List of usage examples for org.bouncycastle.asn1 DERBitString getString
public String getString()
From source file:com.yacme.ext.oxsit.cust_it.security.crl.X509CertRL.java
License:Open Source License
/** * Controls if the given certificate is revoked at the specified date. * Effettua il controllo di revoca sulla firma contenuta nel certificato * userCert, rispetto alla data corrente<br><br> * * @param userCert certificate to verify * @param date Date/*from w w w . ja v a 2s . c om*/ * @return true if certificate is not revoked */ public boolean isNotRevokedCRL(XStatusIndicator _aStatus, X509Certificate userCert, Date date) { setCertificateStateConditions(CertificateStateConditions.REVOCATION_NOT_YET_CONTROLLED); X509CRL crl = null; //check if we have a status indicator m_xStatusIndicator = _aStatus; getConfiguration(); //check if CRL control is enabled if (m_bDisableCRLControl) { setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROL_NOT_ENABLED); setCertificateState(CertificateState.NOT_VERIFIABLE); return false; } try { // devo fare l'update per compatibilita' all'indietro! if (!update(userCert, date, m_bAlwaysDownloadCRL)) { return false; } else { crl = (X509CRL) crls.get(userCert.getIssuerX500Principal()); } X509CRLEntry entry = crl.getRevokedCertificate(userCert.getSerialNumber()); if (entry == null) { trace("Verifica di revoca del certificato effettuata correttamente" + "\n***Fine Verifica CRL***"); setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.OK); return true; } if (crl.getVersion() >= 1) { // CRL versione 2 o superiore: prevede le extensions String reason = null; Date revDate = null; try { revDate = entry.getRevocationDate(); byte[] extVal = entry.getExtensionValue("2.5.29.21"); if (extVal != null) { trace("ReasonCode presente"); DERBitString dbs = new DERBitString(extVal); reason = dbs.getString(); trace("ReasonCode trovato (DERBitString): " + reason); if (reason.endsWith("0")) { trace("unspecified(0)"); reasonCode = "in data " + revDate + " :\n unspecified(0)"; } if (reason.endsWith("1")) { trace("keyCompromise(1)"); reasonCode = "in data " + revDate + " :\n keyCompromise(1)"; } if (reason.endsWith("2")) { trace("cACompromise(2)"); reasonCode = "in data " + revDate + " :\n cACompromise(2)"; } if (reason.endsWith("3")) { trace("affiliationChanged(3)"); reasonCode = "in data " + revDate + " :\n affiliationChanged(3)"; } if (reason.endsWith("4")) { trace("superseded(4)"); reasonCode = "in data " + revDate + " :\n superseded(4)"; } if (reason.endsWith("5")) { trace("cessationOfOperation(5)"); reasonCode = "in data " + revDate + " :\n cessationOfOperation(5)"; } if (reason.endsWith("8")) { trace("removeFromCRL(8)"); reasonCode = "in data " + revDate + " :\n removeFromCRL(8)"; } if (reason.endsWith("6")) { //ReasonFlags.CERTIFICATEHOLD // il certificato e' sospeso .... if (date.before(revDate)) { trace("Il certificato risulta sospeso alla data: " + revDate); trace("data revoca " + revDate + " e data di controllo " + date); reasonCode = "data revoca " + revDate + " e data di controllo " + date; setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.SUSPENDED); return true; // o false da decidere } else { trace("Il certificato risulta sospeso in data: " + revDate); reasonCode = "Il certificato risulta sospeso in data: " + revDate; traceDialog(reasonCode); setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.SUSPENDED); return false; } } } // il certificato e' veramente revocato .... if (date.before(revDate)) { //non ancora revocato trace("Il certificato risulta revocato dopo il " + date + " (data di revoca: " + revDate); reasonCode = "in futuro.\nIl certificato risulta revocato dopo il " + date + " (data di revoca: " + revDate; traceDialog(reasonCode); setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.REVOKED); return true; // o false da decidere } else { trace("Il certificato risulta revocato in data: " + revDate); if (reasonCode == null) { reasonCode = "in data: " + revDate; } traceDialog(reasonCode); setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.REVOKED); return false; } } catch (Throwable ex) { trace(ex); traceDialog( "isNotRevoked - Errore nella lettura delle estensioni di revoca -> " + ex.getMessage()); setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.NOT_YET_VERIFIED); return false; } // la versione della CRL e' la uno e quindi non si pu distinguere // la motivazione della revoca -> certificato revocato e basta. } else { trace("CRL V.1 : il certificato risulta revocato/sospeso"); //set state as revoked traceDialog("CRL V.1 : il certificato risulta revocato/sospeso"); setCertificateStateConditions(CertificateStateConditions.REVOCATION_CONTROLLED_OK); setCertificateState(CertificateState.REVOKED); return false; // o false da decidere } } catch (Throwable e) { //trace(e); traceDialog("isNotRevoked - Errore generico nel metodo -> ", e); setCertificateStateConditions(CertificateStateConditions.REVOCATION_NOT_YET_CONTROLLED); setCertificateState(CertificateState.NOT_YET_VERIFIED); return false; } }
From source file:it.trento.comune.j4sign.verification.X509CertRL.java
License:Open Source License
/** * Controls if the given certificate is revoked at the specified date. * Effettua il controllo di revoca sulla firma contenuta nel certificato * userCert, rispetto alla data corrente<br> * <br>/* w w w . j ava 2 s .c om*/ * * @param userCert * certificate to verify * @param date * Date * @return true if certificate is not revoked */ public boolean isNotRevoked(X509Certificate userCert, Date date, boolean forceCRLUpdate) { X509CRL crl = null; try { // devo fare l'update per compatibilita' all'indietro! if (!update(userCert, date, forceCRLUpdate)) { return false; } else { crl = (X509CRL) crls.get(userCert.getIssuerX500Principal()); } X509CRLEntry entry = crl.getRevokedCertificate(userCert.getSerialNumber()); if (entry == null) { return true; } if (crl.getVersion() >= 1) { // CRL versione 2 o superiore: prevede le extensions String reason = null; Date revDate = null; try { revDate = entry.getRevocationDate(); byte[] extVal = entry.getExtensionValue("2.5.29.21"); if (extVal != null) { log.info("ReasonCode presente"); DERBitString dbs = new DERBitString(extVal); reason = dbs.getString(); log.info("ReasonCode trovato (DERBitString): " + reason); if (reason.endsWith("0")) { log.info("unspecified(0)"); reasonCode = "in data " + revDate + " :\n unspecified(0)"; } if (reason.endsWith("1")) { log.info("keyCompromise(1)"); reasonCode = "in data " + revDate + " :\n keyCompromise(1)"; } if (reason.endsWith("2")) { log.info("cACompromise(2)"); reasonCode = "in data " + revDate + " :\n cACompromise(2)"; } if (reason.endsWith("3")) { log.info("affiliationChanged(3)"); reasonCode = "in data " + revDate + " :\n affiliationChanged(3)"; } if (reason.endsWith("4")) { log.info("superseded(4)"); reasonCode = "in data " + revDate + " :\n superseded(4)"; } if (reason.endsWith("5")) { log.info("cessationOfOperation(5)"); reasonCode = "in data " + revDate + " :\n cessationOfOperation(5)"; } if (reason.endsWith("8")) { log.info("removeFromCRL(8)"); reasonCode = "in data " + revDate + " :\n removeFromCRL(8)"; } if (reason.endsWith("6")) { // ReasonFlags.CERTIFICATEHOLD // il certificato e' sospeso .... if (date.before(revDate)) { log.info("Il certificato risulta sospeso alla data: " + revDate); log.info("data revoca " + revDate + " e data di controllo " + date); reasonCode = "data revoca " + revDate + " e data di controllo " + date; return true; // o false da decidere } else { log.warning("Il certificato risulta sospeso in data: " + revDate); reasonCode = "Il certificato risulta sospeso in data: " + revDate; return false; } } } // il certificato e' veramente revocato .... if (date.before(revDate)) { // non ancora revocato log.warning( "Il certificato risulta revocato dopo il " + date + " (data di revoca: " + revDate); reasonCode = "in futuro.\nIl certificato risulta revocato dopo il " + date + " (data di revoca: " + revDate; return true; // o false da decidere } else { log.warning("Il certificato risulta revocato in data: " + revDate); if (reasonCode == null) { reasonCode = "in data: " + revDate; } return false; } } catch (Exception ex) { log.severe(ex.toString()); log.severe( "isNotRevoked - Errore nella lettura delle estensioni di revoca -> " + ex.getMessage()); CRLerror = ex.getMessage(); return false; } // la versione della CRL e' la uno e quindi non si pu // distinguere // la motivazione della revoca -> certificato revocato e basta. } else { log.warning("CRL V.1 : il certificato risulta revocato/sospeso"); CRLerror = "CRL V.1 : il certificato risulta revocato/sospeso"; return false; // o false da decidere } } catch (Exception e) { // log.severe(e); log.severe("isNotRevoked - Errore generico nel metodo -> " + e.getMessage()); CRLerror = e.getMessage(); return false; } }
From source file:it.treviso.provincia.freesigner.applet.FreesignerCertFrame.java
License:Open Source License
/** * Inizialize frame components/*from w w w.j a va2 s . c o m*/ * * @throws CertificateParsingException */ private void initComponents() throws CertificateParsingException { dialogPane = new JPanel(); contentPane = new JPanel(); tabbedPane1 = new JTabbedPane(); panel1 = new JPanel(); textPane1 = new JTextPane(); button1 = new JButton(); panel2 = new JPanel(); scrollPane1 = new JScrollPane(); table1 = new JTable(); scrollPane3 = new JScrollPane(); textPane2 = new JTextPane(); textPane3 = new JTextPane(); panel3 = new JPanel(); scrollPane2 = new JScrollPane(); tree1 = new JTree(); button2 = new JButton(); button3 = new JButton(); panel4 = new JPanel(); buttonBar = new JPanel(); okButton = new JButton(); GridBagConstraints gbc; //======== this ======== Container contentPane2 = getContentPane(); contentPane2.setLayout(new BorderLayout()); //======== dialogPane ======== { dialogPane.setBorder(new EmptyBorder(12, 12, 12, 12)); dialogPane.setLayout(new BorderLayout()); //======== contentPane ======== { contentPane.setLayout(new GridBagLayout()); ((GridBagLayout) contentPane.getLayout()).columnWidths = new int[] { 0, 0 }; ((GridBagLayout) contentPane.getLayout()).rowHeights = new int[] { 0, 0 }; ((GridBagLayout) contentPane.getLayout()).columnWeights = new double[] { 1.0, 1.0E-4 }; ((GridBagLayout) contentPane.getLayout()).rowWeights = new double[] { 1.0, 1.0E-4 }; //======== tabbedPane1 ======== { tabbedPane1.setPreferredSize(new Dimension(350, 400)); //======== panel1 ======== { panel1.setLayout(new GridBagLayout()); ((GridBagLayout) panel1.getLayout()).columnWidths = new int[] { 0, 0 }; ((GridBagLayout) panel1.getLayout()).rowHeights = new int[] { 0, 0, 0 }; ((GridBagLayout) panel1.getLayout()).columnWeights = new double[] { 1.0, 1.0E-4 }; ((GridBagLayout) panel1.getLayout()).rowWeights = new double[] { 1.0, 1.0, 1.0E-4 }; //---- textPane1 ---- textPane1.setFont(new Font("MS Sans Serif", Font.BOLD, 11)); textPane1.setEditable(false); String s = new String(); if (!cv.getPassed()) { if (!cv.isCRLChecked() || cv.getCRLerror().length() > 0) { s = s + "\n Verifica CRL non effettuata"; if (cv.getCRLerror().length() > 0) { //c' stato un errore JOptionPane.showMessageDialog(frame, "C' stato un errore nella verifica CRL.\n" + cv.getCRLerror(), "Errore verifica CRL", JOptionPane.ERROR_MESSAGE); s = s + "\n " + cv.getCRLerror(); } } else { s = s + "Certificato NON valido"; } } else { s = s + "Certificato valido."; } textPane1.setText("Informazioni sul certificato\n" + "\n\n" + s + "\n\n\n\nRilasciato a: " + getFormattedNameFromDN("" + cert.getSubjectDN()) + "\n\nRilasciato da: " + getFormattedNameFromDN("" + cert.getIssuerDN()) + "\n\nAttivo da: " + cert.getNotBefore()); gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 0; gbc.fill = GridBagConstraints.BOTH; gbc.insets.bottom = 5; panel1.add(textPane1, gbc); //---- button1 ---- button1.setText("Salva certificato"); gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 1; gbc.anchor = GridBagConstraints.EAST; button1.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { JFileChooser fc = new JFileChooser(); File f = new File( System.getProperty("user.home") + System.getProperty("file.separator") + getNameFromDN("" + cert.getSubjectDN()) + ".der"); fc.setSelectedFile(f); int n = fc.showSaveDialog(frame); if (n == JFileChooser.APPROVE_OPTION) { //**** f = fc.getSelectedFile(); try { save(cert.getEncoded(), f); } catch (CertificateEncodingException ex1) { } catch (IOException ex1) { } } } }); panel1.add(button1, gbc); } tabbedPane1.addTab("Generale", panel1); //======== panel2 ======== { panel2.setLayout(new GridBagLayout()); ((GridBagLayout) panel2.getLayout()).columnWidths = new int[] { 0, 0 }; ((GridBagLayout) panel2.getLayout()).rowHeights = new int[] { 105, 50, 0 }; ((GridBagLayout) panel2.getLayout()).columnWeights = new double[] { 1.0, 1.0E-4 }; ((GridBagLayout) panel2.getLayout()).rowWeights = new double[] { 0.0, 0.0, 1.0E-4 }; //============table1========= //Riconoscimento KeyUsage String str = new String(); DERBitString dbs = new DERBitString(cert.getExtensionValue("2.5.29.15")); String usage = new String(); usage = dbs.getString(); String hexusage = usage.substring(usage.length() - 2, usage.length()); usage = Integer.toBinaryString(Integer.parseInt(hexusage, 16)); while (usage.length() < 8) { usage = "0" + usage; } str = ""; if ((usage.substring(0, 1)).equals("1")) { str += "digitalSignature "; } if ((usage.substring(1, 2)).equals("1")) { str += "nonRepudiation "; } if ((usage.substring(2, 3)).equals("1")) { str += "keyEncipherment "; } if ((usage.substring(3, 4)).equals("1")) { str += "dataEncipherment "; } if ((usage.substring(4, 5)).equals("1")) { str += "keyAgreement "; } if ((usage.substring(5, 6)).equals("1")) { str += "keyCertSign "; } if ((usage.substring(6, 7)).equals("1")) { str += "cRLSign "; } if ((usage.substring(7, 8)).equals("1")) { str += "encipherOnly "; } // if ((usage.substring(,)).equals("1")) // str += "decipherOnly " ; String[] columnNames = { "Campo", "Valore" }; final Object[][] data = { { "Versione", "" + cert.getVersion() }, { "Numero di serie", "" + formatAsHexString((cert.getSerialNumber().toByteArray())) }, { "Soggetto", "" + cert.getSubjectDN() }, { "Valido dal", "" + cert.getNotBefore() }, { "Valido fino al", "" + cert.getNotAfter() }, { "Rilasciato da", "" + cert.getIssuerDN() }, { "Algoritmo della firma elettronica", "" + cert.getSigAlgName() }, { "Chiave pubblica", "" + cert.getPublicKey() }, { "Punti di distribuzione CRL", "" + getCrlDistributionPoint(cert) }, { "Uso chiave", "" + str + " (" + hexusage + ")" } }; table1 = new JTable(data, columnNames); table1.setSelectionMode(ListSelectionModel.SINGLE_SELECTION); //Ask to be notified of selection changes. ListSelectionModel rowSM = table1.getSelectionModel(); rowSM.addListSelectionListener(new ListSelectionListener() { public void valueChanged(ListSelectionEvent e) { //Ignore extra messages. if (e.getValueIsAdjusting()) { return; } ListSelectionModel lsm = (ListSelectionModel) e.getSource(); if (lsm.isSelectionEmpty()) { //no rows are selected } else { int selectedRow = lsm.getMinSelectionIndex(); //selectedRow is selected textPane2.setEditable(false); textPane2.setText("" + data[selectedRow][1]); } } }); //======== scrollPane1 ======== { scrollPane1.setViewportView(table1); scrollPane1.setPreferredSize(new Dimension(150, 250)); } gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 0; gbc.fill = GridBagConstraints.BOTH; gbc.insets.bottom = 5; panel2.add(scrollPane1, gbc); //======== scrollPane3 ======== { scrollPane3.setViewportView(textPane2); scrollPane3.setPreferredSize(new Dimension(150, 100)); } gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 1; gbc.fill = GridBagConstraints.BOTH; panel2.add(scrollPane3, gbc); } tabbedPane1.addTab("Dettagli", panel2); //======== panel3 ======== { panel3.setLayout(new GridBagLayout()); ((GridBagLayout) panel3.getLayout()).columnWidths = new int[] { 0, 0, 0, 0 }; ((GridBagLayout) panel3.getLayout()).rowHeights = new int[] { 105, 0, 0, 0, 200, 0 }; ((GridBagLayout) panel3.getLayout()).columnWeights = new double[] { 1.0, 1.0, 1.0, 1.0E-4 }; ((GridBagLayout) panel3.getLayout()).rowWeights = new double[] { 0.0, 0.0, 0.0, 0.0, 0.0, 1.0E-4 }; //======== scrollPane2 ======== { //---- tree1 ---- DefaultMutableTreeNode leaf = new DefaultMutableTreeNode("" + cert.getSubjectDN()); DefaultMutableTreeNode parentOfleaf = new DefaultMutableTreeNode( "" + cert.getIssuerDN()); ; X509Certificate certChild = cert; X509Certificate certParent = null; try { certParent = CAroot.getCACertificate(certChild.getIssuerX500Principal()); } catch (GeneralSecurityException ex1) { } if (certParent != null) { while (!certChild.getIssuerDN().equals(certChild.getSubjectDN())) { //finche' la CA non autofirmata parentOfleaf = new DefaultMutableTreeNode("" + certParent.getSubjectDN()); parentOfleaf.add(leaf); leaf = parentOfleaf; certChild = certParent; try { certParent = CAroot.getCACertificate(certChild.getIssuerX500Principal()); } catch (GeneralSecurityException ex) { } } ; tree1 = new JTree(parentOfleaf); } else { //nel caso il certificato abbia una CA emettitrice //non presente nella root tree1 = new JTree(new DefaultMutableTreeNode("" + certChild.getSubjectDN())); } tree1.getSelectionModel().setSelectionMode(TreeSelectionModel.SINGLE_TREE_SELECTION); //Listen for when the selection changes. tree1.addTreeSelectionListener(new TreeSelectionListener() { public void valueChanged(TreeSelectionEvent e) { DefaultMutableTreeNode node = (DefaultMutableTreeNode) tree1 .getLastSelectedPathComponent(); if (node == null) { return; } /* React to the node selection. */ Object nodeInfo = node.getUserObject(); if (node.isLeaf()) { button2.setEnabled(false); } else { button2.setEnabled(true); } } }); JScrollPane treeView = new JScrollPane(tree1); tree1.setVisibleRowCount(4); scrollPane2.setViewportView(tree1); } gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 0; gbc.gridwidth = 3; gbc.fill = GridBagConstraints.BOTH; gbc.insets.bottom = 5; panel3.add(scrollPane2, gbc); //---- button2 ---- button2.setText("Visualizza certificato"); gbc = new GridBagConstraints(); gbc.gridx = 2; gbc.gridy = 2; gbc.fill = GridBagConstraints.BOTH; gbc.insets.bottom = 5; button2.setEnabled(false); button2.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { try { FreesignerCertFrame nuovo = new FreesignerCertFrame( CAroot.getCACertificate(cert.getIssuerX500Principal()), CAroot); } catch (GeneralSecurityException ex) { } } }); panel3.add(button2, gbc); //---- button3 ---- button3.setText("Download CRL"); gbc = new GridBagConstraints(); gbc.gridx = 2; gbc.gridy = 3; gbc.fill = GridBagConstraints.BOTH; gbc.insets.bottom = 5; button3.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { //forzo il download CRL FreesignerCertFrame nuovo = new FreesignerCertFrame(cert, CAroot, true); frame.hide(); } }); panel3.add(button3, gbc); //======== panel4 ======== { panel4.setBorder(new TitledBorder("Dettaglio Verifiche")); panel4.setLayout(new GridBagLayout()); ((GridBagLayout) panel4.getLayout()).columnWidths = new int[] { 0, 0, 0, 0 }; ((GridBagLayout) panel4.getLayout()).rowHeights = new int[] { 0, 0, 0, 0 }; ((GridBagLayout) panel4.getLayout()).columnWeights = new double[] { 1.0, 1.0, 1.0, 1.0E-4 }; ((GridBagLayout) panel4.getLayout()).rowWeights = new double[] { 1.0, 1.0, 1.0, 1.0E-4 }; } //======== textPane3 ======== { textPane3.setPreferredSize(new Dimension(300, 170)); textPane3.setEditable(false); String[] s = new String[3]; if (!cv.getExpired()) { s[0] = "-Certificato non scaduto"; } else { s[0] = "-Certificato scaduto"; } if (!cv.getPathValid()) { s[1] = "-Percorso di certificazione non valido"; } else { s[1] = "-Percorso di certificazione valido"; } if (!cv.getRevoked()) { if (!cv.isCRLChecked() || cv.getCRLerror().length() > 0) { s[2] = "-Verifica CRL non effettuata."; if (cv.getCRLerror().length() > 0) { s[2] = s[2] + "\n " + cv.getCRLerror(); } } else { s[2] = "-Certificato non revocato."; } } else { if (cv.isCRLChecked() && !(cv.getCRLerror().length() > 0) && (cv.getPathValid())) { s[2] = "-Certificato revocato " + cv.getReasonCode(); } else { s[2] = "-Verifica CRL non effettuata."; if (cv.getCRLerror().length() > 0) { s[2] = s[2] + "\n " + cv.getCRLerror(); } if (!(cv.getPathValid())) { s[2] = s[2] + "\n CA non presente nella root"; } } } textPane3.setText(s[0] + "\n\n" + s[1] + "\n\n" + s[2]); } gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 1; gbc.fill = GridBagConstraints.BOTH; panel4.add(textPane3, gbc); gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 4; gbc.gridwidth = 3; gbc.fill = GridBagConstraints.BOTH; panel3.add(panel4, gbc); } tabbedPane1.addTab("Percorso di certificazione", panel3); } gbc = new GridBagConstraints(); gbc.gridx = 0; gbc.gridy = 0; gbc.fill = GridBagConstraints.BOTH; contentPane.add(tabbedPane1, gbc); } dialogPane.add(contentPane, BorderLayout.CENTER); //======== buttonBar ======== { buttonBar.setBorder(new EmptyBorder(12, 0, 0, 0)); buttonBar.setLayout(new GridBagLayout()); ((GridBagLayout) buttonBar.getLayout()).columnWidths = new int[] { 0, 80 }; ((GridBagLayout) buttonBar.getLayout()).columnWeights = new double[] { 1.0, 0.0 }; //---- okButton ---- okButton.setText("OK"); gbc = new GridBagConstraints(); gbc.gridx = 1; gbc.gridy = 0; gbc.fill = GridBagConstraints.BOTH; okButton.addActionListener(new ActionListener() { public void actionPerformed(ActionEvent e) { frame.hide(); } }); buttonBar.add(okButton, gbc); } dialogPane.add(buttonBar, BorderLayout.SOUTH); } contentPane2.add(dialogPane, BorderLayout.CENTER); frame.setContentPane(contentPane2); frame.setSize(300, 150); frame.setResizable(false); frame.setTitle("Certificato"); frame.pack(); Dimension d = Toolkit.getDefaultToolkit().getScreenSize(); frame.setLocation((d.width - frame.getWidth()) / 2, (d.height - frame.getHeight()) / 2); frame.show(); frame.setVisible(true); frame.addWindowListener(new WindowAdapter() { public void windowClosing(WindowEvent e) { frame.hide(); } }); }
From source file:it.treviso.provincia.freesigner.crl.X509CertRL.java
License:Open Source License
/** * Controls if the given certificate is revoked at the specified date. * Effettua il controllo di revoca sulla firma contenuta nel certificato * userCert, rispetto alla data corrente<br> * <br>//from w ww . j a va2 s .c o m * * @param userCert * certificate to verify * @param date * Date * @return true if certificate is not revoked */ public boolean isNotRevoked(X509Certificate userCert, Date date) { X509CRL crl = null; try { // devo fare l'update per compatibilita' all'indietro! if (!update(userCert, date, false)) { return false; } else { crl = (X509CRL) crls.get(userCert.getIssuerX500Principal()); } X509CRLEntry entry = crl.getRevokedCertificate(userCert.getSerialNumber()); if (entry == null) { trace("Verifica di revoca del certificato effettuata correttamente" + "\n***Fine Verifica CRL***"); return true; } if (crl.getVersion() >= 1) { // CRL versione 2 o superiore: prevede le extensions String reason = null; Date revDate = null; try { revDate = entry.getRevocationDate(); byte[] extVal = entry.getExtensionValue("2.5.29.21"); if (extVal != null) { trace("ReasonCode presente"); DERBitString dbs = new DERBitString(extVal); reason = dbs.getString(); trace("ReasonCode trovato (DERBitString): " + reason); if (reason.endsWith("0")) { trace("unspecified(0)"); reasonCode = "in data " + revDate + " :\n unspecified(0)"; } if (reason.endsWith("1")) { trace("keyCompromise(1)"); reasonCode = "in data " + revDate + " :\n keyCompromise(1)"; } if (reason.endsWith("2")) { trace("cACompromise(2)"); reasonCode = "in data " + revDate + " :\n cACompromise(2)"; } if (reason.endsWith("3")) { trace("affiliationChanged(3)"); reasonCode = "in data " + revDate + " :\n affiliationChanged(3)"; } if (reason.endsWith("4")) { trace("superseded(4)"); reasonCode = "in data " + revDate + " :\n superseded(4)"; } if (reason.endsWith("5")) { trace("cessationOfOperation(5)"); reasonCode = "in data " + revDate + " :\n cessationOfOperation(5)"; } if (reason.endsWith("8")) { trace("removeFromCRL(8)"); reasonCode = "in data " + revDate + " :\n removeFromCRL(8)"; } if (reason.endsWith("6")) { // ReasonFlags.CERTIFICATEHOLD // il certificato e' sospeso .... if (date.before(revDate)) { trace("Il certificato risulta sospeso alla data: " + revDate); trace("data revoca " + revDate + " e data di controllo " + date); reasonCode = "data revoca " + revDate + " e data di controllo " + date; return true; // o false da decidere } else { trace("Il certificato risulta sospeso in data: " + revDate); reasonCode = "Il certificato risulta sospeso in data: " + revDate; return false; } } } // il certificato e' veramente revocato .... if (date.before(revDate)) { // non ancora revocato trace("Il certificato risulta revocato dopo il " + date + " (data di revoca: " + revDate); reasonCode = "in futuro.\nIl certificato risulta revocato dopo il " + date + " (data di revoca: " + revDate; return true; // o false da decidere } else { trace("Il certificato risulta revocato in data: " + revDate); if (reasonCode == null) { reasonCode = "in data: " + revDate; } return false; } } catch (Exception ex) { trace(ex); trace("isNotRevoked - Errore nella lettura delle estensioni di revoca -> " + ex.getMessage()); return false; } // la versione della CRL e' la uno e quindi non si pu // distinguere // la motivazione della revoca -> certificato revocato e basta. } else { trace("CRL V.1 : il certificato risulta revocato/sospeso"); return false; // o false da decidere } } catch (Exception e) { // trace(e); trace("isNotRevoked - Errore generico nel metodo -> " + e.getMessage()); CRLerror = e.getMessage(); return false; } }
From source file:net.sf.keystore_explorer.crypto.x509.X509Ext.java
License:Open Source License
private String getEntrustVersionInformationStringValue(byte[] value) throws IOException { // @formatter:off /*//w w w . jav a2 s . co m * EntrustVersInfoSyntax ::= OCTET STRING * * entrustVersInfo EXTENSION ::= { SYNTAX EntrustVersInfoSyntax, * IDENTIFIED BY {id-entrust 0} } * * EntrustVersInfoSyntax ::= ASN1Sequence { entrustVers GeneralString, * entrustInfoFlags EntrustInfoFlags } * * EntrustInfoFlags ::= BIT STRING { keyUpdateAllowed newExtensions (1), * pKIXCertificate (2) } */ // @formatter:on StringBuilder sb = new StringBuilder(); ASN1Sequence entrustVersInfo = (ASN1Sequence) ASN1Primitive.fromByteArray(value); DERGeneralString entrustVers = (DERGeneralString) entrustVersInfo.getObjectAt(0); DERBitString entrustInfoFlags = (DERBitString) entrustVersInfo.getObjectAt(1); sb.append(MessageFormat.format(res.getString("EntrustVersion"), entrustVers.getString())); sb.append(NEWLINE); sb.append(MessageFormat.format(res.getString("EntrustInformationFlags"), entrustInfoFlags.getString())); sb.append(NEWLINE); return sb.toString(); }