Examples with CRLReasonExtension org.mozilla.jss.netscape.security.x509.CRLReasonExtension used on opensource projects

Search in sources :

Example 1 with CRLReasonExtension

use of org.mozilla.jss.netscape.security.x509.CRLReasonExtension in project jss by dogtagpki.

the class EnumerationZeroTest method buildCrl.

/**
 * Build a CRL using JSS
 * @param useZero whether or not to try creating a CRLEntry with the reason set to "unspecified"
 * @return an X509CRL object
 * @throws Exception if anything goes wrong
 */
public static X509CRL buildCrl(boolean useZero) throws Exception {
    KeyPairGenerator generator = KeyPairGenerator.getInstance("RSA");
    generator.initialize(2048);
    KeyPair kp = generator.generateKeyPair();
    List<RevokedCertificate> revokedCerts = new ArrayList<>();
    for (int i = 0; i <= 10; i++) {
        // 7 is an unused value in the enumeration
        if (i == 7 || (i == 0 && !useZero)) {
            continue;
        }
        CRLReasonExtension reasonExt = new CRLReasonExtension(RevocationReason.fromInt(i));
        outputExtension(reasonExt);
        CRLExtensions entryExtensions = new CRLExtensions();
        entryExtensions.add(reasonExt);
        revokedCerts.add(new RevokedCertImpl(BigInteger.valueOf(i), new Date(), entryExtensions));
    }
    CRLExtensions crlExtensions = new CRLExtensions();
    crlExtensions.add(new CRLNumberExtension(BigInteger.ONE));
    crlExtensions.add(buildAuthorityKeyIdentifier((RSAPublicKey) kp.getPublic()));
    X500Name issuer = new X500Name("CN=Test");
    Date now = new Date();
    Calendar calendar = Calendar.getInstance();
    calendar.add(Calendar.DAY_OF_MONTH, 365);
    Date until = calendar.getTime();
    X509CRLImpl crlImpl = new X509CRLImpl(issuer, now, until, revokedCerts.toArray(new RevokedCertificate[] {}), crlExtensions);
    crlImpl.sign(kp.getPrivate(), "SHA256withRSA");
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    byte[] data = crlImpl.getEncoded();
    return (X509CRL) cf.generateCRL(new ByteArrayInputStream(data));
}
Also used : KeyPair(java.security.KeyPair) X509CRL(java.security.cert.X509CRL) Calendar(java.util.Calendar) ArrayList(java.util.ArrayList) RevokedCertificate(org.mozilla.jss.netscape.security.x509.RevokedCertificate) KeyPairGenerator(java.security.KeyPairGenerator) X500Name(org.mozilla.jss.netscape.security.x509.X500Name) CertificateFactory(java.security.cert.CertificateFactory) Date(java.util.Date) RevokedCertImpl(org.mozilla.jss.netscape.security.x509.RevokedCertImpl) RSAPublicKey(java.security.interfaces.RSAPublicKey) ByteArrayInputStream(java.io.ByteArrayInputStream) CRLReasonExtension(org.mozilla.jss.netscape.security.x509.CRLReasonExtension) CRLNumberExtension(org.mozilla.jss.netscape.security.x509.CRLNumberExtension) X509CRLImpl(org.mozilla.jss.netscape.security.x509.X509CRLImpl) CRLExtensions(org.mozilla.jss.netscape.security.x509.CRLExtensions)

Example 2 with CRLReasonExtension

use of org.mozilla.jss.netscape.security.x509.CRLReasonExtension in project jss by dogtagpki.

the class EnumerationZeroTest method outputExtension.

/**
 * Output the DER encoding of a CRLExtension for examination
 */
public static void outputExtension(CRLReasonExtension ext) throws Exception {
    ByteArrayOutputStream resultBytesOut = new ByteArrayOutputStream();
    ext.encode(resultBytesOut);
    byte[] encodedBytes = resultBytesOut.toByteArray();
    System.out.print("Full encoded extension: " + toHex(encodedBytes));
    Extension reasonExt = new Extension(new DerValue(encodedBytes));
    System.out.print("\tEncoded CRL Reason: " + toHex(reasonExt.getExtensionValue()));
    DerValue reasonValue = new DerValue(reasonExt.getExtensionValue());
    System.out.println("\tReason value: " + reasonValue.getEnumerated());
}
Also used : AuthorityKeyIdentifierExtension(org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension) CRLNumberExtension(org.mozilla.jss.netscape.security.x509.CRLNumberExtension) CRLReasonExtension(org.mozilla.jss.netscape.security.x509.CRLReasonExtension) Extension(org.mozilla.jss.netscape.security.x509.Extension) DerValue(org.mozilla.jss.netscape.security.util.DerValue) ByteArrayOutputStream(java.io.ByteArrayOutputStream)

Example 3 with CRLReasonExtension

use of org.mozilla.jss.netscape.security.x509.CRLReasonExtension in project jss by dogtagpki.

the class ExtPrettyPrint method getCRLReasonExtension.

/**
 * String Representation of CRLReasonExtension
 */
private String getCRLReasonExtension() {
    StringBuffer sb = new StringBuffer();
    try {
        sb.append(pp.indent(mIndentSize) + mResource.getString(PrettyPrintResources.TOKEN_IDENTIFIER));
        sb.append(mResource.getString(PrettyPrintResources.TOKEN_REVOCATION_REASON) + "- " + mExt.getExtensionId().toString() + "\n");
        sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_CRITICAL));
        CRLReasonExtension ext = (CRLReasonExtension) mExt;
        if (mExt.isCritical()) {
            sb.append(mResource.getString(PrettyPrintResources.TOKEN_YES) + "\n");
        } else {
            sb.append(mResource.getString(PrettyPrintResources.TOKEN_NO) + "\n");
        }
        sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_REASON) + ext.getReason().toString() + "\n");
        return sb.toString();
    } catch (Exception e) {
        return "";
    }
}
Also used : CRLReasonExtension(org.mozilla.jss.netscape.security.x509.CRLReasonExtension) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException)

Aggregations

CRLReasonExtension (org.mozilla.jss.netscape.security.x509.CRLReasonExtension)3 CRLNumberExtension (org.mozilla.jss.netscape.security.x509.CRLNumberExtension)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 IOException (java.io.IOException)1 KeyPair (java.security.KeyPair)1 KeyPairGenerator (java.security.KeyPairGenerator)1 CertificateException (java.security.cert.CertificateException)1 CertificateFactory (java.security.cert.CertificateFactory)1 X509CRL (java.security.cert.X509CRL)1 RSAPublicKey (java.security.interfaces.RSAPublicKey)1 ArrayList (java.util.ArrayList)1 Calendar (java.util.Calendar)1 Date (java.util.Date)1 DerValue (org.mozilla.jss.netscape.security.util.DerValue)1 AuthorityKeyIdentifierExtension (org.mozilla.jss.netscape.security.x509.AuthorityKeyIdentifierExtension)1 CRLExtensions (org.mozilla.jss.netscape.security.x509.CRLExtensions)1 Extension (org.mozilla.jss.netscape.security.x509.Extension)1 RevokedCertImpl (org.mozilla.jss.netscape.security.x509.RevokedCertImpl)1 RevokedCertificate (org.mozilla.jss.netscape.security.x509.RevokedCertificate)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial