Java Tutorial/Security/X.509 Certificate revocation list — различия между версиями
Admin (обсуждение | вклад) м (1 версия) |
|
(нет различий)
|
Текущая версия на 08:01, 1 июня 2010
Содержание
Define selector
<source lang="java">
import java.io.FileInputStream; import java.math.BigInteger; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.cert.X509CertSelector; import java.util.Calendar; import java.util.Date; public class MainClass {
public static void main(String args[]) throws Exception { X509CertSelector selec = new X509CertSelector(); CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); System.out.println(selec.match(c)); selec.setIssuer("CN=Peter,OU=Network Center," + "O=University,L=ZB,ST=Vancouver,C=CN"); System.out.println(selec.match(c)); Calendar cld = Calendar.getInstance(); int year = Integer.parseInt(args[1]); int month = Integer.parseInt(args[2]) - 1; int day = Integer.parseInt(args[3]); cld.set(year, month, day); Date d = cld.getTime(); selec.setCertificateValid(d); System.out.println(selec.match(c)); BigInteger sn = new BigInteger("1039056963"); selec.setSerialNumber(sn); System.out.println(selec.match(c)); }
}</source>
List properties for X.509 CRL
<source lang="java">
import java.io.FileInputStream; import java.security.cert.CertificateFactory; import java.security.cert.X509CRL; public class MainClass {
public static void main(String[] args) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream in = new FileInputStream(args[0]); X509CRL crl = (X509CRL) cf.generateCRL(in); System.out.println("type = " + crl.getType()); System.out.println("version = " + crl.getVersion()); System.out.println("issuer = " + crl.getIssuerDN().getName()); System.out.println("signing algorithm = " + crl.getSigAlgName()); System.out.println("this update = " + crl.getThisUpdate()); System.out.println("next update = " + crl.getNextUpdate()); in.close(); }
}</source>
Show X.509 CRL entries
<source lang="java">
import java.io.FileInputStream; import java.security.cert.CertificateFactory; import java.security.cert.X509CRL; import java.security.cert.X509CRLEntry; import java.util.Iterator; import java.util.Set; public class MainClass {
public static void main(String[] args) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); FileInputStream in = new FileInputStream(args[0]); X509CRL crl = (X509CRL) cf.generateCRL(in); Set s = crl.getRevokedCertificates(); if (s != null && s.isEmpty() == false) { Iterator t = s.iterator(); while (t.hasNext()) { X509CRLEntry entry = (X509CRLEntry) t.next(); System.out.println("serial number = " + entry.getSerialNumber().toString(16)); System.out.println("revocation date = " + entry.getRevocationDate()); System.out.println("extensions = " + entry.hasExtensions()); } } in.close(); }
}</source>
X509 Certificate Selector
<source lang="java">
import java.io.FileInputStream; import java.security.cert.CertStore; import java.security.cert.CertStoreParameters; import java.security.cert.Certificate; import java.security.cert.CertificateFactory; import java.security.cert.CollectionCertStoreParameters; import java.security.cert.X509CertSelector; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.List; import java.util.Set; public class MainClass {
public static void main(String args[]) throws Exception { CertificateFactory cf = CertificateFactory.getInstance("X.509"); List mylist = new ArrayList(); FileInputStream in = new FileInputStream(args[0]); Certificate c = cf.generateCertificate(in); mylist.add(c); CertStoreParameters cparam = new CollectionCertStoreParameters(mylist); CertStore cs = CertStore.getInstance("Collection", cparam); X509CertSelector selec = new X509CertSelector(); selec.setIssuer("CN=YourName,OU=Network Center," + "O=University,L=ZB,ST=Toronto,C=CN"); Set clct = (Set) cs.getCertificates(selec); Object o[] = clct.toArray(); for (int i = 0; i < o.length; i++) { X509Certificate ct = (X509Certificate) o[i]; System.out.println("Certificate " + i + " "); System.out.println(ct.getSubjectDN()); } }
}</source>