use of org.mozilla.jss.netscape.security.util.BitArray in project jss by dogtagpki.
the class CRLDistributionPoint method main.
public static void main(String[] args) throws GeneralNamesException, IOException, InvalidBERException {
try (FileOutputStream fos = new FileOutputStream(args[0]);
ByteArrayOutputStream bos = new ByteArrayOutputStream()) {
if (args.length != 1) {
System.out.println("Usage: CRLDistributionPoint <outfile>");
System.exit(-1);
}
SEQUENCE cdps = new SEQUENCE();
// URI only
CRLDistributionPoint cdp = new CRLDistributionPoint();
URIName uri = new URIName("http://www.mycrl.com/go/here");
GeneralNames generalNames = new GeneralNames();
generalNames.addElement(uri);
cdp.setFullName(generalNames);
cdps.addElement(cdp);
// DN only
cdp = new CRLDistributionPoint();
X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" + ",OU=Certificate Server,O=Fedora,C=US");
generalNames = new GeneralNames();
generalNames.addElement(dn);
cdp.setFullName(generalNames);
cdps.addElement(cdp);
// DN + reason
BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 });
cdp = new CRLDistributionPoint();
cdp.setFullName(generalNames);
cdp.setReasons(ba);
cdps.addElement(cdp);
// relative DN + reason + crlIssuer
cdp = new CRLDistributionPoint();
RDN rdn = new RDN("OU=foobar dept");
cdp.setRelativeName(rdn);
cdp.setReasons(ba);
cdp.setCRLIssuer(generalNames);
cdps.addElement(cdp);
cdps.encode(bos);
byte[] encoded = bos.toByteArray();
fos.write(encoded);
SEQUENCE.OF_Template seqt = new SEQUENCE.OF_Template(getTemplate());
cdps = (SEQUENCE) ASN1Util.decode(seqt, encoded);
int size = cdps.size();
System.out.println("Total number of CDPs: " + size);
for (int i = 0; i < size; i++) {
System.out.println("\nCDP " + i);
cdp = (CRLDistributionPoint) cdps.elementAt(i);
GeneralNames gn = cdp.getFullName();
if (gn == null) {
System.out.println("No full name");
} else {
System.out.println(gn);
}
rdn = cdp.getRelativeName();
if (rdn == null) {
System.out.println("No relative name");
} else {
System.out.println(rdn);
}
if (cdp.getReasons() == null) {
System.out.println("No reasons");
} else {
System.out.println(cdp.getReasons());
}
gn = cdp.getCRLIssuer();
if (gn == null) {
System.out.println("No cRLIssuer");
} else {
System.out.println(gn);
}
}
System.out.println("Done");
}
}
use of org.mozilla.jss.netscape.security.util.BitArray in project jss by dogtagpki.
the class FreshestCRLExtension method main.
/**
* Test driver.
*/
public static void main(String[] args) {
BufferedOutputStream bos = null;
try {
if (args.length != 1) {
System.out.println("Usage: FreshestCRLExtentions " + "<outfile>");
System.exit(-1);
}
bos = new BufferedOutputStream(new FileOutputStream(args[0]));
// URI only
CRLDistributionPoint cdp = new CRLDistributionPoint();
URIName uri = new URIName("http://www.mycrl.com/go/here");
GeneralNames generalNames = new GeneralNames();
generalNames.addElement(uri);
cdp.setFullName(generalNames);
FreshestCRLExtension crldpExt = new FreshestCRLExtension(cdp);
// DN only
cdp = new CRLDistributionPoint();
X500Name dn = new X500Name("CN=Otis Smith,E=otis@fedoraproject.org" + ",OU=Certificate Server,O=Fedora,C=US");
generalNames = new GeneralNames();
generalNames.addElement(dn);
cdp.setFullName(generalNames);
crldpExt.addPoint(cdp);
// DN + reason
BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 });
cdp = new CRLDistributionPoint();
cdp.setFullName(generalNames);
cdp.setReasons(ba);
crldpExt.addPoint(cdp);
// relative DN + reason + crlIssuer
cdp = new CRLDistributionPoint();
RDN rdn = new RDN("OU=foobar dept");
cdp.setRelativeName(rdn);
cdp.setReasons(ba);
cdp.setCRLIssuer(generalNames);
crldpExt.addPoint(cdp);
crldpExt.setCritical(true);
crldpExt.encode(bos);
} catch (Exception e) {
e.printStackTrace();
} finally {
if (bos != null) {
try {
bos.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
use of org.mozilla.jss.netscape.security.util.BitArray in project jss by dogtagpki.
the class EnumerationZeroTest method buildAuthorityKeyIdentifier.
/**
* Calculate the KeyIdentifier for an RSAPublicKey and place it in an AuthorityKeyIdentifier extension.
*
* Java encodes RSA public keys using the SubjectPublicKeyInfo type described in RFC 5280.
* <pre>
* SubjectPublicKeyInfo ::= SEQUENCE {
* algorithm AlgorithmIdentifier,
* subjectPublicKey BIT STRING }
*
* AlgorithmIdentifier ::= SEQUENCE {
* algorithm OBJECT IDENTIFIER,
* parameters ANY DEFINED BY algorithm OPTIONAL }
* </pre>
*
* A KeyIdentifier is a SHA-1 digest of the subjectPublicKey bit string from the ASN.1 above.
*
* @param key the RSAPublicKey to use
* @return an AuthorityKeyIdentifierExtension based on the key
* @throws IOException if we can't construct a MessageDigest object.
*/
public static AuthorityKeyIdentifierExtension buildAuthorityKeyIdentifier(RSAPublicKey key) throws IOException {
try {
MessageDigest d = MessageDigest.getInstance("SHA-1");
byte[] encodedKey = key.getEncoded();
DerInputStream s = new DerValue(encodedKey).toDerInputStream();
// Skip the first item in the sequence, AlgorithmIdentifier.
// The parameter, startLen, is required for skipSequence although it's unused.
s.skipSequence(0);
// Get the subjectPublicKey bit string
BitArray b = s.getUnalignedBitString();
byte[] digest = d.digest(b.toByteArray());
KeyIdentifier ki = new KeyIdentifier(digest);
return new AuthorityKeyIdentifierExtension(ki, null, null);
} catch (NoSuchAlgorithmException e) {
throw new IOException("Could not find SHA1 implementation", e);
}
}
use of org.mozilla.jss.netscape.security.util.BitArray in project jss by dogtagpki.
the class IssuingDistributionPoint method main.
public static void main(String[] args) {
BufferedOutputStream bos = null;
try {
if (args.length != 1) {
System.out.println("Usage: IssuingDistributionPoint <outfile>");
System.exit(-1);
}
bos = new BufferedOutputStream(new FileOutputStream(args[0]));
SEQUENCE idps = new SEQUENCE();
IssuingDistributionPoint idp = new IssuingDistributionPoint();
X500Name dn = new X500Name("CN=Skovw Wjasldk,E=nicolson@netscape.com" + ",OU=Certificate Server,O=Netscape,C=US");
GeneralNames generalNames = new GeneralNames();
generalNames.addElement(dn);
idp.setFullName(generalNames);
idps.addElement(idp);
idp = new IssuingDistributionPoint();
URIName uri = new URIName("http://www.mycrl.com/go/here");
generalNames = new GeneralNames();
generalNames.addElement(uri);
idp.setFullName(generalNames);
idp.setOnlyContainsUserCerts(true);
idp.setOnlyContainsCACerts(true);
idp.setIndirectCRL(true);
BitArray ba = new BitArray(5, new byte[] { (byte) 0x28 });
idp.setOnlySomeReasons(ba);
idps.addElement(idp);
idps.encode(bos);
} catch (Exception e) {
e.printStackTrace();
} finally {
if (bos != null) {
try {
bos.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
Aggregations