X.509 Certificates
by Paul Tremblett


Listing One
import com.beechwood.certificates.*;
import java.io.*;
public class X509CertificateLister {
  public X509CertificateLister(String fileName) {
    try {
      format(new X509Certificate(fileName));
    }
    catch (X509CertificateException e) {
      System.out.println(e.getMessage());
      System.exit(0);
    }
  }
  private void format(X509Certificate cert) 
      throws X509CertificateException {
    X509TBSCertificate tbsCertificate = cert.getTBSCertificate();
    System.out.print("X509 Certificate Version: " + 
      tbsCertificate.version());
    System.out.println(" Serial Number: " + tbsCertificate.serialNumber());
    System.out.println();
    System.out.print("Issuer: ");
    System.out.println(tbsCertificate.issuer().getRDN());
    System.out.println();
    System.out.print("Not valid before ");
    System.out.println(tbsCertificate.validity().notBeforeDateString());
    System.out.print("Not valid after ");
    System.out.println(tbsCertificate.validity().notAfterDateString());
    System.out.println();
    System.out.print("Subject: ");
    System.out.println(tbsCertificate.subject().getRDN());
    System.out.println();
    System.out.print("Subject Public Key Algorithm: ");
    X509AlgorithmIdentifier algorithm =
      tbsCertificate.subjectPublicKeyInfo().algorithm();
    System.out.print(algorithm.getOID());
    System.out.println(" (" +algorithm.getOIDDescription() + ")");
    System.out.println();
    System.out.println("Public Key:");
    String subjectPublicKey = tbsCertificate.subjectPublicKey();
    int ix = 0;
    while ((ix + 48) < subjectPublicKey.length()) {
      System.out.println("  " + subjectPublicKey.substring(ix, ix + 48));
      ix += 48;
    }
    if (ix < subjectPublicKey.length())
      System.out.println("  " + subjectPublicKey.substring(ix));
    System.out.println();
    X509Extension[] extensions = tbsCertificate.getExtensions();
    if (extensions.length > 0) {
      System.out.println("Extensions:");
      for (int i = 0; i < extensions.length; ++i) {
        System.out.print("  " + extensions[i].id());
        System.out.print( " (" + extensions[i].idDescription() + ")");
        if (extensions[i].isCritical())
          System.out.print("  **CRITICAL**");
        System.out.println();
      }
    }
    System.out.println();
    System.out.print("Signature algorithm: ");
    System.out.print(cert.getSignatureAlgorithm().getOID());
    System.out.println(" (" + cert.getSignatureAlgorithm().
      getOIDDescription() + ")");
    System.out.println();
    System.out.println("Signature:");
    String signature = cert.getSignature();
    ix = 0;
    while ((ix + 48) < signature.length()) {
      System.out.println("  " + signature.substring(ix, ix + 48));
      ix += 48;
    }
    if (ix < signature.length())
      System.out.println("  " + signature.substring(ix));
    System.out.println();
  }
  public static void main(String[] args) {
    if (args.length != 1) {
      System.out.println("Usage: X509CertificateLister certFile");
      System.exit(0);
    }
    X509CertificateLister lister = new X509CertificateLister(args[0]);
    System.exit(0);
  }
}







2