Java源码示例:org.spongycastle.asn1.x500.style.BCStyle
示例1
public DistinguishedNameValues() {
put(BCStyle.C,null);
put(BCStyle.ST,null);
put(BCStyle.L,null);
put(BCStyle.STREET,null);
put(BCStyle.O,null);
put(BCStyle.OU,null);
put(BCStyle.CN,null);
}
示例2
static void initialiseCertificate(Context c, KeyPair keyPair){
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.DAY_OF_MONTH, -1);
Date notBefore = calendar.getTime();
calendar.add(Calendar.YEAR, 10);
Date notAfter = calendar.getTime();
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, "an2linuxclient");
nameBuilder.addRDN(BCStyle.SERIALNUMBER, new BigInteger(128, new Random()).toString(16));
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
nameBuilder.build(),
BigInteger.ONE,
notBefore, notAfter,
nameBuilder.build(),
keyPair.getPublic()
);
try {
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(keyPair.getPrivate());
X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(certificateBuilder.build(contentSigner));
SharedPreferences deviceKeyPref = c.getSharedPreferences(
c.getString(R.string.device_key_and_cert), MODE_PRIVATE);
deviceKeyPref.edit().putString(c.getString(R.string.certificate),
Base64.encodeToString(certificate.getEncoded(), Base64.NO_WRAP)).apply();
Log.d("TlsHelper", "Generated new certificate successfully");
} catch (Exception e){
Log.e("TlsHelper", "initialiseCertificate");
Log.e("StackTrace", Log.getStackTraceString(e));
}
}
示例3
static void initialiseCertificate(Context c, KeyPair keyPair){
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.DAY_OF_MONTH, -1);
Date notBefore = calendar.getTime();
calendar.add(Calendar.YEAR, 10);
Date notAfter = calendar.getTime();
X500NameBuilder nameBuilder = new X500NameBuilder(BCStyle.INSTANCE);
nameBuilder.addRDN(BCStyle.CN, "an2linuxclient");
nameBuilder.addRDN(BCStyle.SERIALNUMBER, new BigInteger(128, new Random()).toString(16));
X509v3CertificateBuilder certificateBuilder = new JcaX509v3CertificateBuilder(
nameBuilder.build(),
BigInteger.ONE,
notBefore, notAfter,
nameBuilder.build(),
keyPair.getPublic()
);
try {
ContentSigner contentSigner = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(keyPair.getPrivate());
X509Certificate certificate = new JcaX509CertificateConverter().getCertificate(certificateBuilder.build(contentSigner));
SharedPreferences deviceKeyPref = c.getSharedPreferences(
c.getString(R.string.device_key_and_cert), MODE_PRIVATE);
deviceKeyPref.edit().putString(c.getString(R.string.certificate),
Base64.encodeToString(certificate.getEncoded(), Base64.NO_WRAP)).apply();
Log.d("TlsHelper", "Generated new certificate successfully");
} catch (Exception e){
Log.e("TlsHelper", "initialiseCertificate");
Log.e("StackTrace", Log.getStackTraceString(e));
}
}
示例4
public static X509Certificate generateSignedCertificate(X509Certificate caCertificate, PrivateKey caPrivateKey, PublicKey publicKey, String CN)
throws NoSuchAlgorithmException, OperatorCreationException, CertificateException,
KeyStoreException, UnrecoverableKeyException, IOException,
InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException,
InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
BadPaddingException {
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.CN, CN);
// We want this root certificate to be valid for one year
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.YEAR, 1);
ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(caPrivateKey);
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
caCertificate,
new BigInteger(80, new Random()),
new Date(System.currentTimeMillis() - 50000),
calendar.getTime(),
new X500Principal(builder.build().getEncoded()),
publicKey);
// Those are the extensions needed for the certificate to be a leaf certificate that authenticates a SSL server
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(X509KeyUsage.keyEncipherment));
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new DERSequence(KeyPurposeId.id_kp_serverAuth));
X509CertificateHolder certificateHolder = certGen.build(sigGen);
X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);
return certificate;
}
示例5
public static X509Certificate generateRootCertificate(KeyPair keys, String CN)
throws NoSuchAlgorithmException, OperatorCreationException, CertificateException,
KeyStoreException, UnrecoverableKeyException, IOException,
InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException,
InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
BadPaddingException {
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.CN, CN);
// We want this root certificate to be valid for one year
Calendar calendar = Calendar.getInstance();
calendar.add( Calendar.YEAR, 1 );
ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(keys.getPrivate());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
builder.build(),
new BigInteger(80, new Random()),
new Date(System.currentTimeMillis() - 50000),
calendar.getTime(),
builder.build(),
keys.getPublic());
// Those are the extensions needed for a CA certificate
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true));
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(X509KeyUsage.digitalSignature));
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth));
X509CertificateHolder certificateHolder = certGen.build(sigGen);
X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);
return certificate;
}
示例6
/**
* @param certificate certificate
* @return common name
* @throws IllegalArgumentException if certificate is incorrect type
*/
@NonNull
public static String getCommonName(Certificate certificate) {
assertX509Certificate(certificate);
String result = null;
try {
X500Name x500name = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
result = IETFUtils.valueToString(cn.getFirst().getValue());
} catch (CertificateEncodingException ignored) {
}
return (result == null) ? "" : result;
}
示例7
public void setCountry( String country) {
put(BCStyle.C,country);
}
示例8
public void setState( String state) {
put(BCStyle.ST,state);
}
示例9
public void setLocality( String locality) {
put(BCStyle.L,locality);
}
示例10
public void setStreet( String street) {
put( BCStyle.STREET, street);
}
示例11
public void setOrganization( String organization) {
put(BCStyle.O,organization);
}
示例12
public void setOrganizationalUnit( String organizationalUnit) {
put(BCStyle.OU,organizationalUnit);
}
示例13
public void setCommonName( String commonName) {
put(BCStyle.CN,commonName);
}
