certificate java_CertificateRequest.java

最新推荐文章于 2024-02-24 21:39:45 发布
最新推荐文章于 2024-02-24 21:39:45 发布
阅读量210 收藏
点赞数
文章标签: certificate java
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_39622332/article/details/114427005
版权

/*

* Licensed to the Apache Software Foundation (ASF) under one or more

* contributor license agreements. See the NOTICE file distributed with

* this work for additional information regarding copyright ownership.

* The ASF licenses this file to You under the Apache License, Version 2.0

* (the "License"); you may not use this file except in compliance with

* the License. You may obtain a copy of the License at

*

* http://www.apache.org/licenses/LICENSE-2.0

*

* Unless required by applicable law or agreed to in writing, software

* distributed under the License is distributed on an "AS IS" BASIS,

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

* See the License for the specific language governing permissions and

* limitations under the License.

*/

package org.conscrypt;

import java.io.IOException;

import java.security.cert.X509Certificate;

import java.util.ArrayList;

import javax.security.auth.x500.X500Principal;

import libcore.io.Streams;

/**

*

* Represents certificate request message

* @see TLS 1.0 spec., 7.4.4.

* Certificate request

*/

public class CertificateRequest extends Message {

/**

* Requested certificate types

*/

final byte[] certificate_types;

/**

* Certificate authorities

*/

final X500Principal[] certificate_authorities;

/**

* Requested certificate types as Strings

* ("RSA", "DSA", "DH_RSA" or "DH_DSA")

*/

private String[] types;

/**

* Encoded form of certificate authorities

*/

private byte[][] encoded_principals;

/**

* Creates outbound message

*

* @param certificate_types

* @param accepted - array of certificate authority certificates

*/

public CertificateRequest(byte[] certificate_types,

X509Certificate[] accepted) {

if (accepted == null) {

fatalAlert(AlertProtocol.INTERNAL_ERROR,

"CertificateRequest: array of certificate authority certificates is null");

}

this.certificate_types = certificate_types;

int totalPrincipalsLength = 0;

certificate_authorities = new X500Principal[accepted.length];

encoded_principals = new byte[accepted.length][];

for (int i = 0; i < accepted.length; i++) {

certificate_authorities[i] = accepted[i].getIssuerX500Principal();

encoded_principals[i] = certificate_authorities[i].getEncoded();

totalPrincipalsLength += encoded_principals[i].length + 2;

}

length = 3 + certificate_types.length + totalPrincipalsLength;

}

/**

* Creates inbound message

*

* @param in

* @param length

* @throws IOException

*/

public CertificateRequest(HandshakeIODataStream in, int length) throws IOException {

int size = in.readUint8();

certificate_types = new byte[size];

Streams.readFully(in, certificate_types);

size = in.readUint16();

int totalPrincipalsLength = 0;

int principalLength = 0;

ArrayListprincipals = new ArrayList();

while (totalPrincipalsLength < size) {

principalLength = in.readUint16(); // encoded X500Principal size

principals.add(new X500Principal(in));

totalPrincipalsLength += 2;

totalPrincipalsLength += principalLength;

}

certificate_authorities = principals.toArray(new X500Principal[principals.size()]);

this.length = 3 + certificate_types.length + totalPrincipalsLength;

if (this.length != length) {

fatalAlert(AlertProtocol.DECODE_ERROR, "DECODE ERROR: incorrect CertificateRequest");

}

}

/**

* Sends message

*

* @param out

*/

@Override

public void send(HandshakeIODataStream out) {

out.writeUint8(certificate_types.length);

for (int i = 0; i < certificate_types.length; i++) {

out.write(certificate_types[i]);

}

int authoritiesLength = 0;

for (int i = 0; i < certificate_authorities.length; i++) {

authoritiesLength += encoded_principals[i].length +2;

}

out.writeUint16(authoritiesLength);

for (int i = 0; i < certificate_authorities.length; i++) {

out.writeUint16(encoded_principals[i].length);

out.write(encoded_principals[i]);

}

}

/**

* Returns message type

*/

@Override

public int getType() {

return Handshake.CERTIFICATE_REQUEST;

}

/**

* Returns requested certificate types as array of strings

*/

public String[] getTypesAsString() {

if (types == null) {

types = new String[certificate_types.length];

for (int i = 0; i < types.length; i++) {

String type = CipherSuite.getClientKeyType(certificate_types[i]);

if (type == null) {

fatalAlert(AlertProtocol.DECODE_ERROR,

"DECODE ERROR: incorrect CertificateRequest");

}

types[i] = type;

}

}

return types;

}

}

Java程序

|

160行

|

5.15 KB

/*

* Licensed to the Apache Software Foundation (ASF) under one or more

* contributor license agreements. See the NOTICE file distributed with

* this work for additional information regarding copyright ownership.

* The ASF licenses this file to You under the Apache License, Version 2.0

* (the "License"); you may not use this file except in compliance with

* the License. You may obtain a copy of the License at

*

* http://www.apache.org/licenses/LICENSE-2.0

*

* Unless required by applicable law or agreed to in writing, software

* distributed under the License is distributed on an "AS IS" BASIS,

* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

* See the License for the specific language governing permissions and

* limitations under the License.

*/

package org.conscrypt;

import java.io.IOException;

import java.security.cert.X509Certificate;

import java.util.ArrayList;

import javax.security.auth.x500.X500Principal;

import libcore.io.Streams;

/**

*

* Represents certificate request message

* @see TLS 1.0 spec., 7.4.4.

* Certificate request

*/

public class CertificateRequest extends Message {

/**

* Requested certificate types

*/

final byte[] certificate_types;

/**

* Certificate authorities

*/

final X500Principal[] certificate_authorities;

/**

* Requested certificate types as Strings

* ("RSA", "DSA", "DH_RSA" or "DH_DSA")

*/

private String[] types;

/**

* Encoded form of certificate authorities

*/

private byte[][] encoded_principals;

/**

* Creates outbound message

*

* @param certificate_types

* @param accepted - array of certificate authority certificates

*/

public CertificateRequest(byte[] certificate_types,

X509Certificate[] accepted) {

if (accepted == null) {

fatalAlert(AlertProtocol.INTERNAL_ERROR,

"CertificateRequest: array of certificate authority certificates is null");

}

this.certificate_types = certificate_types;

int totalPrincipalsLength = 0;

certificate_authorities = new X500Principal[accepted.length];

encoded_principals = new byte[accepted.length][];

for (int i = 0; i < accepted.length; i++) {

certificate_authorities[i] = accepted[i].getIssuerX500Principal();

encoded_principals[i] = certificate_authorities[i].getEncoded();

totalPrincipalsLength += encoded_principals[i].length + 2;

}

length = 3 + certificate_types.length + totalPrincipalsLength;

}

/**

* Creates inbound message

*

* @param in

* @param length

* @throws IOException

*/

public CertificateRequest(HandshakeIODataStream in, int length) throws IOException {

int size = in.readUint8();

certificate_types = new byte[size];

Streams.readFully(in, certificate_types);

size = in.readUint16();

int totalPrincipalsLength = 0;

int principalLength = 0;

ArrayList principals = new ArrayList();

while (totalPrincipalsLength < size) {

principalLength = in.readUint16(); // encoded X500Principal size

principals.add(new X500Principal(in));

totalPrincipalsLength += 2;

totalPrincipalsLength += principalLength;

}

certificate_authorities = principals.toArray(new X500Principal[principals.size()]);

this.length = 3 + certificate_types.length + totalPrincipalsLength;

if (this.length != length) {

fatalAlert(AlertProtocol.DECODE_ERROR, "DECODE ERROR: incorrect CertificateRequest");

}

}

/**

* Sends message

*

* @param out

*/

@Override

public void send(HandshakeIODataStream out) {

out.writeUint8(certificate_types.length);

for (int i = 0; i < certificate_types.length; i++) {

out.write(certificate_types[i]);

}

int authoritiesLength = 0;

for (int i = 0; i < certificate_authorities.length; i++) {

authoritiesLength += encoded_principals[i].length +2;

}

out.writeUint16(authoritiesLength);

for (int i = 0; i < certificate_authorities.length; i++) {

out.writeUint16(encoded_principals[i].length);

out.write(encoded_principals[i]);

}

}

/**

* Returns message type

*/

@Override

public int getType() {

return Handshake.CERTIFICATE_REQUEST;

}

/**

* Returns requested certificate types as array of strings

*/

public String[] getTypesAsString() {

if (types == null) {

types = new String[certificate_types.length];

for (int i = 0; i < types.length; i++) {

String type = CipherSuite.getClientKeyType(certificate_types[i]);

if (type == null) {

fatalAlert(AlertProtocol.DECODE_ERROR,

"DECODE ERROR: incorrect CertificateRequest");

}

types[i] = type;

}

}

return types;

}

}

weixin_39622332
关注
nginx反代后javarequest.getScheme获取不到https的解决办法
Bertram的博客
03-20 1168
在实际应用中,经常会用到nginx反向代理应用,这中就会出现一中情况,访问https页面Java 通过request.getScheme()获取不到https协议,或者response.sendRedirect重定向是http,而不是我们想要的https。经过反代后,协议信息没有转发到后端,或者后端没有设置。
java imapi_java服务端下载证书并放入证书库后,仍出现No trusted certificate found错误...
weixin_36364044的博客
02-16 720
我下载了证书后,利用keytool工具先这样:Keytool –genkey –alias "certificate" –keyalg "RSA" –keystore "im.jks"然后再这样:Keytool –import –keystore im.jks –file certificate.cer同时我将im.properties配置了路径,运行程序后。程序报出:javax.net.ssl....
CompleteJava2Certificate
03-07
CompleteJava2Certificate
java clientrequest,ClientCertRequest.java
weixin_39699163的博客
03-19 120
/** Copyright (C) 2014 The Android Open Source Project** Licensed under the Apache License, Version 2.0 (the "License");* you may not use this file except in compliance with the License.* You may obta...
TLS/SSL 协议详解(13) certificate request
叼哥的博客
11-14 3841
双向认证时,服务器会发送certificate request,表明自己想要收到客户端的证书。   这个类型的握手主要包含了ca证书的subject,用以告诉客户端自己需要哪些证书,不是由这些ca签发的证书“我”不要。   客户端,例如浏览器在收到这个请求时,如果不存在对应的证书,则发送一个空的certificate至服务器,如果存在一个证书,则发送该certificate至服务器。如果存在多...
证书请求简介
大草的博客
04-24 3982
本文没有介绍证书申请的背景知识和相关的openssl使用。本文直接开始介绍,使用openssl命令,生成证书请求。为了搞明白证书请求需要包含哪些内容,我们去阅读了证书请求的相关RFC规范。接着,我们阅读openssl命令执行证书请求的源码执行流程。阅读源码的过程中,我们浅尝辄止,没有深入阅读具体的函数实现。所以,我们不知道,在证书申请这块,openssl是否完全遵守了RFC规范。最后,我们使用C++封装了openssl api,实现了一个简单的证书请求类。
java x509certificate2_ASP.NET使用X509Certificate2出现一系列问题的解决方法
weixin_33110093的博客
02-27 869
在做微信支付退款的时候,由于需要使用到p12证书,结果就遇到一系列的坑。这里做个记录方便以后查阅。原先加载证书的代码:1 X509Certificate2 cert = new X509Certificate2(path + WxPayConfig.SSLCERT_PATH, WxPayConfig.SSLCERT_PASSWORD);2 Request.ClientCertificates.Ad...
ssl_java.zip
05-28
3. 如果配置了双向认证,服务器还会发送一个“CertificateRequest”请求客户端证书。 4. 客户端验证服务器证书,并发送自己的证书(如果需要)以及一个“ChangeCipherSpec”消息,告知之后的消息将使用协商的加密...
java ca 验证失败_在Java中针对CA验证X.509证书
weixin_35923682的博客
02-23 1171
可以说我有这样的东西(客户端代码):TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {@Overridepublic java.security.cert.X509Certificate[] getAcceptedIssuers() {return null;}@Overridepublic void...
JavaCertificate:Java证书示例
05-09
Java证书 Java证书示例
java认证与证书
wbo
12-04 3285
目前主要有JKS和PEM两种编码格式文件。如何在这两种密钥库文件中进行库文件交换呢?可以通过格式的证书文件在两种格式的密钥库中进行库文件导出/导入等。通常使用编码格式作为数字证书文件存储格式。自签名证书,即证书申请者为自己的证书签名。数字证书的颁发流程简述过程如下:1、客户端请求服务器的流程如下:客户端请求服务器将按如下步骤进行:2、服务器端完成客户端请求处理后,需经过以下几个步骤完成响应:KeyTool是Java中的数字证书管理工具,用于数字证书的申请、导入、导出和撤销等证书管理操作。官方文档https:
java certificate 安装_java自动获取安装在线数字证书
weixin_30921875的博客
02-23 408
本人开了家网店,,店名:,是搞话费充值的,可以充值全国所有地区,三大运营商:,,.,全部是价处理,希望大家多多捧场,不求,只求好评.谢谢大家.主要原理是:使用socket尝试对目标服务器进行通信,如果通信失败,证明没有证书,不过此时的证书已悄悄发送到客户端了。以前写过这个工具类了:http://leisuredev.iteye.com/admin/blogs/714742今天稍微注释并整理了一个版...
certificate java_Javajava.security.cert.X509Certificate的实例源码 - 编程字典
weixin_39963523的博客
02-20 725
/*** Verify that the signing certificate used to sign {@link #SIGNED_FILE_NAME}* matches the signing stored in the database for this repo. {@link #repo} and* {@code repo.signingCertificate} must be p...
Java安全——密钥和证书
最新发布
Innocence_0的博客
02-24 1048
从时代发展的角度看,网络安全的知识是学不完的,而且以后要学的会更多,同学们要摆正心态,既然选择入门网络安全,就不能仅仅只是入门程度而已,能力越强机会才越多。因为入门学习阶段知识点比较杂,所以我讲得比较笼统,大家如果有不懂的地方可以找我咨询,我保证知无不言言无不尽,需要相关资料也可以找我要,我的网盘里一大堆资料都在吃灰呢。干货主要有:①1000+CTF历届题库(主流和经典的应该都有了)②CTF技术文档(最全中文版)③项目源码(四五十个有趣且经典的练手项目及源码)
Java使用X509Certificate获取证书详情
yyb1369584682的博客
08-02 2419
Java使用X509Certificate获取证书详情
Java——数字证书详解
吴声子夜歌的博客
12-04 1153
数字证书集合了多种密码学算法:自身带有公钥信息,可完成相应的加密/解密操作;同时,还带有数字签名,可鉴别消息来源;且自身带有消息摘要信息,可验证证书的完整性;由于证书本身含有用户身份信息,因而具有认证性。数字证书具备常规加密/解密必要的信息,包含签名算法,可用于网络数据加密/解密交互,标识网络用户(计算机)身份。数字证书为发布公钥提供了一种简便的途径,其数字证书则成为加密算法以及公钥的载体。依靠数字证书,我们可以构建一个简单的加密网络应用平台。
java https证书_java请求https证书异常
06-06
import java.security.cert.X509Certificate; import javax.net.ssl.X509TrustManager; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import java.security.SecureRandom; public class ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值