KickJava   Java API By Example, From Geeks To Geeks.

Java > Open Source Codes > org > ejbca > ui > web > admin > rainterface > CertificateView


1 /*************************************************************************
2  * *
3  * EJBCA: The OpenSource Certificate Authority *
4  * *
5  * This software is free software; you can redistribute it and/or *
6  * modify it under the terms of the GNU Lesser General Public *
7  * License as published by the Free Software Foundation; either *
8  * version 2.1 of the License, or any later version. *
9  * *
10  * See terms of license at gnu.org. *
11  * *
12  *************************************************************************/

13  
14 package org.ejbca.ui.web.admin.rainterface;
15
16
17 import java.io.IOException JavaDoc;
18 import java.math.BigInteger JavaDoc;
19 import java.security.cert.CertificateEncodingException JavaDoc;
20 import java.security.cert.CertificateExpiredException JavaDoc;
21 import java.security.cert.CertificateNotYetValidException JavaDoc;
22 import java.security.cert.CertificateParsingException JavaDoc;
23 import java.security.cert.X509Certificate JavaDoc;
24 import java.security.interfaces.RSAPublicKey JavaDoc;
25 import java.util.Date JavaDoc;
26 import java.util.HashMap JavaDoc;
27 import java.util.Iterator JavaDoc;
28 import java.util.List JavaDoc;
29
30 import org.bouncycastle.util.encoders.Hex;
31 import org.ejbca.core.model.ca.certificateprofiles.CertificateProfile;
32 import org.ejbca.ui.web.admin.configuration.EjbcaWebBean;
33 import org.ejbca.util.CertTools;
34 import org.ejbca.util.cert.QCStatementExtension;
35 import org.ejbca.util.cert.SubjectDirAttrExtension;
36 import org.ejbca.util.dn.DNFieldExtractor;
37
38
39
40 /**
41  * A class transforming X509 certificate data inte more readable form used
42  * by JSP pages.
43  *
44  * @author Philip Vendil
45  * @version $Id: CertificateView.java,v 1.5 2006/12/02 11:17:57 anatom Exp $
46  */

47 public class CertificateView implements java.io.Serializable JavaDoc {
48
49    public static final int DIGITALSIGNATURE = CertificateProfile.DIGITALSIGNATURE;
50    public static final int NONREPUDIATION = CertificateProfile.NONREPUDIATION;
51    public static final int KEYENCIPHERMENT = CertificateProfile.KEYENCIPHERMENT;
52    public static final int DATAENCIPHERMENT = CertificateProfile.DATAENCIPHERMENT;
53    public static final int KEYAGREEMENT = CertificateProfile.KEYAGREEMENT;
54    public static final int KEYCERTSIGN = CertificateProfile.KEYCERTSIGN;
55    public static final int CRLSIGN = CertificateProfile.CRLSIGN;
56    public static final int ENCIPHERONLY = CertificateProfile.ENCIPHERONLY;
57    public static final int DECIPHERONLY = CertificateProfile.DECIPHERONLY;
58    
59    public static final String JavaDoc[] KEYUSAGETEXTS = {"DIGITALSIGNATURE","NONREPUDIATION", "KEYENCIPHERMENT", "DATAENCIPHERMENT", "KEYAGREEMENT", "KEYCERTSIGN", "CRLSIGN", "ENCIPHERONLY", "DECIPHERONLY" };
60    
61    public static final String JavaDoc[] EXTENDEDKEYUSAGETEXTS = {"ANYEXTENDEDKEYUSAGE","SERVERAUTH", "CLIENTAUTH",
62                                     "CODESIGNING", "EMAILPROTECTION", "IPSECENDSYSTEM",
63                                     "IPSECTUNNEL", "IPSECUSER", "TIMESTAMPING", "SMARTCARDLOGON",
64                                     "OCSPSIGNER"};
65
66
67    private static final int SUBALTNAME_OTHERNAME = 0;
68    private static final int SUBALTNAME_RFC822NAME = 1;
69    private static final int SUBALTNAME_DNSNAME = 2;
70    private static final int SUBALTNAME_X400ADDRESS = 3;
71    private static final int SUBALTNAME_DIRECTORYNAME = 4;
72    private static final int SUBALTNAME_EDIPARTYNAME = 5;
73    private static final int SUBALTNAME_URI = 6;
74    private static final int SUBALTNAME_IPADDRESS = 7;
75    private static final int SUBALTNAME_REGISTREDID = 8;
76
77     /** Creates a new instance of CertificateView */
78     public CertificateView(X509Certificate JavaDoc certificate, RevokedInfoView revokedinfo, String JavaDoc username) {
79       this.certificate=certificate;
80       this.revokedinfo= revokedinfo;
81       this.username=username;
82
83       subjectdnfieldextractor = new DNFieldExtractor(CertTools.getSubjectDN(certificate), DNFieldExtractor.TYPE_SUBJECTDN);
84       issuerdnfieldextractor = new DNFieldExtractor(CertTools.getIssuerDN(certificate), DNFieldExtractor.TYPE_SUBJECTDN);
85
86       // Build HashMap of Extended KeyUsage OIDs (String) to Text representation (String)
87
if(extendedkeyusageoidtotextmap == null){
88         extendedkeyusageoidtotextmap = new HashMap JavaDoc();
89         for(int i=0; i < EXTENDEDKEYUSAGETEXTS.length; i++){
90            extendedkeyusageoidtotextmap.put(CertificateProfile.EXTENDEDKEYUSAGEOIDSTRINGS[i], EXTENDEDKEYUSAGETEXTS[i]);
91         }
92       }
93       
94     }
95
96
97     // Public methods
98
/** Method that returns the version number of the X509 certificate. */
99     public String JavaDoc getVersion() {
100       return Integer.toString(certificate.getVersion());
101     }
102
103     public String JavaDoc getType() {
104       return "X509";
105     }
106
107     public String JavaDoc getSerialNumber() {
108       return certificate.getSerialNumber().toString(16).toUpperCase();
109     }
110
111     public BigInteger JavaDoc getSerialNumberBigInt() {
112       return certificate.getSerialNumber();
113     }
114
115     public String JavaDoc getIssuerDN() {
116       return CertTools.getIssuerDN(certificate);
117     }
118
119     public String JavaDoc getIssuerDNField(int field, int number) {
120       return issuerdnfieldextractor.getField(field, number);
121     }
122
123     public String JavaDoc getSubjectDN() {
124       return CertTools.getSubjectDN(certificate);
125     }
126
127     public String JavaDoc getSubjectDNField(int field, int number) {
128       return subjectdnfieldextractor.getField(field, number);
129     }
130
131     public Date JavaDoc getValidFrom() {
132       return certificate.getNotBefore();
133     }
134
135     public Date JavaDoc getValidTo() {
136       return certificate.getNotAfter();
137     }
138
139     public boolean checkValidity(){
140       boolean valid = true;
141       try{
142         certificate.checkValidity();
143       }
144       catch( CertificateExpiredException JavaDoc e){
145         valid=false;
146       }
147       catch(CertificateNotYetValidException JavaDoc e){
148          valid=false;
149       }
150
151       return valid;
152     }
153
154     public boolean checkValidity(Date JavaDoc date) {
155       boolean valid = true;
156       try{
157         certificate.checkValidity(date);
158       }
159       catch( CertificateExpiredException JavaDoc e){
160         valid=false;
161       }
162       catch(CertificateNotYetValidException JavaDoc e){
163          valid=false;
164       }
165
166       return valid;
167     }
168
169     public String JavaDoc getPublicKeyAlgorithm(){
170       return certificate.getPublicKey().getAlgorithm();
171     }
172
173     public String JavaDoc getPublicKeyLength(){
174       String JavaDoc keylength = null;
175       if( certificate.getPublicKey() instanceof RSAPublicKey JavaDoc){
176         keylength = "" + ((RSAPublicKey JavaDoc)certificate.getPublicKey()).getModulus().bitLength();
177       }
178       return keylength;
179     }
180
181     public String JavaDoc getSignatureAlgoritm() {
182       return certificate.getSigAlgName();
183     }
184
185     /** Method that returns if key is allowed for given usage. Usage must be one of this class key usage constants. */
186     public boolean getKeyUsage(int usage) {
187       boolean returnval = false;
188       if(certificate.getKeyUsage() != null)
189         returnval= certificate.getKeyUsage()[usage];
190
191       return returnval;
192     }
193
194     public boolean[] getAllKeyUsage(){
195       return certificate.getKeyUsage();
196     }
197     
198     public String JavaDoc[] getExtendedKeyUsageAsTexts(){
199       java.util.List JavaDoc extendedkeyusage = null;
200       try{
201         extendedkeyusage = certificate.getExtendedKeyUsage();
202       }catch(java.security.cert.CertificateParsingException JavaDoc e){}
203       if(extendedkeyusage == null)
204         extendedkeyusage = new java.util.ArrayList JavaDoc();
205       
206       String JavaDoc[] returnval = new String JavaDoc[extendedkeyusage.size()];
207       for(int i=0; i < extendedkeyusage.size(); i++){
208         returnval[i] = (String JavaDoc) extendedkeyusageoidtotextmap.get(extendedkeyusage.get(i));
209       }
210         
211       return returnval;
212     }
213
214     public String JavaDoc getBasicConstraints(EjbcaWebBean ejbcawebbean) {
215         String JavaDoc retval = ejbcawebbean.getText("ENDENTITY");
216         if(certificate.getBasicConstraints() != -1){
217             if(certificate.getBasicConstraints() == Integer.MAX_VALUE){
218                 retval = ejbcawebbean.getText("CANOLIMIT");
219             }else{
220                retval = ejbcawebbean.getText("CAPATHLENGTH") + " : " + certificate.getBasicConstraints();
221             }
222        }
223         
224       return retval;
225     }
226
227     public String JavaDoc getSignature() {
228       return (new java.math.BigInteger JavaDoc(certificate.getSignature())).toString(16);
229     }
230
231     public String JavaDoc getSHA1Fingerprint(){
232       String JavaDoc returnval = "";
233       try {
234          byte[] res = CertTools.generateSHA1Fingerprint(certificate.getEncoded());
235          String JavaDoc ret = new String JavaDoc(Hex.encode(res));
236          returnval = ret.toUpperCase();
237       } catch (CertificateEncodingException JavaDoc cee) {
238       }
239       return returnval;
240     }
241
242     public String JavaDoc getMD5Fingerprint(){
243       String JavaDoc returnval = "";
244       try {
245          byte[] res = CertTools.generateMD5Fingerprint(certificate.getEncoded());
246          String JavaDoc ret = new String JavaDoc(Hex.encode(res));
247          returnval = ret.toUpperCase();
248       } catch (CertificateEncodingException JavaDoc cee) {
249       }
250       return returnval;
251     }
252      
253      
254
255     public boolean isRevoked(){
256       return revokedinfo != null && revokedinfo.isRevoked();
257     }
258
259     public String JavaDoc[] getRevokationReasons(){
260       String JavaDoc[] returnval = null;
261       if(revokedinfo != null)
262         returnval = revokedinfo.getRevokationReasons();
263       return returnval;
264     }
265
266     public Date JavaDoc getRevokationDate(){
267       Date JavaDoc returnval = null;
268       if(revokedinfo != null)
269         returnval = revokedinfo.getRevocationDate();
270       return returnval;
271     }
272
273     public String JavaDoc getUsername(){
274       return this.username;
275     }
276
277     public X509Certificate JavaDoc getCertificate(){
278       return certificate;
279     }
280     
281     public String JavaDoc getSubjectDirAttr() {
282         if(subjectdirattrstring == null) {
283             try {
284                 subjectdirattrstring = SubjectDirAttrExtension.getSubjectDirectoryAttributes(certificate);
285             } catch (Exception JavaDoc e) {
286                 subjectdirattrstring = e.getMessage();
287             }
288         }
289         return subjectdirattrstring;
290     }
291     
292     public String JavaDoc getSubjectAltName() {
293       if(subjectaltnamestring == null){
294         try {
295           if(certificate.getSubjectAlternativeNames() != null){
296             subjectaltnamestring = "";
297             
298             String JavaDoc separator = "";
299             String JavaDoc guid = null;
300             try{
301                 guid = CertTools.getGuidAltName(certificate);
302             }catch(IOException JavaDoc e){
303                 subjectaltnamestring = e.getMessage();
304             }
305             if(guid != null){
306                 subjectaltnamestring += separator + "GUID=" + guid;
307                 separator = ", ";
308             }
309             String JavaDoc upn = null;
310             try{
311                 upn = CertTools.getUPNAltName(certificate);
312             }catch(IOException JavaDoc e){
313                 subjectaltnamestring = e.getMessage();
314             }
315             if(upn != null){
316                 subjectaltnamestring += separator + "UPN=" + upn;
317                 separator = ", ";
318             }
319             
320             Iterator JavaDoc iter = certificate.getSubjectAlternativeNames().iterator();
321             while(iter.hasNext()){
322               List JavaDoc next = (List JavaDoc) iter.next();
323               int OID = ((Integer JavaDoc) next.get(0)).intValue();
324               
325               switch(OID){
326                 case SUBALTNAME_OTHERNAME:
327                   // Already taken care of
328
break;
329                 case SUBALTNAME_RFC822NAME:
330                   subjectaltnamestring += separator + "RFC822NAME=" + (String JavaDoc) next.get(1);
331                   separator = ", ";
332                   break;
333                 case SUBALTNAME_DNSNAME:
334                   subjectaltnamestring += separator + "DNSNAME=" + (String JavaDoc) next.get(1);
335                   separator = ", ";
336                   break;
337                 case SUBALTNAME_X400ADDRESS:
338                   //TODO Implement X400ADDRESS
339
break;
340                 case SUBALTNAME_EDIPARTYNAME:
341                   //TODO Implement EDIPARTYNAME
342
break;
343                 case SUBALTNAME_DIRECTORYNAME:
344                   //TODO Implement EDIPARTYNAME
345
break;
346                 case SUBALTNAME_URI:
347                   if(!subjectaltnamestring.equals(""))
348                      subjectaltnamestring += ", ";
349                   subjectaltnamestring += separator + "URI=" + (String JavaDoc) next.get(1);
350                   separator = ", ";
351                   break;
352                 case SUBALTNAME_IPADDRESS:
353                   subjectaltnamestring += separator + "IPADDRESS=" + (String JavaDoc) next.get(1);
354                   separator = ", ";
355                   break;
356                 case SUBALTNAME_REGISTREDID:
357                   //TODO implement REGISTREDID
358
break;
359               }
360
361             }
362           }
363         } catch (CertificateParsingException JavaDoc e) {
364             subjectaltnamestring = e.getMessage();
365         }
366       }
367
368       return subjectaltnamestring;
369     }
370
371     public boolean hasQcStatement() {
372         boolean ret = false;
373         try {
374             ret = QCStatementExtension.hasQcStatement(certificate);
375         } catch (IOException JavaDoc e) {
376             ret = false;
377         }
378         return ret;
379     }
380     // Private fields
381
private X509Certificate JavaDoc certificate;
382     private DNFieldExtractor subjectdnfieldextractor, issuerdnfieldextractor;
383     private RevokedInfoView revokedinfo;
384     private String JavaDoc username;
385     private String JavaDoc subjectaltnamestring;
386     private String JavaDoc subjectdirattrstring;
387     private static HashMap JavaDoc extendedkeyusageoidtotextmap;
388 }
389
Popular Tags