Examples of org.apache.geronimo.crypto.asn1.x509.TBSCertList

• org.bouncycastle.asn1.x509.TBSCertList
  PKIX RFC-2459 - TBSCertList object.

   TBSCertList  ::=  SEQUENCE  { version                 Version OPTIONAL, -- if present, shall be v2 signature               AlgorithmIdentifier, issuer                  Name, thisUpdate              Time, nextUpdate              Time OPTIONAL, revokedCertificates     SEQUENCE OF SEQUENCE  { userCertificate         CertificateSerialNumber, revocationDate          Time, crlEntryExtensions      Extensions OPTIONAL -- if present, shall be v2 }  OPTIONAL, crlExtensions           [0]  EXPLICIT Extensions OPTIONAL -- if present, shall be v2 } 

    public String generateCSR(X509Certificate cert, PrivateKey signingKey)
            throws Exception {

        String sigalg = cert.getSigAlgName();
        X509Name subject = new X509Name(cert.getSubjectDN().toString());
        PublicKey publicKey = cert.getPublicKey();
        ASN1Set attributes = null;

        PKCS10CertificationRequest csr = new PKCS10CertificationRequest(sigalg,
                subject, publicKey, attributes, signingKey);

     * @return newly issued certificate
     */
    public Certificate issueCertificate(X500Principal subject, PublicKey publicKey, BigInteger sNo, Date validFromDate, Date validToDate, String algorithm) throws CertificationAuthorityException{
        if(isLocked()) throw new CertificationAuthorityException("CA is locked.");
        try {
            X509Name subName = CaUtils.getX509Name(subject);
            Certificate cert = issueCertificate(subName, caName, sNo, publicKey, caPrivateKey, validFromDate, validToDate, algorithm);
            cert.verify(caPublicKey);
            certStore.storeCertificate(cert);
            return cert;
        } catch(Exception e) {

                String ou = csrProps.getProperty("OU");
                String o = csrProps.getProperty("O");
                String l = csrProps.getProperty("L");
                String st = csrProps.getProperty("ST");
                String c = csrProps.getProperty("C");
                X509Name subject = CaUtils.getX509Name(cn, ou, o, l, st, c);
                Map certReqMap = CaUtils.processSPKAC(spkac);
                // Set the subject and publickey values to be shown in subsequent screens
                response.setRenderParameter("subject", subject.toString());
                response.setRenderParameter("publickey", certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ).toString());
            }
            return CONFIRM_CERT_REQ_MODE+BEFORE_ACTION;
        } catch(Exception e) {
            portlet.addErrorMessage(request, portlet.getLocalizedString(request, "consolebase.errorMsg18", requestId), e.getMessage());

                String ou = csrProps.getProperty("OU");
                String o = csrProps.getProperty("O");
                String l = csrProps.getProperty("L");
                String st = csrProps.getProperty("ST");
                String c = csrProps.getProperty("C");
                X509Name subject = CaUtils.getX509Name(cn, ou, o, l, st, c);
                Map certReqMap = CaUtils.processSPKAC(spkac);
                // Set the subject and publickey values to be displayed in subsequent screens
                response.setRenderParameter("subject", subject.toString());
                response.setRenderParameter("publickey", certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ).toString());
            }
            return CERT_REQ_DETAILS_MODE+BEFORE_ACTION;
        } catch(Exception e) {
            portlet.addErrorMessage(request, portlet.getLocalizedString(request, "consolebase.errorMsg17", requestId), e.getMessage());

                response.setRenderParameter("sNo", sNo.toString());
                portlet.addWarningMessage(request, portlet.getLocalizedString(request, "consolebase.warnMsg06", sNo));
                return VIEW_CERT_MODE;
            }

            X509Name subject = null;
            PublicKey publickey = null;
            // Process the CSR text to get subject details
            String pkcs10certreq = null, certreq = null;
            String challenge = null;
            String requestId = request.getParameter("requestId");
            if(requestId != null && !requestId.equals("")) {
                // Certificate request is being processed using a previously stored request in CertificateRequestStore
                String certreqText = getCertificateRequestStore(request).getRequest(requestId);
                if(certreqText.startsWith(CaUtils.CERT_REQ_HEADER)) {
                    // A PKCS 10 Certificate Request
                    pkcs10certreq = certreqText;
                } else {
                    // Possibly a CSR received through web browser
                    certreq = certreqText;
                }
            } else {
                // No request id is found.  Get the PKCS10 request submitted through form input
                pkcs10certreq = request.getParameter("pkcs10certreq");
            }

            if(pkcs10certreq != null && !"".equals(pkcs10certreq)) {
                // Process PKCS 10 Certificate Request text to get Subject name and public-key
                Map certReqMap = CaUtils.processPKCS10Request(pkcs10certreq);
                subject = (X509Name) certReqMap.get(CaUtils.CERT_REQ_SUBJECT);
                publickey = (PublicKey) certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ);
            } else {
                // This is a custom request containing SPKAC and X509Name attributes received through web browser
                Properties csrProps = new Properties();
                csrProps.load(new ByteArrayInputStream(certreq.getBytes()));
                String spkac = csrProps.getProperty("SPKAC");
                String cn = csrProps.getProperty("CN");
                String ou = csrProps.getProperty("OU");
                String o = csrProps.getProperty("O");
                String l = csrProps.getProperty("L");
                String st = csrProps.getProperty("ST");
                String c = csrProps.getProperty("C");
                subject = CaUtils.getX509Name(cn, ou, o, l, st, c);
                Map certReqMap = CaUtils.processSPKAC(spkac);
                publickey = (PublicKey) certReqMap.get(CaUtils.CERT_REQ_PUBLICKEY_OBJ);
                challenge = (String) certReqMap.get(CaUtils.PKAC_CHALLENGE);
            }

            // Dates have already been validated in the previous screen
            String validFrom = request.getParameter("validFrom");
            String validTo = request.getParameter("validTo");
            DateFormat df = new SimpleDateFormat("MM/dd/yyyy");
            Date validFromDate = df.parse(validFrom);
            Date validToDate = df.parse(validTo);
            String algorithm = request.getParameter("algorithm");
            // Issue certificate
            ca.issueCertificate(new X500Principal(subject.getEncoded()), publickey, sNo, validFromDate, validToDate, algorithm);
            // Store the challenge phrase against the issued certificate serial number
            if(challenge != null && !challenge.equals("")) {
                getCertificateStore(request).setCertificateChallenge(sNo, challenge);
            }

        if (extensions != null)
        {
            tbsGen.setExtensions(new X509Extensions(extOrdering, extensions));
        }

        TBSCertList tbsCrl = tbsGen.generateTBSCertList();

        try
        {
            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
            DEROutputStream         dOut = new DEROutputStream(bOut);

        X509CRL crl)
        throws CRLException
    {
        try
        {
            TBSCertList tbsCertList = TBSCertList.getInstance(
                ASN1Primitive.fromByteArray(crl.getTBSCertList()));

            return new X509Principal(X509Name.getInstance(tbsCertList.getIssuer()));
        }
        catch (IOException e)
        {
            throw new CRLException(e.toString());
        }

    public X509CRL generate(
        PrivateKey      key,
        SecureRandom    random)
        throws CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
    {
        TBSCertList tbsCrl = generateCertList();
        byte[] signature;

        try
        {
            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCrl);

        PrivateKey      key,
        String          provider,
        SecureRandom    random)
        throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
    {
        TBSCertList tbsCrl = generateCertList();
        byte[] signature;

        try
        {
            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCrl);

    public X509CRL generate(
        PrivateKey      key,
        SecureRandom    random)
        throws CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
    {
        TBSCertList tbsCrl = generateCertList();
        byte[] signature;

        try
        {
            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCrl);