, NOT_BEFORE, NOT_AFTER,
subject, pubKey);
generator.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(pubKey));
generator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment
| KeyUsage.dataEncipherment | KeyUsage.cRLSign);
generator.addExtension(Extension.keyUsage, false, usage);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
generator.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
X509Certificate cert = signCertificate(generator, keyPair.getPrivate());
KeyStore result = KeyStore.getInstance(keyStoreType/* , PROVIDER_NAME */);
result.load(null, null);
result.setKeyEntry(authority.alias(), keyPair.getPrivate(), authority.password(), new Certificate[] { cert });
return result;
}
示例10: createServerCertificate
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
public static KeyStore createServerCertificate(String commonName,
SubjectAlternativeNameHolder subjectAlternativeNames, Authority authority, Certificate caCert,
PrivateKey caPrivKey)
throws NoSuchAlgorithmException, NoSuchProviderException, IOException, OperatorCreationException,
CertificateException, InvalidKeyException, SignatureException, KeyStoreException {
KeyPair keyPair = generateKeyPair(FAKE_KEYSIZE);
X500Name issuer = new X509CertificateHolder(caCert.getEncoded()).getSubject();
BigInteger serial = BigInteger.valueOf(initRandomSerial());
X500NameBuilder name = new X500NameBuilder(BCStyle.INSTANCE);
name.addRDN(BCStyle.CN, commonName);
name.addRDN(BCStyle.O, authority.certOrganisation());
name.addRDN(BCStyle.OU, authority.certOrganizationalUnitName());
X500Name subject = name.build();
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuer, serial, NOT_BEFORE, NOT_AFTER,
subject, keyPair.getPublic());
builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(keyPair.getPublic()));
builder.addExtension(Extension.basicConstraints, false, new BasicConstraints(false));
subjectAlternativeNames.fillInto(builder);
X509Certificate cert = signCertificate(builder, caPrivKey);
cert.checkValidity(new Date());
cert.verify(caCert.getPublicKey());
KeyStore result = KeyStore.getInstance("PKCS12"
/* , PROVIDER_NAME */);
result.load(null, null);
Certificate[] chain = { cert, caCert };
result.setKeyEntry(authority.alias(), keyPair.getPrivate(), authority.password(), chain);
return result;
}
示例11: initializeKeyStore
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
public void initializeKeyStore() throws GeneralSecurityException, IOException {
KeyPair keyPair = generateKeyPair(1024);
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, commonName);
nameBuilder.addRDN(BCStyle.O, organization);
nameBuilder.addRDN(BCStyle.OU, organizationalUnitName);
X500Name issuer = nameBuilder.build();
BigInteger serial = BigInteger.valueOf(initRandomSerial());
X500Name subject = issuer;
PublicKey pubKey = keyPair.getPublic();
X509v3CertificateBuilder generator = new JcaX509v3CertificateBuilder(issuer, serial, NOT_BEFORE, NOT_AFTER,
subject, pubKey);
generator.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(pubKey));
generator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment
| KeyUsage.dataEncipherment | KeyUsage.cRLSign);
generator.addExtension(Extension.keyUsage, false, usage);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
generator.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
X509Certificate cert = signCertificate(generator, keyPair.getPrivate());
KeyStore keystore = KeyStore.getInstance(KEY_STORE_TYPE);
keystore.load(null, null);
keystore.setKeyEntry(alias, keyPair.getPrivate(), password, new Certificate[] { cert });
try (OutputStream os = new FileOutputStream(aliasFile(KEY_STORE_FILE_EXTENSION))) {
keystore.store(os, password);
}
exportPem(aliasFile(".pem"), cert);
}
示例12: createX500NameForCertificate
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
/**
* Creates an X500Name based on the specified certificateInfo.
*
* @param certificateInfo information to populate the X500Name with
* @return a new X500Name object for use as a subject or issuer
*/
private static X500Name createX500NameForCertificate(CertificateInfo certificateInfo) {
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
if (certificateInfo.getCommonName() != null) {
x500NameBuilder.addRDN(BCStyle.CN, certificateInfo.getCommonName());
}
if (certificateInfo.getOrganization() != null) {
x500NameBuilder.addRDN(BCStyle.O, certificateInfo.getOrganization());
}
if (certificateInfo.getOrganizationalUnit() != null) {
x500NameBuilder.addRDN(BCStyle.OU, certificateInfo.getOrganizationalUnit());
}
if (certificateInfo.getEmail() != null) {
x500NameBuilder.addRDN(BCStyle.E, certificateInfo.getEmail());
}
if (certificateInfo.getLocality() != null) {
x500NameBuilder.addRDN(BCStyle.L, certificateInfo.getLocality());
}
if (certificateInfo.getState() != null) {
x500NameBuilder.addRDN(BCStyle.ST, certificateInfo.getState());
}
if (certificateInfo.getCountryCode() != null) {
x500NameBuilder.addRDN(BCStyle.C, certificateInfo.getCountryCode());
}
// TODO: Add more X.509 certificate fields as needed
return x500NameBuilder.build();
}
示例13: createRootCert
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
private static JcaX509v3CertificateBuilder createRootCert(KeyPair keypair) throws Exception {
X500NameBuilder ib = new X500NameBuilder(RFC4519Style.INSTANCE);
ib.addRDN(RFC4519Style.c, "AQ");
ib.addRDN(RFC4519Style.o, "Test");
ib.addRDN(RFC4519Style.l, "Vostok Station");
ib.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "[email protected]");
X500Name issuer = ib.build();
return createCert(keypair, issuer, issuer);
}
示例14: getSubject
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
protected X500Name getSubject(String commonName) {
X500NameBuilder x500NameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
x500NameBuilder.addRDN(BCStyle.CN, commonName);
x500NameBuilder.addRDN(BCStyle.O, _certificateAuthority.getOrganization());
x500NameBuilder.addRDN(BCStyle.OU, _certificateAuthority.getOrganizationalUnit());
return x500NameBuilder.build();
}
示例15: buildX500Name
import org.bouncycastle.asn1.x500.X500NameBuilder; //導入方法依賴的package包/類
/**
* Creates an X500Name object from the given components.
*
* @param commonName
* @param organisationUnit
* @param organisationName
* @param localityName
* @param stateName
* @param countryCode
* @param emailAddress
* @return X500Name object from the given components
*/
public static X500Name buildX500Name(String commonName, String organisationUnit, String organisationName,
String localityName, String stateName, String countryCode, String emailAddress) {
X500NameBuilder x500NameBuilder = new X500NameBuilder(KseX500NameStyle.INSTANCE);
if (emailAddress != null) {
x500NameBuilder.addRDN(BCStyle.E, emailAddress);
}
if (countryCode != null) {
x500NameBuilder.addRDN(BCStyle.C, countryCode);
}
if (stateName != null) {
x500NameBuilder.addRDN(BCStyle.ST, stateName);
}
if (localityName != null) {
x500NameBuilder.addRDN(BCStyle.L, localityName);
}
if (organisationName != null) {
x500NameBuilder.addRDN(BCStyle.O, organisationName);
}
if (organisationUnit != null) {
x500NameBuilder.addRDN(BCStyle.OU, organisationUnit);
}
if (commonName != null) {
x500NameBuilder.addRDN(BCStyle.CN, commonName);
}
return x500NameBuilder.build();
}