📄 certtest.java
字号:
{ bIn = new ByteArrayInputStream(bytes); CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC"); X509Certificate cert = (X509Certificate)fact.generateCertificate(bIn); PublicKey k = cert.getPublicKey(); if (cert.getKeyUsage()[7]) { fail("error generating cert - key usage wrong."); } // System.out.println(cert); } catch (Exception e) { fail(dump + System.getProperty("line.separator") + getName() + ": "+ id + " failed - exception " + e.toString(), e); } } public void checkSelfSignedCertificate( int id, byte[] bytes) { ByteArrayInputStream bIn; String dump = ""; try { bIn = new ByteArrayInputStream(bytes); CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC"); Certificate cert = fact.generateCertificate(bIn); PublicKey k = cert.getPublicKey(); cert.verify(k); // System.out.println(cert); } catch (Exception e) { fail(dump + System.getProperty("line.separator") + getName() + ": "+ id + " failed - exception " + e.toString(), e); } } /** * we generate a self signed certificate for the sake of testing - RSA */ public void checkCreation1() throws Exception { // // a sample key pair. // RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec( new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), new BigInteger("11", 16)); RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec( new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16), new BigInteger("11", 16), new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16), new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16), new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16), new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16), new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16), new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16)); // // set up the keys // SecureRandom rand = new SecureRandom(); PrivateKey privKey; PublicKey pubKey; KeyFactory fact = KeyFactory.getInstance("RSA", "BC"); privKey = fact.generatePrivate(privKeySpec); pubKey = fact.generatePublic(pubKeySpec); // // distinguished name table. // Hashtable attrs = new Hashtable(); attrs.put(X509Principal.C, "AU"); attrs.put(X509Principal.O, "The Legion of the Bouncy Castle"); attrs.put(X509Principal.L, "Melbourne"); attrs.put(X509Principal.ST, "Victoria"); attrs.put(X509Principal.E, "feedback-crypto@bouncycastle.org"); Vector ord = new Vector(); Vector values = new Vector(); ord.addElement(X509Principal.C); ord.addElement(X509Principal.O); ord.addElement(X509Principal.L); ord.addElement(X509Principal.ST); ord.addElement(X509Principal.E); values.addElement("AU"); values.addElement("The Legion of the Bouncy Castle"); values.addElement("Melbourne"); values.addElement("Victoria"); values.addElement("feedback-crypto@bouncycastle.org"); // // extensions // // // create the certificate - version 3 - without extensions // X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(1)); certGen.setIssuerDN(new X509Principal(attrs)); certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000)); certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000)); certGen.setSubjectDN(new X509Principal(attrs)); certGen.setPublicKey(pubKey); certGen.setSignatureAlgorithm("SHA256WithRSAEncryption"); X509Certificate cert = certGen.generateX509Certificate(privKey); cert.checkValidity(new Date()); cert.verify(pubKey); Set dummySet = cert.getNonCriticalExtensionOIDs(); dummySet = cert.getNonCriticalExtensionOIDs(); // // create the certificate - version 3 - with extensions // certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(1)); certGen.setIssuerDN(new X509Principal(attrs)); certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000)); certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000)); certGen.setSubjectDN(new X509Principal(attrs)); certGen.setPublicKey(pubKey); certGen.setSignatureAlgorithm("MD5WithRSAEncryption"); certGen.addExtension("2.5.29.15", true, new X509KeyUsage(X509KeyUsage.encipherOnly)); certGen.addExtension("2.5.29.37", true, new DERSequence(KeyPurposeId.anyExtendedKeyUsage)); certGen.addExtension("2.5.29.17", true, new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test"))); cert = certGen.generateX509Certificate(privKey); cert.checkValidity(new Date()); cert.verify(pubKey); ByteArrayInputStream sbIn = new ByteArrayInputStream(cert.getEncoded()); ASN1InputStream sdIn = new ASN1InputStream(sbIn); ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded()); CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC"); cert = (X509Certificate)certFact.generateCertificate(bIn); if (!cert.getKeyUsage()[7]) { fail("error generating cert - key usage wrong."); } List l = cert.getExtendedKeyUsage(); if (!l.get(0).equals(KeyPurposeId.anyExtendedKeyUsage.getId())) { fail("failed extended key usage test"); } Collection c = cert.getSubjectAlternativeNames(); Iterator it = c.iterator(); while (it.hasNext()) { List gn = (List)it.next(); if (!gn.get(1).equals("test@test.test")) { fail("failed subject alternative names test"); } } // System.out.println(cert); // // create the certificate - version 1 // X509V1CertificateGenerator certGen1 = new X509V1CertificateGenerator(); certGen1.setSerialNumber(BigInteger.valueOf(1)); certGen1.setIssuerDN(new X509Principal(ord, attrs)); certGen1.setNotBefore(new Date(System.currentTimeMillis() - 50000)); certGen1.setNotAfter(new Date(System.currentTimeMillis() + 50000)); certGen1.setSubjectDN(new X509Principal(ord, values)); certGen1.setPublicKey(pubKey); certGen1.setSignatureAlgorithm("MD5WithRSAEncryption"); cert = certGen1.generateX509Certificate(privKey); cert.checkValidity(new Date()); cert.verify(pubKey); bIn = new ByteArrayInputStream(cert.getEncoded()); certFact = CertificateFactory.getInstance("X.509", "BC"); cert = (X509Certificate)certFact.generateCertificate(bIn); // System.out.println(cert); if (!cert.getIssuerDN().equals(cert.getSubjectDN())) { fail("name comparison fails"); } } /** * we generate a self signed certificate for the sake of testing - DSA */ public void checkCreation2() { // // set up the keys // PrivateKey privKey; PublicKey pubKey; try { KeyPairGenerator g = KeyPairGenerator.getInstance("DSA", "SUN"); g.initialize(512, new SecureRandom()); KeyPair p = g.generateKeyPair(); privKey = p.getPrivate(); pubKey = p.getPublic(); } catch (Exception e) { fail("error setting up keys - " + e.toString()); return; } // // distinguished name table. // Hashtable attrs = new Hashtable(); attrs.put(X509Principal.C, "AU"); attrs.put(X509Principal.O, "The Legion of the Bouncy Castle"); attrs.put(X509Principal.L, "Melbourne"); attrs.put(X509Principal.ST, "Victoria"); attrs.put(X509Principal.E, "feedback-crypto@bouncycastle.org"); // // extensions // // // create the certificate - version 3 // X509V3CertificateGenerator certGen = new X509V3CertificateGenerator(); certGen.setSerialNumber(BigInteger.valueOf(1)); certGen.setIssuerDN(new X509Principal(attrs)); certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000)); certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -