Package sun.security.x509

Examples of sun.security.x509.GeneralNameInterface


        }      

        // convert to X509CertImpl, so that we can modify selected fields
        // (no public APIs available yet)
        byte[] encoded = oldCert.getEncoded();
        X509CertImpl certImpl = new X509CertImpl(encoded);
        X509CertInfo certInfo = (X509CertInfo)certImpl.get(X509CertImpl.NAME +
                                "." + X509CertImpl.INFO);      
       
        // get an X509Certificate from the signing_alias
        encoded = signingCert.getEncoded();
        X509CertImpl signingCertImpl = new X509CertImpl(encoded);
        X509CertInfo signingCertInfo = (X509CertInfo)
            signingCertImpl.get(X509CertImpl.NAME
                                + "." + X509CertImpl.INFO);    
       
        // Extend its validity
        int validity = 180// 180 days default
        Date firstDate = new Date();
        Date lastDate = new Date();
        lastDate.setTime(firstDate.getTime() + validity*1000*24*60*60L);
        CertificateValidity interval = new CertificateValidity(firstDate,
                                                               lastDate);
        certInfo.set(X509CertInfo.VALIDITY, interval);
       
        // Make new serial number
        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber
            ((int)(firstDate.getTime()/1000)));

        // Set owner and issuer fields
        X500Name owner;
        // Get the owner name from the certificate
        owner = (X500Name)certInfo.get(X509CertInfo.SUBJECT + "." +
                                       CertificateSubjectName.DN_NAME);

        // Get the issuer name - the owner of the signing certificate
        X500Name issuer;
        issuer = (X500Name)signingCertInfo.get(X509CertInfo.SUBJECT + "." +
                                           CertificateSubjectName.DN_NAME);
       
        certInfo.set(X509CertInfo.ISSUER + "." +
                     CertificateIssuerName.DN_NAME, issuer);
       
        // The inner and outer signature algorithms have to match.
        // The way we achieve that is really ugly, but there seems to be no
        // other solution: We first sign the cert, then retrieve the
        // outer sigalg and use it to set the inner sigalg

        X509CertImpl newCert = new X509CertImpl(certInfo);
        newCert.sign(privKey, sigAlgName);
        AlgorithmId sigAlgid = (AlgorithmId)newCert.get(X509CertImpl.SIG_ALG);
        certInfo.set(CertificateAlgorithmId.NAME + "." +
                     CertificateAlgorithmId.ALGORITHM, sigAlgid);

        // Sign the new certificate
        newCert = new X509CertImpl(certInfo);
        newCert.sign(privKey, sigAlgName);

        // Store the new certificate as a single-element certificate chain
        keyStore.setKeyEntry(signee_alias, privKey,
                             (keyPass != null) ? keyPass : storePass,
                             new Certificate[] { newCert });


        System.err.println("New certificate signed & inserted into KeyStore!");
        System.err.print(newCert.toString());
        System.err.println();
    }
View Full Code Here


      .set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));

    // Sign the cert to identify the algorithm that's used.
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(privkey, algorithm);

    // Update the algorith, and resign.
    algo = (AlgorithmId) cert.get(X509CertImpl.SIG_ALG);
    info
      .set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM,
           algo);
    cert = new X509CertImpl(info);
    cert.sign(privkey, algorithm);
    return cert;
  }
View Full Code Here

                throw new RuntimeException("[" + this + "] ERROR: Cannot make SSL handshake with server(" + ret + "): " + SSL.getLastError());

            try {
                byte[] key = SSLSocket.getInfoB(socket, SSL.SSL_INFO_CLIENT_CERT);
                //*DEBUG*/System.out.println("DEBUG: Server cert:\n"+new ByteBuffer(key).dump());
                sslState.serverCertificateSubjectPublicKeyInfo = new X509CertImpl(key).getPublicKey().getEncoded();
            } catch (Exception e) {
                throw new RuntimeException("[" + this + "] ERROR: Cannot get server public key: ", e);
            }

        } catch (RuntimeException e) {
View Full Code Here

                        if (fc.showDialog(this, "Selectionner") == JFileChooser.APPROVE_OPTION) {
                                tb_certificatpath.setText(fc.getSelectedFile().getAbsolutePath() + File.separator + "certificat.cert");
                                tb_privatekeypath.setText(fc.getSelectedFile().getAbsolutePath() + File.separator + "private.key");
                                KeyPair kp = RSA.generateKeyPair();
                                RSA.saveKeyToFile(fc.getSelectedFile().getAbsolutePath() + File.separator + "private.key", kp.getPrivate());
                                X509CertImpl c = Certificat.generateX509Certificate(kp.getPublic(),
                                        tb_nom.getText() + " " + tb_prenom.getText(),
                                        kp.getPrivate(),
                                        tb_nom.getText() + " " + tb_prenom.getText());
                                Certificat.saveCertToFile(fc.getSelectedFile().getAbsolutePath() + File.separator + "certificat.cert", c);
View Full Code Here

     */
    static boolean getNetscapeCertTypeBit(X509Certificate cert, String type) {
        try {
            NetscapeCertTypeExtension ext;
            if (cert instanceof X509CertImpl) {
                X509CertImpl certImpl = (X509CertImpl)cert;
                ObjectIdentifier oid = OBJID_NETSCAPE_CERT_TYPE;
                ext = (NetscapeCertTypeExtension)certImpl.getExtension(oid);
                if (ext == null) {
                    return true;
                }
            } else {
                byte[] extVal = cert.getExtensionValue(OID_NETSCAPE_CERT_TYPE);
View Full Code Here

    public String certToString() {
        String out = "";
        if (cert == null || ! (cert instanceof X509Certificate))
            return "Cert:       Not an X509Certificate\n";

        X509CertImpl x509Cert = null;
        try {
            x509Cert = X509CertImpl.toImpl((X509Certificate)cert);
        } catch (CertificateException ce) {
            if (debug != null) {
                debug.println("Vertex.certToString() unexpected exception");
                ce.printStackTrace();
            }
            return out;
        }

        out =       "Issuer:     " + x509Cert.getIssuerX500Principal() + "\n";
        out = out + "Subject:    " + x509Cert.getSubjectX500Principal() + "\n";
        out = out + "SerialNum:  " + (x509Cert.getSerialNumber()).toString(16) + "\n";
        out = out + "Expires:    " + x509Cert.getNotAfter().toString() + "\n";
        boolean[] iUID = x509Cert.getIssuerUniqueID();
        if (iUID != null) {
            out = out + "IssuerUID:  ";
            for (int i=0; i < iUID.length; i++) {
                out = out + (iUID[i]?1:0);
            }
            out = out + "\n";
        }
        boolean[] sUID = x509Cert.getSubjectUniqueID();
        if (sUID != null) {
            out = out + "SubjectUID: ";
            for (int i=0; i< sUID.length; i++) {
                out = out + (sUID[i]?1:0);
            }
            out = out + "\n";
        }
        SubjectKeyIdentifierExtension sKeyID = null;
        try {
            sKeyID = x509Cert.getSubjectKeyIdentifierExtension();
            if (sKeyID != null) {
                KeyIdentifier keyID = (KeyIdentifier)sKeyID.get(sKeyID.KEY_ID);
                out = out + "SubjKeyID:  " + keyID.toString();
            }
        } catch (Exception e) {
            if (debug != null) {
                debug.println("Vertex.certToString() unexpected exception");
                e.printStackTrace();
            }
        }
        AuthorityKeyIdentifierExtension aKeyID = null;
        try {
            aKeyID = x509Cert.getAuthorityKeyIdentifierExtension();
            if (aKeyID != null) {
                KeyIdentifier keyID = (KeyIdentifier)aKeyID.get(aKeyID.KEY_ID);
                out = out + "AuthKeyID:  " + keyID.toString();
            }
        } catch (Exception e) {
View Full Code Here

        X509Certificate issuerCert)
        throws IOException, CertPathValidatorException {
        CertId certId = null;
        URI responderURI = null;
        try {
            X509CertImpl certImpl = X509CertImpl.toImpl(cert);
            responderURI = getResponderURI(certImpl);
            if (responderURI == null) {
                throw new CertPathValidatorException
                    ("No OCSP Responder URI in certificate");
            }
            certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
        } catch (CertificateException ce) {
            throw new CertPathValidatorException
                ("Exception while encoding OCSPRequest", ce);
        } catch (IOException ioe) {
            throw new CertPathValidatorException
View Full Code Here

   */
  private X509Certificate generateCertificate(String dn, KeyPair pair, int days, String algorithm)
    throws GeneralSecurityException, IOException
  {
    PrivateKey privkey = pair.getPrivate();
    X509CertInfo info = new X509CertInfo();
    Date from = new Date();
    Date to = new Date(from.getTime() + days * 86400000l);
    CertificateValidity interval = new CertificateValidity(from, to);
    BigInteger sn = new BigInteger(64, new SecureRandom());
    X500Name owner = new X500Name(dn);
  
    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
    info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
    info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
    info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));
  
    // Sign the cert to identify the algorithm that's used.
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(privkey, algorithm);
  
    // Update the algorith, and resign.
    algo = (AlgorithmId)cert.get(X509CertImpl.SIG_ALG);
    info.set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM, algo);
    cert = new X509CertImpl(info);
    cert.sign(privkey, algorithm);
    return cert;
  }  
View Full Code Here

        // convert to X509CertImpl, so that we can modify selected fields
        // (no public APIs available yet)
        byte[] encoded = oldCert.getEncoded();
        X509CertImpl certImpl = new X509CertImpl(encoded);
        X509CertInfo certInfo = (X509CertInfo)certImpl.get(X509CertImpl.NAME +
                                "." + X509CertImpl.INFO);      
       
        // get an X509Certificate from the signing_alias
        encoded = signingCert.getEncoded();
        X509CertImpl signingCertImpl = new X509CertImpl(encoded);
        X509CertInfo signingCertInfo = (X509CertInfo)
            signingCertImpl.get(X509CertImpl.NAME
                                + "." + X509CertImpl.INFO);    
       
        // Extend its validity
        int validity = 180// 180 days default
        Date firstDate = new Date();
        Date lastDate = new Date();
        lastDate.setTime(firstDate.getTime() + validity*1000*24*60*60L);
        CertificateValidity interval = new CertificateValidity(firstDate,
                                                               lastDate);
        certInfo.set(X509CertInfo.VALIDITY, interval);
       
        // Make new serial number
        certInfo.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber
            ((int)(firstDate.getTime()/1000)));

        // Set owner and issuer fields
        X500Name owner;
        // Get the owner name from the certificate
        owner = (X500Name)certInfo.get(X509CertInfo.SUBJECT + "." +
                                       CertificateSubjectName.DN_NAME);

        // Get the issuer name - the owner of the signing certificate
        X500Name issuer;
        issuer = (X500Name)signingCertInfo.get(X509CertInfo.SUBJECT + "." +
                                           CertificateSubjectName.DN_NAME);
       
        certInfo.set(X509CertInfo.ISSUER + "." +
                     CertificateIssuerName.DN_NAME, issuer);
       
View Full Code Here

   */
  public static X509Certificate generateCertificate(String dn, KeyPair pair,
                                                    int days, String algorithm)
    throws GeneralSecurityException, IOException {
    PrivateKey privkey = pair.getPrivate();
    X509CertInfo info = new X509CertInfo();
    Date from = new Date();
    Date to = new Date(from.getTime() + days * 86400000l);
    CertificateValidity interval = new CertificateValidity(from, to);
    BigInteger sn = new BigInteger(64, new SecureRandom());
    X500Name owner = new X500Name(dn);

    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
    info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
    info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
    info.set(X509CertInfo.KEY, new CertificateX509Key(pair.getPublic()));
    info
      .set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    AlgorithmId algo = new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid);
    info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(algo));

    // Sign the cert to identify the algorithm that's used.
    X509CertImpl cert = new X509CertImpl(info);
    cert.sign(privkey, algorithm);

    // Update the algorith, and resign.
    algo = (AlgorithmId) cert.get(X509CertImpl.SIG_ALG);
    info
      .set(CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM,
           algo);
    cert = new X509CertImpl(info);
    cert.sign(privkey, algorithm);
    return cert;
View Full Code Here

TOP

Related Classes of sun.security.x509.GeneralNameInterface

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.