|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcybervillains.ca.CertificateCreator
public class CertificateCreator
Methods for creating certificates. *************************************************************************************** Copyright (c) 2007, Information Security Partners, LLC All rights reserved. In a special exception, Selenium/OpenQA is allowed to use this code under the Apache License 2.0.
Field Summary | |
---|---|
static String |
KEYGEN_ALGO
The default key generation algorithm for this package is RSA. |
static String |
OID_AUTHORITY_INFO_ACCESS
X.509 OID for Authority Information Access - Omitted when duplicating a cert by default. |
static String |
OID_AUTHORITY_KEY_IDENTIFIER
X.509 OID for Subject Authority Key Identifier - Replaced when duplicating a cert. |
static String |
OID_CRL_DISTRIBUTION_POINT
X.509 OID for Certificate Revocation List Distribution Point - Omitted when duplicating a cert by default. |
static String |
OID_ID_AD_CAISSUERS
X.509 OID for Additional CA Issuers for AIA - Omitted when duplicating a cert by default. |
static String |
OID_ISSUER_ALTERNATIVE_NAME
X.509 OID for Issuer Alternative Name - Omitted when duplicating a cert by default. |
static String |
OID_ISSUER_ALTERNATIVE_NAME_2
X.509 OID for Issuer Alternative Name 2 - Omitted when duplicating a cert by default. |
static String |
OID_SUBJECT_KEY_IDENTIFIER
X.509 OID for Subject Key Identifier Extension - Replaced when duplicating a cert. |
static String |
SIGN_ALGO
The default sign algorithm for this package is SHA1 with RSA. |
Constructor Summary | |
---|---|
CertificateCreator()
|
Method Summary | |
---|---|
static X509Certificate |
createTypicalMasterCert(KeyPair keyPair)
Creates a typical Certification Authority (CA) certificate. |
static X509Certificate |
generateStdSSLServerCertificate(PublicKey newPubKey,
X509Certificate caCert,
PrivateKey caPrivateKey,
String subject,
String certificateRevocationListPath)
Utility method for generating a "standard" server certificate. |
static X509Certificate |
mitmDuplicateCertificate(X509Certificate originalCert,
PublicKey newPubKey,
X509Certificate caCert,
PrivateKey caPrivateKey)
Convenience method for the most common case of certificate duplication. |
static X509Certificate |
mitmDuplicateCertificate(X509Certificate originalCert,
PublicKey newPubKey,
X509Certificate caCert,
PrivateKey caPrivateKey,
Set<String> extensionOidsNotToCopy,
Map<String,org.bouncycastle.asn1.DEREncodable> criticalCustomExtensions,
Map<String,org.bouncycastle.asn1.DEREncodable> noncriticalCustomExtensions)
This method creates an X509v3 certificate based on an an existing certificate. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String KEYGEN_ALGO
public static final String SIGN_ALGO
public static final String OID_SUBJECT_KEY_IDENTIFIER
public static final String OID_AUTHORITY_KEY_IDENTIFIER
public static final String OID_ISSUER_ALTERNATIVE_NAME
public static final String OID_ISSUER_ALTERNATIVE_NAME_2
public static final String OID_CRL_DISTRIBUTION_POINT
public static final String OID_AUTHORITY_INFO_ACCESS
public static final String OID_ID_AD_CAISSUERS
Constructor Detail |
---|
public CertificateCreator()
Method Detail |
---|
public static X509Certificate generateStdSSLServerCertificate(PublicKey newPubKey, X509Certificate caCert, PrivateKey caPrivateKey, String subject, String certificateRevocationListPath) throws CertificateParsingException, SignatureException, InvalidKeyException, CertificateExpiredException, CertificateNotYetValidException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
newPubKey
- caCert
- caPrivateKey
- hostname
-
CertificateParsingException
SignatureException
InvalidKeyException
CertificateExpiredException
CertificateNotYetValidException
CertificateException
NoSuchAlgorithmException
NoSuchProviderException
public static X509Certificate mitmDuplicateCertificate(X509Certificate originalCert, PublicKey newPubKey, X509Certificate caCert, PrivateKey caPrivateKey, Set<String> extensionOidsNotToCopy, Map<String,org.bouncycastle.asn1.DEREncodable> criticalCustomExtensions, Map<String,org.bouncycastle.asn1.DEREncodable> noncriticalCustomExtensions) throws CertificateParsingException, SignatureException, InvalidKeyException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
originalCert
- The original certificate to duplicate.newPubKey
- The new public key for the MITM certificate.caCert
- The certificate of the signing authority fot the MITM certificate.caPrivateKey
- The private key of the signing authority.extensionOidsNotToCopy
- An optional list of certificate extension OIDs not to copy to the MITM certificate.criticalCustomExtensions
- An optional map of critical extension OIDs to add/replace on the MITM certificate.noncriticalCustomExtensions
- An optional map of non-critical extension OIDs to add/replace on the MITM certificate.
CertificateParsingException
SignatureException
InvalidKeyException
CertificateExpiredException
CertificateNotYetValidException
CertificateException
NoSuchAlgorithmException
NoSuchProviderException
public static X509Certificate mitmDuplicateCertificate(X509Certificate originalCert, PublicKey newPubKey, X509Certificate caCert, PrivateKey caPrivateKey) throws CertificateParsingException, SignatureException, InvalidKeyException, CertificateExpiredException, CertificateNotYetValidException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
originalCert
- newPubKey
- caCert
- caPrivateKey
-
CertificateParsingException
SignatureException
InvalidKeyException
CertificateExpiredException
CertificateNotYetValidException
CertificateException
NoSuchAlgorithmException
NoSuchProviderException
public static X509Certificate createTypicalMasterCert(KeyPair keyPair) throws SignatureException, InvalidKeyException, SecurityException, CertificateException, NoSuchAlgorithmException, NoSuchProviderException
keyPair
-
SecurityException
InvalidKeyException
NoSuchProviderException
NoSuchAlgorithmException
CertificateException
SignatureException
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |