/************************************************************************
* *
* #java.security.cert *
* *
* Interfaces: *
* X509Extension *
* *
* Classes: *
* Certificate X509Certificate *
* CertificateFactory X509CRL *
* CertificateFactorySpi X509CRLEntry *
* CRL *
* *
* Exceptions: *
* CertificateEncodingException CertificateNotYetValidException *
* CertificateException CertificateParsingException *
* CertificateExpiredException CRLException *
* *
************************************************************************/
package Test.Chris;
import java.security.cert.*;
public class Java_security_cert {
public static void main(String[] args) {
Java_security_cert obj = new Java_security_cert();
obj.exercise();
System.exit(0);
}
public void exercise() {
certificate();
certificatefactory();
certificatefactoryspi();
crl();
x509certificate();
x509crl();
x509crlentry();
x509extension();
}
/*********************************************************************
* *
* Certificate: *
* *
* Desc: *
* *
* Methods: *
* equals getType toString *
* getEncoded hashCode verify *
* getPublicKey *
* *
*********************************************************************/
void certificate() {
boolean b;
String s;
int i;
byte[] x;
java.io.FileInputStream ios;
java.security.KeyStore ks;
java.security.PublicKey k;
Certificate c;
Certificate d;
try {
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = java.security.KeyStore.getInstance("JKS");
ks.load(ios, null);
c = ks.getCertificate("critter");
d = ks.getCertificate("critter");
s = c.getType(); // type of this certificate
k = c.getPublicKey(); // public key from this certificate
c.verify(k); // verifies certificate was signed using the private key
c.verify(k, "SUN"); // verifies certificate was signed using the private key
x = c.getEncoded(); // encoded form of this certificate
b = c.equals(c); // compares certificates for equality
s = c.toString(); // string representation
i = c.hashCode(); // hashcode value
ios.close();
} catch(java.security.KeyStoreException e) {
System.out.println(e);
} catch(java.security.NoSuchAlgorithmException e) {
System.out.println(e);
} catch(java.security.NoSuchProviderException e) {
System.out.println(e);
} catch(java.security.SignatureException e) {
System.out.println(e);
} catch(java.security.InvalidKeyException e) {
System.out.println(e);
} catch(CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* CertificateFactory: *
* *
* Desc: *
* *
* Methods: *
* generateCertificate generateCRLs getProvider *
* generateCRL getInstance getType *
* *
*********************************************************************/
void certificatefactory() {
/* TO BE DETERMINED
Certificate generateCertificate(InputStream inStream) // Generates a certificate object and initializes it with the data read from the input stream inStream.
Collection generateCertificates(InputStream inStream) // Returns a (possibly empty) collection view of the certificates read from the given input stream inStream.
CRL generateCRL(InputStream inStream) // Generates a certificate revocation list (CRL) object and initializes it with the data read from the input stream inStream.
Collection generateCRLs(InputStream inStream) // Returns a (possibly empty) collection view of the CRLs read from the given input stream inStream.
static CertificateFactory getInstance(String type) // Generates a certificate factory object that implements the specified certificate type.
static CertificateFactory getInstance(String type, String provider) // Generates a certificate factory object for the specified certificate type from the specified provider.
Provider getProvider() // Returns the provider of this certificate factory.
String getType() // Returns the name of the certificate type associated with this certificate factory.
*/
}
/*********************************************************************
* *
* CertificateFactorySpi: *
* *
* Desc: *
* *
* Methods: *
* engineGenerateCertificate engineGenerateCRLs *
* engineGenerateCRL *
* *
*********************************************************************/
void certificatefactoryspi() {
/* TO BE DETERMINED
abstract Certificate engineGenerateCertificate(InputStream inStream) // Generates a certificate object and initializes it with the data read from the input stream inStream.
abstract Collection engineGenerateCertificates(InputStream inStream) // Returns a (possibly empty) collection view of the certificates read from the given input stream inStream.
abstract CRL engineGenerateCRL(InputStream inStream) // Generates a certificate revocation list (CRL) object and initializes it with the data read from the input stream inStream.
abstract Collection engineGenerateCRLs(InputStream inStream) // Returns a (possibly empty) collection view of the CRLs read from the given input stream inStream.
*/
}
/*********************************************************************
* *
* CRL: *
* *
* Desc: *
* *
* Methods: *
* getType isRevoked toString *
* *
*********************************************************************/
void crl() {
/*
java.io.FileInputStream ios;
CertificateFactory cf;
CRL crl;
try {
ios = new java.io.FileInputStream("fileName-of-crl");
cf = CertificateFactory.getInstance("X.509");
crl = (CRL)cf.generateCRL(ios);
ios.close();
} catch(CRLException e) {
System.out.println(e);
} catch(CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
*/
/* TO BE DETERMINED
String getType() // Returns the type of this CRL.
abstract boolean isRevoked(Certificate cert) // Checks whether the given certificate is on this CRL.
abstract String toString() // Returns a string representation of this CRL.
*/
}
/*********************************************************************
* *
* X509Certificate: *
* *
* Desc: *
* *
* Methods: *
* checkValidity getNotBefore getSubjectDN *
* getBasicConstraints getSerialNumber getSubjectUniqueID *
* getIssuerDN getSigAlgName getTBSCertificate *
* getIssuerUniqueID getSigAlgOID getVersion *
* getKeyUsage getSigAlgParams *
* getNotAfter getSignature *
* *
*********************************************************************/
void x509certificate() {
String s;
int i;
boolean[] x;
byte[] y;
java.math.BigInteger j;
java.util.Date d;
java.io.FileInputStream ios;
java.security.KeyStore ks;
java.security.Principal p;
X509Certificate c;
try {
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = java.security.KeyStore.getInstance("JKS");
ks.load(ios, null);
c = (X509Certificate)ks.getCertificate("critter");
d = c.getNotBefore(); // Gets the notBefore date from the validity period of the certificate.
d = c.getNotAfter(); // Gets the notAfter date from the validity period of the certificate.
// c.checkValidity(); // Checks that the certificate is currently valid
c.checkValidity(d); // Checks that the given date is within the certificate's validity period.
i = c.getVersion(); // Gets the version (version number) value from the certificate.
i = c.getBasicConstraints(); // Gets the certificate constraints path length from the critical BasicConstraints extension, (OID = 2.5.29.19).
j = c.getSerialNumber(); // Gets the serialNumber value from the certificate.
s = c.getSigAlgName(); // Gets the signature algorithm name for the certificate signature algorithm.
s = c.getSigAlgOID(); // Gets the signature algorithm OID string from the certificate.
p = c.getIssuerDN(); // Gets the issuer (issuer distinguished name) value from the certificate.
p = c.getSubjectDN(); // Gets the subject (subject distinguished name) value from the certificate.
x = c.getKeyUsage(); // bits of the KeyUsage extension (null?)
x = c.getIssuerUniqueID(); // issuerUniqueID value from the certificate (null?)
x = c.getSubjectUniqueID(); // subjectUniqueID value from the certificate (null?)
y = c.getSignature(); // signature value - the raw signature bits
y = c.getSigAlgParams(); // DER-encoded signature algorithm parameters (null?)
y = c.getTBSCertificate(); // DER-encoded certificate information
ios.close();
} catch(java.security.KeyStoreException e) {
System.out.println(e);
} catch(java.security.NoSuchAlgorithmException e) {
System.out.println(e);
} catch(CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
/*********************************************************************
* *
* X509CRL: *
* *
* Desc: *
* *
* Methods: *
* equals getSigAlgParams *
* getEncoded getSignature *
* getIssuerDN getTBSCertList *
* getNextUpdate getThisUpdate *
* getRevokedCertificate getVersion *
* getRevokedCertificates hashCode *
* getSigAlgName verify *
* getSigAlgOID *
* *
*********************************************************************/
void x509crl() {
/* TO BE DETERMINED
boolean equals(Object other) // Compares this CRL for equality with the given object.
abstract byte[] getEncoded() // Returns the ASN.1 DER-encoded form of this CRL.
abstract Principal getIssuerDN() // Gets the issuer (issuer distinguished name) value from the CRL.
abstract Date getNextUpdate() // Gets the nextUpdate date from the CRL.
abstract X509CRLEntry getRevokedCertificate(BigInteger serialNumber) // Gets the CRL entry with the given serialNumber from this CRL.
abstract Set getRevokedCertificates() // Gets all the entries from this CRL.
abstract String getSigAlgName() // Gets the signature algorithm name for the CRL signature algorithm.
abstract String getSigAlgOID() // Gets the signature algorithm OID string from the CRL.
abstract byte[] getSigAlgParams() // Gets the DER-encoded signature algorithm parameters from this CRL's signature algorithm.
abstract byte[] getSignature() // Gets the signature value (the raw signature bits) from the CRL.
abstract byte[] getTBSCertList() // Gets the DER-encoded CRL information, the tbsCertList from this CRL.
abstract Date getThisUpdate() // Gets the thisUpdate date from the CRL.
abstract int getVersion() // Gets the version (version number) value from the CRL.
int hashCode() // Returns a hashcode value for this CRL from its encoded form.
abstract void verify(PublicKey key) // Verifies that this CRL was signed using the private key that corresponds to the given public key.
abstract void verify(PublicKey key, String sigProvider) // Verifies that this CRL was signed using the private key that corresponds to the given public key.
*/
}
/*********************************************************************
* *
* X509CRLEntry: *
* *
* Desc: *
* *
* Methods: *
* equals getSerialNumber hashCode *
* getEncoded hasExtensions toString *
* getRevocationDate *
* *
*********************************************************************/
void x509crlentry() {
/* TO BE DETERMINED
boolean equals(Object other) // Compares this CRL entry for equality with the given object.
abstract byte[] getEncoded() // Returns the ASN.1 DER-encoded form of this CRL Entry, that is the inner SEQUENCE.
abstract Date getRevocationDate() // Gets the revocation date from this X509CRLEntry, the revocationDate.
abstract BigInteger getSerialNumber() // Gets the serial number from this X509CRLEntry, the userCertificate.
abstract boolean hasExtensions() // Returns true if this CRL entry has extensions.
int hashCode() // Returns a hashcode value for this CRL entry from its encoded form.
abstract String toString() // Returns a string representation of this CRL entry.
*/
}
/*********************************************************************
* *
* X509Extension: *
* *
* Desc: *
* *
* Methods: *
* getCriticalExtensionOIDs getNonCriticalExtensionOIDs *
* getExtensionValue hasUnsupportedCriticalExtension *
* *
*********************************************************************/
void x509extension() {
boolean b;
byte[] x;
java.util.Set y;
java.io.FileInputStream ios;
java.security.KeyStore ks;
X509Extension c;
try {
ios = new java.io.FileInputStream("c:/java/jdk/CUSkeystore");
ks = java.security.KeyStore.getInstance("JKS");
ks.load(ios, null);
c = (X509Extension)ks.getCertificate("critter");
b = c.hasUnsupportedCriticalExtension(); // test if critical extension found that is not supported
y = c.getCriticalExtensionOIDs(); // OID strings for the extensions marked CRITICAL
y = c.getNonCriticalExtensionOIDs(); // OID strings for the extensions marked NON-CRITICAL
x = c.getExtensionValue("oid?"); // DER-encoded OCTET string for the extension value
} catch(java.security.KeyStoreException e) {
System.out.println(e);
} catch(java.security.NoSuchAlgorithmException e) {
System.out.println(e);
} catch(CertificateException e) {
System.out.println(e);
} catch(java.io.FileNotFoundException e) {
System.out.println(e);
} catch(java.io.IOException e) {
System.out.println(e);
}
}
}