public AlgorithmIdentifier getSignatureAlgorithm() { return getFieldAs(CertificateField.SIGNATURE_ALGORITHM, AlgorithmIdentifier.class); }
public void setSignature(Asn1BitString signature) { setFieldAs(CertificateField.SIGNATURE, signature); } }
/** * Change the X509Certificate to Certificate * * @param x509Certificate The X509Certificate * @return The Certificate */ public static Certificate changeToCertificate(X509Certificate x509Certificate) { Certificate certificate = new Certificate(); try { certificate.decode(x509Certificate.getEncoded()); } catch (IOException e) { LOG.error("Fail to decode certificate. " + e); } catch (CertificateEncodingException e) { LOG.error("Fail to encode x509 certificate. " + e); } return certificate; } }
public static List<PrincipalName> cryptoRetrieveX509Sans(List<Certificate> certificates) throws KrbException { List<PrincipalName> principalNames = new ArrayList<>(); for (Certificate cert : certificates) { LOG.info("Looking for SANs in cert: " + cert.getTBSCertificate().getSubject()); //TODO } return principalNames; }
/** * Validates a chain of {@link X509Certificate}s. * * @param certificateList The certificate list * @param anchor The anchor * @throws CertificateException e * @throws NoSuchAlgorithmException e * @throws InvalidAlgorithmParameterException e * @throws CertPathValidatorException e * @throws IOException */ public static void validateChain(List<Certificate> certificateList, X509Certificate anchor) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, CertPathValidatorException, IOException { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); // Convert into a list of X509Certificates List<X509Certificate> certsList = new ArrayList<>(certificateList.size()); for (Certificate cert : certificateList) { X509Certificate parsedCert = (X509Certificate) certificateFactory.generateCertificate( new ByteArrayInputStream(cert.encode())); certsList.add(parsedCert); } CertPath certPath = certificateFactory.generateCertPath(certsList); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); TrustAnchor trustAnchor = new TrustAnchor(anchor, null); PKIXParameters parameters = new PKIXParameters(Collections.singleton(trustAnchor)); parameters.setRevocationEnabled(false); cpv.validate(certPath, parameters); }
/** * Change the X509Certificate to Certificate * * @param x509Certificate The X509Certificate * @return The Certificate */ public static Certificate changeToCertificate(X509Certificate x509Certificate) { Certificate certificate = new Certificate(); try { certificate.decode(x509Certificate.getEncoded()); } catch (IOException e) { LOG.error("Fail to decode certificate. " + e); } catch (CertificateEncodingException e) { LOG.error("Fail to encode x509 certificate. " + e); } return certificate; } }
public static List<PrincipalName> cryptoRetrieveX509Sans(List<Certificate> certificates) throws KrbException { List<PrincipalName> principalNames = new ArrayList<>(); for (Certificate cert : certificates) { LOG.info("Looking for SANs in cert: " + cert.getTBSCertificate().getSubject()); //TODO } return principalNames; }
/** * Validates a chain of {@link X509Certificate}s. * * @param certificateList The certificate list * @param anchor The anchor * @throws CertificateException e * @throws NoSuchAlgorithmException e * @throws InvalidAlgorithmParameterException e * @throws CertPathValidatorException e * @throws IOException */ public static void validateChain(List<Certificate> certificateList, X509Certificate anchor) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, CertPathValidatorException, IOException { CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); // Convert into a list of X509Certificates List<X509Certificate> certsList = new ArrayList<>(certificateList.size()); for (Certificate cert : certificateList) { X509Certificate parsedCert = (X509Certificate) certificateFactory.generateCertificate( new ByteArrayInputStream(cert.encode())); certsList.add(parsedCert); } CertPath certPath = certificateFactory.generateCertPath(certsList); CertPathValidator cpv = CertPathValidator.getInstance("PKIX"); TrustAnchor trustAnchor = new TrustAnchor(anchor, null); PKIXParameters parameters = new PKIXParameters(Collections.singleton(trustAnchor)); parameters.setRevocationEnabled(false); cpv.validate(certPath, parameters); }
public void setSignature(Asn1BitString signature) { setFieldAs(CertificateField.SIGNATURE, signature); } }
public Asn1BitString getSignature() { return getFieldAs(CertificateField.SIGNATURE, Asn1BitString.class); }
public void setTbsCertificate(TBSCertificate tbsCertificate) { setFieldAs(CertificateField.TBS_CERTIFICATE, tbsCertificate); }
public TBSCertificate getTBSCertificate() { return getFieldAs(CertificateField.TBS_CERTIFICATE, TBSCertificate.class); }
public void setSignatureAlgorithm(AlgorithmIdentifier signatureAlgorithm) { setFieldAs(CertificateField.SIGNATURE_ALGORITHM, signatureAlgorithm); }
public Asn1BitString getSignature() { return getFieldAs(CertificateField.SIGNATURE, Asn1BitString.class); }
public void setTbsCertificate(TBSCertificate tbsCertificate) { setFieldAs(CertificateField.TBS_CERTIFICATE, tbsCertificate); }
public AlgorithmIdentifier getSignatureAlgorithm() { return getFieldAs(CertificateField.SIGNATURE_ALGORITHM, AlgorithmIdentifier.class); }
public void setSignatureAlgorithm(AlgorithmIdentifier signatureAlgorithm) { setFieldAs(CertificateField.SIGNATURE_ALGORITHM, signatureAlgorithm); }
public TBSCertificate getTBSCertificate() { return getFieldAs(CertificateField.TBS_CERTIFICATE, TBSCertificate.class); }