private static void formatString(Integer index, boolean verbose, StringBuilder sb, X509Certificate cert) { String subject = X509Util.getRfc4519Name(cert.getSubjectX500Principal()); sb.append("\t\tCertificate"); if (index != null) { sb.append("[").append(index).append("]"); } sb.append(": "); if (!verbose) { sb.append(subject).append("\n"); return; } sb.append("\n\t\t\tSubject: ").append(subject); String issuer = X509Util.getRfc4519Name(cert.getIssuerX500Principal()); sb.append("\n\t\t\tIssuer: ").append(issuer); sb.append("\n\t\t\tSerial: ").append(LogUtil.formatCsn(cert.getSerialNumber())); sb.append("\n\t\t\tStart time: ").append(cert.getNotBefore()); sb.append("\n\t\t\tEnd time: ").append(cert.getNotAfter()); sb.append("\n\t\t\tSHA1 Sum: "); try { sb.append(HashAlgo.SHA1.hexHash(cert.getEncoded())); } catch (CertificateEncodingException ex) { sb.append("ERROR"); } sb.append("\n"); }
private static void formatString(Integer index, boolean verbose, StringBuilder sb, X509Certificate cert) { String subject = X509Util.getRfc4519Name(cert.getSubjectX500Principal()); sb.append("\t\tCertificate"); if (index != null) { sb.append("[").append(index).append("]"); } sb.append(": "); if (!verbose) { sb.append(subject).append("\n"); return; } sb.append("\n\t\t\tSubject: ").append(subject); String issuer = X509Util.getRfc4519Name(cert.getIssuerX500Principal()); sb.append("\n\t\t\tIssuer: ").append(issuer); sb.append("\n\t\t\tSerial: ").append(LogUtil.formatCsn(cert.getSerialNumber())); sb.append("\n\t\t\tStart time: ").append(cert.getNotBefore()); sb.append("\n\t\t\tEnd time: ").append(cert.getNotAfter()); sb.append("\n\t\t\tSHA1 Sum: "); try { sb.append(HashAlgo.SHA1.hexHash(cert.getEncoded())); } catch (CertificateEncodingException ex) { sb.append("ERROR"); } sb.append("\n"); }
public void setCert(X509Certificate cert) throws CaMgmtException { if (cert == null) { this.cert = null; this.subject = null; this.hexSha1OfCert = null; } else { if (!X509Util.hasKeyusage(cert, KeyUsage.keyCertSign)) { throw new CaMgmtException("CA certificate does not have keyusage keyCertSign"); } this.cert = cert; this.subject = X509Util.getRfc4519Name(cert.getSubjectX500Principal()); byte[] encodedCert; try { encodedCert = cert.getEncoded(); } catch (CertificateEncodingException ex) { throw new CaMgmtException("could not encoded certificate", ex); } this.hexSha1OfCert = HashAlgo.SHA1.hexHash(encodedCert); } }
public void setCert(X509Certificate cert) throws CaMgmtException { if (cert == null) { this.cert = null; this.subject = null; this.hexSha1OfCert = null; } else { if (!X509Util.hasKeyusage(cert, KeyUsage.keyCertSign)) { throw new CaMgmtException("CA certificate does not have keyusage keyCertSign"); } this.cert = cert; this.subject = X509Util.getRfc4519Name(cert.getSubjectX500Principal()); byte[] encodedCert; try { encodedCert = cert.getEncoded(); } catch (CertificateEncodingException ex) { throw new CaMgmtException("could not encoded certificate", ex); } this.hexSha1OfCert = HashAlgo.SHA1.hexHash(encodedCert); } }
private void savePkcs11Entry(File dir, byte[] id, String label, byte[] value) throws P11TokenException { Args.notNull(dir, "dir"); Args.notNull(id, "id"); Args.notBlank(label, "label"); Args.notNull(value, "value"); assertValidId(id); String hexId = hex(id); String str = StringUtil.concat(PROP_ID, "=", hexId, "\n", PROP_LABEL, "=", label, "\n", PROP_SHA1SUM, "=", HashAlgo.SHA1.hexHash(value), "\n"); try { IoUtil.save(new File(dir, hexId + INFO_FILE_SUFFIX), str.getBytes()); IoUtil.save(new File(dir, hexId + VALUE_FILE_SUFFIX), value); } catch (IOException ex) { throw new P11TokenException("could not save certificate"); } }
String sha1FpCert = HashAlgo.SHA1.hexHash(certBytes); ZipEntry certZipEntry = new ZipEntry(sha1FpCert + ".der"); zip.putNextEntry(certZipEntry);
byte[] certBytes = Base64.decodeFast(rs.getString("CERT")); String sha1 = HashAlgo.SHA1.hexHash(certBytes); String certFileName = sha1 + ".der"; ZipEntry certZipEntry = new ZipEntry(certFileName); continue; String sha1 = HashAlgo.SHA1.hexHash(crlBytes); } else if (CaDbEntryType.REQUEST == type) { byte[] dataBytes = Base64.decodeFast(rs.getString("DATA")); String sha1 = HashAlgo.SHA1.hexHash(dataBytes); final String dataFilename = sha1 + ".req"; ZipEntry certZipEntry = new ZipEntry(dataFilename);
byte[] certBytes = Base64.decodeFast(rs.getString("CERT")); String sha1 = HashAlgo.SHA1.hexHash(certBytes); String certFileName = sha1 + ".der"; ZipEntry certZipEntry = new ZipEntry(certFileName); continue; String sha1 = HashAlgo.SHA1.hexHash(crlBytes); } else if (CaDbEntryType.REQUEST == type) { byte[] dataBytes = Base64.decodeFast(rs.getString("DATA")); String sha1 = HashAlgo.SHA1.hexHash(dataBytes); final String dataFilename = sha1 + ".req"; ZipEntry certZipEntry = new ZipEntry(dataFilename);
@Override protected Object execute0() throws Exception { if (!(certFile == null ^ password == null)) { throw new CmdFailure("exactly one of cert and password must be specified"); } MgmtEntry.Requestor entry; if (certFile != null) { X509Certificate cert = X509Util.parseCert(IoUtil.read(certFile)); entry = new MgmtEntry.Requestor(new NameId(null, name), MgmtEntry.Requestor.TYPE_CERT, Base64.encodeToString(cert.getEncoded())); } else { entry = new MgmtEntry.Requestor( new NameId(null, name), MgmtEntry.Requestor.TYPE_PBM, password); String keyId = HashAlgo.SHA1.hexHash(entry.getIdent().getName().getBytes("UTF-8")); println("The key ID is " + keyId); } String msg = "CMP requestor " + name; try { caManager.addRequestor(entry); println("added " + msg); return null; } catch (CaMgmtException ex) { throw new CmdFailure("could not add " + msg + ", error: " + ex.getMessage(), ex); } }
@Override protected Object execute0() throws Exception { Certificate cert = X509Util.parseBcCert(IoUtil.read(inFile)); if (serial != null && serial) { return getNumber(cert.getSerialNumber().getPositiveValue()); } else if (subject != null && subject) { return cert.getSubject().toString(); } else if (issuer != null && issuer) { return cert.getIssuer().toString(); } else if (notBefore != null && notBefore) { return toUtcTimeyyyyMMddhhmmssZ(cert.getStartDate().getDate()); } else if (notAfter != null && notAfter) { return toUtcTimeyyyyMMddhhmmssZ(cert.getEndDate().getDate()); } else if (fingerprint != null && fingerprint) { byte[] encoded = cert.getEncoded(); return HashAlgo.getInstance(hashAlgo).hexHash(encoded); } return null; }