Java reads the Certificate Class and key tool GUI 1.7

Source: Internet
Author: User
Key tool guis 1.7

/**
* <P> title: Light Weight APIs for crypto </P>
* <P> Description: An Example of processing a Shanghai CA certificate (root certificate and user certificate) </P>
* <P> copyright: Copyright (c) 2003 </P>
* <P> company: China Information Security Organization (ciso) </P>
* @ Author Rainbow (webmaster) Haha add more information about PKI in. ciso. Are you welcome to check it out?
* Hope to join us!
* @ Version 1.0.2003.0620
*/
Import java. Io .*;

Import org. bouncycastle. asn1 .*;
Import org. bouncycastle. asn1.util .*;
Import org. bouncycastle. asn1.x509 .*;
Import org. bouncycastle. util. encoders .*;
Public class certmanager {
String eoid [] [] = {
{New String ("Subject Key Identifier"), new string ("2.5.29.14 ")},
{New String ("Key Usage"), new string ("2.5.29.15 ")},
{New String ("Private Key usage period"), new string ("2.5.29.16 ")},
{New String ("Subject alternative name"), new string ("2.5.29.17 ")},
{New String ("issuer alternative name"), new string ("2.5.29.18 ")},
{New String ("basic constraints"), new string ("2.5.29.19 ")},
{New String ("CRL number"), new string ("2.5.29.20 ")},
{New String ("Reason code"), new string ("2.5.29.21 ")},
{New String ("hold instruction code"), new string ("2.5.29.23 ")},
{New String ("invalidity date"), new string ("2.5.29.24 ")},
{New String ("delta CRL indicator"), new string ("2.5.29.27 ")},
{New String ("issuing distribution point"), new string ("2.5.29.28 ")},
{New String ("certificate issuer"), new string ("2.5.29.29 ")},
{New String ("name constraints"), new string ("2.5.29.30 ")},
{New String ("CRL distribution points"), new string ("2.5.29.31 ")},
{New String ("certificate policies"), new string ("2.5.29.32 ")},
{New String ("policy mappings"), new string ("2.5.29.33 ")},
{New String ("Authority Key Identifier"), new string ("2.5.29.35 ")},
{New String ("policy constraints"), new string ("2.5.29.36 ")},
{New String ("extended Key Usage"), new string ("2.5.29.37 ")}};
Byte Buf [];
Public certmanager (){
Int flength = 0;
Try {
Fileinputstream FCM = new fileinputstream (".. \ mycert \ ca. Der ");
Flength = FCM. Available ();
Buf = new byte [flength];
FS. Read (BUF, 0, flength );
}
Catch (exception ex ){
System. Out. println ("An error occurred while reading the Certificate file! ");
Return;
}
}
Public byte [] getextensionbytes (string OID, x509extensions exts)
{
If (exts! = NULL)
{
X509extension ext = exts. getextension (New derobjectidentifier (OID ));
If (EXT! = NULL)
{
Return Ext. getvalue (). getoctets ();
}
}
Return NULL;
}
Public void getcert ()
{

Bytearrayinputstream bin;
Derinputstream din;
String dump = "";

Try
{
Bin = new bytearrayinputstream (BUF );
Din = new derinputstream (BIN );

Asn1sequence seq = (asn1sequence) DIN. readobject ();
// Dump = derdump. dumpasstring (SEQ );
// Debug the output statement
// System. Out. println (dump );
// Basic Certificate Information
System. out. println ("<================= basic information of the certificate ========================>>" );
X509certificatestructure Cert = new x509certificatestructure (SEQ );
System. Out. println ("Certificate version: \ t" + cert. getversion ());
System. Out. println ("serial number: \ t" + cert. getserialnumber (). getvalue (). tostring (16 ));
System. Out. println ("algorithm identifier: \ t" + cert. getsignaturealgorithm (). getobjectid (). GETID ());
System. Out. println ("issuer: \ t" + cert. getissuer ());
System. Out. println ("Start Time: \ t" + cert. getstartdate (). gettime ());
System. Out. println ("End Time: \ t" + cert. getenddate (). gettime ());
System. Out. println ("Subject name: \ t" + cert. getsubject ());
System. Out. Print ("signature value: \ t ");
Derbitstring Signature = cert. getsignature ();
String strsign = new string (Hex. encode (signature. getbytes ()));
System. Out. println (strsign );
System. Out. println ("main public key: \ t ");
Subjectpublickeyinfo pukinfo = cert. getsubjectpublickeyinfo ();
System. Out. println ("\ t identifier: \ t" + pukinfo. getalgorithmid (). getobjectid (). GETID ());
Byte [] bypuk = pukinfo. getpublickeydata (). getbytes ();
String strpuk = new string (Hex. encode (bypuk ));
System. Out. println ("\ t public key value: \ t" + strpuk );
// Certificate Extension Information
System. out. println ("<============= certificate Extension Information ======================>> ");
X509extensions ext = cert. gettbscertificate (). getextensions ();
// 15 -- Key Usage 19 --- basic Constrains
// 31 -- CRL point 32 --- certificate policy
Getkeyusage (EXT );
Getbasicconstrains (EXT );
Getcrlpoint (EXT );
Getcertpolicy (EXT );
}
Catch (exception E)
{
E. printstacktrace ();
Return;
}
}

// Use the accesskey

Public void getkeyusage (x509extensions ext)
{
Derobjectidentifier deroid = new derobjectidentifier ("2.5.29.15 ");
X509extension item = NULL;
Boolean iscritical;
Asn1octetstring value;
Try {
Item = ext. getextension (deroid );
Iscritical = item. iscritical ();
Value = item. getvalue ();
}
Catch (exception ex ){
Return;
}
System. Out. println (new string (Hex. encode (value. getoctets ())));
}
// Obtain the basic limits
Public void getbasicconstrains (x509extensions ext)
{
Byte [] bytes = getextensionbytes ("2.5.29.19", ext );

If (Bytes! = NULL)
{
Try
{
Derinputstream din = new derinputstream (New bytearrayinputstream (bytes ));
Asn1sequence seq = (asn1sequence) DIN. readobject ();

If (seq. Size () = 2)
{
If (derboolean) seq. getobjectat (0). istrue ())
{
Int pathlen = (derinteger) seq. getobjectat (1). getvalue (). intvalue ();
System. Out. println ("is a CA certificate \ t" + "Max path Len =" + pathlen );
}
Else
{
System. Out. println ("not a CA certificate! ");
}
}
Else if (seq. Size () = 1)
{
If (seq. getobjectat (0) instanceof derboolean)
{
If (derboolean) seq. getobjectat (0). istrue ())
{
System. Out. println (integer. max_value );
}
}
}
}
Catch (exception E)
{
Throw new runtimeexception ("error processing Key Usage extension ");
}
}
}
// Retrieve the CRL distribution point
Public void getcrlpoint (x509extensions ext)
{
Byte [] bycontent = getextensionbytes ("2.5.29.31", ext );

If (bycontent! = NULL)
{
Try
{
Derinputstream din = new derinputstream (New bytearrayinputstream (bycontent ));
Asn1sequence seq = (asn1sequence) DIN. readobject ();
Int dpcount = seq. Size ();
For (INT I = 0; I <dpcount; I ++)
{
// The first distribution point (distributionpoint)
Asn1sequence point1 = (asn1sequence) seq. getobjectat (I );
Derobject tobj = (dertaggedobject) point1.getobjectat (0 );
System. Out. println ("CRL distribution point" + (I + 1) + ":");
While (tobj instanceof dertaggedobject &&! (Dertaggedobject) tobj). isempty ())
{
System. Out. println ("\ ttagno:" + (dertaggedobject) tobj). gettagno ());
If (tobj instanceof dertaggedobject)
Tobj = (dertaggedobject) tobj). GetObject ();
}
Deroctetstring OS = (deroctetstring) tobj. getderobject ();
String STR = new string (OS. getoctets ());
System. Out. println ("\ t" + Str );
}
}
Catch (exception E)
{
System. Out. println ("An error occurred while processing the CRL distribution point! ");
}
}
}
// Certificate fetch Policy
Public void getcertpolicy (x509extensions ext)
{
Byte [] bycontent = getextensionbytes ("2.5.29.32", ext );

If (bycontent! = NULL)
{
Try
{
Derinputstream din = new derinputstream (New bytearrayinputstream (bycontent ));
Asn1sequence seq = (asn1sequence) DIN. readobject ();
// String dump = derdump. dumpasstring (SEQ );
// Debug the output statement
// System. Out. println ("certificate policy:" + dump );
For (INT I = 0; I <seq. Size (); I ++)
{
Getpolicyinfo (asn1sequence) seq. getobjectat (I ));
}
}
Catch (exception E)
{
E. printstacktrace ();
}
}
}
Private void getpolicyinfo (asn1sequence SEQ)
{
If (seq. Size () = 2)
{
Derobjectidentifier objid = (derobjectidentifier) seq. getobjectat (0 );
System. Out. println ("certificate policy ID:" + objid. GETID ());
Asn1sequence seqqualifier = (asn1sequence) seq. getobjectat (1 );
For (INT I = 0; I <seqqualifier. Size (); I ++)
Getpolicyqualifierinfo (asn1sequence) seqqualifier. getobjectat (I ));
}
Else
System. Out. println ("An error occurred while parsing policy declaration! ");
}
Private void getpolicyqualifierinfo (asn1sequence SEQ)
{
If (seq. Size () = 2)
{
Derobjectidentifier objid = (derobjectidentifier) seq. getobjectat (0 );
System. Out. println ("policy declaration identifier:" + objid. GETID ());
Deria5string ia5 = (deria5string) seq. getobjectat (1 );
System. Out. println ("Declaration content:" + ia5.getstring ());
}
}
Public static void main (string [] ARGs ){
Certmanager CM = new certmanager ();
Cm. getcert ();
}
}

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.