/** * Base constructor. * * @param cert certificate to be used a the source for the holder creation. * @throws CertificateEncodingException if there is a problem extracting the certificate information. */ public JcaX509CertificateHolder(X509Certificate cert) throws CertificateEncodingException { super(Certificate.getInstance(cert.getEncoded())); } }
static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert) throws CertificateEncodingException { Certificate certStruct = Certificate.getInstance(cert.getEncoded()); return new IssuerAndSerialNumber(certStruct.getIssuer(), cert.getSerialNumber()); }
public IssuerAndSerialNumber( Certificate certificate) { this.name = certificate.getIssuer(); this.serialNumber = certificate.getSerialNumber(); }
/** * Return whether or not this certificate is valid on a particular date. * * @param date the date of interest. * @return true if the certificate is valid, false otherwise. */ public boolean isValidOn(Date date) { return !date.before(x509Certificate.getStartDate().getDate()) && !date.after(x509Certificate.getEndDate().getDate()); }
/** * Create a X509CertificateHolder from the passed in ASN.1 structure. * * @param x509Certificate an ASN.1 Certificate structure. */ public X509CertificateHolder(Certificate x509Certificate) { this.x509Certificate = x509Certificate; this.extensions = x509Certificate.getTBSCertificate().getExtensions(); }
private Certificate decodeCertificate(Object cert) { if (provider != null) { try { CertificateFactory certFact = CertificateFactory.getInstance("X.509", provider); return certFact.generateCertificate(new ByteArrayInputStream(org.spongycastle.asn1.x509.Certificate.getInstance(cert).getEncoded())); } catch (Exception e) { return null; } } else { try { CertificateFactory certFact = CertificateFactory.getInstance("X.509"); return certFact.generateCertificate(new ByteArrayInputStream(org.spongycastle.asn1.x509.Certificate.getInstance(cert).getEncoded())); } catch (Exception e) { return null; } } }
/** * Return the SubjectPublicKeyInfo describing the public key this certificate is carrying. * * @return the public key ASN.1 structure contained in the certificate. */ public SubjectPublicKeyInfo getSubjectPublicKeyInfo() { return x509Certificate.getSubjectPublicKeyInfo(); }
/** * @deprecated use getVersionNumber */ public int getVersion() { return x509Certificate.getVersionNumber(); }
/** * Return the ASN.1 encoding of this holder's certificate. * * @return a DER encoded byte array. * @throws IOException if an encoding cannot be generated. */ public byte[] getEncoded() throws IOException { return x509Certificate.getEncoded(); } }
/** * Return the issuer of this certificate. * * @return the certificate issuer. */ public X500Name getIssuer() { return X500Name.getInstance(x509Certificate.getIssuer()); }
/** * Return the serial number of this attribute certificate. * * @return the serial number. */ public BigInteger getSerialNumber() { return x509Certificate.getSerialNumber().getValue(); }
private void checkSignature( PublicKey key, Signature signature) throws CertificateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException { if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature())) { throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); } ASN1Encodable params = c.getSignatureAlgorithm().getParameters(); // TODO This should go after the initVerify? X509SignatureUtil.setSignatureParameters(signature, params); signature.initVerify(key); signature.update(this.getTBSCertificate()); if (!signature.verify(this.getSignature())) { throw new SignatureException("certificate does not verify with supplied key"); } }
/** * Return the date after which this certificate is not valid. * * @return the final time for the certificate's validity period. */ public Date getNotAfter() { return x509Certificate.getEndDate().getDate(); }
public boolean equals( Object o) { if (o == this) { return true; } if (!(o instanceof X509CertificateHolder)) { return false; } X509CertificateHolder other = (X509CertificateHolder)o; return this.x509Certificate.equals(other.x509Certificate); }
private void init(Certificate x509Certificate) { this.x509Certificate = x509Certificate; this.extensions = x509Certificate.getTBSCertificate().getExtensions(); }
public static X509Certificate parseCertificate(JcaJceHelper helper, byte[] encoding) throws IOException { try { /* * NOTE: We want to restrict 'encoding' to a binary BER encoding, but * CertificateFactory.generateCertificate claims to require DER encoding, and also * supports Base64 encodings (in PEM format), which we don't support. * * Re-encoding validates as BER and produces DER. */ byte[] derEncoding = Certificate.getInstance(encoding).getEncoded(ASN1Encoding.DER); ByteArrayInputStream input = new ByteArrayInputStream(derEncoding); X509Certificate certificate = (X509Certificate)helper.createCertificateFactory("X.509").generateCertificate(input); if (input.available() != 0) { throw new IOException("Extra data detected in stream"); } return certificate; } catch (GeneralSecurityException e) { throw new TlsCryptoException("unable to decode certificate", e); } }
/** * Return the SubjectPublicKeyInfo describing the public key this certificate is carrying. * * @return the public key ASN.1 structure contained in the certificate. */ public SubjectPublicKeyInfo getSubjectPublicKeyInfo() { return x509Certificate.getSubjectPublicKeyInfo(); }
public int getVersion() { return c.getVersionNumber(); }
/** * Return the ASN.1 encoding of this holder's certificate. * * @return a DER encoded byte array. * @throws IOException if an encoding cannot be generated. */ public byte[] getEncoded() throws IOException { return x509Certificate.getEncoded(); }
/** * Return the issuer of this certificate. * * @return the certificate issuer. */ public X500Name getIssuer() { return X500Name.getInstance(x509Certificate.getIssuer()); }