Home > Developer > Java

Java reads the Certificate Class and key tool GUI 1.7

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Key tool guis 1.7

/**
* <P> title: Light Weight APIs for crypto </P>
* <P> Description: An Example of processing a Shanghai CA certificate (root certificate and user certificate) </P>
* <P> copyright: Copyright (c) 2003 </P>
* <P> company: China Information Security Organization (ciso) </P>
* @ Author Rainbow (webmaster) Haha add more information about PKI in. ciso. Are you welcome to check it out?
* Hope to join us!
* @ Version 1.0.2003.0620
*/
Import java. Io .*;

Import org. bouncycastle. asn1 .*;
Import org. bouncycastle. asn1.util .*;
Import org. bouncycastle. asn1.x509 .*;
Import org. bouncycastle. util. encoders .*;
Public class certmanager {
String eoid [] [] = {
{New String ("Subject Key Identifier"), new string ("2.5.29.14 ")},
{New String ("Key Usage"), new string ("2.5.29.15 ")},
{New String ("Private Key usage period"), new string ("2.5.29.16 ")},
{New String ("Subject alternative name"), new string ("2.5.29.17 ")},
{New String ("issuer alternative name"), new string ("2.5.29.18 ")},
{New String ("basic constraints"), new string ("2.5.29.19 ")},
{New String ("CRL number"), new string ("2.5.29.20 ")},
{New String ("Reason code"), new string ("2.5.29.21 ")},
{New String ("hold instruction code"), new string ("2.5.29.23 ")},
{New String ("invalidity date"), new string ("2.5.29.24 ")},
{New String ("delta CRL indicator"), new string ("2.5.29.27 ")},
{New String ("issuing distribution point"), new string ("2.5.29.28 ")},
{New String ("certificate issuer"), new string ("2.5.29.29 ")},
{New String ("name constraints"), new string ("2.5.29.30 ")},
{New String ("CRL distribution points"), new string ("2.5.29.31 ")},
{New String ("certificate policies"), new string ("2.5.29.32 ")},
{New String ("policy mappings"), new string ("2.5.29.33 ")},
{New String ("Authority Key Identifier"), new string ("2.5.29.35 ")},
{New String ("policy constraints"), new string ("2.5.29.36 ")},
{New String ("extended Key Usage"), new string ("2.5.29.37 ")}};
Byte Buf [];
Public certmanager (){
Int flength = 0;
Try {
Fileinputstream FCM = new fileinputstream (".. \ mycert \ ca. Der ");
Flength = FCM. Available ();
Buf = new byte [flength];
FS. Read (BUF, 0, flength );
}
Catch (exception ex ){
System. Out. println ("An error occurred while reading the Certificate file! ");
Return;
}
}
Public byte [] getextensionbytes (string OID, x509extensions exts)
{
If (exts! = NULL)
{
X509extension ext = exts. getextension (New derobjectidentifier (OID ));
If (EXT! = NULL)
{
Return Ext. getvalue (). getoctets ();
}
}
Return NULL;
}
Public void getcert ()
{

Bytearrayinputstream bin;
Derinputstream din;
String dump = "";

Try
{
Bin = new bytearrayinputstream (BUF );
Din = new derinputstream (BIN );

Asn1sequence seq = (asn1sequence) DIN. readobject ();
// Dump = derdump. dumpasstring (SEQ );
// Debug the output statement
// System. Out. println (dump );
// Basic Certificate Information
System. out. println ("<================= basic information of the certificate ========================>>" );
X509certificatestructure Cert = new x509certificatestructure (SEQ );
System. Out. println ("Certificate version: \ t" + cert. getversion ());
System. Out. println ("serial number: \ t" + cert. getserialnumber (). getvalue (). tostring (16 ));
System. Out. println ("algorithm identifier: \ t" + cert. getsignaturealgorithm (). getobjectid (). GETID ());
System. Out. println ("issuer: \ t" + cert. getissuer ());
System. Out. println ("Start Time: \ t" + cert. getstartdate (). gettime ());
System. Out. println ("End Time: \ t" + cert. getenddate (). gettime ());
System. Out. println ("Subject name: \ t" + cert. getsubject ());
System. Out. Print ("signature value: \ t ");
Derbitstring Signature = cert. getsignature ();
String strsign = new string (Hex. encode (signature. getbytes ()));
System. Out. println (strsign );
System. Out. println ("main public key: \ t ");
Subjectpublickeyinfo pukinfo = cert. getsubjectpublickeyinfo ();
System. Out. println ("\ t identifier: \ t" + pukinfo. getalgorithmid (). getobjectid (). GETID ());
Byte [] bypuk = pukinfo. getpublickeydata (). getbytes ();
String strpuk = new string (Hex. encode (bypuk ));
System. Out. println ("\ t public key value: \ t" + strpuk );
// Certificate Extension Information
System. out. println ("<============= certificate Extension Information ======================>> ");
X509extensions ext = cert. gettbscertificate (). getextensions ();
// 15 -- Key Usage 19 --- basic Constrains
// 31 -- CRL point 32 --- certificate policy
Getkeyusage (EXT );
Getbasicconstrains (EXT );
Getcrlpoint (EXT );
Getcertpolicy (EXT );
}
Catch (exception E)
{
E. printstacktrace ();
Return;
}
}

// Use the accesskey

Public void getkeyusage (x509extensions ext)
{
Derobjectidentifier deroid = new derobjectidentifier ("2.5.29.15 ");
X509extension item = NULL;
Boolean iscritical;
Asn1octetstring value;
Try {
Item = ext. getextension (deroid );
Iscritical = item. iscritical ();
Value = item. getvalue ();
}
Catch (exception ex ){
Return;
}
System. Out. println (new string (Hex. encode (value. getoctets ())));
}
// Obtain the basic limits
Public void getbasicconstrains (x509extensions ext)
{
Byte [] bytes = getextensionbytes ("2.5.29.19", ext );

If (Bytes! = NULL)
{
Try
{
Derinputstream din = new derinputstream (New bytearrayinputstream (bytes ));
Asn1sequence seq = (asn1sequence) DIN. readobject ();

If (seq. Size () = 2)
{
If (derboolean) seq. getobjectat (0). istrue ())
{
Int pathlen = (derinteger) seq. getobjectat (1). getvalue (). intvalue ();
System. Out. println ("is a CA certificate \ t" + "Max path Len =" + pathlen );
}
Else
{
System. Out. println ("not a CA certificate! ");
}
}
Else if (seq. Size () = 1)
{
If (seq. getobjectat (0) instanceof derboolean)
{
If (derboolean) seq. getobjectat (0). istrue ())
{
System. Out. println (integer. max_value );
}
}
}
}
Catch (exception E)
{
Throw new runtimeexception ("error processing Key Usage extension ");
}
}
}
// Retrieve the CRL distribution point
Public void getcrlpoint (x509extensions ext)
{
Byte [] bycontent = getextensionbytes ("2.5.29.31", ext );

If (bycontent! = NULL)
{
Try
{
Derinputstream din = new derinputstream (New bytearrayinputstream (bycontent ));
Asn1sequence seq = (asn1sequence) DIN. readobject ();
Int dpcount = seq. Size ();
For (INT I = 0; I <dpcount; I ++)
{
// The first distribution point (distributionpoint)
Asn1sequence point1 = (asn1sequence) seq. getobjectat (I );
Derobject tobj = (dertaggedobject) point1.getobjectat (0 );
System. Out. println ("CRL distribution point" + (I + 1) + ":");
While (tobj instanceof dertaggedobject &&! (Dertaggedobject) tobj). isempty ())
{
System. Out. println ("\ ttagno:" + (dertaggedobject) tobj). gettagno ());
If (tobj instanceof dertaggedobject)
Tobj = (dertaggedobject) tobj). GetObject ();
}
Deroctetstring OS = (deroctetstring) tobj. getderobject ();
String STR = new string (OS. getoctets ());
System. Out. println ("\ t" + Str );
}
}
Catch (exception E)
{
System. Out. println ("An error occurred while processing the CRL distribution point! ");
}
}
}
// Certificate fetch Policy
Public void getcertpolicy (x509extensions ext)
{
Byte [] bycontent = getextensionbytes ("2.5.29.32", ext );

If (bycontent! = NULL)
{
Try
{
Derinputstream din = new derinputstream (New bytearrayinputstream (bycontent ));
Asn1sequence seq = (asn1sequence) DIN. readobject ();
// String dump = derdump. dumpasstring (SEQ );
// Debug the output statement
// System. Out. println ("certificate policy:" + dump );
For (INT I = 0; I <seq. Size (); I ++)
{
Getpolicyinfo (asn1sequence) seq. getobjectat (I ));
}
}
Catch (exception E)
{
E. printstacktrace ();
}
}
}
Private void getpolicyinfo (asn1sequence SEQ)
{
If (seq. Size () = 2)
{
Derobjectidentifier objid = (derobjectidentifier) seq. getobjectat (0 );
System. Out. println ("certificate policy ID:" + objid. GETID ());
Asn1sequence seqqualifier = (asn1sequence) seq. getobjectat (1 );
For (INT I = 0; I <seqqualifier. Size (); I ++)
Getpolicyqualifierinfo (asn1sequence) seqqualifier. getobjectat (I ));
}
Else
System. Out. println ("An error occurred while parsing policy declaration! ");
}
Private void getpolicyqualifierinfo (asn1sequence SEQ)
{
If (seq. Size () = 2)
{
Derobjectidentifier objid = (derobjectidentifier) seq. getobjectat (0 );
System. Out. println ("policy declaration identifier:" + objid. GETID ());
Deria5string ia5 = (deria5string) seq. getobjectat (1 );
System. Out. println ("Declaration content:" + ia5.getstring ());
}
}
Public static void main (string [] ARGs ){
Certmanager CM = new certmanager ();
Cm. getcert ();
}
}

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
openssl validate certificate and key openssl verify certificate and key difference between key and certificate class and interface in java abstract class and concrete class in java php key generation and authentication class class and object in java in hindi
Related Article
Analysis of Java Concurrency Aqs principle (I.)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More