Refine search
/** Write a .RSA file with a digital signature. */ @SuppressWarnings("all") protected void writeSignatureBlock(byte[] signature, OutputStream out) throws IOException { try { SignerInfo signerInfo = new SignerInfo(new X500Name(cert.getIssuerX500Principal().getName()), cert.getSerialNumber(), AlgorithmId.get(digestAlg), AlgorithmId.get("RSA"), signature); PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { AlgorithmId.get(digestAlg) }, new ContentInfo( ContentInfo.DATA_OID, null), new X509Certificate[] { cert }, new SignerInfo[] { signerInfo }); pkcs7.encodeSignedData(out); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } } }
issuerName = certificate.getIssuerX500Principal().toString(); issuerSerial.setX509SerialNumber(certificate.getSerialNumber());
return null; BigInteger serialN = certificate.getSerialNumber(); if (isIndirectCRL) { X500Principal certIssuer = certificate.getIssuerX500Principal(); if (certIssuer.equals(getIssuerX500Principal())) {
signingCertificate.getIssuerX500Principal().toString(), signingCertificate.getSerialNumber()));
currCert.getIssuerX500Principal(); while (anchors.hasNext() && (!haveIssuerCert || !haveResponderCert)) { CertificateID certID = new CertificateID(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build().get(CertificateID.HASH_SHA1), new X509CertificateHolder(issuerCert.getEncoded()), currCert.getSerialNumber()); gen.addRequest(certID); OCSPReq ocspRequest = gen.build(); BigInteger serialNumber = currCert.getSerialNumber(); BasicOCSPResp brep = (BasicOCSPResp) ocspResponse.getResponseObject(); try {
private void buildCRL(X509Certificate x509Certificate, String crlPath) throws Exception { X509v2CRLBuilder builder = new JcaX509v2CRLBuilder(x509Certificate.getIssuerX500Principal(), certStartTime); builder.addCRLEntry(x509Certificate.getSerialNumber(), certStartTime, CRLReason.cACompromise); builder.setNextUpdate(certEndTime); builder.addExtension(Extension.authorityKeyIdentifier, false, new JcaX509ExtensionUtils() .createAuthorityKeyIdentifier(rootCertificate)); builder.addExtension(Extension.cRLNumber, false, new CRLNumber(new BigInteger("1000"))); X509CRLHolder cRLHolder = builder.build(contentSigner); PemWriter pemWriter = new PemWriter(new FileWriter(crlPath)); pemWriter.writeObject(new MiscPEMGenerator(cRLHolder)); pemWriter.flush(); pemWriter.close(); }
!serialNumber.equals(cert.getSerialNumber())) { return false; !issuer.equals(cert.getIssuerX500Principal())) { return false;
X509Certificate cert = CertUtil.loadCert(file); info("Read X509 Certificate from " + file.getAbsolutePath() + " Issuer: " + cert.getIssuerX500Principal() + " Serial: " + cert.getSerialNumber().toString(16) + "; Valid From: " + cert.getNotBefore() + " To: " + cert.getNotAfter()); info("Now trusting X509 Certificate, Issuer: " + cert.getIssuerX500Principal()); } catch (CertificateExpiredException cee) { String s = "Rejecting expired X509 Certificate: " + file.getAbsolutePath();
byte[] issuer = cert.getIssuerX500Principal().getEncoded(); byte[] serial = cert.getSerialNumber().toByteArray(); if (serial.length > 255) throw new IllegalArgumentException();
public IssuerSerial(XAdESStructure parent, X509Certificate cert, String xadesPrefix, String xadesNamespace, String xmlSignaturePrefix) { this(parent, cert.getIssuerX500Principal(), cert.getSerialNumber(), xadesPrefix, xadesNamespace, xmlSignaturePrefix); }
public JceKeyAgreeRecipientId(X509Certificate certificate) { this(certificate.getIssuerX500Principal(), certificate.getSerialNumber()); }
public JceKeyAgreeRecipientId(X509Certificate certificate) { this(certificate.getIssuerX500Principal(), certificate.getSerialNumber()); }
/** * Constructor XMLX509IssuerSerial * * @param doc * @param x509certificate */ public XMLX509IssuerSerial(Document doc, X509Certificate x509certificate) { this( doc, x509certificate.getIssuerX500Principal().getName(), x509certificate.getSerialNumber() ); }
/** * This method returns the unique identifier of a given {@link X509Certificate}. This identifier is used to obtain * the DSS certificate's unique id. The CANONICAL form of the {@code X500Principal} is used. * * @param cert * @return */ private static String getKey(final X509Certificate cert) { final String canonicalIssuerX500Principal = cert.getIssuerX500Principal().getName(X500Principal.CANONICAL); final String serialNumber = cert.getSerialNumber().toString(); return canonicalIssuerX500Principal + "|" + serialNumber; }
X509Certificate cert9 = (X509Certificate) keystore.getCertificate("abc"); KeyTransRecipientId recId = new JceKeyTransRecipientId(cert9.getIssuerX500Principal(), cert9.getSerialNumber());
protected void certToString(StringBuilder sb, X509Certificate cert) { sb.append("Issuer=("); sb.append(cert.getIssuerX500Principal().getName()); sb.append("), SerialNumber="); sb.append(cert.getSerialNumber()); sb.append(", Subject=("); sb.append(cert.getSubjectX500Principal().getName()); sb.append(')'); }
/** * Adds an end-entity certificate to the set of allowed certificates. * * @param certificate * the X509 end-entity certificate. */ public void addEndEntity(X509Certificate certificate) { String issuerName = certificate.getIssuerX500Principal().getName(); BigInteger serialNumber = certificate.getSerialNumber(); addEndEntity(issuerName, serialNumber); }
protected static void printCert(String prefix, X509Certificate cert) throws CertificateEncodingException { System.out.println(prefix); System.out.print("Subject: "); System.out.println(cert.getSubjectX500Principal()); System.out.print(" Issuer: "); System.out.println(cert.getIssuerX500Principal()); System.out.print(" Serial: 0X"); System.out.println(cert.getSerialNumber().toString(16)); System.out.println("NotBefore: " + cert.getNotBefore()); System.out.println(" NotAfter: " + cert.getNotAfter()); System.out.println("-----BEGIN CERTIFICATE-----"); System.out.println(Base64.encodeToString(cert.getEncoded(), true)); System.out.println("-----END CERTIFICATE-----"); }
private static void writeX509Certificate(final ModelNode certificateModel, final X509Certificate certificate) throws CertificateEncodingException, NoSuchAlgorithmException { SimpleDateFormat sdf = new SimpleDateFormat(ISO_8601_FORMAT); certificateModel.get(ElytronDescriptionConstants.SUBJECT).set(certificate.getSubjectX500Principal().getName()); certificateModel.get(ElytronDescriptionConstants.ISSUER).set(certificate.getIssuerX500Principal().getName()); certificateModel.get(ElytronDescriptionConstants.NOT_BEFORE).set(sdf.format(certificate.getNotBefore())); certificateModel.get(ElytronDescriptionConstants.NOT_AFTER).set(sdf.format(certificate.getNotAfter())); certificateModel.get(ElytronDescriptionConstants.SERIAL_NUMBER).set(delimit(certificate.getSerialNumber().toString(16).toCharArray())); certificateModel.get(ElytronDescriptionConstants.SIGNATURE_ALGORITHM).set(certificate.getSigAlgName()); certificateModel.get(ElytronDescriptionConstants.SIGNATURE).set(encodedHexString(certificate.getSignature())); certificateModel.get(ElytronDescriptionConstants.VERSION).set("v" + certificate.getVersion()); }
/** * Construct a signer identifier based on the issuer, serial number and subject key identifier (if present) of the passed in * certificate. * * @param certificate certificate providing the issue and serial number and subject key identifier. */ public JcaX509CertificateHolderSelector(X509Certificate certificate) { super(convertPrincipal(certificate.getIssuerX500Principal()), certificate.getSerialNumber(), getSubjectKeyId(certificate)); }