package model.ca; import annotations.Assoc; import model.Event; import model.EventLog; import model.Observer; import model.asn1.*; import model.asn1.exceptions.InvalidCAException; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; import model.csr.*; import model.pki.AlgorithmIdentifier; import model.pki.SubjectPublicKeyInfo; import model.pki.cert.Certificate; import model.pki.cert.Extension; import model.pki.cert.TbsCertificate; import model.pki.cert.Validity; import model.pki.crl.CertificateList; import model.pki.crl.CertificateListContent; import model.pki.crl.RevokedCertificate; import model.x501.AttributeTypeAndValue; import model.x501.Name; import model.x501.RelativeDistinguishedName; import ui.Utils; import java.math.BigInteger; import java.security.*; import java.security.interfaces.RSAPrivateKey; import java.security.interfaces.RSAPublicKey; import java.security.spec.InvalidKeySpecException; import java.security.spec.RSAPrivateKeySpec; import java.security.spec.RSAPublicKeySpec; import java.time.ZoneId; import java.time.ZonedDateTime; import java.time.format.DateTimeFormatter; import java.util.*; import java.util.stream.Stream; /** * Holds a CA private key, its certificate, signed / revoked list, template list, and logs list. Data can be observed. */ public class CertificationAuthority { public static final int SERIAL_DEFAULT = 1; /** * The RSA2048 private key. */ @Assoc(partOf = true, lowerBond = 0) private RSAPrivateKey key; /** * The public key. */ @Assoc(partOf = true, lowerBond = 0) private RSAPublicKey publicKey; /** * The signed certificate. */ @Assoc(partOf = true, lowerBond = 0) private Certificate certificate; /** * Signed certificates. */ @Assoc(lowerBond = 0) private final List signed; /** * The next serial number. */ private int serial; /** * Revoked certs. */ @Assoc(lowerBond = 0) private final List revoked; /** * Certificate templates. */ @Assoc(lowerBond = 0) private final List