Example 21 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project j2objc by google.
the class X509CRLImpl method toString.
/**
* Returns a printable string of this CRL.
*
* @return value of this CRL in a printable form.
*/
public String toString() {
StringBuffer sb = new StringBuffer();
sb.append("X.509 CRL v" + (version + 1) + "\n");
if (sigAlgId != null)
sb.append("Signature Algorithm: " + sigAlgId.toString() + ", OID=" + (sigAlgId.getOID()).toString() + "\n");
if (issuer != null)
sb.append("Issuer: " + issuer.toString() + "\n");
if (thisUpdate != null)
sb.append("\nThis Update: " + thisUpdate.toString() + "\n");
if (nextUpdate != null)
sb.append("Next Update: " + nextUpdate.toString() + "\n");
if (revokedList.isEmpty())
sb.append("\nNO certificates have been revoked\n");
else {
sb.append("\nRevoked Certificates: " + revokedList.size());
int i = 1;
for (X509CRLEntry entry : revokedList) {
sb.append("\n[" + i++ + "] " + entry.toString());
}
}
if (extensions != null) {
Collection<Extension> allExts = extensions.getAllExtensions();
Object[] objs = allExts.toArray();
sb.append("\nCRL Extensions: " + objs.length);
for (int i = 0; i < objs.length; i++) {
sb.append("\n[" + (i + 1) + "]: ");
Extension ext = (Extension) objs[i];
try {
if (OIDMap.getClass(ext.getExtensionId()) == null) {
sb.append(ext.toString());
byte[] extValue = ext.getExtensionValue();
if (extValue != null) {
DerOutputStream out = new DerOutputStream();
out.putOctetString(extValue);
extValue = out.toByteArray();
HexDumpEncoder enc = new HexDumpEncoder();
sb.append("Extension unknown: " + "DER encoded OCTET string =\n" + enc.encodeBuffer(extValue) + "\n");
}
} else
// sub-class exists
sb.append(ext.toString());
} catch (Exception e) {
sb.append(", Error parsing this extension");
}
}
}
if (signature != null) {
HexDumpEncoder encoder = new HexDumpEncoder();
sb.append("\nSignature:\n" + encoder.encodeBuffer(signature) + "\n");
} else
sb.append("NOT signed yet\n");
return sb.toString();
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
HexDumpEncoder(sun.misc.HexDumpEncoder)
SignatureException(java.security.SignatureException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CRLException(java.security.cert.CRLException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 22 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project robovm by robovm.
the class X509CRLObject method getRevokedCertificate.
public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) {
Enumeration certs = c.getRevokedCertificateEnumeration();
// the issuer
X500Name previousCertificateIssuer = null;
while (certs.hasMoreElements()) {
TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry) certs.nextElement();
if (serialNumber.equals(entry.getUserCertificate().getValue())) {
return new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
}
if (isIndirect && entry.hasExtensions()) {
Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null) {
previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
}
return null;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
Enumeration(java.util.Enumeration)
TBSCertList(org.bouncycastle.asn1.x509.TBSCertList)
X500Name(org.bouncycastle.asn1.x500.X500Name)
X509CRLEntry(java.security.cert.X509CRLEntry)
Example 23 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project jdk8u_jdk by JetBrains.
the class X509CRLImpl method toString.
/**
* Returns a printable string of this CRL.
*
* @return value of this CRL in a printable form.
*/
public String toString() {
StringBuffer sb = new StringBuffer();
sb.append("X.509 CRL v" + (version + 1) + "\n");
if (sigAlgId != null)
sb.append("Signature Algorithm: " + sigAlgId.toString() + ", OID=" + (sigAlgId.getOID()).toString() + "\n");
if (issuer != null)
sb.append("Issuer: " + issuer.toString() + "\n");
if (thisUpdate != null)
sb.append("\nThis Update: " + thisUpdate.toString() + "\n");
if (nextUpdate != null)
sb.append("Next Update: " + nextUpdate.toString() + "\n");
if (revokedList.isEmpty())
sb.append("\nNO certificates have been revoked\n");
else {
sb.append("\nRevoked Certificates: " + revokedList.size());
int i = 1;
for (X509CRLEntry entry : revokedList) {
sb.append("\n[" + i++ + "] " + entry.toString());
}
}
if (extensions != null) {
Collection<Extension> allExts = extensions.getAllExtensions();
Object[] objs = allExts.toArray();
sb.append("\nCRL Extensions: " + objs.length);
for (int i = 0; i < objs.length; i++) {
sb.append("\n[" + (i + 1) + "]: ");
Extension ext = (Extension) objs[i];
try {
if (OIDMap.getClass(ext.getExtensionId()) == null) {
sb.append(ext.toString());
byte[] extValue = ext.getExtensionValue();
if (extValue != null) {
DerOutputStream out = new DerOutputStream();
out.putOctetString(extValue);
extValue = out.toByteArray();
HexDumpEncoder enc = new HexDumpEncoder();
sb.append("Extension unknown: " + "DER encoded OCTET string =\n" + enc.encodeBuffer(extValue) + "\n");
}
} else
// sub-class exists
sb.append(ext.toString());
} catch (Exception e) {
sb.append(", Error parsing this extension");
}
}
}
if (signature != null) {
HexDumpEncoder encoder = new HexDumpEncoder();
sb.append("\nSignature:\n" + encoder.encodeBuffer(signature) + "\n");
} else
sb.append("NOT signed yet\n");
return sb.toString();
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
HexDumpEncoder(sun.misc.HexDumpEncoder)
SignatureException(java.security.SignatureException)
IOException(java.io.IOException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CRLException(java.security.cert.CRLException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 24 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project jdk8u_jdk by JetBrains.
the class X509CRLImpl method encodeInfo.
/**
* Encodes the "to-be-signed" CRL to the OutputStream.
*
* @param out the OutputStream to write to.
* @exception CRLException on encoding errors.
*/
public void encodeInfo(OutputStream out) throws CRLException {
try {
DerOutputStream tmp = new DerOutputStream();
DerOutputStream rCerts = new DerOutputStream();
DerOutputStream seq = new DerOutputStream();
if (// v2 crl encode version
version != 0)
tmp.putInteger(version);
infoSigAlgId.encode(tmp);
if ((version == 0) && (issuer.toString() == null))
throw new CRLException("Null Issuer DN not allowed in v1 CRL");
issuer.encode(tmp);
if (thisUpdate.getTime() < YR_2050)
tmp.putUTCTime(thisUpdate);
else
tmp.putGeneralizedTime(thisUpdate);
if (nextUpdate != null) {
if (nextUpdate.getTime() < YR_2050)
tmp.putUTCTime(nextUpdate);
else
tmp.putGeneralizedTime(nextUpdate);
}
if (!revokedList.isEmpty()) {
for (X509CRLEntry entry : revokedList) {
((X509CRLEntryImpl) entry).encode(rCerts);
}
tmp.write(DerValue.tag_Sequence, rCerts);
}
if (extensions != null)
extensions.encode(tmp, isExplicit);
seq.write(DerValue.tag_Sequence, tmp);
tbsCertList = seq.toByteArray();
out.write(tbsCertList);
} catch (IOException e) {
throw new CRLException("Encoding error: " + e.getMessage());
}
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
IOException(java.io.IOException)
CRLException(java.security.cert.CRLException)
Example 25 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project jdk8u_jdk by JetBrains.
the class OrderAndDup method main.
public static void main(String[] args) throws Exception {
// Generate 20 serial numbers with dup and a special order
int count = 20;
BigInteger[] serials = new BigInteger[count];
for (int i = 0; i < count; i++) {
serials[i] = BigInteger.valueOf(i * 7 % 10);
}
// Generates a CRL
X509CRLEntry[] badCerts = new X509CRLEntry[count];
for (int i = 0; i < count; i++) {
badCerts[i] = new X509CRLEntryImpl(serials[i], new Date(System.currentTimeMillis() + i * 1000));
}
X500Name owner = new X500Name("CN=CA");
X509CRLImpl crl = new X509CRLImpl(owner, new Date(), new Date(), badCerts);
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
crl.sign(kpg.genKeyPair().getPrivate(), "SHA1withRSA");
byte[] data = crl.getEncodedInternal();
// Check the encoding
checkData(crl, data, serials);
// Load a CRL from raw data
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509CRLImpl crl2 = (X509CRLImpl) cf.generateCRL(new ByteArrayInputStream(data));
// Check the encoding again
data = crl2.getEncodedInternal();
checkData(crl2, data, serials);
}
Also used :
KeyPairGenerator(java.security.KeyPairGenerator)
CertificateFactory(java.security.cert.CertificateFactory)
Date(java.util.Date)
X509CRLEntry(java.security.cert.X509CRLEntry)
ByteArrayInputStream(java.io.ByteArrayInputStream)
BigInteger(java.math.BigInteger)
Aggregations
X509CRLEntry (java.security.cert.X509CRLEntry)40
BigInteger (java.math.BigInteger)20
X509CRL (java.security.cert.X509CRL)18
IOException (java.io.IOException)13
Date (java.util.Date)13
CRLException (java.security.cert.CRLException)11
HashSet (java.util.HashSet)11
Test (org.junit.Test)11
File (java.io.File)10
BufferedOutputStream (java.io.BufferedOutputStream)9
FileOutputStream (java.io.FileOutputStream)9
OutputStream (java.io.OutputStream)9
CertificateException (java.security.cert.CertificateException)6
CertificateFactory (java.security.cert.CertificateFactory)6
X509Certificate (java.security.cert.X509Certificate)6
X509CRLHolder (org.bouncycastle.cert.X509CRLHolder)6
NoSuchProviderException (java.security.NoSuchProviderException)5
X509v2CRLBuilder (org.bouncycastle.cert.X509v2CRLBuilder)5
FileInputStream (java.io.FileInputStream)4
InputStream (java.io.InputStream)4
