www.pudn.com > Cert.rar > Main.java
import com.sun.security.cert.internal.x509.X509V1CertImpl;
import java.io.ByteArrayInputStream;
import java.lang.reflect.Field;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import sun.security.rsa.RSAPrivateKeyImpl;
import sun.security.rsa.RSAPublicKeyImpl;
import java.sql.Timestamp;
public class Main {
static Field fieldWarpedCert;
static ThreadLocal conns = new ThreadLocal() {
protected DBConn initialValue() {
try {
return new DBConn();
} catch (SQLException ex) {
Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
throw new RuntimeException(ex);
}
}
};
static {
try {
fieldWarpedCert = X509V1CertImpl.class.getDeclaredField("wrappedCert");
fieldWarpedCert.setAccessible(true);
} catch (Exception e) {
throw new ExceptionInInitializerError(e);
}
}
public static void main(String[] args) throws Exception {
String url = "shop.mysql.com";
SSLSocket sk = (SSLSocket) SSLSocketFactory.getDefault().createSocket(url , 443);
javax.security.cert.X509Certificate[] xcerts = sk.getSession().getPeerCertificateChain();
X509Certificate[] certs = getWarppedCerts(xcerts);
X509Certificate PKI_Upper = null;
for (int i = 1; i <= certs.length; i++) {
X509Certificate cert = certs[certs.length - i];
System.out.println(cert.getSubjectDN());
System.out.println("=====================================");
storeCert(cert, PKI_Upper == null ? cert.getPublicKey() : PKI_Upper.getPublicKey(), url);
PKI_Upper = cert;
}
}
public static X509Certificate[] getWarppedCerts(javax.security.cert.X509Certificate[] certs) throws Exception {
X509Certificate[] ret = new X509Certificate[certs.length];
for (int i = 0; i < certs.length; i++) {
javax.security.cert.X509Certificate cert = certs[i];
ret[i] = (X509Certificate) fieldWarpedCert.get(cert);
}
return ret;
}
public static int storeCert(X509Certificate cert, PublicKey pk, String serverName) throws Exception {
boolean goodPk = true;
RSAPublicKeyImpl rsapk = null;
try {
cert.verify(pk);
System.out.println("PKCLASS:" + pk.getClass());
System.out.println("PK:" + pk);
if (pk.getClass().equals(RSAPublicKeyImpl.class)) {
rsapk = (RSAPublicKeyImpl) pk;
}
} catch (Exception e) {
goodPk = false;
System.out.println("BAD PK!");
}
DBConn conn = conns.get();
PreparedStatement ps = conn.prepareStatement(
"INSERT INTO certs "/* +
" [ServerName] ," +
" [SerialNumber],"+
" [Version],"+
" [NotBefore] ," +
" [NotAfter] ," +
" [CertData] ," +
" [PK_DUMP] ," +
" [PK_N] ," +
" [PK_E] ," +
" [Signature] ," +
" [SigAlgName] ," +
" [SigAlgOID] ," +
" [SigAlgParams] ," +
" [SubjectDN] ," +
" [IssuerDN] ," +
" [CertDump]) "*/ +
"VALUES (null , ? , ? , ? ,? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ? , ?)");
ps.setString(1, serverName);
ps.setObject(2, cert.getSerialNumber().toByteArray());
ps.setInt(3, cert.getVersion());
ps.setTimestamp(4, new Timestamp(cert.getNotBefore().getTime()));
ps.setTimestamp(5, new Timestamp(cert.getNotAfter().getTime()));
ps.setBytes(6, cert.getTBSCertificate());
System.out.println(cert.getTBSCertificate().length);
if (goodPk) {
ps.setBytes(7, pk.getEncoded());
System.out.println(pk.getEncoded().length);
} else {
ps.setBytes(7, null);
}
if (rsapk != null) {
ps.setBytes(8, rsapk.getModulus().toByteArray());
ps.setBytes(9, rsapk.getPublicExponent().toByteArray());
} else {
ps.setBytes(8, null);
ps.setBytes(9, null);
}
ps.setBytes(10, cert.getSignature());
System.out.println(cert.getSignature().length);
ps.setString(11, cert.getSigAlgName());
System.out.println(cert.getSigAlgName().length());
ps.setString(12, cert.getSigAlgOID());
System.out.println(cert.getSigAlgOID().length());
if (cert.getSigAlgParams() != null) {
ps.setBytes(13, cert.getSigAlgParams());
System.out.println(cert.getSigAlgParams().length);
} else {
ps.setBytes(13, null);
}
ps.setString(14, cert.getSubjectDN().toString());
System.out.println(cert.getSubjectDN().toString().length());
ps.setString(15, cert.getIssuerDN().toString());
System.out.println(cert.getIssuerDN().toString().length());
ps.setString(16, cert.toString());
return ps.executeUpdate();
}
}