org.bouncycastle.asn1.x509.KeyUsage.<init>()方法的使用及代码示例
本文整理了Java中org.bouncycastle.asn1.x509.KeyUsage.<init>()方法的一些代码示例,展示了KeyUsage.<init>()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyUsage.<init>()方法的具体详情如下:
包路径:org.bouncycastle.asn1.x509.KeyUsage
类名称:KeyUsage
方法名:<init>
KeyUsage.<init>介绍
[英]Basic constructor.
[中]基本构造函数。
代码示例
代码示例来源:origin: jamesdbloom/mockserver
/**
* Create a certificate to use by a Certificate Authority, signed by a self signed certificate.
*/
private X509Certificate createCACert(PublicKey publicKey, PrivateKey privateKey) throws Exception {
// signers name
X500Name issuerName = new X500Name("CN=www.mockserver.com, O=MockServer, L=London, ST=England, C=UK");
// subjects name - the same as we are self signed.
X500Name subjectName = issuerName;
// serial
BigInteger serial = BigInteger.valueOf(new Random().nextInt(Integer.MAX_VALUE));
// create the certificate - version 3
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, publicKey);
builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(publicKey));
builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign);
builder.addExtension(Extension.keyUsage, false, usage);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
X509Certificate cert = signCertificate(builder, privateKey);
cert.checkValidity(new Date());
cert.verify(publicKey);
return cert;
}代码示例来源:origin: apache/zookeeper
Extension.keyUsage,
true,
new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
return buildAndSignCertificate(keyPair.getPrivate(), builder);代码示例来源:origin: apache/zookeeper
private X509Certificate createSelfSignedCertifcate(KeyPair keyPair) throws Exception {
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, HOSTNAME);
BigInteger serialNumber = new BigInteger(128, new Random());
X509v3CertificateBuilder certificateBuilder =
new JcaX509v3CertificateBuilder(nameBuilder.build(), serialNumber, certStartTime, certEndTime,
nameBuilder.build(), keyPair.getPublic())
.addExtension(Extension.basicConstraints, true, new BasicConstraints(0))
.addExtension(Extension.keyUsage, true,
new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
return new JcaX509CertificateConverter().getCertificate(certificateBuilder.build(contentSigner));
}代码示例来源:origin: apache/zookeeper
private X509Certificate[] createSelfSignedCertifcateChain(String ipAddress, String hostname) throws Exception {
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, "NOT_LOCALHOST");
Date notBefore = new Date();
Calendar cal = Calendar.getInstance();
cal.setTime(notBefore);
cal.add(Calendar.YEAR, 1);
Date notAfter = cal.getTime();
BigInteger serialNumber = new BigInteger(128, new Random());
X509v3CertificateBuilder certificateBuilder =
new JcaX509v3CertificateBuilder(nameBuilder.build(), serialNumber, notBefore, notAfter, nameBuilder.build(), keyPair.getPublic())
.addExtension(Extension.basicConstraints, true, new BasicConstraints(0))
.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
List<GeneralName> generalNames = new ArrayList<>();
if (ipAddress != null) {
generalNames.add(new GeneralName(GeneralName.iPAddress, ipAddress));
}
if (hostname != null) {
generalNames.add(new GeneralName(GeneralName.dNSName, hostname));
}
if (!generalNames.isEmpty()) {
certificateBuilder.addExtension(Extension.subjectAlternativeName, true, new GeneralNames(generalNames.toArray(new GeneralName[] {})));
}
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(keyPair.getPrivate());
return new X509Certificate[] { new JcaX509CertificateConverter().getCertificate(certificateBuilder.build(contentSigner)) };
}代码示例来源:origin: apache/zookeeper
builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(false)); // not a CA
builder.addExtension(
Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
builder.addExtension(
Extension.extendedKeyUsage,代码示例来源:origin: apache/nifi
certBuilder.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment
| KeyUsage.keyAgreement | KeyUsage.nonRepudiation | KeyUsage.cRLSign | KeyUsage.keyCertSign));代码示例来源:origin: apache/nifi
new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.keyAgreement | KeyUsage.nonRepudiation));代码示例来源:origin: JZ-Darkal/AndroidHttpCapture
new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign
| KeyUsage.digitalSignature | KeyUsage.keyEncipherment
| KeyUsage.dataEncipherment | KeyUsage.cRLSign);代码示例来源:origin: JZ-Darkal/AndroidHttpCapture
.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(rootCertificatePublicKey))
.addExtension(Extension.basicConstraints, true, new BasicConstraints(true))
.addExtension(Extension.keyUsage, false, new KeyUsage(
KeyUsage.keyCertSign
| KeyUsage.digitalSignature代码示例来源:origin: apache/zookeeper
.addExtension(Extension.basicConstraints, true, new BasicConstraints(false))
.addExtension(Extension.keyUsage, true,
new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));代码示例来源:origin: apache/cloudstack
certBuilder.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign));
} else {代码示例来源:origin: org.wso2.xkms/xkms
private static KeyUsage buildKeyUsage(boolean digitalSigning,
boolean dataEncryption) {
int usage = 0;
if (digitalSigning) {
usage = KeyUsage.digitalSignature;
}
if (dataEncryption) {
usage = usage | KeyUsage.dataEncipherment;
}
return new KeyUsage(usage);
}代码示例来源:origin: hyperledger/fabric-sdk-java
private X509Certificate createSelfSignedCertificate(CertType certType, KeyPair keyPair, String san) throws Exception {
X509v3CertificateBuilder certBuilder = createCertBuilder(keyPair);
// Basic constraints
BasicConstraints constraints = new BasicConstraints(false);
certBuilder.addExtension(
Extension.basicConstraints,
true,
constraints.getEncoded());
// Key usage
KeyUsage usage = new KeyUsage(KeyUsage.keyEncipherment | KeyUsage.digitalSignature);
certBuilder.addExtension(Extension.keyUsage, false, usage.getEncoded());
// Extended key usage
certBuilder.addExtension(
Extension.extendedKeyUsage,
false,
certType.keyUsage().getEncoded());
if (san != null) {
addSAN(certBuilder, san);
}
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm)
.build(keyPair.getPrivate());
X509CertificateHolder holder = certBuilder.build(signer);
JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
converter.setProvider(new BouncyCastleProvider());
return converter.getCertificate(holder);
}代码示例来源:origin: puppetlabs/certificate-authority
private static KeyUsage setToKeyUsage(Set<String> flags) {
int usageBitString = 0;
for (String key: flags) {
Integer flagBit = keyUsageFlags.get(key);
if (flagBit == null) {
throw new IllegalArgumentException(
"The provided usage key does not exist: '" + key + "'");
}
usageBitString |= flagBit;
}
return new KeyUsage(usageBitString);
}代码示例来源:origin: puppetlabs/ssl-utils
private static KeyUsage setToKeyUsage(Set<String> flags) {
int usageBitString = 0;
for (String key: flags) {
Integer flagBit = keyUsageFlags.get(key);
if (flagBit == null) {
throw new IllegalArgumentException(
"The provided usage key does not exist: '" + key + "'");
}
usageBitString |= flagBit;
}
return new KeyUsage(usageBitString);
}代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
public ASN1Primitive toASN1Primitive()
{
return new KeyUsage(usage).toASN1Primitive();
}
}代码示例来源:origin: org.xipki/security
public static org.bouncycastle.asn1.x509.KeyUsage createKeyUsage(Set<KeyUsage> usages) {
if (CollectionUtil.isEmpty(usages)) {
return null;
}
int usage = 0;
for (KeyUsage keyUsage : usages) {
usage |= keyUsage.getBcUsage();
}
return new org.bouncycastle.asn1.x509.KeyUsage(usage);
}代码示例来源:origin: org.xipki.tk/security
public static org.bouncycastle.asn1.x509.KeyUsage createKeyUsage(final Set<KeyUsage> usages) {
if (CollectionUtil.isEmpty(usages)) {
return null;
}
int usage = 0;
for (KeyUsage keyUsage : usages) {
usage |= keyUsage.bcUsage();
}
return new org.bouncycastle.asn1.x509.KeyUsage(usage);
}代码示例来源:origin: vmware/admiral
private static List<ExtensionHolder> getClientExtensions() {
List<ExtensionHolder> extensions = new ArrayList<>();
extensions.add(new ExtensionHolder(Extension.basicConstraints, true,
new BasicConstraints(false)));
extensions.add(new ExtensionHolder(Extension.keyUsage, true,
new KeyUsage(KeyUsage.digitalSignature)));
extensions.add(new ExtensionHolder(Extension.extendedKeyUsage, true,
new ExtendedKeyUsage(KeyPurposeId.id_kp_clientAuth)));
return extensions;
}代码示例来源:origin: kaikramer/keystore-explorer
private void addKeyUsage(X509ExtensionSet extensionSet, int usage) throws IOException {
KeyUsage ku = new KeyUsage(usage);
byte[] kuEncoded = wrapInOctetString(ku.getEncoded());
extensionSet.addExtension(X509ExtensionType.KEY_USAGE.oid(), false, kuEncoded);
}内容来源于网络,如有侵权,请联系作者删除!
