1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
// --- BEGIN COPYRIGHT BLOCK ---
// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; version 2 of the License.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License along
// with this program; if not, write to the Free Software Foundation, Inc.,
// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
//
// (C) 2007 Red Hat, Inc.
// All rights reserved.
// --- END COPYRIGHT BLOCK ---
package com.netscape.cmstools;
import java.util.Vector;
import com.netscape.cmsutil.util.Utils;
import netscape.security.util.DerOutputStream;
import netscape.security.util.DerValue;
import netscape.security.util.ObjectIdentifier;
import netscape.security.x509.Extension;
/**
* Generates a DER-encoded Extended Key Usage extension.
* The first parameter is the criticality of the extension, true or false.
* The OIDs to be included in the extension are passed as command-line
* arguments. The OIDs are described in RFC 2459. For example,
* the OID for code signing is 1.3.6.1.5.5.7.3.3.
*
* @version $Revision$, $Date$
*/
public class GenExtKeyUsage {
public static void main(String[] args) {
try {
if (args.length < 2) {
System.out.println("Usage: GenExtKeyUsage [true|false] <OID> ...");
System.exit(-1);
}
boolean critical = false;
if (args[0].equalsIgnoreCase("true")) {
critical = true;
} else if (args[0].equalsIgnoreCase("false")) {
critical = false;
} else {
System.out.println("Usage: GenExtKeyUsage [true|false] <OID> ...");
System.exit(-1);
}
// Generate vector of object identifiers from command line
Vector<ObjectIdentifier> oids = new Vector<ObjectIdentifier>();
for (int i = 1; i < args.length; i++) {
ObjectIdentifier oid = new ObjectIdentifier(args[i]);
oids.addElement(oid);
}
// encode all the object identifiers to the DerOutputStream
DerOutputStream contents = new DerOutputStream();
for (int i = 0; i < oids.size(); i++) {
contents.putOID(oids.elementAt(i));
}
// stuff the object identifiers into a SEQUENCE
DerOutputStream seq = new DerOutputStream();
seq.write(DerValue.tag_Sequence, contents);
// encode the SEQUENCE in an octet string
DerOutputStream octetString = new DerOutputStream();
octetString.putOctetString(seq.toByteArray());
// Construct an extension
ObjectIdentifier extKeyUsageOID = new ObjectIdentifier("2.5.29.37");
Extension extn = new Extension(extKeyUsageOID, critical,
octetString.toByteArray());
DerOutputStream extdos = new DerOutputStream();
extn.encode(extdos);
// BASE64 encode the whole thing and write it to stdout
System.out.println(Utils.base64encode(extdos.toByteArray()));
} catch (Exception e) {
e.printStackTrace();
}
}
}
|