Example 36 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project candlepin by candlepin.
the class X509CRLEntryStreamTest method testIterateOverSerials.
@Test
public void testIterateOverSerials() throws Exception {
InputStream referenceStream = new FileInputStream(derFile);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
X509CRL referenceCrl = (X509CRL) cf.generateCRL(referenceStream);
Set<BigInteger> referenceSerials = new HashSet<>();
for (X509CRLEntry entry : referenceCrl.getRevokedCertificates()) {
referenceSerials.add(entry.getSerialNumber());
}
X509CRLEntryStream stream = new X509CRLEntryStream(derFile);
try {
Set<BigInteger> streamedSerials = new HashSet<>();
while (stream.hasNext()) {
streamedSerials.add(getSerial(stream.next()));
}
assertEquals(referenceSerials, streamedSerials);
} finally {
referenceStream.close();
stream.close();
}
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
X509CRL(java.security.cert.X509CRL)
BufferedInputStream(java.io.BufferedInputStream)
FileInputStream(java.io.FileInputStream)
Base64InputStream(org.apache.commons.codec.binary.Base64InputStream)
InputStream(java.io.InputStream)
BigInteger(java.math.BigInteger)
CertificateFactory(java.security.cert.CertificateFactory)
FileInputStream(java.io.FileInputStream)
HashSet(java.util.HashSet)
Test(org.junit.Test)
Example 37 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project keystore-explorer by kaikramer.
the class RevokedCertsTableModel method load.
/**
* Load the RevokedCertsTableModel with an array of X.509 CRL entries.
*
* @param revokedCerts
* The X.509 CRL entries
*/
public void load(X509CRLEntry[] revokedCerts) {
TreeMap<BigInteger, X509CRLEntry> sortedRevokedCerts = new TreeMap<BigInteger, X509CRLEntry>();
for (int i = 0; i < revokedCerts.length; i++) {
sortedRevokedCerts.put(revokedCerts[i].getSerialNumber(), revokedCerts[i]);
}
data = new Object[sortedRevokedCerts.size()][2];
int i = 0;
for (Iterator<?> itr = sortedRevokedCerts.entrySet().iterator(); itr.hasNext(); i++) {
X509CRLEntry x509CrlEntry = (X509CRLEntry) ((Map.Entry) itr.next()).getValue();
data[i][0] = x509CrlEntry.getSerialNumber();
data[i][1] = x509CrlEntry.getRevocationDate();
}
fireTableDataChanged();
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
BigInteger(java.math.BigInteger)
TreeMap(java.util.TreeMap)
TreeMap(java.util.TreeMap)
Map(java.util.Map)
Example 38 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project keystore-explorer by kaikramer.
the class DViewCrl method crlEntrySelection.
private void crlEntrySelection() {
int row = jtRevokedCerts.getSelectedRow();
if (row != -1) {
BigInteger serialNumber = (BigInteger) jtRevokedCerts.getValueAt(row, 0);
Set<?> revokedCertsSet = crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (Iterator<?> itr = revokedCertsSet.iterator(); itr.hasNext(); ) {
X509CRLEntry entry = (X509CRLEntry) itr.next();
if (serialNumber.equals(entry.getSerialNumber())) {
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry.hasExtensions()) {
jbCrlEntryExtensions.setEnabled(true);
return;
}
}
jbCrlEntryExtensions.setEnabled(false);
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
BigInteger(java.math.BigInteger)
Point(java.awt.Point)
Example 39 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project iaf by ibissource.
the class CrlPipe method doPipe.
@Override
public PipeRunResult doPipe(Message message, PipeLineSession session) throws PipeRunException {
X509CRL crl;
try (InputStream inputStream = message.asInputStream()) {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
crl = (X509CRL) cf.generateCRL(inputStream);
} catch (CertificateException | IOException | CRLException e) {
throw new PipeRunException(this, "Could not read CRL", e);
}
String result = null;
if (isCRLOK(crl, (InputStream) session.get(getIssuerSessionKey()))) {
XmlBuilder root = new XmlBuilder("SerialNumbers");
Iterator<? extends X509CRLEntry> it = crl.getRevokedCertificates().iterator();
while (it.hasNext()) {
X509CRLEntry e = (X509CRLEntry) it.next();
XmlBuilder serialNumber = new XmlBuilder("SerialNumber");
serialNumber.setValue(e.getSerialNumber().toString(16));
root.addSubElement(serialNumber);
}
result = root.toXML();
}
return new PipeRunResult(getSuccessForward(), result);
}
Also used :
X509CRL(java.security.cert.X509CRL)
InputStream(java.io.InputStream)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
CertificateFactory(java.security.cert.CertificateFactory)
PipeRunResult(nl.nn.adapterframework.core.PipeRunResult)
X509CRLEntry(java.security.cert.X509CRLEntry)
PipeRunException(nl.nn.adapterframework.core.PipeRunException)
XmlBuilder(nl.nn.adapterframework.util.XmlBuilder)
CRLException(java.security.cert.CRLException)
Example 40 with X509CRLEntry
use of java.security.cert.X509CRLEntry in project jruby-openssl by jruby.
the class X509CRL method initialize.
@JRubyMethod(name = "initialize", rest = true, visibility = Visibility.PRIVATE)
public IRubyObject initialize(final ThreadContext context, final IRubyObject[] args, final Block block) {
final Ruby runtime = context.runtime;
this.extensions = runtime.newArray(8);
if (Arity.checkArgumentCount(runtime, args, 0, 1) == 0)
return this;
final ByteList strList = args[0].asString().getByteList();
final byte[] bytes = strList.unsafeBytes();
final int offset = strList.getBegin();
final int length = strList.getRealSize();
try {
if (avoidJavaSecurity) {
this.crlHolder = parseCRLHolder(bytes, offset, length);
} else {
this.crl = generateCRL(bytes, offset, length);
}
} catch (IOException e) {
debugStackTrace(runtime, e);
throw newCRLError(runtime, e);
} catch (GeneralSecurityException e) {
debugStackTrace(runtime, e);
throw newCRLError(runtime, e);
}
set_last_update(context, RubyTime.newTime(runtime, crl.getThisUpdate().getTime()));
set_next_update(context, RubyTime.newTime(runtime, crl.getNextUpdate().getTime()));
set_issuer(X509Name.newName(runtime, crl.getIssuerX500Principal()));
final int version = crl.getVersion();
this.version = runtime.newFixnum(version > 0 ? version - 1 : 2);
extractExtensions(context);
Set<? extends X509CRLEntry> revokedCRLs = crl.getRevokedCertificates();
if (revokedCRLs != null && !revokedCRLs.isEmpty()) {
final X509CRLEntry[] revokedSorted = revokedCRLs.toArray(new X509CRLEntry[revokedCRLs.size()]);
Arrays.sort(revokedSorted, 0, revokedSorted.length, new Comparator<X509CRLEntry>() {
public int compare(X509CRLEntry o1, X509CRLEntry o2) {
return o1.getRevocationDate().compareTo(o2.getRevocationDate());
}
});
for (X509CRLEntry entry : revokedSorted) {
revoked().append(X509Revoked.newInstance(context, entry));
}
}
this.changed = false;
return this;
}
Also used :
X509CRLEntry(java.security.cert.X509CRLEntry)
ByteList(org.jruby.util.ByteList)
GeneralSecurityException(java.security.GeneralSecurityException)
IOException(java.io.IOException)
Ruby(org.jruby.Ruby)
JRubyMethod(org.jruby.anno.JRubyMethod)
Aggregations
X509CRLEntry (java.security.cert.X509CRLEntry)40
BigInteger (java.math.BigInteger)20
X509CRL (java.security.cert.X509CRL)18
IOException (java.io.IOException)13
Date (java.util.Date)13
CRLException (java.security.cert.CRLException)11
HashSet (java.util.HashSet)11
Test (org.junit.Test)11
File (java.io.File)10
BufferedOutputStream (java.io.BufferedOutputStream)9
FileOutputStream (java.io.FileOutputStream)9
OutputStream (java.io.OutputStream)9
CertificateException (java.security.cert.CertificateException)6
CertificateFactory (java.security.cert.CertificateFactory)6
X509Certificate (java.security.cert.X509Certificate)6
X509CRLHolder (org.bouncycastle.cert.X509CRLHolder)6
NoSuchProviderException (java.security.NoSuchProviderException)5
X509v2CRLBuilder (org.bouncycastle.cert.X509v2CRLBuilder)5
FileInputStream (java.io.FileInputStream)4
InputStream (java.io.InputStream)4
