package io.calidog.certstream;
import sun.reflect.generics.reflectiveObjects.NotImplementedException;
import javax.security.auth.x500.X500Principal;
import java.math.BigInteger;
import java.security.*;
import java.security.cert.Certificate;
import java.security.cert.*;
import java.time.Instant;
import java.util.*;
/**
* Some methods that might be useful for accessing certificate
* data. Not a complete implementation of x509Certificate.
*/
public class CertStreamCertificate extends X509Certificate {
private HashMap<String, String> subject;
private HashMap<String, String> extensions;
private double notBefore;
private double notAfter;
private String asDer;
String serialNumber;
String fingerprint;
String[] allDomains;
private CertStreamCertificate() {}
public static CertStreamCertificate fromPOJO(CertStreamCertificatePOJO pojo) throws CertificateException {
CertStreamCertificate fullCertificate = new CertStreamCertificate();
if (pojo.asDer.isEmpty())
{
return null;
}
fullCertificate.asDer = pojo.asDer;
fullCertificate.extensions = pojo.extensions;
fullCertificate.notAfter = pojo.notAfter;
fullCertificate.notBefore = pojo.notBefore;
fullCertificate.subject = pojo.subject;
fullCertificate.serialNumber = pojo.serialNumber;
fullCertificate.fingerprint = pojo.fingerprint;
fullCertificate.allDomains = pojo.allDomains;
return fullCertificate;
}
@Override
public void checkValidity() throws CertificateExpiredException, CertificateNotYetValidException {
checkValidity(Date.from(Instant.now()));
}
@Override
public void checkValidity(Date date) throws CertificateExpiredException, CertificateNotYetValidException {
if (date.before(getNotBefore()))
{
throw new CertificateNotYetValidException();
}
if (date.after(getNotAfter()))
{
throw new CertificateExpiredException();
}
}
/**Not implemented*/
@Override
public int getVersion() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public BigInteger getSerialNumber() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public Principal getIssuerDN() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public X500Principal getIssuerX500Principal() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public Principal getSubjectDN() {
return () -> subject.get("DN");
}
@Override
public X500Principal getSubjectX500Principal() {
return new X500Principal("", subject);
}
@Override
public Date getNotBefore() {
return new Date((long)notBefore);
}
@Override
public Date getNotAfter() {
return new Date((long)notAfter);
}
/**Not implemented*/
@Override
public byte[] getTBSCertificate() throws CertificateEncodingException {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public byte[] getSignature() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public String getSigAlgName() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public String getSigAlgOID() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public byte[] getSigAlgParams() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public boolean[] getIssuerUniqueID() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public boolean[] getSubjectUniqueID() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public boolean[] getKeyUsage() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public List<String> getExtendedKeyUsage() throws CertificateParsingException {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public int getBasicConstraints() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public Collection<List<?>> getSubjectAlternativeNames() throws CertificateParsingException {
throw new NotImplementedException();
}
@Override
public Collection<List<?>> getIssuerAlternativeNames() throws CertificateParsingException {
return super.getIssuerAlternativeNames();
}
@Override
public void verify(PublicKey publicKey, Provider provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, SignatureException {
super.verify(publicKey, provider);
}
private byte[] memoizedEncodedCert = null;
@Override
public byte[] getEncoded() throws CertificateEncodingException {
if (memoizedEncodedCert == null) {
memoizedEncodedCert = Base64.getDecoder().decode(asDer);
}
return Arrays.copyOf(memoizedEncodedCert, memoizedEncodedCert.length);
}
/**Not implemented*/
@Override
public void verify(PublicKey publicKey) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public void verify(PublicKey publicKey, String s) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public String toString() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public PublicKey getPublicKey() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public boolean hasUnsupportedCriticalExtension() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public Set<String> getCriticalExtensionOIDs() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public Set<String> getNonCriticalExtensionOIDs() {
throw new NotImplementedException();
}
/**Not implemented*/
@Override
public byte[] getExtensionValue(String s) {
throw new NotImplementedException();
}
/**
* Gets the String (Whatever String we get from CertStream)
* for the extension value (extnValue) identified by the
* passed-in oid String. The oid string is represented
* by whatever CertStream passes us.
*/
public String getStringExtensionValue(String key)
{
return extensions.get(key);
}
}
