本文整理匯總了Java中org.bouncycastle.x509.X509V3CertificateGenerator.reset方法的典型用法代碼示例。如果您正苦於以下問題:Java X509V3CertificateGenerator.reset方法的具體用法?Java X509V3CertificateGenerator.reset怎麽用?Java X509V3CertificateGenerator.reset使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類org.bouncycastle.x509.X509V3CertificateGenerator的用法示例。
在下文中一共展示了X509V3CertificateGenerator.reset方法的7個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: makeCertificate
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate makeCertificate(KeyPair _subKP,
String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
throws Exception
{
PublicKey _subPub = _subKP.getPublic();
PrivateKey _issPriv = _issKP.getPrivate();
PublicKey _issPub = _issKP.getPublic();
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.reset();
_v3CertGen.setSerialNumber(allocateSerialNumber());
_v3CertGen.setIssuerDN(new X509Name(_issDN));
_v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
_v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 100)));
_v3CertGen.setSubjectDN(new X509Name(_subDN));
_v3CertGen.setPublicKey(_subPub);
_v3CertGen.setSignatureAlgorithm(algorithm);
_v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
_v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
new BasicConstraints(_ca));
X509Certificate _cert = _v3CertGen.generate(_issPriv);
_cert.checkValidity(new Date());
_cert.verify(_issPub);
return _cert;
}
示例2: generateSelfSignedCertificate
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
private X509Certificate generateSelfSignedCertificate(KeyPair keyPair, String subjectDn, DateTime notBefore,
DateTime notAfter) throws IOException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException,
SignatureException, CertificateException {
PublicKey subjectPublicKey = keyPair.getPublic();
PrivateKey issuerPrivateKey = keyPair.getPrivate();
String signatureAlgorithm = "SHA1WithRSAEncryption";
X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator();
certificateGenerator.reset();
certificateGenerator.setPublicKey(subjectPublicKey);
certificateGenerator.setSignatureAlgorithm(signatureAlgorithm);
certificateGenerator.setNotBefore(notBefore.toDate());
certificateGenerator.setNotAfter(notAfter.toDate());
X509Principal issuerDN = new X509Principal(subjectDn);
certificateGenerator.setIssuerDN(issuerDN);
certificateGenerator.setSubjectDN(new X509Principal(subjectDn));
certificateGenerator.setSerialNumber(new BigInteger(128, new SecureRandom()));
certificateGenerator.addExtension(X509Extensions.SubjectKeyIdentifier, false,
createSubjectKeyId(subjectPublicKey));
PublicKey issuerPublicKey;
issuerPublicKey = subjectPublicKey;
certificateGenerator.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
createAuthorityKeyId(issuerPublicKey));
certificateGenerator.addExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(true));
X509Certificate certificate;
certificate = certificateGenerator.generate(issuerPrivateKey);
/*
* Next certificate factory trick is needed to make sure that the
* certificate delivered to the caller is provided by the default
* security provider instead of BouncyCastle. If we don't do this trick
* we might run into trouble when trying to use the CertPath validator.
*/
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
certificate = (X509Certificate) certificateFactory
.generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
return certificate;
}
示例3: V3X509CertificateGenerator
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public V3X509CertificateGenerator(Date startDate, X509Principal issuerDn, X509Principal subjectDn,
PublicKey publicKey, BigInteger serialNumber) {
X509V3CertificateGenerator gen = new X509V3CertificateGenerator();
gen.reset();
gen.setSignatureAlgorithm(new SystemEnvironment().get(GO_SSL_CERTS_PUBLIC_KEY_ALGORITHM));
gen.setNotBefore(startDate);
DateTime now = new DateTime(new Date());
gen.setNotAfter(now.plusYears(YEARS).toDate());
gen.setIssuerDN(issuerDn);
gen.setSubjectDN(subjectDn);
gen.setPublicKey(publicKey);
gen.setSerialNumber(serialNumber);
this.v3CertGen = gen;
}
示例4: makeCertificate
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
private static X509Certificate makeCertificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN)
throws GeneralSecurityException, IOException
{
PublicKey subPub = subKP.getPublic();
PrivateKey issPriv = issKP.getPrivate();
PublicKey issPub = issKP.getPublic();
X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
v3CertGen.reset();
v3CertGen.setSerialNumber(BigInteger.valueOf(1));
v3CertGen.setIssuerDN(new X509Name(_issDN));
v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)));
v3CertGen.setSubjectDN(new X509Name(_subDN));
v3CertGen.setPublicKey(subPub);
v3CertGen.setSignatureAlgorithm("SHA1WithRSA");
X509Certificate _cert = v3CertGen.generate(issPriv, "SunRsaSign");
_cert.checkValidity(new Date());
_cert.verify(issPub);
return _cert;
}
示例5: createX509V3Certificate
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
/**
* Creates an X509 version3 certificate.
*
* @param kp KeyPair that keeps the public and private keys for the new certificate.
* @param months time to live
* @param issuerDN Issuer string e.g "O=Grid,OU=OGSA,CN=ACME"
* @param subjectDN Subject string e.g "O=Grid,OU=OGSA,CN=John Doe"
* @param domain Domain of the server.
* @param signAlgoritm Signature algorithm. This can be either a name or an OID.
* @return X509 V3 Certificate
* @throws GeneralSecurityException
* @throws IOException
*/
private static synchronized X509Certificate createX509V3Certificate(KeyPair kp, int months, String issuerDN,
String subjectDN, String domain,
String signAlgoritm)
throws GeneralSecurityException, IOException {
PublicKey pubKey = kp.getPublic();
PrivateKey privKey = kp.getPrivate();
byte[] serno = new byte[8];
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed((new Date().getTime()));
random.nextBytes(serno);
BigInteger serial = (new java.math.BigInteger(serno)).abs();
X509V3CertificateGenerator certGenerator = new X509V3CertificateGenerator();
certGenerator.reset();
certGenerator.setSerialNumber(serial);
certGenerator.setIssuerDN(new X509Name(issuerDN));
certGenerator.setNotBefore(new Date(System.currentTimeMillis()));
certGenerator.setNotAfter(
new Date(System.currentTimeMillis() + months * (1000L * 60 * 60 * 24 * 30)));
certGenerator.setSubjectDN(new X509Name(subjectDN));
certGenerator.setPublicKey(pubKey);
certGenerator.setSignatureAlgorithm(signAlgoritm);
// Generate the subject alternative name
boolean critical = subjectDN == null || "".equals(subjectDN.trim());
DERSequence othernameSequence = new DERSequence(new ASN1Encodable[]{
new DERObjectIdentifier("1.3.6.1.5.5.7.8.5"), new DERTaggedObject(true, 0, new DERUTF8String(domain))});
GeneralName othernameGN = new GeneralName(GeneralName.otherName, othernameSequence);
GeneralNames subjectAltNames = new GeneralNames(new DERSequence(new ASN1Encodable[]{othernameGN}));
// Add subject alternative name extension
certGenerator.addExtension(X509Extensions.SubjectAlternativeName, critical, subjectAltNames);
X509Certificate cert =
certGenerator.generateX509Certificate(privKey, "BC", new SecureRandom());
cert.checkValidity(new Date());
cert.verify(pubKey);
return cert;
}
示例6: createX509V3Certificate
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
/**
* Creates an X509 version3 certificate.
*
* @param kp KeyPair that keeps the public and private keys for the new certificate.
* @param months time to live
* @param issuerDN Issuer string e.g "O=Grid,OU=OGSA,CN=ACME"
* @param subjectDN Subject string e.g "O=Grid,OU=OGSA,CN=John Doe"
* @param domain Domain of the server.
* @param signAlgoritm Signature algorithm. This can be either a name or an OID.
* @return X509 V3 Certificate
* @throws GeneralSecurityException
* @throws IOException
*/
private static synchronized X509Certificate createX509V3Certificate(KeyPair kp, int months, String issuerDN,
String subjectDN, String domain,
String signAlgoritm)
throws GeneralSecurityException, IOException {
PublicKey pubKey = kp.getPublic();
PrivateKey privKey = kp.getPrivate();
byte[] serno = new byte[8];
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
random.setSeed((new Date().getTime()));
random.nextBytes(serno);
BigInteger serial = (new java.math.BigInteger(serno)).abs();
X509V3CertificateGenerator certGenerator = new X509V3CertificateGenerator();
certGenerator.reset();
certGenerator.setSerialNumber(serial);
certGenerator.setIssuerDN(new X509Name(issuerDN));
certGenerator.setNotBefore(new Date(System.currentTimeMillis()));
certGenerator.setNotAfter(
new Date(System.currentTimeMillis() + months * (1000L * 60 * 60 * 24 * 30)));
certGenerator.setSubjectDN(new X509Name(subjectDN));
certGenerator.setPublicKey(pubKey);
certGenerator.setSignatureAlgorithm(signAlgoritm);
// Generate the subject alternative name
boolean critical = subjectDN == null || "".equals(subjectDN.trim());
ASN1Sequence othernameSequence = new DERSequence(new ASN1Encodable[]{
new DERObjectIdentifier("1.3.6.1.5.5.7.8.5"), new DERTaggedObject(true, 0, new DERUTF8String(domain))});
GeneralName othernameGN = new GeneralName(GeneralName.otherName, othernameSequence);
GeneralNames subjectAltNames = new GeneralNames(new GeneralName[]{othernameGN});
// Add subject alternative name extension
certGenerator.addExtension(X509Extensions.SubjectAlternativeName, critical, subjectAltNames);
X509Certificate cert =
certGenerator.generateX509Certificate(privKey, "BC", new SecureRandom());
cert.checkValidity(new Date());
cert.verify(pubKey);
return cert;
}
示例7: makeCertificate
import org.bouncycastle.x509.X509V3CertificateGenerator; //導入方法依賴的package包/類
public static X509Certificate makeCertificate(KeyPair _subKP,
String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
throws GeneralSecurityException, IOException
{
PublicKey _subPub = _subKP.getPublic();
PrivateKey _issPriv = _issKP.getPrivate();
PublicKey _issPub = _issKP.getPublic();
X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
_v3CertGen.reset();
_v3CertGen.setSerialNumber(allocateSerialNumber());
_v3CertGen.setIssuerDN(new X509Name(_issDN));
_v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
_v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
+ (1000L * 60 * 60 * 24 * 100)));
_v3CertGen.setSubjectDN(new X509Name(_subDN));
_v3CertGen.setPublicKey(_subPub);
_v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");
_v3CertGen.addExtension(Extension.subjectKeyIdentifier, false,
createSubjectKeyId(_subPub));
_v3CertGen.addExtension(Extension.authorityKeyIdentifier, false,
createAuthorityKeyId(_issPub));
if (_ca)
{
_v3CertGen.addExtension(Extension.basicConstraints, false,
new BasicConstraints(_ca));
}
else
{
_v3CertGen.addExtension(Extension.extendedKeyUsage, true,
new ExtendedKeyUsage(KeyPurposeId.id_kp_timeStamping));
}
X509Certificate _cert = _v3CertGen.generate(_issPriv);
_cert.checkValidity(new Date());
_cert.verify(_issPub);
return _cert;
}