Search in sources :

Example 6 with NetscapeCertType

use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project keystore-explorer by kaikramer.

the class DNetscapeCertificateType method okPressed.

private void okPressed() {
    if (!jcbSslClient.isSelected() && !jcbSslServer.isSelected() && !jcbSmime.isSelected() && !jcbObjectSigning.isSelected() && !jcbReserved.isSelected() && !jcbSslCa.isSelected() && !jcbSmimeCa.isSelected() && !jcbObjectSigningCa.isSelected()) {
        JOptionPane.showMessageDialog(this, res.getString("DNetscapeCertificateType.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    int netscapeCertTypeIntValue = 0;
    netscapeCertTypeIntValue |= jcbSslClient.isSelected() ? NetscapeCertType.sslClient : 0;
    netscapeCertTypeIntValue |= jcbSslServer.isSelected() ? NetscapeCertType.sslServer : 0;
    netscapeCertTypeIntValue |= jcbSmime.isSelected() ? NetscapeCertType.smime : 0;
    netscapeCertTypeIntValue |= jcbObjectSigning.isSelected() ? NetscapeCertType.objectSigning : 0;
    netscapeCertTypeIntValue |= jcbReserved.isSelected() ? NetscapeCertType.reserved : 0;
    netscapeCertTypeIntValue |= jcbSslCa.isSelected() ? NetscapeCertType.sslCA : 0;
    netscapeCertTypeIntValue |= jcbSmimeCa.isSelected() ? NetscapeCertType.smimeCA : 0;
    netscapeCertTypeIntValue |= jcbObjectSigningCa.isSelected() ? NetscapeCertType.objectSigningCA : 0;
    NetscapeCertType netscapeCertType = new NetscapeCertType(netscapeCertTypeIntValue);
    try {
        value = netscapeCertType.getEncoded(ASN1Encoding.DER);
    } catch (IOException ex) {
        DError dError = new DError(this, ex);
        dError.setLocationRelativeTo(this);
        dError.setVisible(true);
        return;
    }
    closeDialog();
}
Also used : NetscapeCertType(org.bouncycastle.asn1.misc.NetscapeCertType) IOException(java.io.IOException) DError(org.kse.gui.error.DError)

Example 7 with NetscapeCertType

use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project BiglyBT by BiglySoftware.

the class X509CertificateObject method toString.

public String toString() {
    StringBuilder buf = new StringBuilder();
    String nl = System.getProperty("line.separator");
    buf.append("  [0]         Version: ").append(this.getVersion()).append(nl);
    buf.append("         SerialNumber: ").append(this.getSerialNumber()).append(nl);
    buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
    buf.append("           Start Date: ").append(this.getNotBefore()).append(nl);
    buf.append("           Final Date: ").append(this.getNotAfter()).append(nl);
    buf.append("            SubjectDN: ").append(this.getSubjectDN()).append(nl);
    buf.append("           Public Key: ").append(this.getPublicKey()).append(nl);
    buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
    byte[] sig = this.getSignature();
    buf.append("            Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
    for (int i = 20; i < sig.length; i += 20) {
        if (i < sig.length - 20) {
            buf.append("                       ").append(new String(Hex.encode(sig, i, 20))).append(nl);
        } else {
            buf.append("                       ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
        }
    }
    X509Extensions extensions = c.getTBSCertificate().getExtensions();
    if (extensions != null) {
        Enumeration e = extensions.oids();
        if (e.hasMoreElements()) {
            buf.append("       Extensions: \n");
        }
        while (e.hasMoreElements()) {
            DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
            X509Extension ext = extensions.getExtension(oid);
            if (ext.getValue() != null) {
                byte[] octs = ext.getValue().getOctets();
                ByteArrayInputStream bIn = new ByteArrayInputStream(octs);
                DERInputStream dIn = new DERInputStream(bIn);
                buf.append("                       critical(").append(ext.isCritical()).append(") ");
                try {
                    if (oid.equals(X509Extensions.BasicConstraints)) {
                        buf.append(new BasicConstraints((ASN1Sequence) dIn.readObject())).append(nl);
                    } else if (oid.equals(X509Extensions.KeyUsage)) {
                        buf.append(new KeyUsage((DERBitString) dIn.readObject())).append(nl);
                    } else if (oid.equals(MiscObjectIdentifiers.netscapeCertType)) {
                        buf.append(new NetscapeCertType((DERBitString) dIn.readObject())).append(nl);
                    } else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL)) {
                        buf.append(new NetscapeRevocationURL((DERIA5String) dIn.readObject())).append(nl);
                    } else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension)) {
                        buf.append(new VerisignCzagExtension((DERIA5String) dIn.readObject())).append(nl);
                    } else {
                        buf.append(oid.getId());
                        buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
                    // buf.append(" value = " + "*****" + nl);
                    }
                } catch (Exception ex) {
                    buf.append(oid.getId());
                    // buf.append(" value = " + new String(Hex.encode(ext.getValue().getOctets())) + nl);
                    buf.append(" value = " + "*****").append(nl);
                }
            } else {
                buf.append(nl);
            }
        }
    }
    return buf.toString();
}
Also used : VerisignCzagExtension(org.gudy.bouncycastle.asn1.misc.VerisignCzagExtension) X509Extension(org.gudy.bouncycastle.asn1.x509.X509Extension) NetscapeRevocationURL(org.gudy.bouncycastle.asn1.misc.NetscapeRevocationURL) IOException(java.io.IOException) ByteArrayInputStream(java.io.ByteArrayInputStream) NetscapeCertType(org.gudy.bouncycastle.asn1.misc.NetscapeCertType)

Example 8 with NetscapeCertType

use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project candlepin by candlepin.

the class JSSPKIUtilityTest method testCreateX509Certificate.

@Test
public void testCreateX509Certificate() throws Exception {
    JSSPKIUtility pki = this.buildJSSPKIUtility();
    Date start = new Date();
    Date end = Date.from(LocalDate.now().plusDays(365).atStartOfDay(ZoneId.systemDefault()).toInstant());
    X509Certificate cert = pki.createX509Certificate("cn=candlepinproject.org", null, null, start, end, subjectKeyPair, BigInteger.valueOf(1999L), "altName");
    assertEquals("SHA256withRSA", cert.getSigAlgName());
    assertEquals("1999", cert.getSerialNumber().toString());
    X509CertificateHolder holder = new X509CertificateHolder(cert.getEncoded());
    Extensions bcExtensions = holder.getExtensions();
    // KeyUsage extension incorrect
    assertTrue(KeyUsage.fromExtensions(bcExtensions).hasUsages(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment));
    // ExtendedKeyUsage extension incorrect
    assertTrue(ExtendedKeyUsage.fromExtensions(bcExtensions).hasKeyPurposeId(KeyPurposeId.id_kp_clientAuth));
    // Basic constraints incorrectly identify this cert as a CA
    assertFalse(BasicConstraints.fromExtensions(bcExtensions).isCA());
    NetscapeCertType expected = new NetscapeCertType(NetscapeCertType.sslClient | NetscapeCertType.smime);
    NetscapeCertType actual = new NetscapeCertType((DERBitString) bcExtensions.getExtension(MiscObjectIdentifiers.netscapeCertType).getParsedValue());
    assertArrayEquals(new JcaX509ExtensionUtils().createSubjectKeyIdentifier(subjectKeyPair.getPublic()).getEncoded(), SubjectKeyIdentifier.fromExtensions(bcExtensions).getEncoded());
    CertificateReader reader = injector.getInstance(CertificateReader.class);
    PrivateKey key = reader.getCaKey();
    KeyFactory kf = KeyFactory.getInstance("RSA");
    RSAPrivateCrtKeySpec ks = kf.getKeySpec(key, RSAPrivateCrtKeySpec.class);
    RSAPublicKeySpec pubKs = new RSAPublicKeySpec(ks.getModulus(), ks.getPublicExponent());
    PublicKey pubKey = kf.generatePublic(pubKs);
    assertArrayEquals(new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(pubKey).getEncoded(), AuthorityKeyIdentifier.fromExtensions(bcExtensions).getEncoded());
    assertEquals(expected, actual);
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) RSAPrivateCrtKeySpec(java.security.spec.RSAPrivateCrtKeySpec) PrivateKey(java.security.PrivateKey) RSAPublicKey(java.security.interfaces.RSAPublicKey) PublicKey(java.security.PublicKey) RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec) Extensions(org.bouncycastle.asn1.x509.Extensions) Date(java.util.Date) LocalDate(java.time.LocalDate) X509Certificate(java.security.cert.X509Certificate) NetscapeCertType(org.bouncycastle.asn1.misc.NetscapeCertType) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) KeyFactory(java.security.KeyFactory) CertificateReader(org.candlepin.pki.CertificateReader) Test(org.junit.jupiter.api.Test)

Example 9 with NetscapeCertType

use of com.github.zhenwei.core.asn1.misc.NetscapeCertType in project LinLong-Java by zhenwei1108.

the class X509CertificateImpl method toString.

public String toString() {
    StringBuffer buf = new StringBuffer();
    String nl = Strings.lineSeparator();
    buf.append("  [0]         Version: ").append(this.getVersion()).append(nl);
    buf.append("         SerialNumber: ").append(this.getSerialNumber()).append(nl);
    buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
    buf.append("           Start Date: ").append(this.getNotBefore()).append(nl);
    buf.append("           Final Date: ").append(this.getNotAfter()).append(nl);
    buf.append("            SubjectDN: ").append(this.getSubjectDN()).append(nl);
    buf.append("           Public Key: ").append(this.getPublicKey()).append(nl);
    buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
    X509SignatureUtil.prettyPrintSignature(this.getSignature(), buf, nl);
    Extensions extensions = c.getTBSCertificate().getExtensions();
    if (extensions != null) {
        Enumeration e = extensions.oids();
        if (e.hasMoreElements()) {
            buf.append("       Extensions: \n");
        }
        while (e.hasMoreElements()) {
            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
            Extension ext = extensions.getExtension(oid);
            if (ext.getExtnValue() != null) {
                byte[] octs = ext.getExtnValue().getOctets();
                ASN1InputStream dIn = new ASN1InputStream(octs);
                buf.append("                       critical(").append(ext.isCritical()).append(") ");
                try {
                    if (oid.equals(Extension.basicConstraints)) {
                        buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
                    } else if (oid.equals(Extension.keyUsage)) {
                        buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
                    } else if (oid.equals(MiscObjectIdentifiers.netscapeCertType)) {
                        buf.append(new NetscapeCertType(DERBitString.getInstance(dIn.readObject()))).append(nl);
                    } else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL)) {
                        buf.append(new NetscapeRevocationURL(ASN1IA5String.getInstance(dIn.readObject()))).append(nl);
                    } else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension)) {
                        buf.append(new VerisignCzagExtension(ASN1IA5String.getInstance(dIn.readObject()))).append(nl);
                    } else {
                        buf.append(oid.getId());
                        buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
                    // buf.append(" value = ").append("*****").append(nl);
                    }
                } catch (Exception ex) {
                    buf.append(oid.getId());
                    // buf.append(" value = ").append(new String(Hex.encode(ext.getExtnValue().getOctets()))).append(nl);
                    buf.append(" value = ").append("*****").append(nl);
                }
            } else {
                buf.append(nl);
            }
        }
    }
    return buf.toString();
}
Also used : Extension(com.github.zhenwei.core.asn1.x509.Extension) VerisignCzagExtension(com.github.zhenwei.core.asn1.misc.VerisignCzagExtension) VerisignCzagExtension(com.github.zhenwei.core.asn1.misc.VerisignCzagExtension) ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream) Enumeration(java.util.Enumeration) NetscapeCertType(com.github.zhenwei.core.asn1.misc.NetscapeCertType) NetscapeRevocationURL(com.github.zhenwei.core.asn1.misc.NetscapeRevocationURL) ASN1BitString(com.github.zhenwei.core.asn1.ASN1BitString) ASN1OctetString(com.github.zhenwei.core.asn1.ASN1OctetString) DEROctetString(com.github.zhenwei.core.asn1.DEROctetString) DERBitString(com.github.zhenwei.core.asn1.DERBitString) ASN1String(com.github.zhenwei.core.asn1.ASN1String) ASN1IA5String(com.github.zhenwei.core.asn1.ASN1IA5String) Extensions(com.github.zhenwei.core.asn1.x509.Extensions) ASN1ObjectIdentifier(com.github.zhenwei.core.asn1.ASN1ObjectIdentifier) CertificateExpiredException(java.security.cert.CertificateExpiredException) SignatureException(java.security.SignatureException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateEncodingException(java.security.cert.CertificateEncodingException) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertificateParsingException(java.security.cert.CertificateParsingException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

IOException (java.io.IOException)8 NetscapeCertType (org.bouncycastle.asn1.misc.NetscapeCertType)6 InvalidKeyException (java.security.InvalidKeyException)5 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)5 NoSuchProviderException (java.security.NoSuchProviderException)5 SignatureException (java.security.SignatureException)5 CertificateEncodingException (java.security.cert.CertificateEncodingException)5 CertificateException (java.security.cert.CertificateException)5 CertificateExpiredException (java.security.cert.CertificateExpiredException)5 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)5 CertificateParsingException (java.security.cert.CertificateParsingException)5 Enumeration (java.util.Enumeration)5 UnknownHostException (java.net.UnknownHostException)4 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)3 ASN1BitString (com.github.zhenwei.core.asn1.ASN1BitString)2 ASN1IA5String (com.github.zhenwei.core.asn1.ASN1IA5String)2 ASN1InputStream (com.github.zhenwei.core.asn1.ASN1InputStream)2 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)2 ASN1String (com.github.zhenwei.core.asn1.ASN1String)2 DERBitString (com.github.zhenwei.core.asn1.DERBitString)2