org.bouncycastle.asn1.x500.X500Name.<init>()方法的使用及代码示例

x33g5p2x  于2022-02-02 转载在 其他  
字(12.4k)|赞(0)|评价(0)|浏览(243)

本文整理了Java中org.bouncycastle.asn1.x500.X500Name.<init>()方法的一些代码示例,展示了X500Name.<init>()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。X500Name.<init>()方法的具体详情如下:
包路径:org.bouncycastle.asn1.x500.X500Name
类名称:X500Name
方法名:<init>

X500Name.<init>介绍

[英]Constructor from ASN1Sequence the principal will be a list of constructed sets, each containing an (OID, String) pair.
[中]ASN1Sequence中的构造函数主体将是一个构造集列表,每个集合包含一对(OID,String)。

代码示例

代码示例来源:origin: apache/nifi

/**
 * Reverses the X500Name in order make the certificate be in the right order
 * [see http://stackoverflow.com/questions/7567837/attributes-reversed-in-certificate-subject-and-issuer/12645265]
 *
 * @param x500Name the X500Name created with the intended order
 * @return the X500Name reversed
 */
private static X500Name reverseX500Name(X500Name x500Name) {
  List<RDN> rdns = Arrays.asList(x500Name.getRDNs());
  Collections.reverse(rdns);
  return new X500Name(rdns.toArray(new RDN[rdns.size()]));
}

代码示例来源:origin: redisson/redisson

static String[] generate(String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter)
    throws Exception {
  PrivateKey key = keypair.getPrivate();
  // Prepare the information required for generating an X.509 certificate.
  X500Name owner = new X500Name("CN=" + fqdn);
  X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(
      owner, new BigInteger(64, random), notBefore, notAfter, owner, keypair.getPublic());
  ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(key);
  X509CertificateHolder certHolder = builder.build(signer);
  X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(certHolder);
  cert.verify(keypair.getPublic());
  return newSelfSignedCertificate(fqdn, key, cert);
}

代码示例来源:origin: apache/nifi

RDN[] rdNs = new X500Name(dn).getRDNs();
Arrays.sort(rdNs, new Comparator<RDN>() {
  @Override
return new X500Name(rdNs).toString();

代码示例来源:origin: wildfly/wildfly

static String[] generate(String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter)
    throws Exception {
  PrivateKey key = keypair.getPrivate();
  // Prepare the information required for generating an X.509 certificate.
  X500Name owner = new X500Name("CN=" + fqdn);
  X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(
      owner, new BigInteger(64, random), notBefore, notAfter, owner, keypair.getPublic());
  ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(key);
  X509CertificateHolder certHolder = builder.build(signer);
  X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(certHolder);
  cert.verify(keypair.getPublic());
  return newSelfSignedCertificate(fqdn, key, cert);
}

代码示例来源:origin: stackoverflow.com

new X500Name("CN=issuer"), new BigInteger("1"), new Date(
    System.currentTimeMillis()), new Date(
    System.currentTimeMillis() + 30 * 365 * 24 * 60 * 60

代码示例来源:origin: io.netty/netty

static String[] generate(String fqdn, KeyPair keypair, SecureRandom random) throws Exception {
  PrivateKey key = keypair.getPrivate();
  // Prepare the information required for generating an X.509 certificate.
  X500Name owner = new X500Name("CN=" + fqdn);
  X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(
      owner, new BigInteger(64, random), NOT_BEFORE, NOT_AFTER, owner, keypair.getPublic());
  ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(key);
  X509CertificateHolder certHolder = builder.build(signer);
  X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(certHolder);
  cert.verify(keypair.getPublic());
  return newSelfSignedCertificate(fqdn, key, cert);
}

代码示例来源:origin: apache/nifi

public static JcaPKCS10CertificationRequest generateCertificationRequest(String requestedDn, String domainAlternativeNames,
                                     KeyPair keyPair, String signingAlgorithm) throws OperatorCreationException {
  JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name(requestedDn), keyPair.getPublic());
  // add Subject Alternative Name(s)
  try {
    jcaPKCS10CertificationRequestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, createDomainAlternativeNamesExtensions(domainAlternativeNames, requestedDn));
  } catch (IOException e) {
    throw new OperatorCreationException("Error while adding " + domainAlternativeNames + " as Subject Alternative Name.", e);
  }
  JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(signingAlgorithm);
  return new JcaPKCS10CertificationRequest(jcaPKCS10CertificationRequestBuilder.build(jcaContentSignerBuilder.build(keyPair.getPrivate())));
}

代码示例来源:origin: neo4j/neo4j

public void createSelfSignedCertificate( File certificatePath, File privateKeyPath, String hostName )
    throws GeneralSecurityException, IOException, OperatorCreationException
{
  installCleanupHook( certificatePath, privateKeyPath );
  KeyPairGenerator keyGen = KeyPairGenerator.getInstance( DEFAULT_ENCRYPTION );
  keyGen.initialize( 2048, random );
  KeyPair keypair = keyGen.generateKeyPair();
  // Prepare the information required for generating an X.509 certificate.
  X500Name owner = new X500Name( "CN=" + hostName );
  X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(
      owner, new BigInteger( 64, random ), NOT_BEFORE, NOT_AFTER, owner, keypair.getPublic() );
  // Subject alternative name (part of SNI extension, used for hostname verification)
  GeneralNames subjectAlternativeName = new GeneralNames( new GeneralName( GeneralName.dNSName, hostName ) );
  builder.addExtension( Extension.subjectAlternativeName, false, subjectAlternativeName );
  PrivateKey privateKey = keypair.getPrivate();
  ContentSigner signer = new JcaContentSignerBuilder( "SHA512WithRSAEncryption" ).build( privateKey );
  X509CertificateHolder certHolder = builder.build( signer );
  X509Certificate cert = new JcaX509CertificateConverter().setProvider( PROVIDER ).getCertificate( certHolder );
  //check so that cert is valid
  cert.verify( keypair.getPublic() );
  //write to disk
  writePem( "CERTIFICATE", cert.getEncoded(), certificatePath );
  writePem( "PRIVATE KEY", privateKey.getEncoded(), privateKeyPath );
  // Mark as done so we don't clean up certificates
  cleanupRequired = false;
}

代码示例来源:origin: apache/nifi

public static Extensions createDomainAlternativeNamesExtensions(String domainAlternativeNames, String requestedDn) throws IOException {
  List<GeneralName> namesList = new ArrayList<>();
  try {
    final String cn = IETFUtils.valueToString(new X500Name(requestedDn).getRDNs(BCStyle.CN)[0].getFirst().getValue());
    namesList.add(new GeneralName(GeneralName.dNSName, cn));
  } catch (Exception e) {
    throw new IOException("Failed to extract CN from request DN: " + requestedDn, e);
  }
  if (StringUtils.isNotBlank(domainAlternativeNames)) {
    for (String alternativeName : domainAlternativeNames.split(",")) {
      namesList.add(new GeneralName(GeneralName.dNSName, alternativeName));
    }
  }
  GeneralNames subjectAltNames = new GeneralNames(namesList.toArray(new GeneralName[]{}));
  ExtensionsGenerator extGen = new ExtensionsGenerator();
  extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
  return extGen.generate();
}

代码示例来源:origin: apache/geode

ContentSigner sigGen =
  new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
X500Name name = new X500Name(dn);
Date from = new Date();
Date to = new Date(from.getTime() + days * 86400000L);

代码示例来源:origin: jamesdbloom/mockserver

X500Name subject = new X500Name("CN=" + domain + ", O=MockServer, L=London, ST=England, C=UK");

代码示例来源:origin: apache/nifi

reverseX500Name(new X500Name(dn)),
getUniqueSerialNumber(),
startDate, endDate,
reverseX500Name(new X500Name(dn)),
subPubKeyInfo);

代码示例来源:origin: apache/kafka

public X509Certificate generate(String dn, KeyPair keyPair) throws CertificateException {
    try {
      Security.addProvider(new BouncyCastleProvider());
      AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find(algorithm);
      AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
      AsymmetricKeyParameter privateKeyAsymKeyParam = PrivateKeyFactory.createKey(keyPair.getPrivate().getEncoded());
      SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
      ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privateKeyAsymKeyParam);
      X500Name name = new X500Name(dn);
      Date from = new Date();
      Date to = new Date(from.getTime() + days * 86400000L);
      BigInteger sn = new BigInteger(64, new SecureRandom());
      X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(name, sn, from, to, name, subPubKeyInfo);
      if (subjectAltName != null)
        v3CertGen.addExtension(Extension.subjectAlternativeName, false, subjectAltName);
      X509CertificateHolder certificateHolder = v3CertGen.build(sigGen);
      return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificateHolder);
    } catch (CertificateException ce) {
      throw ce;
    } catch (Exception e) {
      throw new CertificateException(e);
    }
  }
}

代码示例来源:origin: jamesdbloom/mockserver

/**
 * Create a certificate to use by a Certificate Authority, signed by a self signed certificate.
 */
private X509Certificate createCACert(PublicKey publicKey, PrivateKey privateKey) throws Exception {
  // signers name
  X500Name issuerName = new X500Name("CN=www.mockserver.com, O=MockServer, L=London, ST=England, C=UK");
  // subjects name - the same as we are self signed.
  X500Name subjectName = issuerName;
  // serial
  BigInteger serial = BigInteger.valueOf(new Random().nextInt(Integer.MAX_VALUE));
  // create the certificate - version 3
  X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, publicKey);
  builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(publicKey));
  builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
  KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign);
  builder.addExtension(Extension.keyUsage, false, usage);
  ASN1EncodableVector purposes = new ASN1EncodableVector();
  purposes.add(KeyPurposeId.id_kp_serverAuth);
  purposes.add(KeyPurposeId.id_kp_clientAuth);
  purposes.add(KeyPurposeId.anyExtendedKeyUsage);
  builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
  X509Certificate cert = signCertificate(builder, privateKey);
  cert.checkValidity(new Date());
  cert.verify(publicKey);
  return cert;
}

代码示例来源:origin: apache/nifi

reverseX500Name(new X500Name(issuer.getSubjectX500Principal().getName())),
getUniqueSerialNumber(),
startDate, endDate,
reverseX500Name(new X500Name(dn)),
subPubKeyInfo);

代码示例来源:origin: apache/zookeeper

new X500Name(caCert.getIssuerDN().getName()),
now,
new Date(now.getTime() + expirationMillis),

代码示例来源:origin: apache/zookeeper

X509v3CertificateBuilder certificateBuilder =
    new JcaX509v3CertificateBuilder(holder.getSubject(), new BigInteger(128, new Random()),
      certStartTime, certEndTime, new X500Name("CN=Test End Entity Certificate"), keyPair.getPublic())
    .addExtension(Extension.authorityKeyIdentifier, false,
        extensionUtils.createAuthorityKeyIdentifier(holder))

代码示例来源:origin: apache/cloudstack

public static X509Certificate generateV1Certificate(final KeyPair keyPair,
                          final String subject,
                          final String issuer,
                          final int validityYears,
                          final String signatureAlgorithm) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException, SignatureException, InvalidKeyException, OperatorCreationException {
  final DateTime now = DateTime.now(DateTimeZone.UTC);
  final X509v1CertificateBuilder certBuilder = new JcaX509v1CertificateBuilder(
      new X500Name(issuer),
      generateRandomBigInt(),
      now.minusDays(1).toDate(),
      now.plusYears(validityYears).toDate(),
      new X500Name(subject),
      keyPair.getPublic());
  final ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm).setProvider("BC").build(keyPair.getPrivate());
  final X509CertificateHolder certHolder = certBuilder.build(signer);
  return new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
}

代码示例来源:origin: io.netty/netty-handler

static String[] generate(String fqdn, KeyPair keypair, SecureRandom random, Date notBefore, Date notAfter)
    throws Exception {
  PrivateKey key = keypair.getPrivate();
  // Prepare the information required for generating an X.509 certificate.
  X500Name owner = new X500Name("CN=" + fqdn);
  X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(
      owner, new BigInteger(64, random), notBefore, notAfter, owner, keypair.getPublic());
  ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(key);
  X509CertificateHolder certHolder = builder.build(signer);
  X509Certificate cert = new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(certHolder);
  cert.verify(keypair.getPublic());
  return newSelfSignedCertificate(fqdn, key, cert);
}

代码示例来源:origin: apache/pdfbox

X500Name certSubjectName = new X500Name(cert.getSubjectX500Principal().getName());
if (certSubjectName.equals(name))

内容来源于网络,如有侵权,请联系作者删除!

X500Name

相关文章

    查看更多
    微信公众号

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com