Example 91 with GeneralNames
use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project signer by demoiselle.
the class SigningCertificateV2 method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
X509Certificate cert = (X509Certificate) certificates[0];
X509Certificate issuerCert = (X509Certificate) certificates[1];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
// SHA-256
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
// return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
Also used :
IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial)
Digest(org.demoiselle.signer.cryptography.Digest)
SignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedAttribute)
Attribute(org.bouncycastle.asn1.cms.Attribute)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X500Name(org.bouncycastle.asn1.x500.X500Name)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
DERSet(org.bouncycastle.asn1.DERSet)
X509Certificate(java.security.cert.X509Certificate)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DERSequence(org.bouncycastle.asn1.DERSequence)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
ESSCertIDv2(org.bouncycastle.asn1.ess.ESSCertIDv2)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
SignerException(org.demoiselle.signer.policy.impl.cades.SignerException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 92 with GeneralNames
use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.
the class X509Ext method getAuthorityKeyIdentifierStringValue.
private String getAuthorityKeyIdentifierStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* AuthorityKeyIdentifier ::= ASN1Sequence { keyIdentifier [0]
* KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames
* OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber
* OPTIONAL }
*
* KeyIdentifier ::= OCTET STRING
*
* GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
*
* CertificateSerialNumber ::= ASN1Integer
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(value);
byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer();
BigInteger certificateSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
if (keyIdentifier != null) {
// Optional
// Output as a hex string
sb.append(MessageFormat.format(res.getString("AuthorityKeyIdentifier"), HexUtil.getHexString(keyIdentifier)));
sb.append(NEWLINE);
}
if (authorityCertIssuer != null) {
// Optional
sb.append(res.getString("CertificateIssuer"));
sb.append(NEWLINE);
for (GeneralName generalName : authorityCertIssuer.getNames()) {
sb.append(INDENT);
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
}
if (certificateSerialNumber != null) {
// Optional
// Output as an integer
sb.append(MessageFormat.format(res.getString("CertificateSerialNumber"), HexUtil.getHexString(certificateSerialNumber)));
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
BigInteger(java.math.BigInteger)
AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Example 93 with GeneralNames
use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.
the class X509Ext method getSubjectAlternativeNameStringValue.
private String getSubjectAlternativeNameStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectAltName ::= GeneralNames
*
* GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
GeneralNames subjectAltName = GeneralNames.getInstance(value);
for (GeneralName generalName : subjectAltName.getNames()) {
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Example 94 with GeneralNames
use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.
the class X509Ext method getCertificateIssuerStringValue.
private String getCertificateIssuerStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* certificateIssuer ::= GeneralNames
*
* GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
GeneralNames certificateIssuer = GeneralNames.getInstance(value);
for (GeneralName generalName : certificateIssuer.getNames()) {
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Example 95 with GeneralNames
use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.
the class X509Ext method getDistributionPointNameString.
private String getDistributionPointNameString(DistributionPointName distributionPointName, String baseIndent) throws IOException {
// @formatter:off
/*
* DistributionPointName ::= CHOICE {
* fullname [0] GeneralNames,
* nameRelativeToCRLIssuer [1] RelativeDistinguishedName
* }
*
* RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF
* AttributeTypeAndValue
*
* AttributeTypeAndValue ::= ASN1Sequence { type AttributeType, value
* AttributeValue }
*/
// @formatter: on
StringBuilder sb = new StringBuilder();
sb.append(baseIndent);
sb.append(res.getString("DistributionPointName"));
sb.append(NEWLINE);
if (distributionPointName.getType() == DistributionPointName.FULL_NAME) {
sb.append(baseIndent);
sb.append(INDENT);
sb.append(res.getString("DistributionPointFullName"));
sb.append(NEWLINE);
GeneralNames generalNames = GeneralNames.getInstance(distributionPointName.getName());
for (GeneralName generalName : generalNames.getNames()) {
sb.append(baseIndent);
sb.append(INDENT);
sb.append(INDENT);
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
} else {
// DistributionPointName.TAG_NAMERELATIVETOCRLISSUER
sb.append(baseIndent);
sb.append(INDENT);
sb.append(res.getString("DistributionPointNameRelativeToCrlIssuer"));
sb.append(NEWLINE);
RDN rdn = RDN.getInstance(distributionPointName.getName());
for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
ASN1ObjectIdentifier attributeType = attributeTypeAndValue.getType();
ASN1Encodable attributeValue = attributeTypeAndValue.getValue();
String attributeTypeStr = getAttributeTypeString(attributeType);
String attributeValueStr = getAttributeValueString(attributeType, attributeValue);
sb.append(baseIndent);
sb.append(INDENT);
sb.append(INDENT);
sb.append(MessageFormat.format("{0}={1}", attributeTypeStr, attributeValueStr));
sb.append(NEWLINE);
}
}
return sb.toString();
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
RDN(org.bouncycastle.asn1.x500.RDN)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)87
GeneralName (org.bouncycastle.asn1.x509.GeneralName)75
IOException (java.io.IOException)36
X509Certificate (java.security.cert.X509Certificate)27
X500Name (org.bouncycastle.asn1.x500.X500Name)25
ArrayList (java.util.ArrayList)21
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)21
ContentSigner (org.bouncycastle.operator.ContentSigner)20
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)19
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)18
BigInteger (java.math.BigInteger)17
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)17
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)17
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)16
DERIA5String (org.bouncycastle.asn1.DERIA5String)15
BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)15
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)15
X500Principal (javax.security.auth.x500.X500Principal)14
GeneralNames (sun.security.x509.GeneralNames)14
List (java.util.List)13
