Java Code Examples for sun.security.pkcs10.PKCS10Attribute#getAttributeValue()
The following examples show how to use
sun.security.pkcs10.PKCS10Attribute#getAttributeValue() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Main.java From hottub with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Pem.decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 2
Source File: Main.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Base64.getMimeDecoder().decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 3
Source File: Main.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Base64.getMimeDecoder().decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 4
Source File: Main.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Base64.getMimeDecoder().decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 5
Source File: Main.java From jdk8u-dev-jdk with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Base64.getMimeDecoder().decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 6
Source File: Main.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Base64.getMimeDecoder().decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 7
Source File: Main.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Base64.getMimeDecoder().decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 8
Source File: Main.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Base64.getMimeDecoder().decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 9
Source File: Main.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Base64.getMimeDecoder().decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 10
Source File: Main.java From hottub with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 11
Source File: Main.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.with.weak"), req.getSubjectName(), pkey.getFormat(), withWeak(pkey), withWeak(req.getSigAlg())); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } checkWeak(rb.getString("the.certificate.request"), req); }
Example 12
Source File: Main.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 13
Source File: Main.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Pem.decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 14
Source File: Main.java From openjdk-jdk9 with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.with.weak"), req.getSubjectName(), pkey.getFormat(), withWeak(pkey), withWeak(req.getSigAlg())); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals(PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } checkWeak(rb.getString("the.certificate.request"), req); }
Example 15
Source File: Main.java From Bytecoder with Apache License 2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.with.weak"), req.getSubjectName(), pkey.getFormat(), withWeak(pkey), withWeak(req.getSigAlg())); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals(PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } checkWeak(rb.getString("the.certificate.request"), req); }
Example 16
Source File: Main.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.with.weak"), req.getSubjectName(), pkey.getFormat(), withWeak(pkey), withWeak(req.getSigAlg())); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } checkWeak(rb.getString("the.certificate.request"), req); }
Example 17
Source File: Main.java From openjdk-jdk8u with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.with.weak"), req.getSubjectName(), pkey.getFormat(), withWeak(pkey), withWeak(req.getSigAlg())); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } checkWeak(rb.getString("the.certificate.request"), req); }
Example 18
Source File: Main.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Base64.getMimeDecoder().decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.Certificate.Request.Version.1.0.Subject.s.Public.Key.s.format.s.key."), req.getSubjectName(), pkey.getFormat(), pkey.getAlgorithm()); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } }
Example 19
Source File: Main.java From jdk8u60 with GNU General Public License v2.0 | 4 votes |
/** * Generate a certificate: Read PKCS10 request from in, and print * certificate to out. Use alias as CA, sigAlgName as the signature * type. */ private void doGenCert(String alias, String sigAlgName, InputStream in, PrintStream out) throws Exception { Certificate signerCert = keyStore.getCertificate(alias); byte[] encoded = signerCert.getEncoded(); X509CertImpl signerCertImpl = new X509CertImpl(encoded); X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get( X509CertImpl.NAME + "." + X509CertImpl.INFO); X500Name issuer = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." + X509CertInfo.DN_NAME); Date firstDate = getStartDate(startDate); Date lastDate = new Date(); lastDate.setTime(firstDate.getTime() + validity*1000L*24L*60L*60L); CertificateValidity interval = new CertificateValidity(firstDate, lastDate); PrivateKey privateKey = (PrivateKey)recoverKey(alias, storePass, keyPass).fst; if (sigAlgName == null) { sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm()); } Signature signature = Signature.getInstance(sigAlgName); signature.initSign(privateKey); X509CertInfo info = new X509CertInfo(); info.set(X509CertInfo.VALIDITY, interval); info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber( new java.util.Random().nextInt() & 0x7fffffff)); info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3)); info.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId( AlgorithmId.get(sigAlgName))); info.set(X509CertInfo.ISSUER, issuer); BufferedReader reader = new BufferedReader(new InputStreamReader(in)); boolean canRead = false; StringBuffer sb = new StringBuffer(); while (true) { String s = reader.readLine(); if (s == null) break; // OpenSSL does not use NEW //if (s.startsWith("-----BEGIN NEW CERTIFICATE REQUEST-----")) { if (s.startsWith("-----BEGIN") && s.indexOf("REQUEST") >= 0) { canRead = true; //} else if (s.startsWith("-----END NEW CERTIFICATE REQUEST-----")) { } else if (s.startsWith("-----END") && s.indexOf("REQUEST") >= 0) { break; } else if (canRead) { sb.append(s); } } byte[] rawReq = Base64.getMimeDecoder().decode(new String(sb)); PKCS10 req = new PKCS10(rawReq); info.set(X509CertInfo.KEY, new CertificateX509Key(req.getSubjectPublicKeyInfo())); info.set(X509CertInfo.SUBJECT, dname==null?req.getSubjectName():new X500Name(dname)); CertificateExtensions reqex = null; Iterator<PKCS10Attribute> attrs = req.getAttributes().getAttributes().iterator(); while (attrs.hasNext()) { PKCS10Attribute attr = attrs.next(); if (attr.getAttributeId().equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { reqex = (CertificateExtensions)attr.getAttributeValue(); } } CertificateExtensions ext = createV3Extensions( reqex, null, v3ext, req.getSubjectPublicKeyInfo(), signerCert.getPublicKey()); info.set(X509CertInfo.EXTENSIONS, ext); X509CertImpl cert = new X509CertImpl(info); cert.sign(privateKey, sigAlgName); dumpCert(cert, out); for (Certificate ca: keyStore.getCertificateChain(alias)) { if (ca instanceof X509Certificate) { X509Certificate xca = (X509Certificate)ca; if (!isSelfSigned(xca)) { dumpCert(xca, out); } } } }
Example 20
Source File: Main.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
private void doPrintCertReq(InputStream in, PrintStream out) throws Exception { BufferedReader reader = new BufferedReader(new InputStreamReader(in)); StringBuffer sb = new StringBuffer(); boolean started = false; while (true) { String s = reader.readLine(); if (s == null) break; if (!started) { if (s.startsWith("-----")) { started = true; } } else { if (s.startsWith("-----")) { break; } sb.append(s); } } PKCS10 req = new PKCS10(Pem.decode(new String(sb))); PublicKey pkey = req.getSubjectPublicKeyInfo(); out.printf(rb.getString("PKCS.10.with.weak"), req.getSubjectName(), pkey.getFormat(), withWeak(pkey), withWeak(req.getSigAlg())); for (PKCS10Attribute attr: req.getAttributes().getAttributes()) { ObjectIdentifier oid = attr.getAttributeId(); if (oid.equals((Object)PKCS9Attribute.EXTENSION_REQUEST_OID)) { CertificateExtensions exts = (CertificateExtensions)attr.getAttributeValue(); if (exts != null) { printExtensions(rb.getString("Extension.Request."), exts, out); } } else { out.println("Attribute: " + attr.getAttributeId()); PKCS9Attribute pkcs9Attr = new PKCS9Attribute(attr.getAttributeId(), attr.getAttributeValue()); out.print(pkcs9Attr.getName() + ": "); Object attrVal = attr.getAttributeValue(); out.println(attrVal instanceof String[] ? Arrays.toString((String[]) attrVal) : attrVal); } } if (debug) { out.println(req); // Just to see more, say, public key length... } checkWeak(rb.getString("the.certificate.request"), req); }