Examples with ObjectID iaik.asn1.ObjectID used on opensource projects

Example 1 with ObjectID

use of iaik.asn1.ObjectID in project apjp by jvansteirteghem.

the class HTTPS method createSSLServerSocket.

public static synchronized SSLServerSocket createSSLServerSocket(String remoteAddress, int remotePort) throws HTTPSException {
    try {
        KeyStore defaultKeyStore = getDefaultKeyStore();
        PrivateKey privateKey = (PrivateKey) defaultKeyStore.getKey("APJP", "APJP".toCharArray());
        Certificate certificateAuthority = defaultKeyStore.getCertificate("APJP");
        String certificateAlias;
        if (remotePort == 443) {
            certificateAlias = remoteAddress;
        } else {
            certificateAlias = remoteAddress + ":" + remotePort;
        }
        Certificate certificate = defaultKeyStore.getCertificate(certificateAlias);
        if (certificate == null) {
            X509Certificate x509CertificateAuthority = new X509Certificate(certificateAuthority.getEncoded());
            X509Certificate x509Certificate = new X509Certificate();
            Name name = new Name();
            //CN
            name.addRDN(new ObjectID("2.5.4.3"), certificateAlias);
            // O
            name.addRDN(new ObjectID("2.5.4.10"), "APJP");
            // OU
            name.addRDN(new ObjectID("2.5.4.11"), "APJP");
            x509Certificate.setSubjectDN(name);
            x509Certificate.setIssuerDN(x509CertificateAuthority.getIssuerDN());
            x509Certificate.setValidNotBefore(new Date(new Date().getTime() - 1 * (1000L * 60 * 60 * 24 * 365)));
            x509Certificate.setValidNotAfter(new Date(new Date().getTime() + 10 * (1000L * 60 * 60 * 24 * 365)));
            x509Certificate.setSerialNumber(BigInteger.valueOf(new Date().getTime()));
            x509Certificate.setPublicKey(x509CertificateAuthority.getPublicKey());
            // SHA1_WITH_RSA_ENCRYPTION
            x509Certificate.sign(new AlgorithmID(new ObjectID("1.2.840.113549.1.1.5")), privateKey);
            X509Certificate[] x509CertificateArray = new X509Certificate[2];
            x509CertificateArray[0] = x509Certificate;
            x509CertificateArray[1] = x509CertificateAuthority;
            defaultKeyStore.setCertificateEntry(certificateAlias, x509Certificate);
            defaultKeyStore.setKeyEntry(certificateAlias, privateKey, "APJP".toCharArray(), x509CertificateArray);
            certificate = x509Certificate;
        }
        Certificate[] certificateArray = new Certificate[2];
        certificateArray[0] = certificate;
        certificateArray[1] = certificateAuthority;
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        keyStore.load(null, "APJP".toCharArray());
        keyStore.setCertificateEntry("APJP", certificate);
        keyStore.setKeyEntry("APJP", privateKey, "APJP".toCharArray(), certificateArray);
        SSLContext sslContext = SSLContext.getInstance("TLS");
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(keyStore, "APJP".toCharArray());
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        sslContext.init(keyManagerFactory.getKeyManagers(), trustManagerFactory.getTrustManagers(), null);
        SSLServerSocketFactory sslServerSocketFactory = (SSLServerSocketFactory) sslContext.getServerSocketFactory();
        return (SSLServerSocket) sslServerSocketFactory.createServerSocket();
    } catch (Exception e) {
        logger.log(2, "HTTPS/CREATE_SSL_SERVER_SOCKET: EXCEPTION", e);
        throw new HTTPSException("HTTPS/CREATE_SSL_SERVER_SOCKET", e);
    }
}