Examples with SubjectKeyIdentifierExtension org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension used on opensource projects

Search in sources :

Example 6 with SubjectKeyIdentifierExtension

use of org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension in project j2objc by google.

the class Vertex method certToString.

/**
 * Return string representation of this vertex's
 * certificate information.
 *
 * @returns String representation of certificate info
 */
public String certToString() {
    StringBuilder sb = new StringBuilder();
    X509CertImpl x509Cert = null;
    try {
        x509Cert = X509CertImpl.toImpl(cert);
    } catch (CertificateException ce) {
        if (debug != null) {
            debug.println("Vertex.certToString() unexpected exception");
            ce.printStackTrace();
        }
        return sb.toString();
    }
    sb.append("Issuer:     ").append(x509Cert.getIssuerX500Principal()).append("\n");
    sb.append("Subject:    ").append(x509Cert.getSubjectX500Principal()).append("\n");
    sb.append("SerialNum:  ").append(x509Cert.getSerialNumber().toString(16)).append("\n");
    sb.append("Expires:    ").append(x509Cert.getNotAfter().toString()).append("\n");
    boolean[] iUID = x509Cert.getIssuerUniqueID();
    if (iUID != null) {
        sb.append("IssuerUID:  ");
        for (boolean b : iUID) {
            sb.append(b ? 1 : 0);
        }
        sb.append("\n");
    }
    boolean[] sUID = x509Cert.getSubjectUniqueID();
    if (sUID != null) {
        sb.append("SubjectUID: ");
        for (boolean b : sUID) {
            sb.append(b ? 1 : 0);
        }
        sb.append("\n");
    }
    try {
        SubjectKeyIdentifierExtension sKeyID = x509Cert.getSubjectKeyIdentifierExtension();
        if (sKeyID != null) {
            KeyIdentifier keyID = sKeyID.get(SubjectKeyIdentifierExtension.KEY_ID);
            sb.append("SubjKeyID:  ").append(keyID.toString());
        }
        AuthorityKeyIdentifierExtension aKeyID = x509Cert.getAuthorityKeyIdentifierExtension();
        if (aKeyID != null) {
            KeyIdentifier keyID = (KeyIdentifier) aKeyID.get(AuthorityKeyIdentifierExtension.KEY_ID);
            sb.append("AuthKeyID:  ").append(keyID.toString());
        }
    } catch (IOException e) {
        if (debug != null) {
            debug.println("Vertex.certToString() unexpected exception");
            e.printStackTrace();
        }
    }
    return sb.toString();
}
Also used : SubjectKeyIdentifierExtension(sun.security.x509.SubjectKeyIdentifierExtension) KeyIdentifier(sun.security.x509.KeyIdentifier) X509CertImpl(sun.security.x509.X509CertImpl) AuthorityKeyIdentifierExtension(sun.security.x509.AuthorityKeyIdentifierExtension) CertificateException(java.security.cert.CertificateException) IOException(java.io.IOException)

Example 7 with SubjectKeyIdentifierExtension

use of org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension in project mockserver by mock-server.

the class X509Generator method updateWithCertificateExtensions.

private void updateWithCertificateExtensions(final X509CertInfo x509CertInfo, final PublicKey publicKey, final PublicKey caPublicKey, final Set<String> subjectAlternativeNames) throws IOException, CertificateException {
    CertificateExtensions certificateExtensions = new CertificateExtensions();
    GeneralNames generalNames = subjectAlternativeNames.stream().filter(StringUtils::isNotBlank).map(this::buildGeneralName).filter(Objects::nonNull).collect(Collector.of(GeneralNames::new, GeneralNames::add, // do nothing
    (generalNames1, generalNames2) -> null));
    if (!generalNames.isEmpty()) {
        certificateExtensions.set(SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(Boolean.FALSE, generalNames));
    }
    // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.2
    certificateExtensions.set(SubjectKeyIdentifierExtension.NAME, new SubjectKeyIdentifierExtension(new KeyIdentifier(publicKey).getIdentifier()));
    // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.2
    certificateExtensions.set(AuthorityKeyIdentifierExtension.NAME, new AuthorityKeyIdentifierExtension(new KeyIdentifier(caPublicKey), null, null));
    // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.1
    x509CertInfo.set(X509CertInfo.EXTENSIONS, certificateExtensions);
}
Also used : CertificateValidity(sun.security.x509.CertificateValidity) X509Certificate(java.security.cert.X509Certificate) java.util(java.util) InternetDomainName(com.google.common.net.InternetDomainName) InvalidKeySpecException(java.security.spec.InvalidKeySpecException) SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension) CertificateSerialNumber(sun.security.x509.CertificateSerialNumber) StringUtils(org.apache.commons.lang3.StringUtils) GeneralName(sun.security.x509.GeneralName) IPAddressName(sun.security.x509.IPAddressName) X500Name(sun.security.x509.X500Name) Level(org.slf4j.event.Level) CertificateExtensions(sun.security.x509.CertificateExtensions) BigInteger(java.math.BigInteger) SubjectKeyIdentifierExtension(sun.security.x509.SubjectKeyIdentifierExtension) Collector(java.util.stream.Collector) BasicConstraintsExtension(sun.security.x509.BasicConstraintsExtension) DerValue(sun.security.util.DerValue) KeyUsageExtension(sun.security.x509.KeyUsageExtension) java.security(java.security) KeyIdentifier(sun.security.x509.KeyIdentifier) AuthorityKeyIdentifierExtension(sun.security.x509.AuthorityKeyIdentifierExtension) CertificateSigningRequest(org.mockserver.socket.tls.jdk.CertificateSigningRequest) IOException(java.io.IOException) DNSName(sun.security.x509.DNSName) CertificateException(java.security.cert.CertificateException) X509CertImpl(sun.security.x509.X509CertImpl) CertificateAlgorithmId(sun.security.x509.CertificateAlgorithmId) CertificateX509Key(sun.security.x509.CertificateX509Key) PEMToFile(org.mockserver.socket.tls.PEMToFile) LogEntry(org.mockserver.log.model.LogEntry) CertificateVersion(sun.security.x509.CertificateVersion) MockServerLogger(org.mockserver.logging.MockServerLogger) InetAddresses(com.google.common.net.InetAddresses) GeneralNames(sun.security.x509.GeneralNames) AlgorithmId(sun.security.x509.AlgorithmId) X509CertInfo(sun.security.x509.X509CertInfo) SubjectKeyIdentifierExtension(sun.security.x509.SubjectKeyIdentifierExtension) GeneralNames(sun.security.x509.GeneralNames) KeyIdentifier(sun.security.x509.KeyIdentifier) SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension) AuthorityKeyIdentifierExtension(sun.security.x509.AuthorityKeyIdentifierExtension) CertificateExtensions(sun.security.x509.CertificateExtensions)

Example 8 with SubjectKeyIdentifierExtension

use of org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension in project mockserver by mock-server.

the class X509Generator method updateWithRootCertificateExtensions.

private void updateWithRootCertificateExtensions(final X509CertInfo x509CertInfo, final PublicKey publicKey) throws IOException, CertificateException {
    CertificateExtensions certificateExtensions = new CertificateExtensions();
    // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.9
    certificateExtensions.set(BasicConstraintsExtension.NAME, new BasicConstraintsExtension(// is critical
    true, // is CA
    true, // path length
    -1));
    // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
    boolean[] keyUsage = new boolean[9];
    // keyCertSign
    keyUsage[5] = true;
    certificateExtensions.set(KeyUsageExtension.NAME, new KeyUsageExtension(keyUsage));
    // See: https://tools.ietf.org/html/rfc5280#section-4.2.1.2
    certificateExtensions.set(SubjectKeyIdentifierExtension.NAME, new SubjectKeyIdentifierExtension(new KeyIdentifier(publicKey).getIdentifier()));
    x509CertInfo.set(X509CertInfo.EXTENSIONS, certificateExtensions);
}
Also used : SubjectKeyIdentifierExtension(sun.security.x509.SubjectKeyIdentifierExtension) BasicConstraintsExtension(sun.security.x509.BasicConstraintsExtension) KeyIdentifier(sun.security.x509.KeyIdentifier) CertificateExtensions(sun.security.x509.CertificateExtensions) KeyUsageExtension(sun.security.x509.KeyUsageExtension)

Example 9 with SubjectKeyIdentifierExtension

use of org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension in project jss by dogtagpki.

the class ExtPrettyPrint method getSubjectKeyIdentifier.

/**
 * String Representation of SubjectKeyIdentifierExtension
 */
private String getSubjectKeyIdentifier() {
    StringBuffer sb = new StringBuffer();
    try {
        sb.append(pp.indent(mIndentSize) + mResource.getString(PrettyPrintResources.TOKEN_IDENTIFIER));
        sb.append(mResource.getString(PrettyPrintResources.TOKEN_SKI) + "- " + mExt.getExtensionId().toString() + "\n");
        sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_CRITICAL));
        if (mExt.isCritical()) {
            sb.append(mResource.getString(PrettyPrintResources.TOKEN_YES) + "\n");
        } else {
            sb.append(mResource.getString(PrettyPrintResources.TOKEN_NO) + "\n");
        }
        SubjectKeyIdentifierExtension id = (SubjectKeyIdentifierExtension) mExt;
        KeyIdentifier keyId = (KeyIdentifier) id.get(SubjectKeyIdentifierExtension.KEY_ID);
        if (keyId != null) {
            sb.append(pp.indent(mIndentSize + 4) + mResource.getString(PrettyPrintResources.TOKEN_KEY_ID) + "\n");
            sb.append(pp.toHexString(keyId.getIdentifier(), 24, 16));
        }
        return sb.toString();
    } catch (IOException e) {
        e.printStackTrace();
        return "";
    }
}
Also used : SubjectKeyIdentifierExtension(org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension) KeyIdentifier(org.mozilla.jss.netscape.security.x509.KeyIdentifier) IOException(java.io.IOException)

Aggregations

IOException (java.io.IOException)6 CertificateException (java.security.cert.CertificateException)5 KeyIdentifier (sun.security.x509.KeyIdentifier)5 SubjectKeyIdentifierExtension (sun.security.x509.SubjectKeyIdentifierExtension)5 AuthorityKeyIdentifierExtension (sun.security.x509.AuthorityKeyIdentifierExtension)4 X509CertImpl (sun.security.x509.X509CertImpl)4 BigInteger (java.math.BigInteger)2 SecureRandom (java.security.SecureRandom)2 Date (java.util.Date)2 SubjectKeyIdentifierExtension (org.mozilla.jss.netscape.security.x509.SubjectKeyIdentifierExtension)2 AlgorithmId (sun.security.x509.AlgorithmId)2 BasicConstraintsExtension (sun.security.x509.BasicConstraintsExtension)2 CertificateExtensions (sun.security.x509.CertificateExtensions)2 KeyUsageExtension (sun.security.x509.KeyUsageExtension)2 CertificateAlgorithmId (android.sun.security.x509.CertificateAlgorithmId)1 CertificateExtensions (android.sun.security.x509.CertificateExtensions)1 CertificateIssuerName (android.sun.security.x509.CertificateIssuerName)1 CertificateSerialNumber (android.sun.security.x509.CertificateSerialNumber)1 CertificateSubjectName (android.sun.security.x509.CertificateSubjectName)1 CertificateValidity (android.sun.security.x509.CertificateValidity)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial