Search in sources :

Example 91 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project signer by demoiselle.

the class SigningCertificateV2 method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        X509Certificate cert = (X509Certificate) certificates[0];
        X509Certificate issuerCert = (X509Certificate) certificates[1];
        Digest digest = DigestFactory.getInstance().factoryDefault();
        digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
        byte[] certHash = digest.digest(cert.getEncoded());
        X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
        GeneralName name = new GeneralName(dirName);
        GeneralNames issuer = new GeneralNames(name);
        ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
        IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
        // SHA-256
        AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
        ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
        // return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
        return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
    } catch (CertificateEncodingException ex) {
        throw new SignerException(ex.getMessage());
    }
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) Digest(org.demoiselle.signer.cryptography.Digest) SignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedAttribute) Attribute(org.bouncycastle.asn1.cms.Attribute) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DERSet(org.bouncycastle.asn1.DERSet) X509Certificate(java.security.cert.X509Certificate) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) ESSCertIDv2(org.bouncycastle.asn1.ess.ESSCertIDv2) GeneralName(org.bouncycastle.asn1.x509.GeneralName) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 92 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class X509Ext method getAuthorityKeyIdentifierStringValue.

private String getAuthorityKeyIdentifierStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * AuthorityKeyIdentifier ::= ASN1Sequence { keyIdentifier [0]
		 * KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames
		 * OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber
		 * OPTIONAL }
		 *
		 * KeyIdentifier ::= OCTET STRING
		 *
		 * GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
		 *
		 * CertificateSerialNumber ::= ASN1Integer
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(value);
    byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
    GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer();
    BigInteger certificateSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
    if (keyIdentifier != null) {
        // Optional
        // Output as a hex string
        sb.append(MessageFormat.format(res.getString("AuthorityKeyIdentifier"), HexUtil.getHexString(keyIdentifier)));
        sb.append(NEWLINE);
    }
    if (authorityCertIssuer != null) {
        // Optional
        sb.append(res.getString("CertificateIssuer"));
        sb.append(NEWLINE);
        for (GeneralName generalName : authorityCertIssuer.getNames()) {
            sb.append(INDENT);
            sb.append(GeneralNameUtil.toString(generalName));
            sb.append(NEWLINE);
        }
    }
    if (certificateSerialNumber != null) {
        // Optional
        // Output as an integer
        sb.append(MessageFormat.format(res.getString("CertificateSerialNumber"), HexUtil.getHexString(certificateSerialNumber)));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) BigInteger(java.math.BigInteger) AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Example 93 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class X509Ext method getSubjectAlternativeNameStringValue.

private String getSubjectAlternativeNameStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * SubjectAltName ::= GeneralNames
		 *
		 * GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    GeneralNames subjectAltName = GeneralNames.getInstance(value);
    for (GeneralName generalName : subjectAltName.getNames()) {
        sb.append(GeneralNameUtil.toString(generalName));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Example 94 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class X509Ext method getCertificateIssuerStringValue.

private String getCertificateIssuerStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * certificateIssuer ::= GeneralNames
		 *
		 * GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    GeneralNames certificateIssuer = GeneralNames.getInstance(value);
    for (GeneralName generalName : certificateIssuer.getNames()) {
        sb.append(GeneralNameUtil.toString(generalName));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Example 95 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class X509Ext method getDistributionPointNameString.

private String getDistributionPointNameString(DistributionPointName distributionPointName, String baseIndent) throws IOException {
    // @formatter:off
    /*
		 * DistributionPointName ::= CHOICE {
		 * 		fullname [0] GeneralNames,
		 * 		nameRelativeToCRLIssuer [1] RelativeDistinguishedName
		 * }
		 *
		 * RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF
		 * AttributeTypeAndValue
		 *
		 * AttributeTypeAndValue ::= ASN1Sequence { type AttributeType, value
		 * AttributeValue }
		 */
    // @formatter: on
    StringBuilder sb = new StringBuilder();
    sb.append(baseIndent);
    sb.append(res.getString("DistributionPointName"));
    sb.append(NEWLINE);
    if (distributionPointName.getType() == DistributionPointName.FULL_NAME) {
        sb.append(baseIndent);
        sb.append(INDENT);
        sb.append(res.getString("DistributionPointFullName"));
        sb.append(NEWLINE);
        GeneralNames generalNames = GeneralNames.getInstance(distributionPointName.getName());
        for (GeneralName generalName : generalNames.getNames()) {
            sb.append(baseIndent);
            sb.append(INDENT);
            sb.append(INDENT);
            sb.append(GeneralNameUtil.toString(generalName));
            sb.append(NEWLINE);
        }
    } else {
        // DistributionPointName.TAG_NAMERELATIVETOCRLISSUER
        sb.append(baseIndent);
        sb.append(INDENT);
        sb.append(res.getString("DistributionPointNameRelativeToCrlIssuer"));
        sb.append(NEWLINE);
        RDN rdn = RDN.getInstance(distributionPointName.getName());
        for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
            ASN1ObjectIdentifier attributeType = attributeTypeAndValue.getType();
            ASN1Encodable attributeValue = attributeTypeAndValue.getValue();
            String attributeTypeStr = getAttributeTypeString(attributeType);
            String attributeValueStr = getAttributeValueString(attributeType, attributeValue);
            sb.append(baseIndent);
            sb.append(INDENT);
            sb.append(INDENT);
            sb.append(MessageFormat.format("{0}={1}", attributeTypeStr, attributeValueStr));
            sb.append(NEWLINE);
        }
    }
    return sb.toString();
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERGeneralString(org.bouncycastle.asn1.DERGeneralString) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERIA5String(org.bouncycastle.asn1.DERIA5String) RDN(org.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)87 GeneralName (org.bouncycastle.asn1.x509.GeneralName)75 IOException (java.io.IOException)36 X509Certificate (java.security.cert.X509Certificate)27 X500Name (org.bouncycastle.asn1.x500.X500Name)25 ArrayList (java.util.ArrayList)21 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)21 ContentSigner (org.bouncycastle.operator.ContentSigner)20 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)19 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)18 BigInteger (java.math.BigInteger)17 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)17 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)17 JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)16 DERIA5String (org.bouncycastle.asn1.DERIA5String)15 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)15 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)15 X500Principal (javax.security.auth.x500.X500Principal)14 GeneralNames (sun.security.x509.GeneralNames)14 List (java.util.List)13