Java certificate parsing example

Import java. io .*;
Import org. bouncycastle. asn1 .*;
Import org. bouncycastle. asn1.util .*;
Import org. bouncycastle. asn1.x509 .*;
Import org. bouncycastle. util. encoders .*;
Public class CertManager {
String eoid [] [] = {
{New String ("Subject Key Identifier"), new String ("2.5.29.14 ")},
{New String ("Key Usage"), new String ("2.5.29.15 ")},
{New String ("Private Key Usage Period"), new String ("2.5.29.16 ")},
{New String ("Subject Alternative Name"), new String ("2.5.29.17 ")},
{New String ("Issuer Alternative Name"), new String ("2.5.29.18 ")},
{New String ("Basic Constraints"), new String ("2.5.29.19 ")},
{New String ("CRL Number"), new String ("2.5.29.20 ")},
{New String ("Reason code"), new String ("2.5.29.21 ")},
{New String ("Hold Instruction Code"), new String ("2.5.29.23 ")},
{New String ("Invalidity Date"), new String ("2.5.29.24 ")},
{New String ("Delta CRL indicator"), new String ("2.5.29.27 ")},
{New String ("Issuing Distribution Point"), new String ("2.5.29.28 ")},
{New String ("Certificate Issuer"), new String ("2.5.29.29 ")},
{New String ("Name Constraints"), new String ("2.5.29.30 ")},
{New String ("CRL Distribution Points"), new String ("2.5.29.31 ")},
{New String ("Certificate Policies"), new String ("2.5.29.32 ")},
{New String ("Policy Mappings"), new String ("2.5.29.33 ")},
{New String ("Authority Key Identifier"), new String ("2.5.29.35 ")},
{New String ("Policy Constraints"), new String ("2.5.29.36 ")},
{New String ("Extended Key Usage"), new String ("2.5.29.37 ")}};
Byte buf [];
Public CertManager (){
Int fLength = 0;
Try {
FileInputStream FCM = new FileInputStream (".. \ mycert \ ca. der ");
FLength = FCM. available ();
Buf = new byte [fLength];
FS. read (buf, 0, fLength );
}
Catch (Exception ex ){
System. out. println ("An error occurred while reading the Certificate file! ");
Return;
}
}
Public byte [] getExtensionBytes (String oid, X509Extensions exts)
{
If (exts! = Null)
{
X509Extension ext = exts. getExtension (new DERObjectIdentifier (oid ));
If (ext! = Null)
{
Return ext. getValue (). getOctets ();
}
}
Return null;
}
Public void getCert ()
{

ByteArrayInputStream bIn;
DERInputStream dIn;
String dump = "";

Try
{
BIn = new ByteArrayInputStream (buf );
DIn = new DERInputStream (bIn );

ASN1Sequence seq = (ASN1Sequence) dIn. readObject ();
// Dump = DERDump. dumpAsString (seq );
// Debug the output statement
// System. out. println (dump );
// Basic Certificate Information
System. out. println ("<================= basic information of the certificate ========================>>" );
X509CertificateStructure cert = new X509CertificateStructure (seq );
System. out. println ("Certificate version:" + cert. getVersion ());
System. out. println ("serial number:" + cert. getSerialNumber (). getValue (). toString (16 ));
System. out. println ("algorithm identifier:" + cert. getSignatureAlgorithm (). getObjectId (). getId ());
System. out. println ("issuer:" + cert. getIssuer ());
System. out. println ("Start Time:" + cert. getStartDate (). getTime ());
System. out. println ("End Time:" + cert. getEndDate (). getTime ());
System. out. println ("Subject name:" + cert. getSubject ());
System. out. print ("signature value :");
DERBitString signature = cert. getSignature ();
String strSign = new String (Hex. encode (signature. getBytes ()));
System. out. println (strSign );
System. out. println ("subject Public Key :");
SubjectPublicKeyInfo pukinfo = cert. getSubjectPublicKeyInfo ();
System. out. println ("identifier:" + pukinfo. getAlgorithmId (). getObjectId (). getId ());
Byte [] byPuk = pukinfo. getPublicKeyData (). getBytes ();
String strPuk = new String (Hex. encode (byPuk ));
System. out. println ("Public Key Value:" + strPuk );
// Certificate Extension Information
System. out. println ("<============= certificate Extension Information ======================>> ");
X509Extensions ext = cert. getTBSCertificate (). getExtensions ();
// 15 -- key usage 19 --- basic constrains
// 31 -- crl point 32 --- certificate policy
GetKe