Java Code Examples for java.security.cert.Certificate#getEncoded()
The following examples show how to use
java.security.cert.Certificate#getEncoded() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: HttpResponseCache.java From reader with MIT License | 6 votes |
|
private void writeCertArray(Writer writer, Certificate[] certificates) throws IOException {
if (certificates == null) {
writer.write("-1\n");
return;
}
try {
writer.write(Integer.toString(certificates.length) + '\n');
for (Certificate certificate : certificates) {
byte[] bytes = certificate.getEncoded();
String line = Base64.encode(bytes);
writer.write(line + '\n');
}
} catch (CertificateEncodingException e) {
throw new IOException(e.getMessage());
}
}
Example 2
| Source File: ResponseCacheMiddleware.java From MediaSDK with Apache License 2.0 | 6 votes |
|
private void writeCertArray(Writer writer, Certificate[] certificates) throws IOException {
if (certificates == null) {
writer.write("-1\n");
return;
}
try {
writer.write(Integer.toString(certificates.length) + '\n');
for (Certificate certificate : certificates) {
byte[] bytes = certificate.getEncoded();
String line = Base64.encodeToString(bytes, Base64.DEFAULT);
writer.write(line + '\n');
}
} catch (CertificateEncodingException e) {
throw new IOException(e.getMessage());
}
}
Example 3
| Source File: PrivateKeyResolver.java From openjdk-8-source with GNU General Public License v2.0 | 5 votes |
|
private PrivateKey resolveX509Certificate(
XMLX509Certificate x509Cert
) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Certificate?");
byte[] x509CertBytes = x509Cert.getCertificateBytes();
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
Certificate cert = keyStore.getCertificate(alias);
if (cert instanceof X509Certificate) {
byte[] certBytes = null;
try {
certBytes = cert.getEncoded();
} catch (CertificateEncodingException e1) {
}
if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
try {
Key key = keyStore.getKey(alias, password);
if (key instanceof PrivateKey) {
return (PrivateKey) key;
}
}
catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
// Keep searching
}
}
}
}
}
return null;
}
Example 4
| Source File: X509CertImpl.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
/**
* Returned the encoding of the given certificate for internal use.
* Callers must guarantee that they neither modify it nor expose it
* to untrusted code. Uses getEncodedInternal() if the certificate
* is instance of X509CertImpl, getEncoded() otherwise.
*/
public static byte[] getEncodedInternal(Certificate cert)
throws CertificateEncodingException {
if (cert instanceof X509CertImpl) {
return ((X509CertImpl)cert).getEncodedInternal();
} else {
return cert.getEncoded();
}
}
Example 5
| Source File: X509CertImpl.java From Bytecoder with Apache License 2.0 | 5 votes |
|
/**
* Returned the encoding of the given certificate for internal use.
* Callers must guarantee that they neither modify it nor expose it
* to untrusted code. Uses getEncodedInternal() if the certificate
* is instance of X509CertImpl, getEncoded() otherwise.
*/
public static byte[] getEncodedInternal(Certificate cert)
throws CertificateEncodingException {
if (cert instanceof X509CertImpl) {
return ((X509CertImpl)cert).getEncodedInternal();
} else {
return cert.getEncoded();
}
}
Example 6
| Source File: Main.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 5 votes |
|
/**
* Gets the requested finger print of the certificate.
*/
private String getCertFingerPrint(String mdAlg, Certificate cert)
throws Exception
{
byte[] encCertInfo = cert.getEncoded();
MessageDigest md = MessageDigest.getInstance(mdAlg);
byte[] digest = md.digest(encCertInfo);
return toHexString(digest);
}
Example 7
| Source File: Main.java From openjdk-jdk8u with GNU General Public License v2.0 | 5 votes |
|
/**
* Gets the requested finger print of the certificate.
*/
private String getCertFingerPrint(String mdAlg, Certificate cert)
throws Exception
{
byte[] encCertInfo = cert.getEncoded();
MessageDigest md = MessageDigest.getInstance(mdAlg);
byte[] digest = md.digest(encCertInfo);
return toHexString(digest);
}
Example 8
| Source File: X509CertImpl.java From jdk8u-jdk with GNU General Public License v2.0 | 5 votes |
|
/**
* Returned the encoding of the given certificate for internal use.
* Callers must guarantee that they neither modify it nor expose it
* to untrusted code. Uses getEncodedInternal() if the certificate
* is instance of X509CertImpl, getEncoded() otherwise.
*/
public static byte[] getEncodedInternal(Certificate cert)
throws CertificateEncodingException {
if (cert instanceof X509CertImpl) {
return ((X509CertImpl)cert).getEncodedInternal();
} else {
return cert.getEncoded();
}
}
Example 9
| Source File: KeychainStore.java From TencentKona-8 with GNU General Public License v2.0 | 5 votes |
|
private long addCertificateToKeychain(String alias, Certificate cert) {
byte[] certblob = null;
long returnValue = 0;
try {
certblob = cert.getEncoded();
returnValue = _addItemToKeychain(alias, true, certblob, null);
} catch (Exception e) {
e.printStackTrace();
}
return returnValue;
}
Example 10
| Source File: PrivateKeyResolver.java From jdk1.8-source-analysis with Apache License 2.0 | 5 votes |
|
private PrivateKey resolveX509Certificate(
XMLX509Certificate x509Cert
) throws XMLSecurityException, KeyStoreException {
log.log(java.util.logging.Level.FINE, "Can I resolve X509Certificate?");
byte[] x509CertBytes = x509Cert.getCertificateBytes();
Enumeration<String> aliases = keyStore.aliases();
while (aliases.hasMoreElements()) {
String alias = aliases.nextElement();
if (keyStore.isKeyEntry(alias)) {
Certificate cert = keyStore.getCertificate(alias);
if (cert instanceof X509Certificate) {
byte[] certBytes = null;
try {
certBytes = cert.getEncoded();
} catch (CertificateEncodingException e1) {
}
if (certBytes != null && Arrays.equals(certBytes, x509CertBytes)) {
log.log(java.util.logging.Level.FINE, "match !!! ");
try {
Key key = keyStore.getKey(alias, password);
if (key instanceof PrivateKey) {
return (PrivateKey) key;
}
}
catch (Exception e) {
log.log(java.util.logging.Level.FINE, "Cannot recover the key", e);
// Keep searching
}
}
}
}
}
return null;
}
Example 11
| Source File: ConfiguredObjectCustomSerialization.java From qpid-broker-j with Apache License 2.0 | 5 votes |
|
@Override
public Object convert(final Certificate value)
{
try
{
return value.getEncoded();
}
catch (CertificateEncodingException e)
{
throw new IllegalArgumentException(e);
}
}
Example 12
| Source File: BigCRL.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
int n = 500000;
String ks = System.getProperty("test.src", ".")
+ "/../../ssl/etc/keystore";
String pass = "passphrase";
String alias = "dummy";
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(ks), pass.toCharArray());
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "."
+ X509CertInfo.DN_NAME);
Date date = new Date();
PrivateKey privateKey = (PrivateKey)
keyStore.getKey(alias, pass.toCharArray());
String sigAlgName = signerCertImpl.getSigAlgOID();
X509CRLEntry[] badCerts = new X509CRLEntry[n];
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(1));
for (int i = 0; i < n; i++) {
badCerts[i] = new X509CRLEntryImpl(
BigInteger.valueOf(i), date, ext);
}
X509CRLImpl crl = new X509CRLImpl(owner, date, date, badCerts);
crl.sign(privateKey, sigAlgName);
byte[] data = crl.getEncodedInternal();
// Make sure the CRL is big enough
if ((data[1]&0xff) != 0x84) {
throw new Exception("The file should be big enough?");
}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
cf.generateCRL(new ByteArrayInputStream(data));
}
Example 13
| Source File: BigCRL.java From openjdk-jdk8u-backup with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
int n = 500000;
String ks = System.getProperty("test.src", ".")
+ "/../../ssl/etc/keystore";
String pass = "passphrase";
String alias = "dummy";
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(ks), pass.toCharArray());
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "."
+ X509CertInfo.DN_NAME);
Date date = new Date();
PrivateKey privateKey = (PrivateKey)
keyStore.getKey(alias, pass.toCharArray());
String sigAlgName = signerCertImpl.getSigAlgOID();
X509CRLEntry[] badCerts = new X509CRLEntry[n];
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(1));
for (int i = 0; i < n; i++) {
badCerts[i] = new X509CRLEntryImpl(
BigInteger.valueOf(i), date, ext);
}
X509CRLImpl crl = new X509CRLImpl(owner, date, date, badCerts);
crl.sign(privateKey, sigAlgName);
byte[] data = crl.getEncodedInternal();
// Make sure the CRL is big enough
if ((data[1]&0xff) != 0x84) {
throw new Exception("The file should be big enough?");
}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
cf.generateCRL(new ByteArrayInputStream(data));
}
Example 14
| Source File: Main.java From jdk8u_jdk with GNU General Public License v2.0 | 4 votes |
|
private void doGenCRL(PrintStream out)
throws Exception {
if (ids == null) {
throw new Exception("Must provide -id when -gencrl");
}
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
X509CertInfo.DN_NAME);
Date firstDate = getStartDate(startDate);
Date lastDate = (Date) firstDate.clone();
lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
CertificateValidity interval = new CertificateValidity(firstDate,
lastDate);
PrivateKey privateKey =
(PrivateKey)recoverKey(alias, storePass, keyPass).fst;
if (sigAlgName == null) {
sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
}
X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
for (int i=0; i<ids.size(); i++) {
String id = ids.get(i);
int d = id.indexOf(':');
if (d >= 0) {
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
firstDate, ext);
} else {
badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
}
}
X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
crl.sign(privateKey, sigAlgName);
if (rfc) {
out.println("-----BEGIN X509 CRL-----");
out.println(Base64.getMimeEncoder(64, CRLF).encodeToString(crl.getEncodedInternal()));
out.println("-----END X509 CRL-----");
} else {
out.write(crl.getEncodedInternal());
}
checkWeak(rb.getString("the.generated.crl"), crl, privateKey);
}
Example 15
| Source File: Main.java From jdk8u-jdk with GNU General Public License v2.0 | 4 votes |
|
private void doGenCRL(PrintStream out)
throws Exception {
if (ids == null) {
throw new Exception("Must provide -id when -gencrl");
}
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
X509CertInfo.DN_NAME);
Date firstDate = getStartDate(startDate);
Date lastDate = (Date) firstDate.clone();
lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
CertificateValidity interval = new CertificateValidity(firstDate,
lastDate);
PrivateKey privateKey =
(PrivateKey)recoverKey(alias, storePass, keyPass).fst;
if (sigAlgName == null) {
sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
}
X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
for (int i=0; i<ids.size(); i++) {
String id = ids.get(i);
int d = id.indexOf(':');
if (d >= 0) {
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
firstDate, ext);
} else {
badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
}
}
X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
crl.sign(privateKey, sigAlgName);
if (rfc) {
out.println("-----BEGIN X509 CRL-----");
out.println(Base64.getMimeEncoder().encodeToString(crl.getEncodedInternal()));
out.println("-----END X509 CRL-----");
} else {
out.write(crl.getEncodedInternal());
}
}
Example 16
| Source File: BigCRL.java From TencentKona-8 with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
int n = 500000;
String ks = System.getProperty("test.src", ".")
+ "/../../ssl/etc/keystore";
String pass = "passphrase";
String alias = "dummy";
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(ks), pass.toCharArray());
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "."
+ X509CertInfo.DN_NAME);
Date date = new Date();
PrivateKey privateKey = (PrivateKey)
keyStore.getKey(alias, pass.toCharArray());
String sigAlgName = signerCertImpl.getSigAlgOID();
X509CRLEntry[] badCerts = new X509CRLEntry[n];
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(1));
for (int i = 0; i < n; i++) {
badCerts[i] = new X509CRLEntryImpl(
BigInteger.valueOf(i), date, ext);
}
X509CRLImpl crl = new X509CRLImpl(owner, date, date, badCerts);
crl.sign(privateKey, sigAlgName);
byte[] data = crl.getEncodedInternal();
// Make sure the CRL is big enough
if ((data[1]&0xff) != 0x84) {
throw new Exception("The file should be big enough?");
}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
cf.generateCRL(new ByteArrayInputStream(data));
}
Example 17
| Source File: BigCRL.java From dragonwell8_jdk with GNU General Public License v2.0 | 4 votes |
|
public static void main(String[] args) throws Exception {
int n = 500000;
String ks = System.getProperty("test.src", ".")
+ "/../../ssl/etc/keystore";
String pass = "passphrase";
String alias = "dummy";
KeyStore keyStore = KeyStore.getInstance("JKS");
keyStore.load(new FileInputStream(ks), pass.toCharArray());
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "."
+ X509CertInfo.DN_NAME);
Date date = new Date();
PrivateKey privateKey = (PrivateKey)
keyStore.getKey(alias, pass.toCharArray());
String sigAlgName = signerCertImpl.getSigAlgOID();
X509CRLEntry[] badCerts = new X509CRLEntry[n];
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(1));
for (int i = 0; i < n; i++) {
badCerts[i] = new X509CRLEntryImpl(
BigInteger.valueOf(i), date, ext);
}
X509CRLImpl crl = new X509CRLImpl(owner, date, date, badCerts);
crl.sign(privateKey, sigAlgName);
byte[] data = crl.getEncodedInternal();
// Make sure the CRL is big enough
if ((data[1]&0xff) != 0x84) {
throw new Exception("The file should be big enough?");
}
CertificateFactory cf = CertificateFactory.getInstance("X.509");
cf.generateCRL(new ByteArrayInputStream(data));
}
Example 18
| Source File: Main.java From openjdk-8-source with GNU General Public License v2.0 | 4 votes |
|
private void doGenCRL(PrintStream out)
throws Exception {
if (ids == null) {
throw new Exception("Must provide -id when -gencrl");
}
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
X509CertInfo.DN_NAME);
Date firstDate = getStartDate(startDate);
Date lastDate = (Date) firstDate.clone();
lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
CertificateValidity interval = new CertificateValidity(firstDate,
lastDate);
PrivateKey privateKey =
(PrivateKey)recoverKey(alias, storePass, keyPass).fst;
if (sigAlgName == null) {
sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
}
X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
for (int i=0; i<ids.size(); i++) {
String id = ids.get(i);
int d = id.indexOf(':');
if (d >= 0) {
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
firstDate, ext);
} else {
badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
}
}
X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
crl.sign(privateKey, sigAlgName);
if (rfc) {
out.println("-----BEGIN X509 CRL-----");
out.println(Base64.getMimeEncoder().encodeToString(crl.getEncodedInternal()));
out.println("-----END X509 CRL-----");
} else {
out.write(crl.getEncodedInternal());
}
}
Example 19
| Source File: Main.java From openjdk-8 with GNU General Public License v2.0 | 4 votes |
|
private void doGenCRL(PrintStream out)
throws Exception {
if (ids == null) {
throw new Exception("Must provide -id when -gencrl");
}
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
X509CertInfo.DN_NAME);
Date firstDate = getStartDate(startDate);
Date lastDate = (Date) firstDate.clone();
lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
CertificateValidity interval = new CertificateValidity(firstDate,
lastDate);
PrivateKey privateKey =
(PrivateKey)recoverKey(alias, storePass, keyPass).fst;
if (sigAlgName == null) {
sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
}
X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
for (int i=0; i<ids.size(); i++) {
String id = ids.get(i);
int d = id.indexOf(':');
if (d >= 0) {
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
firstDate, ext);
} else {
badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
}
}
X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
crl.sign(privateKey, sigAlgName);
if (rfc) {
out.println("-----BEGIN X509 CRL-----");
out.println(Base64.getMimeEncoder().encodeToString(crl.getEncodedInternal()));
out.println("-----END X509 CRL-----");
} else {
out.write(crl.getEncodedInternal());
}
}
Example 20
| Source File: Main.java From hottub with GNU General Public License v2.0 | 4 votes |
|
private void doGenCRL(PrintStream out)
throws Exception {
if (ids == null) {
throw new Exception("Must provide -id when -gencrl");
}
Certificate signerCert = keyStore.getCertificate(alias);
byte[] encoded = signerCert.getEncoded();
X509CertImpl signerCertImpl = new X509CertImpl(encoded);
X509CertInfo signerCertInfo = (X509CertInfo)signerCertImpl.get(
X509CertImpl.NAME + "." + X509CertImpl.INFO);
X500Name owner = (X500Name)signerCertInfo.get(X509CertInfo.SUBJECT + "." +
X509CertInfo.DN_NAME);
Date firstDate = getStartDate(startDate);
Date lastDate = (Date) firstDate.clone();
lastDate.setTime(lastDate.getTime() + validity*1000*24*60*60);
CertificateValidity interval = new CertificateValidity(firstDate,
lastDate);
PrivateKey privateKey =
(PrivateKey)recoverKey(alias, storePass, keyPass).fst;
if (sigAlgName == null) {
sigAlgName = getCompatibleSigAlgName(privateKey.getAlgorithm());
}
X509CRLEntry[] badCerts = new X509CRLEntry[ids.size()];
for (int i=0; i<ids.size(); i++) {
String id = ids.get(i);
int d = id.indexOf(':');
if (d >= 0) {
CRLExtensions ext = new CRLExtensions();
ext.set("Reason", new CRLReasonCodeExtension(Integer.parseInt(id.substring(d+1))));
badCerts[i] = new X509CRLEntryImpl(new BigInteger(id.substring(0, d)),
firstDate, ext);
} else {
badCerts[i] = new X509CRLEntryImpl(new BigInteger(ids.get(i)), firstDate);
}
}
X509CRLImpl crl = new X509CRLImpl(owner, firstDate, lastDate, badCerts);
crl.sign(privateKey, sigAlgName);
if (rfc) {
out.println("-----BEGIN X509 CRL-----");
out.println(Base64.getMimeEncoder(64, CRLF).encodeToString(crl.getEncodedInternal()));
out.println("-----END X509 CRL-----");
} else {
out.write(crl.getEncodedInternal());
}
}
