Examples of java.security.cert.X509Certificate

• java.security.cert.X509Certificate
  etf.org/rfc/rfc2459.txt"> http://www.ietf.org/rfc/rfc2459.txt .

  The ASN.1 definition of tbsCertificate is:

   TBSCertificate  ::=  SEQUENCE  { version         [0]  EXPLICIT Version DEFAULT v1, serialNumber         CertificateSerialNumber, signature            AlgorithmIdentifier, issuer               Name, validity             Validity, subject              Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID  [1]  IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version must be v2 or v3 subjectUniqueID [2]  IMPLICIT UniqueIdentifier OPTIONAL, -- If present, version must be v2 or v3 extensions      [3]  EXPLICIT Extensions OPTIONAL -- If present, version must be v3 } 

  Certificates are instantiated using a certificate factory. The following is an example of how to instantiate an X.509 certificate:

    InputStream inStream = new FileInputStream("fileName-of-cert"); CertificateFactory cf = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate)cf.generateCertificate(inStream); inStream.close(); 

  @author Hemma Prafullchandra @version 1.40 @see Certificate @see CertificateFactory @see X509Extension

    certificateGenerator.setNotBefore(Calendar.getInstance().getTime());

    certificateGenerator.setPublicKey( pair.getPublic());

    X509Certificate certificate = certificateGenerator.generateX509Certificate(pair.getPrivate());

    java.security.cert.Certificate[] certChain = {(java.security.cert.Certificate) certificate };

    manager.addCertToKeyStore( alias, pair.getPrivate(), certChain );

            signerversion = ((DERInteger)signerInfo.getObjectAt(0)).getValue().intValue();
            // Get the signing certificate
            ASN1Sequence issuerAndSerialNumber = (ASN1Sequence)signerInfo.getObjectAt(1);
            BigInteger serialNumber = ((DERInteger)issuerAndSerialNumber.getObjectAt(1)).getValue();
            for (Iterator i = certs.iterator(); i.hasNext();) {
                X509Certificate cert = (X509Certificate)i.next();
                if (serialNumber.equals(cert.getSerialNumber())) {
                    signCert = cert;
                    break;
                }
            }
            if (signCert == null) {

     */
    public static Object[] verifyCertificates(Certificate certs[], KeyStore keystore, Collection crls, Calendar calendar) {
        if (calendar == null)
            calendar = new GregorianCalendar();
        for (int k = 0; k < certs.length; ++k) {
            X509Certificate cert = (X509Certificate)certs[k];
            String err = verifyCertificate(cert, crls, calendar);
            if (err != null)
                return new Object[]{cert, err};
            try {
                for (Enumeration aliases = keystore.aliases(); aliases.hasMoreElements();) {
                    try {
                        String alias = (String)aliases.nextElement();
                        if (!keystore.isCertificateEntry(alias))
                            continue;
                        X509Certificate certStoreX509 = (X509Certificate)keystore.getCertificate(alias);
                        if (verifyCertificate(certStoreX509, crls, calendar) != null)
                            continue;
                        try {
                            cert.verify(certStoreX509.getPublicKey());
                            return null;
                        }
                        catch (Exception e) {
                            continue;
                        }
                    }
                    catch (Exception ex) {
                    }
                }
            }
            catch (Exception e) {
            }
            int j;
            for (j = 0; j < certs.length; ++j) {
                if (j == k)
                    continue;
                X509Certificate certNext = (X509Certificate)certs[j];
                try {
                    cert.verify(certNext.getPublicKey());
                    break;
                }
                catch (Exception e) {
                }
            }

        BigInteger      serialNumber = isAnds.getCertificateSerialNumber().getValue();
        X509Principal   issuer = new X509Principal(isAnds.getName());

        for (Iterator i = certs.iterator();i.hasNext();)
        {
            X509Certificate cert = (X509Certificate)i.next();
            if (serialNumber.equals(cert.getSerialNumber())
                    && issuer.equals(cert.getIssuerDN()))
            {
                signCert = cert;
                break;
            }
        }

                System.out.print("User : " + principal.getName() + " password : "
                        + principal.getPassword() + "\n");
                }
                // SIGNATURE
                if( ( action & WSConstants.SIGN ) > 0 ){
                    X509Certificate cert = secRes.getCertificate();
                    X500Name principal = (X500Name) secRes.getPrincipal();
                    // Do something whith cert
                    System.out.print("Signature for : "  + principal.getCommonName());
                }
            }

    public void testClientCertificates() throws Exception {
        FtpIoSession session = server.getListener("default")
                .getActiveSessions().iterator().next();
        assertEquals(1, session.getClientCertificates().length);

        X509Certificate cert = (X509Certificate) session
                .getClientCertificates()[0];

        assertTrue(cert.getSubjectDN().toString().contains("FtpClient"));
    }

        LOG.debug("X509Certificate[" + i + "]=" + certificates[i]);
      }
    }
    if ((certificates != null) && (certificates.length == 1))
    {
      X509Certificate certificate = certificates[0];
      certificate.checkValidity();
    }
    else
    {
      standardTrustManager.checkServerTrusted(certificates, authType);
    }

            CertificateFactory cf = CertificateFactory.getInstance(CERTIFICATE_FACTORY_TYPE);
            byte[] caCert = loadCACert(trustStoreLocation);
            try {
                if (caCert != null) {
                    ByteArrayInputStream cabin = new ByteArrayInputStream(caCert);
                    X509Certificate cert = (X509Certificate)cf.generateCertificate(cabin);
                    trustedCertStore.setCertificateEntry(cert.getIssuerDN().toString(), cert);
                    cabin.close();
                }
            } catch (Exception e) {
                LogUtils.log(LOG, Level.WARNING, "FAILED_TO_LOAD_TRUST_STORE",
                             new Object[]{trustStoreLocation, e.getMessage()});

            } else if (attName.equals("ssl_cert")) {
                String certValue = (String) headers.getAttributes().get(
                        "ssl_cert");
                InputStream certStream = new ByteArrayInputStream(certValue
                        .getBytes("8859_1"));
                X509Certificate certificateArray[] = new X509Certificate[1];
                try {
                    certificateArray[0] = (X509Certificate) CertificateFactory
                            .getInstance("X.509").generateCertificate(
                                    certStream);
                } catch (CertificateException err) {

     */
    protected boolean validatePossibleAuthenticationResponse(
            HttpServletRequest request, HttpServletResponse response,
            String pathRequested) throws IOException {
        // Check for certificates in the request attributes
        X509Certificate certificateArray[] = (X509Certificate[]) request
                .getAttribute("javax.servlet.request.X509Certificate");
        if ((certificateArray != null) && (certificateArray.length > 0)) {
            boolean failed = false;
            for (int n = 0; n < certificateArray.length; n++)
                try {