Examples with X509CertImpl org.mozilla.jss.netscape.security.x509.X509CertImpl used on opensource projects

Search in sources :

Example 46 with X509CertImpl

use of org.mozilla.jss.netscape.security.x509.X509CertImpl in project ariADDna by StnetixDevTeam.

the class CertFactory method isValid.

public boolean isValid(File certFile) throws KeyStoreException {
    try {
        X509CertImpl cert = (X509CertImpl) getCertByFile(certFile);
        long notBefore = cert.getNotBefore().getTime();
        long notAfter = cert.getNotAfter().getTime();
        long now = System.currentTimeMillis();
        LOGGER.info("Certificate {} is " + (now >= notBefore && now <= notAfter ? "valid" : "not valid"), certFile.getAbsolutePath());
        boolean isActive = persistHelper.isActiveCertificate(getCertSubjectName(cert));
        return now >= notBefore && now <= notAfter && isActive;
    } catch (Exception e) {
        LOGGER.error("Exception: ", e);
        throw new KeyStoreException("Caused by: ", e);
    }
}
Also used : X509CertImpl(sun.security.x509.X509CertImpl) KeyStoreException(com.stnetix.ariaddna.keystore.exceptions.KeyStoreException) KeyStoreException(com.stnetix.ariaddna.keystore.exceptions.KeyStoreException)

Example 47 with X509CertImpl

use of org.mozilla.jss.netscape.security.x509.X509CertImpl in project ariADDna by StnetixDevTeam.

the class KeyFactory method storeCertToKeyStore.

public void storeCertToKeyStore(File certFile, File keyStoreFile) throws KeyStoreException {
    try {
        X509CertImpl cert = (X509CertImpl) certFactory.getCertByFile(certFile);
        String alias = certFactory.getCertSubjectName(cert);
        LOGGER.info("Certificate with filename {} has Subject name {}", certFile.getAbsolutePath(), alias);
        FileInputStream fis = new FileInputStream(keyStoreFile);
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_FORMAT);
        keyStore.load(fis, pass);
        LOGGER.info("KeyStore load successful");
        fis.close();
        keyStore.setCertificateEntry(alias, cert);
        FileOutputStream fos = new FileOutputStream(keyStoreFile);
        keyStore.store(fos, pass);
        LOGGER.info("Certificate with filename {} stored in keyStore with filename {}", certFile.getAbsolutePath(), keyStoreFile.getAbsolutePath());
        fos.close();
    } catch (Exception e) {
        LOGGER.error("Exception: ", e);
        throw new KeyStoreException("Caused by: ", e);
    }
}
Also used : X509CertImpl(sun.security.x509.X509CertImpl) FileOutputStream(java.io.FileOutputStream) KeyStoreException(com.stnetix.ariaddna.keystore.exceptions.KeyStoreException) KeyStore(java.security.KeyStore) FileInputStream(java.io.FileInputStream) KeyStoreException(com.stnetix.ariaddna.keystore.exceptions.KeyStoreException)

Example 48 with X509CertImpl

use of org.mozilla.jss.netscape.security.x509.X509CertImpl in project TLS-Scanner by RUB-NDS.

the class CertificateJudge method isSelfSigned.

public Boolean isSelfSigned() {
    try {
        // Try to verify certificate signature with its own public key
        X509Certificate cert = new X509CertImpl(certificate.getEncoded());
        PublicKey publicKey = cert.getPublicKey();
        cert.verify(publicKey);
        return true;
    } catch (SignatureException | InvalidKeyException ex) {
        return false;
    } catch (Exception e) {
        return null;
    }
}
Also used : PublicKey(java.security.PublicKey) X509CertImpl(sun.security.x509.X509CertImpl) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException) X509Certificate(java.security.cert.X509Certificate) SignatureException(java.security.SignatureException) InvalidKeyException(java.security.InvalidKeyException)

Example 49 with X509CertImpl

use of org.mozilla.jss.netscape.security.x509.X509CertImpl in project meecrowave by apache.

the class Keystores method createSignedCertificate.

private static X509Certificate createSignedCertificate(final X509Certificate cetrificate, final X509Certificate issuerCertificate, final PrivateKey issuerPrivateKey) {
    try {
        Principal issuer = issuerCertificate.getSubjectDN();
        String issuerSigAlg = issuerCertificate.getSigAlgName();
        byte[] inCertBytes = cetrificate.getTBSCertificate();
        X509CertInfo info = new X509CertInfo(inCertBytes);
        info.set(X509CertInfo.ISSUER, (X500Name) issuer);
        // No need to add the BasicContraint for leaf cert
        if (!cetrificate.getSubjectDN().getName().equals("CN=TOP")) {
            CertificateExtensions exts = new CertificateExtensions();
            BasicConstraintsExtension bce = new BasicConstraintsExtension(true, -1);
            exts.set(BasicConstraintsExtension.NAME, new BasicConstraintsExtension(false, bce.getExtensionValue()));
            info.set(X509CertInfo.EXTENSIONS, exts);
        }
        final X509CertImpl outCert = new X509CertImpl(info);
        outCert.sign(issuerPrivateKey, issuerSigAlg);
        return outCert;
    } catch (final Exception ex) {
        throw new IllegalStateException(ex);
    }
}
Also used : BasicConstraintsExtension(sun.security.x509.BasicConstraintsExtension) X509CertInfo(sun.security.x509.X509CertInfo) X509CertImpl(sun.security.x509.X509CertImpl) CertificateExtensions(sun.security.x509.CertificateExtensions) Principal(java.security.Principal)

Example 50 with X509CertImpl

use of org.mozilla.jss.netscape.security.x509.X509CertImpl in project ddf by codice.

the class SignerConditionTest method testIsAltNameSatisfied.

@Test
public void testIsAltNameSatisfied() throws CertificateException {
    Bundle bundle = mock(Bundle.class);
    Map<X509Certificate, List<X509Certificate>> trustedCerts = new HashMap<>();
    X509Certificate key = new X509CertImpl(SignerConditionTest.class.getResourceAsStream("/test.der"));
    trustedCerts.put(key, new ArrayList<>());
    when(bundle.getSignerCertificates(Bundle.SIGNERS_TRUSTED)).thenReturn(trustedCerts);
    SignerCondition principalCondition = new SignerCondition(bundle, new ConditionInfo(SignerCondition.class.getName(), new String[] { "test" }));
    boolean satisfied = principalCondition.isSatisfied();
    assertThat(satisfied, is(true));
    // also check alt name
    principalCondition = new SignerCondition(bundle, new ConditionInfo(SignerCondition.class.getName(), new String[] { "alt-test" }));
    satisfied = principalCondition.isSatisfied();
    assertThat(satisfied, is(true));
}
Also used : ConditionInfo(org.osgi.service.condpermadmin.ConditionInfo) HashMap(java.util.HashMap) Bundle(org.osgi.framework.Bundle) X509CertImpl(sun.security.x509.X509CertImpl) ArrayList(java.util.ArrayList) List(java.util.List) X509Certificate(java.security.cert.X509Certificate) Test(org.junit.Test)

Aggregations

X509CertImpl (sun.security.x509.X509CertImpl)92 CertificateException (java.security.cert.CertificateException)41 IOException (java.io.IOException)31 X509Certificate (java.security.cert.X509Certificate)23 CertPathValidatorException (java.security.cert.CertPathValidatorException)17 BigInteger (java.math.BigInteger)16 PublicKey (java.security.PublicKey)15 X500Name (sun.security.x509.X500Name)14 X509CertInfo (sun.security.x509.X509CertInfo)14 AlgorithmId (sun.security.x509.AlgorithmId)13 CertificateAlgorithmId (sun.security.x509.CertificateAlgorithmId)13 X509CertImpl (org.mozilla.jss.netscape.security.x509.X509CertImpl)12 CertificateSerialNumber (sun.security.x509.CertificateSerialNumber)11 CertificateValidity (sun.security.x509.CertificateValidity)11 CertificateX509Key (sun.security.x509.CertificateX509Key)11 CertificateFactory (java.security.cert.CertificateFactory)10 CertificateVersion (sun.security.x509.CertificateVersion)10 SubjectAlternativeNameExtension (sun.security.x509.SubjectAlternativeNameExtension)9 CertificateIssuerName (sun.security.x509.CertificateIssuerName)8 CertificateSubjectName (sun.security.x509.CertificateSubjectName)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial