summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java')
-rw-r--r--pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java138
1 files changed, 73 insertions, 65 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java b/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
index b093fba59..dc240dac2 100644
--- a/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
+++ b/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
@@ -17,6 +17,7 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.security;
+
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
@@ -59,6 +60,7 @@ import com.netscape.certsrv.common.ConfigConstants;
import com.netscape.certsrv.common.Constants;
import com.netscape.certsrv.security.KeyCertData;
+
/**
* This base class provides methods to import CA signing cert or get certificate
* request.
@@ -86,12 +88,11 @@ public abstract class CertificateInfo {
mConfig = (IConfigStore) (mProperties.get("cmsFile"));
}
- protected abstract KeyUsageExtension getKeyUsageExtension()
- throws IOException;
+ protected abstract KeyUsageExtension getKeyUsageExtension() throws IOException;
public abstract String getSubjectName();
- // public abstract SignatureAlgorithm getSigningAlgorithm();
+ //public abstract SignatureAlgorithm getSigningAlgorithm();
public abstract String getKeyAlgorithm();
public abstract String getNickname();
@@ -101,12 +102,12 @@ public abstract class CertificateInfo {
public CertificateValidity getCertificateValidity() throws EBaseException {
/*
- * String period =
- * (String)mProperties.get(Constants.PR_VALIDITY_PERIOD); Date
- * notBeforeDate = CMS.getCurrentDate(); Date notAfterDate = new
- * Date(notBeforeDate.getYear(), notBeforeDate.getMonth(),
- * notBeforeDate.getDate()+Integer.parseInt(period)); return new
- * CertificateValidity(notBeforeDate, notAfterDate);
+ String period = (String)mProperties.get(Constants.PR_VALIDITY_PERIOD);
+ Date notBeforeDate = CMS.getCurrentDate();
+ Date notAfterDate = new Date(notBeforeDate.getYear(),
+ notBeforeDate.getMonth(),
+ notBeforeDate.getDate()+Integer.parseInt(period));
+ return new CertificateValidity(notBeforeDate, notAfterDate);
*/
Date notBeforeDate = null;
Date notAfterDate = null;
@@ -117,41 +118,52 @@ public abstract class CertificateInfo {
notBeforeDate = new Date(Long.parseLong(notBeforeStr));
notAfterDate = new Date(Long.parseLong(notAfterStr));
} else {
- int beginYear = Integer.parseInt(mProperties.getBeginYear()) - 1900;
- int afterYear = Integer.parseInt(mProperties.getAfterYear()) - 1900;
- int beginMonth = Integer.parseInt(mProperties.getBeginMonth());
- int afterMonth = Integer.parseInt(mProperties.getAfterMonth());
- int beginDate = Integer.parseInt(mProperties.getBeginDate());
- int afterDate = Integer.parseInt(mProperties.getAfterDate());
- int beginHour = Integer.parseInt(mProperties.getBeginHour());
- int afterHour = Integer.parseInt(mProperties.getAfterHour());
- int beginMin = Integer.parseInt(mProperties.getBeginMin());
- int afterMin = Integer.parseInt(mProperties.getAfterMin());
- int beginSec = Integer.parseInt(mProperties.getBeginSec());
- int afterSec = Integer.parseInt(mProperties.getAfterSec());
+ int beginYear =
+ Integer.parseInt(mProperties.getBeginYear()) - 1900;
+ int afterYear =
+ Integer.parseInt(mProperties.getAfterYear()) - 1900;
+ int beginMonth =
+ Integer.parseInt(mProperties.getBeginMonth());
+ int afterMonth =
+ Integer.parseInt(mProperties.getAfterMonth());
+ int beginDate =
+ Integer.parseInt(mProperties.getBeginDate());
+ int afterDate =
+ Integer.parseInt(mProperties.getAfterDate());
+ int beginHour =
+ Integer.parseInt(mProperties.getBeginHour());
+ int afterHour =
+ Integer.parseInt(mProperties.getAfterHour());
+ int beginMin =
+ Integer.parseInt(mProperties.getBeginMin());
+ int afterMin =
+ Integer.parseInt(mProperties.getAfterMin());
+ int beginSec =
+ Integer.parseInt(mProperties.getBeginSec());
+ int afterSec =
+ Integer.parseInt(mProperties.getAfterSec());
Calendar calendar = Calendar.getInstance();
- calendar.set(beginYear, beginMonth, beginDate, beginHour, beginMin,
- beginSec);
+ calendar.set(beginYear, beginMonth, beginDate,
+ beginHour, beginMin, beginSec);
notBeforeDate = calendar.getTime();
- calendar.set(afterYear, afterMonth, afterDate, afterHour, afterMin,
- afterSec);
+ calendar.set(afterYear, afterMonth, afterDate,
+ afterHour, afterMin, afterSec);
notAfterDate = calendar.getTime();
}
return new CertificateValidity(notBeforeDate, notAfterDate);
}
- public X509CertInfo getCertInfo() throws EBaseException,
- PQGParamGenException {
+ public X509CertInfo getCertInfo() throws EBaseException, PQGParamGenException {
X509CertInfo certInfo = new X509CertInfo();
try {
- certInfo.set(X509CertInfo.VERSION, new CertificateVersion(
- CertificateVersion.V3));
+ certInfo.set(X509CertInfo.VERSION,
+ new CertificateVersion(CertificateVersion.V3));
BigInteger serialNumber = mProperties.getSerialNumber();
certInfo.set(X509CertInfo.SERIAL_NUMBER,
- new CertificateSerialNumber(serialNumber));
+ new CertificateSerialNumber(serialNumber));
certInfo.set(X509CertInfo.EXTENSIONS, getExtensions());
certInfo.set(X509CertInfo.VALIDITY, getCertificateValidity());
String issuerName = mProperties.getIssuerName();
@@ -160,51 +172,46 @@ public abstract class CertificateInfo {
issuerName = getSubjectName();
}
- certInfo.set(X509CertInfo.ISSUER, new CertificateIssuerName(
- new X500Name(issuerName)));
- certInfo.set(X509CertInfo.SUBJECT, new CertificateSubjectName(
- new X500Name(getSubjectName())));
- certInfo.set(X509CertInfo.VERSION, new CertificateVersion(
- CertificateVersion.V3));
+ certInfo.set(X509CertInfo.ISSUER,
+ new CertificateIssuerName(new X500Name(issuerName)));
+ certInfo.set(X509CertInfo.SUBJECT,
+ new CertificateSubjectName(new X500Name(getSubjectName())));
+ certInfo.set(X509CertInfo.VERSION,
+ new CertificateVersion(CertificateVersion.V3));
PublicKey pubk = mKeyPair.getPublic();
X509Key xKey = KeyCertUtil.convertPublicKeyToX509Key(pubk);
certInfo.set(X509CertInfo.KEY, new CertificateX509Key(xKey));
- // SignatureAlgorithm algm = getSigningAlgorithm();
- SignatureAlgorithm algm = (SignatureAlgorithm) mProperties
- .get(Constants.PR_SIGNATURE_ALGORITHM);
+ //SignatureAlgorithm algm = getSigningAlgorithm();
+ SignatureAlgorithm algm =
+ (SignatureAlgorithm) mProperties.get(Constants.PR_SIGNATURE_ALGORITHM);
if (algm == null) {
- String hashtype = (String) mProperties
- .get(ConfigConstants.PR_HASH_TYPE);
+ String hashtype = (String) mProperties.get(ConfigConstants.PR_HASH_TYPE);
- algm = KeyCertUtil.getSigningAlgorithm(getKeyAlgorithm(),
- hashtype);
+ algm = KeyCertUtil.getSigningAlgorithm(getKeyAlgorithm(), hashtype);
mProperties.put(Constants.PR_SIGNATURE_ALGORITHM, algm);
}
AlgorithmId sigAlgId = getAlgorithmId();
if (sigAlgId == null) {
- byte[] encodedOID = ASN1Util.encode(algm.toOID());
+ byte[]encodedOID = ASN1Util.encode(algm.toOID());
sigAlgId = new AlgorithmId(new ObjectIdentifier(
- new DerInputStream(encodedOID)));
+ new DerInputStream(encodedOID)));
}
- certInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(
- sigAlgId));
+ certInfo.set(X509CertInfo.ALGORITHM_ID,
+ new CertificateAlgorithmId(sigAlgId));
} catch (InvalidKeyException e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_KEY"));
- } catch (CertificateException e) {
- throw new EBaseException(CMS.getUserMessage(
- "CMS_BASE_INVALID_CERT", e.toString()));
+ } catch (CertificateException e) {
+ throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_CERT", e.toString()));
} catch (IOException e) {
- throw new EBaseException(CMS.getUserMessage(
- "CMS_BASE_INVALID_CERT", e.toString()));
+ throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_CERT", e.toString()));
} catch (NoSuchAlgorithmException e) {
- throw new EBaseException(CMS.getUserMessage(
- "CMS_BASE_ALG_NOT_SUPPORTED", ""));
+ throw new EBaseException(CMS.getUserMessage("CMS_BASE_ALG_NOT_SUPPORTED", ""));
}
return certInfo;
@@ -218,7 +225,7 @@ public abstract class CertificateInfo {
KeyCertUtil.setDERExtension(exts, mProperties);
KeyCertUtil.setBasicConstraintsExtension(exts, mProperties);
KeyCertUtil.setSubjectKeyIdentifier(mKeyPair, exts, mProperties);
- // KeyCertUtil.setOCSPSigning(mKeyPair, exts, mProperties);
+ //KeyCertUtil.setOCSPSigning(mKeyPair, exts, mProperties);
KeyCertUtil.setAuthInfoAccess(mKeyPair, exts, mProperties);
KeyCertUtil.setOCSPNoCheck(mKeyPair, exts, mProperties);
KeyPair caKeyPair = (KeyPair) mProperties.get(Constants.PR_CA_KEYPAIR);
@@ -238,7 +245,8 @@ public abstract class CertificateInfo {
boolean isKeyUsageEnabled = mProperties.getKeyUsageExtension();
if (isKeyUsageEnabled) {
- KeyCertUtil.setKeyUsageExtension(exts, getKeyUsageExtension());
+ KeyCertUtil.setKeyUsageExtension(
+ exts, getKeyUsageExtension());
}
return exts;
}
@@ -247,27 +255,27 @@ public abstract class CertificateInfo {
return (AlgorithmId) (mProperties.get(Constants.PR_ALGORITHM_ID));
}
- public void setAuthorityKeyIdExt(CertificateExtensions caexts,
- CertificateExtensions ext) throws IOException,
- CertificateException, CertificateEncodingException,
+ public void setAuthorityKeyIdExt(CertificateExtensions caexts, CertificateExtensions ext)
+ throws IOException, CertificateException, CertificateEncodingException,
CertificateParsingException {
SubjectKeyIdentifierExtension subjKeyExt = null;
try {
- subjKeyExt = (SubjectKeyIdentifierExtension) caexts
- .get(SubjectKeyIdentifierExtension.NAME);
+ subjKeyExt =
+ (SubjectKeyIdentifierExtension) caexts.get(SubjectKeyIdentifierExtension.NAME);
} catch (IOException e) {
}
if (subjKeyExt == null)
return;
else {
- KeyIdentifier keyId = (KeyIdentifier) subjKeyExt
- .get(SubjectKeyIdentifierExtension.KEY_ID);
- AuthorityKeyIdentifierExtension authExt = new AuthorityKeyIdentifierExtension(
- false, keyId, null, null);
+ KeyIdentifier keyId = (KeyIdentifier) subjKeyExt.get(
+ SubjectKeyIdentifierExtension.KEY_ID);
+ AuthorityKeyIdentifierExtension authExt =
+ new AuthorityKeyIdentifierExtension(false, keyId, null, null);
ext.set(AuthorityKeyIdentifierExtension.NAME, authExt);
}
}
}
+
generated by cgit (git 2.34.1) at 2024-07-18 11:42:48 +0000