use of org.mozilla.jss.pkix.cert.CertificateInfo in project jss by dogtagpki.
the class SSLClientAuth method makeCert.
/**
* Method that generates a certificate for given credential
*
* @param issuerName
* @param subjectName
* @param serialNumber
* @param privKey
* @param pubKey
* @param rand
* @param extensions
* @throws java.lang.Exception
* @return Certificate
*/
public static Certificate makeCert(String issuerName, String subjectName, int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand, SEQUENCE extensions) throws Exception {
AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier(sigAlg.toOID());
Name issuer = new Name();
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla");
issuer.addOrganizationalUnitName("JSS Testing" + rand);
issuer.addCommonName(issuerName);
Name subject = new Name();
subject.addCountryName("US");
subject.addOrganizationName("Mozilla");
subject.addOrganizationalUnitName("JSS Testing" + rand);
subject.addCommonName(subjectName);
Calendar cal = Calendar.getInstance();
Date notBefore = cal.getTime();
cal.add(Calendar.YEAR, 1);
Date notAfter = cal.getTime();
SubjectPublicKeyInfo.Template spkiTemp = new SubjectPublicKeyInfo.Template();
SubjectPublicKeyInfo spki = (SubjectPublicKeyInfo) ASN1Util.decode(spkiTemp, pubKey.getEncoded());
CertificateInfo info = new CertificateInfo(CertificateInfo.v3, new INTEGER(serialNumber), sigAlgID, issuer, notBefore, notAfter, subject, spki);
if (extensions != null) {
info.setExtensions(extensions);
}
return new Certificate(info, privKey, sigAlg);
}
use of org.mozilla.jss.pkix.cert.CertificateInfo in project jss by dogtagpki.
the class GenerateTestCert method makeCert.
/**
* Method that generates a certificate for given credential
*
* @param issuerName
* @param subjectName
* @param serialNumber
* @param privKey
* @param pubKey
* @param rand
* @param extensions
* @throws java.lang.Exception
* @return
*/
private Certificate makeCert(String issuerName, String subjectName, int serialNumber, PrivateKey privKey, PublicKey pubKey, int rand, SEQUENCE extensions) throws Exception {
AlgorithmIdentifier sigAlgID = new AlgorithmIdentifier(sigAlg.toOID());
Name issuer = new Name();
issuer.addCountryName("US");
issuer.addOrganizationName("Mozilla");
issuer.addOrganizationalUnitName("JSS Testing" + rand);
issuer.addCommonName(issuerName);
Name subject = new Name();
subject.addCountryName("US");
subject.addOrganizationName("Mozilla");
subject.addOrganizationalUnitName("JSS Testing" + rand);
subject.addCommonName(subjectName);
Calendar cal = Calendar.getInstance();
Date notBefore = cal.getTime();
cal.add(Calendar.YEAR, 1);
Date notAfter = cal.getTime();
SubjectPublicKeyInfo.Template spkiTemp = new SubjectPublicKeyInfo.Template();
SubjectPublicKeyInfo spki = (SubjectPublicKeyInfo) ASN1Util.decode(spkiTemp, pubKey.getEncoded());
CertificateInfo info = new CertificateInfo(CertificateInfo.v3, new INTEGER(serialNumber), sigAlgID, issuer, notBefore, notAfter, subject, spki);
if (extensions != null) {
info.setExtensions(extensions);
}
return new Certificate(info, privKey, sigAlg);
}
use of org.mozilla.jss.pkix.cert.CertificateInfo in project jss by dogtagpki.
the class VerifyCert method showCert.
public void showCert(String certFile) {
// Read the cert
try (FileInputStream fis = new FileInputStream(certFile);
BufferedInputStream bis = new BufferedInputStream(fis)) {
Certificate cert = (Certificate) Certificate.getTemplate().decode(bis);
// output the cert
CertificateInfo info = cert.getInfo();
info.print(System.out);
// verify the signature of the cert only
// cert.verify();
} catch (Exception ex) {
ex.printStackTrace();
System.exit(1);
}
}
use of org.mozilla.jss.pkix.cert.CertificateInfo in project jss by dogtagpki.
the class ListCerts method main.
public static void main(String[] args) {
try {
if (args.length != 2) {
System.out.println("Usage: ListCerts <dbdir> <nickname>");
return;
}
String nickname = args[1];
CryptoManager cm = CryptoManager.getInstance();
X509Certificate[] certs = cm.findCertsByNickname(nickname);
System.out.println(certs.length + " certs found with this nickname.");
for (int i = 0; i < certs.length; i++) {
System.out.println("\nSubject: " + certs[i].getSubjectDN());
Certificate cert = (Certificate) ASN1Util.decode(Certificate.getTemplate(), certs[i].getEncoded());
CertificateInfo info = cert.getInfo();
OBJECT_IDENTIFIER sigalg = info.getSignatureAlgId().getOID();
System.out.println("Signature oid " + info.getSignatureAlgId().getOID());
SEQUENCE extensions = info.getExtensions();
for (int j = 0; j < extensions.size(); j++) {
Extension ext = (Extension) extensions.elementAt(i);
OBJECT_IDENTIFIER oid = ext.getExtnId();
OCTET_STRING value = ext.getExtnValue();
System.out.println("Extension " + oid.toString());
if (ext.getCritical()) {
System.out.println("Critical extension: " + oid.toString());
} else {
System.out.println("NON Critical extension: " + oid.toString());
}
}
System.out.println("Convert to JDK cert");
// Convert to JDK certificate
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream bais = new ByteArrayInputStream(certs[i].getEncoded());
java.security.cert.X509Certificate jdkCert = (java.security.cert.X509Certificate) cf.generateCertificate(bais);
bais.close();
System.out.println("Subject " + jdkCert.getSubjectX500Principal());
System.out.println("Signature oid " + jdkCert.getSigAlgName());
/* non critical extensions */
Set<String> nonCritSet = jdkCert.getNonCriticalExtensionOIDs();
if (nonCritSet != null && !nonCritSet.isEmpty()) {
for (Iterator<String> j = nonCritSet.iterator(); j.hasNext(); ) {
String oid = j.next();
System.out.println(oid);
}
} else {
System.out.println("no NON Critical Extensions");
}
/* critical extensions */
Set<String> critSet = jdkCert.getCriticalExtensionOIDs();
if (critSet != null && !critSet.isEmpty()) {
System.out.println("Set of critical extensions:");
for (Iterator<String> j = critSet.iterator(); j.hasNext(); ) {
String oid = j.next();
System.out.println(oid);
}
} else {
System.out.println("no Critical Extensions");
}
}
System.out.println("END");
} catch (Exception e) {
e.printStackTrace();
System.exit(1);
}
System.exit(0);
}
Aggregations