Example 6 with NetscapeCertType
use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project keystore-explorer by kaikramer.
the class DNetscapeCertificateType method okPressed.
private void okPressed() {
if (!jcbSslClient.isSelected() && !jcbSslServer.isSelected() && !jcbSmime.isSelected() && !jcbObjectSigning.isSelected() && !jcbReserved.isSelected() && !jcbSslCa.isSelected() && !jcbSmimeCa.isSelected() && !jcbObjectSigningCa.isSelected()) {
JOptionPane.showMessageDialog(this, res.getString("DNetscapeCertificateType.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
int netscapeCertTypeIntValue = 0;
netscapeCertTypeIntValue |= jcbSslClient.isSelected() ? NetscapeCertType.sslClient : 0;
netscapeCertTypeIntValue |= jcbSslServer.isSelected() ? NetscapeCertType.sslServer : 0;
netscapeCertTypeIntValue |= jcbSmime.isSelected() ? NetscapeCertType.smime : 0;
netscapeCertTypeIntValue |= jcbObjectSigning.isSelected() ? NetscapeCertType.objectSigning : 0;
netscapeCertTypeIntValue |= jcbReserved.isSelected() ? NetscapeCertType.reserved : 0;
netscapeCertTypeIntValue |= jcbSslCa.isSelected() ? NetscapeCertType.sslCA : 0;
netscapeCertTypeIntValue |= jcbSmimeCa.isSelected() ? NetscapeCertType.smimeCA : 0;
netscapeCertTypeIntValue |= jcbObjectSigningCa.isSelected() ? NetscapeCertType.objectSigningCA : 0;
NetscapeCertType netscapeCertType = new NetscapeCertType(netscapeCertTypeIntValue);
try {
value = netscapeCertType.getEncoded(ASN1Encoding.DER);
} catch (IOException ex) {
DError dError = new DError(this, ex);
dError.setLocationRelativeTo(this);
dError.setVisible(true);
return;
}
closeDialog();
}
Also used :
NetscapeCertType(org.bouncycastle.asn1.misc.NetscapeCertType)
IOException(java.io.IOException)
DError(org.kse.gui.error.DError)
Example 7 with NetscapeCertType
use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project BiglyBT by BiglySoftware.
the class X509CertificateObject method toString.
public String toString() {
StringBuilder buf = new StringBuilder();
String nl = System.getProperty("line.separator");
buf.append(" [0] Version: ").append(this.getVersion()).append(nl);
buf.append(" SerialNumber: ").append(this.getSerialNumber()).append(nl);
buf.append(" IssuerDN: ").append(this.getIssuerDN()).append(nl);
buf.append(" Start Date: ").append(this.getNotBefore()).append(nl);
buf.append(" Final Date: ").append(this.getNotAfter()).append(nl);
buf.append(" SubjectDN: ").append(this.getSubjectDN()).append(nl);
buf.append(" Public Key: ").append(this.getPublicKey()).append(nl);
buf.append(" Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
byte[] sig = this.getSignature();
buf.append(" Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
for (int i = 20; i < sig.length; i += 20) {
if (i < sig.length - 20) {
buf.append(" ").append(new String(Hex.encode(sig, i, 20))).append(nl);
} else {
buf.append(" ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
}
}
X509Extensions extensions = c.getTBSCertificate().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
if (e.hasMoreElements()) {
buf.append(" Extensions: \n");
}
while (e.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
X509Extension ext = extensions.getExtension(oid);
if (ext.getValue() != null) {
byte[] octs = ext.getValue().getOctets();
ByteArrayInputStream bIn = new ByteArrayInputStream(octs);
DERInputStream dIn = new DERInputStream(bIn);
buf.append(" critical(").append(ext.isCritical()).append(") ");
try {
if (oid.equals(X509Extensions.BasicConstraints)) {
buf.append(new BasicConstraints((ASN1Sequence) dIn.readObject())).append(nl);
} else if (oid.equals(X509Extensions.KeyUsage)) {
buf.append(new KeyUsage((DERBitString) dIn.readObject())).append(nl);
} else if (oid.equals(MiscObjectIdentifiers.netscapeCertType)) {
buf.append(new NetscapeCertType((DERBitString) dIn.readObject())).append(nl);
} else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL)) {
buf.append(new NetscapeRevocationURL((DERIA5String) dIn.readObject())).append(nl);
} else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension)) {
buf.append(new VerisignCzagExtension((DERIA5String) dIn.readObject())).append(nl);
} else {
buf.append(oid.getId());
buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
// buf.append(" value = " + "*****" + nl);
}
} catch (Exception ex) {
buf.append(oid.getId());
// buf.append(" value = " + new String(Hex.encode(ext.getValue().getOctets())) + nl);
buf.append(" value = " + "*****").append(nl);
}
} else {
buf.append(nl);
}
}
}
return buf.toString();
}
Also used :
VerisignCzagExtension(org.gudy.bouncycastle.asn1.misc.VerisignCzagExtension)
X509Extension(org.gudy.bouncycastle.asn1.x509.X509Extension)
NetscapeRevocationURL(org.gudy.bouncycastle.asn1.misc.NetscapeRevocationURL)
IOException(java.io.IOException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
NetscapeCertType(org.gudy.bouncycastle.asn1.misc.NetscapeCertType)
Example 8 with NetscapeCertType
use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project candlepin by candlepin.
the class JSSPKIUtilityTest method testCreateX509Certificate.
@Test
public void testCreateX509Certificate() throws Exception {
JSSPKIUtility pki = this.buildJSSPKIUtility();
Date start = new Date();
Date end = Date.from(LocalDate.now().plusDays(365).atStartOfDay(ZoneId.systemDefault()).toInstant());
X509Certificate cert = pki.createX509Certificate("cn=candlepinproject.org", null, null, start, end, subjectKeyPair, BigInteger.valueOf(1999L), "altName");
assertEquals("SHA256withRSA", cert.getSigAlgName());
assertEquals("1999", cert.getSerialNumber().toString());
X509CertificateHolder holder = new X509CertificateHolder(cert.getEncoded());
Extensions bcExtensions = holder.getExtensions();
// KeyUsage extension incorrect
assertTrue(KeyUsage.fromExtensions(bcExtensions).hasUsages(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment));
// ExtendedKeyUsage extension incorrect
assertTrue(ExtendedKeyUsage.fromExtensions(bcExtensions).hasKeyPurposeId(KeyPurposeId.id_kp_clientAuth));
// Basic constraints incorrectly identify this cert as a CA
assertFalse(BasicConstraints.fromExtensions(bcExtensions).isCA());
NetscapeCertType expected = new NetscapeCertType(NetscapeCertType.sslClient | NetscapeCertType.smime);
NetscapeCertType actual = new NetscapeCertType((DERBitString) bcExtensions.getExtension(MiscObjectIdentifiers.netscapeCertType).getParsedValue());
assertArrayEquals(new JcaX509ExtensionUtils().createSubjectKeyIdentifier(subjectKeyPair.getPublic()).getEncoded(), SubjectKeyIdentifier.fromExtensions(bcExtensions).getEncoded());
CertificateReader reader = injector.getInstance(CertificateReader.class);
PrivateKey key = reader.getCaKey();
KeyFactory kf = KeyFactory.getInstance("RSA");
RSAPrivateCrtKeySpec ks = kf.getKeySpec(key, RSAPrivateCrtKeySpec.class);
RSAPublicKeySpec pubKs = new RSAPublicKeySpec(ks.getModulus(), ks.getPublicExponent());
PublicKey pubKey = kf.generatePublic(pubKs);
assertArrayEquals(new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(pubKey).getEncoded(), AuthorityKeyIdentifier.fromExtensions(bcExtensions).getEncoded());
assertEquals(expected, actual);
}
Also used :
JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils)
RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec)
PrivateKey(java.security.PrivateKey)
RSAPublicKey(java.security.interfaces.RSAPublicKey)
PublicKey(java.security.PublicKey)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
Extensions(org.bouncycastle.asn1.x509.Extensions)
Date(java.util.Date)
LocalDate(java.time.LocalDate)
X509Certificate(java.security.cert.X509Certificate)
NetscapeCertType(org.bouncycastle.asn1.misc.NetscapeCertType)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
KeyFactory(java.security.KeyFactory)
CertificateReader(org.candlepin.pki.CertificateReader)
Test(org.junit.jupiter.api.Test)
Example 9 with NetscapeCertType
use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project LinLong-Java by zhenwei1108.
the class X509CertificateImpl method toString.
public String toString() {
StringBuffer buf = new StringBuffer();
String nl = Strings.lineSeparator();
buf.append(" [0] Version: ").append(this.getVersion()).append(nl);
buf.append(" SerialNumber: ").append(this.getSerialNumber()).append(nl);
buf.append(" IssuerDN: ").append(this.getIssuerDN()).append(nl);
buf.append(" Start Date: ").append(this.getNotBefore()).append(nl);
buf.append(" Final Date: ").append(this.getNotAfter()).append(nl);
buf.append(" SubjectDN: ").append(this.getSubjectDN()).append(nl);
buf.append(" Public Key: ").append(this.getPublicKey()).append(nl);
buf.append(" Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
X509SignatureUtil.prettyPrintSignature(this.getSignature(), buf, nl);
Extensions extensions = c.getTBSCertificate().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
if (e.hasMoreElements()) {
buf.append(" Extensions: \n");
}
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
Extension ext = extensions.getExtension(oid);
if (ext.getExtnValue() != null) {
byte[] octs = ext.getExtnValue().getOctets();
ASN1InputStream dIn = new ASN1InputStream(octs);
buf.append(" critical(").append(ext.isCritical()).append(") ");
try {
if (oid.equals(Extension.basicConstraints)) {
buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
} else if (oid.equals(Extension.keyUsage)) {
buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
} else if (oid.equals(MiscObjectIdentifiers.netscapeCertType)) {
buf.append(new NetscapeCertType(DERBitString.getInstance(dIn.readObject()))).append(nl);
} else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL)) {
buf.append(new NetscapeRevocationURL(ASN1IA5String.getInstance(dIn.readObject()))).append(nl);
} else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension)) {
buf.append(new VerisignCzagExtension(ASN1IA5String.getInstance(dIn.readObject()))).append(nl);
} else {
buf.append(oid.getId());
buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
// buf.append(" value = ").append("*****").append(nl);
}
} catch (Exception ex) {
buf.append(oid.getId());
// buf.append(" value = ").append(new String(Hex.encode(ext.getExtnValue().getOctets()))).append(nl);
buf.append(" value = ").append("*****").append(nl);
}
} else {
buf.append(nl);
}
}
}
return buf.toString();
}
Also used :
Extension(com.github.zhenwei.core.asn1.x509.Extension)
VerisignCzagExtension(com.github.zhenwei.core.asn1.misc.VerisignCzagExtension)
VerisignCzagExtension(com.github.zhenwei.core.asn1.misc.VerisignCzagExtension)
ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream)
Enumeration(java.util.Enumeration)
NetscapeCertType(com.github.zhenwei.core.asn1.misc.NetscapeCertType)
NetscapeRevocationURL(com.github.zhenwei.core.asn1.misc.NetscapeRevocationURL)
ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString)
ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
DERBitString(com.github.zhenwei.core.asn1.DERBitString)
ASN1String(com.github.zhenwei.core.asn1.ASN1String)
ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String)
Extensions(com.github.zhenwei.core.asn1.x509.Extensions)
ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
NoSuchProviderException(java.security.NoSuchProviderException)
Aggregations
IOException (java.io.IOException)8
NetscapeCertType (org.bouncycastle.asn1.misc.NetscapeCertType)6
InvalidKeyException (java.security.InvalidKeyException)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5
NoSuchProviderException (java.security.NoSuchProviderException)5
SignatureException (java.security.SignatureException)5
CertificateEncodingException (java.security.cert.CertificateEncodingException)5
CertificateException (java.security.cert.CertificateException)5
CertificateExpiredException (java.security.cert.CertificateExpiredException)5
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)5
CertificateParsingException (java.security.cert.CertificateParsingException)5
Enumeration (java.util.Enumeration)5
UnknownHostException (java.net.UnknownHostException)4
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)3
ASN1BitString (com.github.zhenwei.core.asn1.ASN1BitString)2
ASN1IA5String (com.github.zhenwei.core.asn1.ASN1IA5String)2
ASN1InputStream (com.github.zhenwei.core.asn1.ASN1InputStream)2
ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2
ASN1String (com.github.zhenwei.core.asn1.ASN1String)2
DERBitString (com.github.zhenwei.core.asn1.DERBitString)2
