KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > net > sourceforge > jcetaglib > taglib > x509 > CreateCRL


1 /*
2   Name: CreateCRL.java
3   Licensing: LGPL
4
5   API: Sun (http://java.sun.com) JCE 1.2.2 API (cleanroom implementation by Bouncy Castle)
6   Provider: Bouncy Castle (http://www.bouncycastle.org)
7
8   Disclaimer:
9
10   COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND,
11   EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE
12   IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
13   RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE
14   PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR)
15   ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY
16   CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED
17   HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
18 */
19
20 package net.sourceforge.jcetaglib.taglib.x509;
21
22 import net.sourceforge.jcetaglib.lib.Clean;
23 import net.sourceforge.jcetaglib.lib.X509Cert;
24 import org.bouncycastle.jce.provider.BouncyCastleProvider;
25
26 import javax.servlet.jsp.JspException JavaDoc;
27 import javax.servlet.jsp.tagext.TagSupport JavaDoc;
28 import java.io.FileOutputStream JavaDoc;
29 import java.math.BigInteger JavaDoc;
30 import java.security.PrivateKey JavaDoc;
31 import java.security.Security JavaDoc;
32 import java.security.cert.X509CRL JavaDoc;
33 import java.security.cert.X509Certificate JavaDoc;
34
35 /**
36  * JSP tag for creating CRL (certificate revocation list)
37  *
38  * @jsp.tag
39  * name="createcrl"
40  * display-name="CreateCRL"
41  * body-content="empty"
42  * example="<%

43  * 	BigInteger[] certificates = new BigInteger[1];

44  * 	certificates[0] = new BigInteger(\"4022059090521330640\");

45  * %>

46  * 

47  * <jce:createcrl

48  * 	certs=\"<%= certificates %>\"

49  * 	crlfile=\"C:/keystores/crl.der\"

50  * 	signfile=\"C:/keystores/ca.p12\"

51  * 	signentry=\"ca\"

52  * 	signpassword=\"password\"/>"
53  *
54  * description="JSP tag for creating CRL (certificate revocation list)"
55  *
56  * @author Gert Van Ham
57  * @author hamgert@users.sourceforge.net
58  * @author http://jcetaglib.sourceforge.net
59  * @version $Id: CreateCRL.java,v 1.6 2004/04/15 07:28:36 hamgert Exp $
60  */
61
62 public class CreateCRL extends TagSupport JavaDoc {
63     private BigInteger JavaDoc[] certs;
64
65     private String JavaDoc crlfile;
66     private int crlnumber = 1;
67     private long crlperiod = 24; // CRL valid period in hours
68
69     private String JavaDoc signfile; // tag attribute
70 private String JavaDoc signentry; // tag attribute
71 private StringBuffer JavaDoc signpassword; // tag attribute
72
73     private String JavaDoc signaturealgorithm = "MD5WithRSAEncryption";
74
75     public int doEndTag() throws JspException JavaDoc {
76         // Add Bouncy Castle provider
77 Security.addProvider(new BouncyCastleProvider());
78
79         try {
80             // read CA certificate & private key
81 PrivateKey JavaDoc CAprivateKey = X509Cert.getPrivateFromP12(signfile, signentry, signpassword);
82             X509Certificate JavaDoc caCert = X509Cert.getCertificateFromP12(signfile, signentry, signpassword);
83
84             // generate CRL
85 X509CRL JavaDoc crl = X509Cert.CreateCRL(certs
86                     , crlnumber
87                     , crlperiod
88                     , signaturealgorithm
89                     , caCert
90                     , CAprivateKey);
91
92             // save CRL to disk
93 FileOutputStream JavaDoc fos = new FileOutputStream JavaDoc(crlfile);
94             fos.write(crl.getEncoded());
95             fos.close();
96         } catch (Exception JavaDoc e) {
97             throw new JspException JavaDoc("JCE Exception: Unable to generate CRL: "
98                     + e.getMessage(), e);
99         }
100
101         return EVAL_PAGE;
102     } // doEndTag()
103
104     public void release() {
105         // Cleanup all sensitive information
106 Clean.blank(signpassword);
107
108         super.release();
109     } //release()
110
111     /**
112      * @jsp.attribute
113      * description="An array of java.lang.math.BigInteger containing the serialnumbers of revoked certificates"
114      * type="java.math.BigInteger[]"
115      * required="true"
116      * rtexprvalue="true"
117      */
118     public void setCerts(BigInteger JavaDoc[] certs) {
119         this.certs = certs;
120     }
121
122     /**
123      * @jsp.attribute
124      * description="The CRL filename"
125      * type="java.lang.String"
126      * required="true"
127      * rtexprvalue="true"
128      */
129     public void setCrlfile(String JavaDoc crlfile) {
130         this.crlfile = crlfile;
131     }
132
133     /**
134      * @jsp.attribute
135      * description="CRL number identification. Default is 1"
136      * type="java.lang.Integer"
137      * required="false"
138      * rtexprvalue="true"
139      */
140     public void setCrlnumber(int crlnumber) {
141         this.crlnumber = crlnumber;
142     }
143
144     /**
145      * @jsp.attribute
146      * description="Validity of the CRL in hours. Default is 24"
147      * type="java.lang.Long"
148      * required="false"
149      * rtexprvalue="true"
150      */
151     public void setCrlperiod(long crlperiod) {
152         this.crlperiod = crlperiod;
153     }
154
155     /**
156      * @jsp.attribute
157      * description="The PKCS#12 (P12) keystore where the CA signing certificate is stored"
158      * type="java.lang.String"
159      * required="true"
160      * rtexprvalue="true"
161      */
162     public void setSignfile(String JavaDoc signfile) {
163         this.signfile = signfile;
164     }
165
166     /**
167      * @jsp.attribute
168      * description="The PKCS#12 (P12) keystore entry name for the CA signing certificate"
169      * type="java.lang.String"
170      * required="true"
171      * rtexprvalue="true"
172      */
173     public void setSignentry(String JavaDoc signentry) {
174         this.signentry = signentry;
175     }
176
177     /**
178      * @jsp.attribute
179      * description="The PKCS#12 (P12) keystore signing password"
180      * type="java.lang.StringBuffer"
181      * required="true"
182      * rtexprvalue="true"
183      */
184     public void setSignpassword(StringBuffer JavaDoc signpassword) {
185         this.signpassword = signpassword;
186     }
187
188     /**
189      * @jsp.attribute
190      * description="Signature algorithm. Default is 'MD5WithRSAEncryption'"
191      * type="java.lang.String"
192      * required="false"
193      * rtexprvalue="true"
194      */
195     public void setSignaturealgorithm(String JavaDoc signaturealgorithm) {
196         this.signaturealgorithm = signaturealgorithm;
197     }
198 }
Popular Tags