summaryrefslogtreecommitdiffstats
path: root/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
diff options
context:
space:
mode:
Diffstat (limited to 'pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java')
-rw-r--r--pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java138
1 files changed, 65 insertions, 73 deletions
diff --git a/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java b/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
index dc240dac2..b093fba59 100644
--- a/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
+++ b/pki/base/common/src/com/netscape/cmscore/security/CertificateInfo.java
@@ -17,7 +17,6 @@
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmscore.security;
-
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
@@ -60,7 +59,6 @@ import com.netscape.certsrv.common.ConfigConstants;
import com.netscape.certsrv.common.Constants;
import com.netscape.certsrv.security.KeyCertData;
-
/**
* This base class provides methods to import CA signing cert or get certificate
* request.
@@ -88,11 +86,12 @@ public abstract class CertificateInfo {
mConfig = (IConfigStore) (mProperties.get("cmsFile"));
}
- protected abstract KeyUsageExtension getKeyUsageExtension() throws IOException;
+ protected abstract KeyUsageExtension getKeyUsageExtension()
+ throws IOException;
public abstract String getSubjectName();
- //public abstract SignatureAlgorithm getSigningAlgorithm();
+ // public abstract SignatureAlgorithm getSigningAlgorithm();
public abstract String getKeyAlgorithm();
public abstract String getNickname();
@@ -102,12 +101,12 @@ public abstract class CertificateInfo {
public CertificateValidity getCertificateValidity() throws EBaseException {
/*
- String period = (String)mProperties.get(Constants.PR_VALIDITY_PERIOD);
- Date notBeforeDate = CMS.getCurrentDate();
- Date notAfterDate = new Date(notBeforeDate.getYear(),
- notBeforeDate.getMonth(),
- notBeforeDate.getDate()+Integer.parseInt(period));
- return new CertificateValidity(notBeforeDate, notAfterDate);
+ * String period =
+ * (String)mProperties.get(Constants.PR_VALIDITY_PERIOD); Date
+ * notBeforeDate = CMS.getCurrentDate(); Date notAfterDate = new
+ * Date(notBeforeDate.getYear(), notBeforeDate.getMonth(),
+ * notBeforeDate.getDate()+Integer.parseInt(period)); return new
+ * CertificateValidity(notBeforeDate, notAfterDate);
*/
Date notBeforeDate = null;
Date notAfterDate = null;
@@ -118,52 +117,41 @@ public abstract class CertificateInfo {
notBeforeDate = new Date(Long.parseLong(notBeforeStr));
notAfterDate = new Date(Long.parseLong(notAfterStr));
} else {
- int beginYear =
- Integer.parseInt(mProperties.getBeginYear()) - 1900;
- int afterYear =
- Integer.parseInt(mProperties.getAfterYear()) - 1900;
- int beginMonth =
- Integer.parseInt(mProperties.getBeginMonth());
- int afterMonth =
- Integer.parseInt(mProperties.getAfterMonth());
- int beginDate =
- Integer.parseInt(mProperties.getBeginDate());
- int afterDate =
- Integer.parseInt(mProperties.getAfterDate());
- int beginHour =
- Integer.parseInt(mProperties.getBeginHour());
- int afterHour =
- Integer.parseInt(mProperties.getAfterHour());
- int beginMin =
- Integer.parseInt(mProperties.getBeginMin());
- int afterMin =
- Integer.parseInt(mProperties.getAfterMin());
- int beginSec =
- Integer.parseInt(mProperties.getBeginSec());
- int afterSec =
- Integer.parseInt(mProperties.getAfterSec());
+ int beginYear = Integer.parseInt(mProperties.getBeginYear()) - 1900;
+ int afterYear = Integer.parseInt(mProperties.getAfterYear()) - 1900;
+ int beginMonth = Integer.parseInt(mProperties.getBeginMonth());
+ int afterMonth = Integer.parseInt(mProperties.getAfterMonth());
+ int beginDate = Integer.parseInt(mProperties.getBeginDate());
+ int afterDate = Integer.parseInt(mProperties.getAfterDate());
+ int beginHour = Integer.parseInt(mProperties.getBeginHour());
+ int afterHour = Integer.parseInt(mProperties.getAfterHour());
+ int beginMin = Integer.parseInt(mProperties.getBeginMin());
+ int afterMin = Integer.parseInt(mProperties.getAfterMin());
+ int beginSec = Integer.parseInt(mProperties.getBeginSec());
+ int afterSec = Integer.parseInt(mProperties.getAfterSec());
Calendar calendar = Calendar.getInstance();
- calendar.set(beginYear, beginMonth, beginDate,
- beginHour, beginMin, beginSec);
+ calendar.set(beginYear, beginMonth, beginDate, beginHour, beginMin,
+ beginSec);
notBeforeDate = calendar.getTime();
- calendar.set(afterYear, afterMonth, afterDate,
- afterHour, afterMin, afterSec);
+ calendar.set(afterYear, afterMonth, afterDate, afterHour, afterMin,
+ afterSec);
notAfterDate = calendar.getTime();
}
return new CertificateValidity(notBeforeDate, notAfterDate);
}
- public X509CertInfo getCertInfo() throws EBaseException, PQGParamGenException {
+ public X509CertInfo getCertInfo() throws EBaseException,
+ PQGParamGenException {
X509CertInfo certInfo = new X509CertInfo();
try {
- certInfo.set(X509CertInfo.VERSION,
- new CertificateVersion(CertificateVersion.V3));
+ certInfo.set(X509CertInfo.VERSION, new CertificateVersion(
+ CertificateVersion.V3));
BigInteger serialNumber = mProperties.getSerialNumber();
certInfo.set(X509CertInfo.SERIAL_NUMBER,
- new CertificateSerialNumber(serialNumber));
+ new CertificateSerialNumber(serialNumber));
certInfo.set(X509CertInfo.EXTENSIONS, getExtensions());
certInfo.set(X509CertInfo.VALIDITY, getCertificateValidity());
String issuerName = mProperties.getIssuerName();
@@ -172,46 +160,51 @@ public abstract class CertificateInfo {
issuerName = getSubjectName();
}
- certInfo.set(X509CertInfo.ISSUER,
- new CertificateIssuerName(new X500Name(issuerName)));
- certInfo.set(X509CertInfo.SUBJECT,
- new CertificateSubjectName(new X500Name(getSubjectName())));
- certInfo.set(X509CertInfo.VERSION,
- new CertificateVersion(CertificateVersion.V3));
+ certInfo.set(X509CertInfo.ISSUER, new CertificateIssuerName(
+ new X500Name(issuerName)));
+ certInfo.set(X509CertInfo.SUBJECT, new CertificateSubjectName(
+ new X500Name(getSubjectName())));
+ certInfo.set(X509CertInfo.VERSION, new CertificateVersion(
+ CertificateVersion.V3));
PublicKey pubk = mKeyPair.getPublic();
X509Key xKey = KeyCertUtil.convertPublicKeyToX509Key(pubk);
certInfo.set(X509CertInfo.KEY, new CertificateX509Key(xKey));
- //SignatureAlgorithm algm = getSigningAlgorithm();
- SignatureAlgorithm algm =
- (SignatureAlgorithm) mProperties.get(Constants.PR_SIGNATURE_ALGORITHM);
+ // SignatureAlgorithm algm = getSigningAlgorithm();
+ SignatureAlgorithm algm = (SignatureAlgorithm) mProperties
+ .get(Constants.PR_SIGNATURE_ALGORITHM);
if (algm == null) {
- String hashtype = (String) mProperties.get(ConfigConstants.PR_HASH_TYPE);
+ String hashtype = (String) mProperties
+ .get(ConfigConstants.PR_HASH_TYPE);
- algm = KeyCertUtil.getSigningAlgorithm(getKeyAlgorithm(), hashtype);
+ algm = KeyCertUtil.getSigningAlgorithm(getKeyAlgorithm(),
+ hashtype);
mProperties.put(Constants.PR_SIGNATURE_ALGORITHM, algm);
}
AlgorithmId sigAlgId = getAlgorithmId();
if (sigAlgId == null) {
- byte[]encodedOID = ASN1Util.encode(algm.toOID());
+ byte[] encodedOID = ASN1Util.encode(algm.toOID());
sigAlgId = new AlgorithmId(new ObjectIdentifier(
- new DerInputStream(encodedOID)));
+ new DerInputStream(encodedOID)));
}
- certInfo.set(X509CertInfo.ALGORITHM_ID,
- new CertificateAlgorithmId(sigAlgId));
+ certInfo.set(X509CertInfo.ALGORITHM_ID, new CertificateAlgorithmId(
+ sigAlgId));
} catch (InvalidKeyException e) {
throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_KEY"));
- } catch (CertificateException e) {
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_CERT", e.toString()));
+ } catch (CertificateException e) {
+ throw new EBaseException(CMS.getUserMessage(
+ "CMS_BASE_INVALID_CERT", e.toString()));
} catch (IOException e) {
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_INVALID_CERT", e.toString()));
+ throw new EBaseException(CMS.getUserMessage(
+ "CMS_BASE_INVALID_CERT", e.toString()));
} catch (NoSuchAlgorithmException e) {
- throw new EBaseException(CMS.getUserMessage("CMS_BASE_ALG_NOT_SUPPORTED", ""));
+ throw new EBaseException(CMS.getUserMessage(
+ "CMS_BASE_ALG_NOT_SUPPORTED", ""));
}
return certInfo;
@@ -225,7 +218,7 @@ public abstract class CertificateInfo {
KeyCertUtil.setDERExtension(exts, mProperties);
KeyCertUtil.setBasicConstraintsExtension(exts, mProperties);
KeyCertUtil.setSubjectKeyIdentifier(mKeyPair, exts, mProperties);
- //KeyCertUtil.setOCSPSigning(mKeyPair, exts, mProperties);
+ // KeyCertUtil.setOCSPSigning(mKeyPair, exts, mProperties);
KeyCertUtil.setAuthInfoAccess(mKeyPair, exts, mProperties);
KeyCertUtil.setOCSPNoCheck(mKeyPair, exts, mProperties);
KeyPair caKeyPair = (KeyPair) mProperties.get(Constants.PR_CA_KEYPAIR);
@@ -245,8 +238,7 @@ public abstract class CertificateInfo {
boolean isKeyUsageEnabled = mProperties.getKeyUsageExtension();
if (isKeyUsageEnabled) {
- KeyCertUtil.setKeyUsageExtension(
- exts, getKeyUsageExtension());
+ KeyCertUtil.setKeyUsageExtension(exts, getKeyUsageExtension());
}
return exts;
}
@@ -255,27 +247,27 @@ public abstract class CertificateInfo {
return (AlgorithmId) (mProperties.get(Constants.PR_ALGORITHM_ID));
}
- public void setAuthorityKeyIdExt(CertificateExtensions caexts, CertificateExtensions ext)
- throws IOException, CertificateException, CertificateEncodingException,
+ public void setAuthorityKeyIdExt(CertificateExtensions caexts,
+ CertificateExtensions ext) throws IOException,
+ CertificateException, CertificateEncodingException,
CertificateParsingException {
SubjectKeyIdentifierExtension subjKeyExt = null;
try {
- subjKeyExt =
- (SubjectKeyIdentifierExtension) caexts.get(SubjectKeyIdentifierExtension.NAME);
+ subjKeyExt = (SubjectKeyIdentifierExtension) caexts
+ .get(SubjectKeyIdentifierExtension.NAME);
} catch (IOException e) {
}
if (subjKeyExt == null)
return;
else {
- KeyIdentifier keyId = (KeyIdentifier) subjKeyExt.get(
- SubjectKeyIdentifierExtension.KEY_ID);
- AuthorityKeyIdentifierExtension authExt =
- new AuthorityKeyIdentifierExtension(false, keyId, null, null);
+ KeyIdentifier keyId = (KeyIdentifier) subjKeyExt
+ .get(SubjectKeyIdentifierExtension.KEY_ID);
+ AuthorityKeyIdentifierExtension authExt = new AuthorityKeyIdentifierExtension(
+ false, keyId, null, null);
ext.set(AuthorityKeyIdentifierExtension.NAME, authExt);
}
}
}
-
generated by cgit (git 2.34.1) at 2024-07-01 13:11:51 +0000