Example usage for java.security.cert X509Certificate getIssuerX500Principal

List of usage examples for java.security.cert X509Certificate getIssuerX500Principal

  1. HOME
  2. Java
  3. java
  4. java.security.cert.*
  5. X509Certificate
  6. getIssuerX500Principal

Introduction

In this page you can find the example usage for java.security.cert X509Certificate getIssuerX500Principal.

Prototype

public X500Principal getIssuerX500Principal()

Source Link

Document

Returns the issuer (issuer distinguished name) value from the certificate as an X500Principal .

Usage

From source file:MainClass.java

public static void main(String[] args) throws Exception {
    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
    KeyPair pair = generateRSAKeyPair();
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    bOut.write(generateV1Certificate(pair).getEncoded());
    bOut.close();/* w ww. j a v a 2s.c  om*/
    InputStream in = new ByteArrayInputStream(bOut.toByteArray());
    CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
    X509Certificate x509Cert = (X509Certificate) fact.generateCertificate(in);
    System.out.println("issuer: " + x509Cert.getIssuerX500Principal());
}

From source file:Main.java

protected static X500Principal getEncodedIssuerPrincipal(X509Certificate cert) {
    return cert.getIssuerX500Principal();
}

From source file:Main.java

public static boolean isTrustAnchor(X509Certificate certificate) throws IOException {
    boolean trust_anchor = certificate.getSubjectX500Principal().equals(certificate.getIssuerX500Principal())
            && certificate.getBasicConstraints() >= 0;
    if (trust_anchor) {
        try {//from w ww .j a  va2 s . c o  m
            certificate.verify(certificate.getPublicKey());
        } catch (Exception e) {
            throw new IOException(e);
        }
        return true;
    }
    return false;
}

From source file:ru.codeinside.gws.crypto.cryptopro.SunPkcs7.java

public static byte[] toPkcs7(final Signature signature) {
    final X509Certificate certificate = signature.certificate;
    final byte[] sign = signature.sign;
    X500Name issuer = X500Name.asX500Name(certificate.getIssuerX500Principal());
    final AlgorithmId digestAlgorithmId = new AlgorithmId(GOST3411);
    final AlgorithmId signAlgorithmId = new AlgorithmId(GOST3410);
    SignerInfo sInfo = new SignerInfo(issuer, certificate.getSerialNumber(), digestAlgorithmId, signAlgorithmId,
            sign);/* w ww .j a v a  2  s . c om*/
    ContentInfo cInfo = new ContentInfo(ContentInfo.DATA_OID, null);
    PKCS7 pkcs7 = new PKCS7(new AlgorithmId[] { digestAlgorithmId }, cInfo,
            new X509Certificate[] { certificate }, new SignerInfo[] { sInfo });
    final ByteArrayOutputStream bOut = new DerOutputStream();
    try {
        pkcs7.encodeSignedData(bOut);
    } catch (IOException e) {
        throw new RuntimeException(e);
    }
    return bOut.toByteArray();
}

From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateUtil.java

public static X500Principal getIssuer(X509Certificate certificate) {
    return certificate.getIssuerX500Principal();
}

From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateUtil.java

public static boolean isRoot(X509Certificate certificate) {
    return certificate.getSubjectX500Principal().equals(certificate.getIssuerX500Principal());
}

From source file:be.fedict.trust.TrustValidator.java

/**
 * Gives back the trust linker result of a verification of a self-signed
 * X509 certificate.//from  w  ww .j  a  v a  2s  . c  o  m
 * 
 * @param certificate
 *            the self-signed certificate to validate.
 * @return the validation result.
 */
public static TrustLinkerResult getSelfSignedResult(X509Certificate certificate) {

    if (false == certificate.getIssuerX500Principal().equals(certificate.getSubjectX500Principal())) {
        return new TrustLinkerResult(false, TrustLinkerResultReason.INVALID_TRUST,
                "root certificate should be self-signed: " + certificate.getSubjectX500Principal());
    }
    try {
        certificate.verify(certificate.getPublicKey());
    } catch (Exception e) {
        return new TrustLinkerResult(false, TrustLinkerResultReason.INVALID_SIGNATURE,
                "certificate signature error: " + e.getMessage());
    }
    return new TrustLinkerResult(true);
}

From source file:be.fedict.eid.applet.service.JSONServlet.java

private static JSONObject createCertJSONObject(X509Certificate certificate, SimpleDateFormat simpleDateFormat)
        throws CertificateEncodingException, IOException {
    JSONObject certJSONObject = new JSONObject();
    certJSONObject.put("subject", certificate.getSubjectX500Principal().toString());
    certJSONObject.put("issuer", certificate.getIssuerX500Principal().toString());
    certJSONObject.put("serialNumber", certificate.getSerialNumber().toString());
    certJSONObject.put("notBefore", certificate.getNotBefore().toString());
    certJSONObject.put("notAfter", certificate.getNotAfter().toString());
    certJSONObject.put("signatureAlgo", certificate.getSigAlgName());
    certJSONObject.put("thumbprint", DigestUtils.shaHex(certificate.getEncoded()));
    certJSONObject.put("details", certificate.toString());
    certJSONObject.put("pem", toPem(certificate));

    return certJSONObject;
}

From source file:org.globus.gsi.trustmanager.TrustedCertPathFinder.java

private static X509Certificate checkCertificate(List<X509Certificate> trustedCertPath,
        X509Certificate x509Certificate, Certificate issuerCertificate) throws CertPathValidatorException {
    X509Certificate x509IssuerCertificate = (X509Certificate) issuerCertificate;

    // check that the next one is indeed issuer, normalizing to Globus DN format
    String issuerDN = CertificateUtil.toGlobusID(x509Certificate.getIssuerX500Principal());
    String issuerCertDN = CertificateUtil.toGlobusID(x509IssuerCertificate.getSubjectX500Principal());

    if (!(issuerDN.equals(issuerCertDN))) {
        throw new IllegalArgumentException("Incorrect certificate path, certificate in chain can only "
                + "be issuer of previous certificate");
    }//from   w ww.  j  a va  2 s . com

    // validate integrity of signature
    PublicKey publicKey = x509IssuerCertificate.getPublicKey();
    try {
        x509Certificate.verify(publicKey);
    } catch (CertificateException e) {
        throw new CertPathValidatorException(
                "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e);
    } catch (NoSuchAlgorithmException e) {
        throw new CertPathValidatorException(
                "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e);
    } catch (InvalidKeyException e) {
        throw new CertPathValidatorException(
                "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e);
    } catch (NoSuchProviderException e) {
        throw new CertPathValidatorException(
                "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e);
    } catch (SignatureException e) {
        throw new CertPathValidatorException(
                "Signature validation on the certificate " + x509Certificate.getSubjectDN(), e);
    }

    trustedCertPath.add(x509Certificate);
    return x509IssuerCertificate;
}

From source file:mitm.common.security.certificate.X509CertificateInspector.java

/**
 * Returns the issuer DN in a friendly format
 * @param certificate//from  w w  w .j a va2 s  . com
 * @return
 */
public static String getIssuerFriendly(X509Certificate certificate) {
    return X500PrincipalInspector.getFriendly(certificate.getIssuerX500Principal());
}