summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java14
-rw-r--r--base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java2
-rw-r--r--base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyCLI.java8
-rw-r--r--base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyFindCLI.java2
-rw-r--r--base/util/src/netscape/security/pkcs/PKCS12CertInfo.java54
-rw-r--r--base/util/src/netscape/security/pkcs/PKCS12KeyInfo.java55
-rw-r--r--base/util/src/netscape/security/pkcs/PKCS12Util.java33
7 files changed, 133 insertions, 35 deletions
diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java
index f4d97cd74..a83fbac4f 100644
--- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertCLI.java
@@ -21,7 +21,7 @@ package com.netscape.cmstools.pkcs12;
import com.netscape.certsrv.dbs.certdb.CertId;
import com.netscape.cmstools.cli.CLI;
-import netscape.security.pkcs.PKCS12Util.PKCS12CertInfo;
+import netscape.security.pkcs.PKCS12CertInfo;
/**
* @author Endi S. Dewata
@@ -35,13 +35,13 @@ public class PKCS12CertCLI extends CLI {
}
public static void printCertInfo(PKCS12CertInfo certInfo) throws Exception {
- System.out.println(" Serial Number: " + new CertId(certInfo.cert.getSerialNumber()).toHexString());
- System.out.println(" Nickname: " + certInfo.nickname);
- System.out.println(" Subject DN: " + certInfo.cert.getSubjectDN());
- System.out.println(" Issuer DN: " + certInfo.cert.getIssuerDN());
+ System.out.println(" Serial Number: " + new CertId(certInfo.getCert().getSerialNumber()).toHexString());
+ System.out.println(" Nickname: " + certInfo.getNickname());
+ System.out.println(" Subject DN: " + certInfo.getCert().getSubjectDN());
+ System.out.println(" Issuer DN: " + certInfo.getCert().getIssuerDN());
- if (certInfo.trustFlags != null) {
- System.out.println(" Trust flags: " + certInfo.trustFlags);
+ if (certInfo.getTrustFlags() != null) {
+ System.out.println(" Trust flags: " + certInfo.getTrustFlags());
}
}
}
diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java
index 4cbfee518..3aec7a6b2 100644
--- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12CertFindCLI.java
@@ -29,8 +29,8 @@ import org.apache.commons.cli.ParseException;
import com.netscape.cmstools.cli.CLI;
import com.netscape.cmstools.cli.MainCLI;
+import netscape.security.pkcs.PKCS12CertInfo;
import netscape.security.pkcs.PKCS12Util;
-import netscape.security.pkcs.PKCS12Util.PKCS12CertInfo;
/**
* @author Endi S. Dewata
diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyCLI.java
index 9f0779782..d859fcea1 100644
--- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyCLI.java
@@ -20,7 +20,7 @@ package com.netscape.cmstools.pkcs12;
import com.netscape.cmstools.cli.CLI;
-import netscape.security.pkcs.PKCS12Util.PKCS12KeyInfo;
+import netscape.security.pkcs.PKCS12KeyInfo;
/**
* @author Endi S. Dewata
@@ -34,10 +34,10 @@ public class PKCS12KeyCLI extends CLI {
}
public static void printKeyInfo(PKCS12KeyInfo keyInfo) throws Exception {
- System.out.println(" Subject DN: " + keyInfo.subjectDN);
+ System.out.println(" Subject DN: " + keyInfo.getSubjectDN());
- if (keyInfo.privateKeyInfo != null) {
- System.out.println(" Algorithm: " + keyInfo.privateKeyInfo.getAlgorithm());
+ if (keyInfo.getPrivateKeyInfo() != null) {
+ System.out.println(" Algorithm: " + keyInfo.getPrivateKeyInfo().getAlgorithm());
}
}
}
diff --git a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyFindCLI.java b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyFindCLI.java
index d8c165cd6..3bda750a4 100644
--- a/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyFindCLI.java
+++ b/base/java-tools/src/com/netscape/cmstools/pkcs12/PKCS12KeyFindCLI.java
@@ -32,8 +32,8 @@ import org.mozilla.jss.util.Password;
import com.netscape.cmstools.cli.CLI;
import com.netscape.cmstools.cli.MainCLI;
+import netscape.security.pkcs.PKCS12KeyInfo;
import netscape.security.pkcs.PKCS12Util;
-import netscape.security.pkcs.PKCS12Util.PKCS12KeyInfo;
/**
* @author Endi S. Dewata
diff --git a/base/util/src/netscape/security/pkcs/PKCS12CertInfo.java b/base/util/src/netscape/security/pkcs/PKCS12CertInfo.java
new file mode 100644
index 000000000..d1a9cc9fc
--- /dev/null
+++ b/base/util/src/netscape/security/pkcs/PKCS12CertInfo.java
@@ -0,0 +1,54 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2016 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package netscape.security.pkcs;
+
+import netscape.security.x509.X509CertImpl;
+
+public class PKCS12CertInfo {
+
+ X509CertImpl cert;
+ String nickname;
+ String trustFlags;
+
+ public PKCS12CertInfo() {
+ }
+
+ public X509CertImpl getCert() {
+ return cert;
+ }
+
+ public void setCert(X509CertImpl cert) {
+ this.cert = cert;
+ }
+
+ public String getNickname() {
+ return nickname;
+ }
+
+ public void setNickname(String nickname) {
+ this.nickname = nickname;
+ }
+
+ public String getTrustFlags() {
+ return trustFlags;
+ }
+
+ public void setTrustFlags(String trustFlags) {
+ this.trustFlags = trustFlags;
+ }
+}
diff --git a/base/util/src/netscape/security/pkcs/PKCS12KeyInfo.java b/base/util/src/netscape/security/pkcs/PKCS12KeyInfo.java
new file mode 100644
index 000000000..ff3f2a289
--- /dev/null
+++ b/base/util/src/netscape/security/pkcs/PKCS12KeyInfo.java
@@ -0,0 +1,55 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2016 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package netscape.security.pkcs;
+
+import org.mozilla.jss.pkix.primitive.EncryptedPrivateKeyInfo;
+import org.mozilla.jss.pkix.primitive.PrivateKeyInfo;
+
+public class PKCS12KeyInfo {
+
+ EncryptedPrivateKeyInfo encPrivateKeyInfo;
+ PrivateKeyInfo privateKeyInfo;
+ String subjectDN;
+
+ public PKCS12KeyInfo() {
+ }
+
+ public EncryptedPrivateKeyInfo getEncPrivateKeyInfo() {
+ return encPrivateKeyInfo;
+ }
+
+ public void setEncPrivateKeyInfo(EncryptedPrivateKeyInfo encPrivateKeyInfo) {
+ this.encPrivateKeyInfo = encPrivateKeyInfo;
+ }
+
+ public PrivateKeyInfo getPrivateKeyInfo() {
+ return privateKeyInfo;
+ }
+
+ public void setPrivateKeyInfo(PrivateKeyInfo privateKeyInfo) {
+ this.privateKeyInfo = privateKeyInfo;
+ }
+
+ public String getSubjectDN() {
+ return subjectDN;
+ }
+
+ public void setSubjectDN(String subjectDN) {
+ this.subjectDN = subjectDN;
+ }
+}
diff --git a/base/util/src/netscape/security/pkcs/PKCS12Util.java b/base/util/src/netscape/security/pkcs/PKCS12Util.java
index 6acace0b9..9d852cb6a 100644
--- a/base/util/src/netscape/security/pkcs/PKCS12Util.java
+++ b/base/util/src/netscape/security/pkcs/PKCS12Util.java
@@ -20,6 +20,7 @@ package netscape.security.pkcs;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileOutputStream;
+import java.math.BigInteger;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;
@@ -76,18 +77,6 @@ public class PKCS12Util {
PFX pfx;
boolean trustFlagsEnabled = true;
- public static class PKCS12KeyInfo {
- public EncryptedPrivateKeyInfo encPrivateKeyInfo;
- public PrivateKeyInfo privateKeyInfo;
- public String subjectDN;
- }
-
- public static class PKCS12CertInfo {
- public X509CertImpl cert;
- public String nickname;
- public String trustFlags;
- }
-
public boolean isTrustFlagsEnabled() {
return trustFlagsEnabled;
}
@@ -143,7 +132,7 @@ public class PKCS12Util {
}
public void addKeyBag(PrivateKey privateKey, X509Certificate x509cert,
- Password pass, byte[] localKeyID, SEQUENCE safeContents) throws Exception {
+ Password pass, BigInteger localKeyID, SEQUENCE safeContents) throws Exception {
logger.fine("Creating key bag for " + x509cert.getSubjectDN());
@@ -167,13 +156,13 @@ public class PKCS12Util {
safeContents.addElement(keyBag);
}
- public byte[] addCertBag(X509Certificate x509cert, String nickname,
+ public BigInteger addCertBag(X509Certificate x509cert, String nickname,
SEQUENCE safeContents) throws Exception {
logger.fine("Creating cert bag for " + nickname);
ASN1Value cert = new OCTET_STRING(x509cert.getEncoded());
- byte[] localKeyID = createLocalKeyID(x509cert);
+ BigInteger localKeyID = createLocalKeyID(x509cert);
String trustFlags = null;
if (trustFlagsEnabled) {
@@ -191,7 +180,7 @@ public class PKCS12Util {
return localKeyID;
}
- byte[] createLocalKeyID(X509Certificate cert) throws Exception {
+ BigInteger createLocalKeyID(X509Certificate cert) throws Exception {
// SHA1 hash of the X509Cert DER encoding
byte[] certDer = cert.getEncoded();
@@ -199,10 +188,10 @@ public class PKCS12Util {
MessageDigest md = MessageDigest.getInstance("SHA");
md.update(certDer);
- return md.digest();
+ return new BigInteger(1, md.digest());
}
- SET createKeyBagAttrs(String subjectDN, byte localKeyID[])
+ SET createKeyBagAttrs(String subjectDN, BigInteger localKeyID)
throws Exception {
SET attrs = new SET();
@@ -220,7 +209,7 @@ public class PKCS12Util {
localKeyAttr.addElement(SafeBag.LOCAL_KEY_ID);
SET localKeySet = new SET();
- localKeySet.addElement(new OCTET_STRING(localKeyID));
+ localKeySet.addElement(new OCTET_STRING(localKeyID.toByteArray()));
localKeyAttr.addElement(localKeySet);
attrs.addElement(localKeyAttr);
@@ -228,7 +217,7 @@ public class PKCS12Util {
return attrs;
}
- SET createCertBagAttrs(String nickname, byte localKeyID[], String trustFlags)
+ SET createCertBagAttrs(String nickname, BigInteger localKeyID, String trustFlags)
throws Exception {
SET attrs = new SET();
@@ -246,7 +235,7 @@ public class PKCS12Util {
localKeyAttr.addElement(SafeBag.LOCAL_KEY_ID);
SET localKeySet = new SET();
- localKeySet.addElement(new OCTET_STRING(localKeyID));
+ localKeySet.addElement(new OCTET_STRING(localKeyID.toByteArray()));
localKeyAttr.addElement(localKeySet);
attrs.addElement(localKeyAttr);
@@ -287,7 +276,7 @@ public class PKCS12Util {
PrivateKey prikey = cm.findPrivKeyByCert(cert);
logger.fine("Found certificate " + nickname + " with private key");
- byte localKeyID[] = addCertBag(cert, nickname, safeContents);
+ BigInteger localKeyID = addCertBag(cert, nickname, safeContents);
addKeyBag(prikey, cert, password, localKeyID, encSafeContents);
} catch (ObjectNotFoundException e) {
generated by cgit (git 2.34.1) at 2024-05-04 03:31:24 +0000