📄 createcrl.java
字号:
/*
Name: CreateCRL.java
Licensing: LGPL
API: Sun (http://java.sun.com) JCE 1.2.2 API (cleanroom implementation by Bouncy Castle)
Provider: Bouncy Castle (http://www.bouncycastle.org)
Disclaimer:
COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTY OF ANY KIND,
EITHER EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, WARRANTIES THAT THE COVERED CODE
IS FREE OF DEFECTS, MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE OR NON-INFRINGING. THE ENTIRE
RISK AS TO THE QUALITY AND PERFORMANCE OF THE COVERED CODE IS WITH YOU. SHOULD ANY COVERED CODE
PROVE DEFECTIVE IN ANY RESPECT, YOU (NOT THE INITIAL DEVELOPER OR ANY OTHER CONTRIBUTOR)
ASSUME THE COST OF ANY NECESSARY SERVICING, REPAIR OR CORRECTION. THIS DISCLAIMER OF WARRANTY
CONSTITUTES AN ESSENTIAL PART OF THIS LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED
HEREUNDER EXCEPT UNDER THIS DISCLAIMER.
*/
package net.sourceforge.jcetaglib.taglib.x509;
import net.sourceforge.jcetaglib.lib.Clean;
import net.sourceforge.jcetaglib.lib.X509Cert;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import javax.servlet.jsp.JspException;
import javax.servlet.jsp.tagext.TagSupport;
import java.io.FileOutputStream;
import java.math.BigInteger;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.X509CRL;
import java.security.cert.X509Certificate;
/**
* JSP tag for creating CRL (certificate revocation list)
*
* @jsp.tag
* name="createcrl"
* display-name="CreateCRL"
* body-content="empty"
* example="<%
* 	BigInteger[] certificates = new BigInteger[1];
* 	certificates[0] = new BigInteger(\"4022059090521330640\");
* %>
*
* <jce:createcrl
* 	certs=\"<%= certificates %>\"
* 	crlfile=\"C:/keystores/crl.der\"
* 	signfile=\"C:/keystores/ca.p12\"
* 	signentry=\"ca\"
* 	signpassword=\"password\"/>"
*
* description="JSP tag for creating CRL (certificate revocation list)"
*
* @author Gert Van Ham
* @author hamgert@users.sourceforge.net
* @author http://jcetaglib.sourceforge.net
* @version $Id: CreateCRL.java,v 1.6 2004/04/15 07:28:36 hamgert Exp $
*/
public class CreateCRL extends TagSupport {
private BigInteger[] certs;
private String crlfile;
private int crlnumber = 1;
private long crlperiod = 24; // CRL valid period in hours
private String signfile; // tag attribute
private String signentry; // tag attribute
private StringBuffer signpassword; // tag attribute
private String signaturealgorithm = "MD5WithRSAEncryption";
public int doEndTag() throws JspException {
// Add Bouncy Castle provider
Security.addProvider(new BouncyCastleProvider());
try {
// read CA certificate & private key
PrivateKey CAprivateKey = X509Cert.getPrivateFromP12(signfile, signentry, signpassword);
X509Certificate caCert = X509Cert.getCertificateFromP12(signfile, signentry, signpassword);
// generate CRL
X509CRL crl = X509Cert.CreateCRL(certs
, crlnumber
, crlperiod
, signaturealgorithm
, caCert
, CAprivateKey);
// save CRL to disk
FileOutputStream fos = new FileOutputStream(crlfile);
fos.write(crl.getEncoded());
fos.close();
} catch (Exception e) {
throw new JspException("JCE Exception: Unable to generate CRL: "
+ e.getMessage(), e);
}
return EVAL_PAGE;
} // doEndTag()
public void release() {
// Cleanup all sensitive information
Clean.blank(signpassword);
super.release();
} //release()
/**
* @jsp.attribute
* description="An array of java.lang.math.BigInteger containing the serialnumbers of revoked certificates"
* type="java.math.BigInteger[]"
* required="true"
* rtexprvalue="true"
*/
public void setCerts(BigInteger[] certs) {
this.certs = certs;
}
/**
* @jsp.attribute
* description="The CRL filename"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setCrlfile(String crlfile) {
this.crlfile = crlfile;
}
/**
* @jsp.attribute
* description="CRL number identification. Default is 1"
* type="java.lang.Integer"
* required="false"
* rtexprvalue="true"
*/
public void setCrlnumber(int crlnumber) {
this.crlnumber = crlnumber;
}
/**
* @jsp.attribute
* description="Validity of the CRL in hours. Default is 24"
* type="java.lang.Long"
* required="false"
* rtexprvalue="true"
*/
public void setCrlperiod(long crlperiod) {
this.crlperiod = crlperiod;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore where the CA signing certificate is stored"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setSignfile(String signfile) {
this.signfile = signfile;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore entry name for the CA signing certificate"
* type="java.lang.String"
* required="true"
* rtexprvalue="true"
*/
public void setSignentry(String signentry) {
this.signentry = signentry;
}
/**
* @jsp.attribute
* description="The PKCS#12 (P12) keystore signing password"
* type="java.lang.StringBuffer"
* required="true"
* rtexprvalue="true"
*/
public void setSignpassword(StringBuffer signpassword) {
this.signpassword = signpassword;
}
/**
* @jsp.attribute
* description="Signature algorithm. Default is 'MD5WithRSAEncryption'"
* type="java.lang.String"
* required="false"
* rtexprvalue="true"
*/
public void setSignaturealgorithm(String signaturealgorithm) {
this.signaturealgorithm = signaturealgorithm;
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -