Search in sources :

Example 36 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project credhub by cloudfoundry-incubator.

the class CertificateReaderTest method returnsParametersCorrectly.

@Test
public void returnsParametersCorrectly() {
    final String distinguishedName = "O=test-org, ST=Jupiter, C=MilkyWay, CN=test-common-name, OU=test-org-unit, L=Europa";
    final GeneralNames generalNames = new GeneralNames(new GeneralName(GeneralName.dNSName, "SolarSystem"));
    CertificateReader certificateReader = new CertificateReader(CertificateStringConstants.BIG_TEST_CERT);
    assertThat(certificateReader.getAlternativeNames(), equalTo(generalNames));
    assertThat(asList(certificateReader.getExtendedKeyUsage().getUsages()), containsInAnyOrder(KeyPurposeId.id_kp_serverAuth, KeyPurposeId.id_kp_clientAuth));
    assertThat(certificateReader.getKeyUsage().hasUsages(KeyUsage.digitalSignature), equalTo(true));
    assertThat(certificateReader.getSubjectName().toString(), equalTo(distinguishedName));
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) Test(org.junit.Test)

Example 37 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project jruby-openssl by jruby.

the class X509Cert method uniqueExtensions.

private Collection<X509Extension> uniqueExtensions() {
    final Map<ASN1ObjectIdentifier, X509Extension> unique = new LinkedHashMap<ASN1ObjectIdentifier, X509Extension>();
    for (X509Extension current : this.extensions) {
        final ASN1ObjectIdentifier oid = current.getRealObjectID();
        final X509Extension existing = unique.get(oid);
        if (existing == null) {
            unique.put(oid, current);
            continue;
        }
        // commonly used e.g. with subjectAltName || issuserAltName :
        if ("2.5.29.17".equals(oid.getId()) || "2.5.29.18".equals(oid.getId())) {
            final ASN1EncodableVector vec = new ASN1EncodableVector();
            try {
                GeneralName[] n1 = extRealNames(existing);
                for (int i = 0; i < n1.length; i++) vec.add(n1[i]);
                GeneralName[] n2 = extRealNames(current);
                for (int i = 0; i < n2.length; i++) vec.add(n2[i]);
                GeneralNames nn = GeneralNames.getInstance(new DLSequence(vec));
                final X509Extension existingDup = existing.clone();
                existingDup.setRealValue(nn);
                unique.put(oid, existingDup);
            } catch (IOException ex) {
                throw getRuntime().newIOErrorFromException(ex);
            }
            continue;
        }
        // TODO do we need special care for any others here ?!?
        final ASN1EncodableVector vec = new ASN1EncodableVector();
        try {
            final ASN1Encodable existingValue = existing.getRealValue();
            if (existingValue instanceof ASN1Sequence) {
                final ASN1Sequence seq = (ASN1Sequence) existingValue;
                for (int i = 0; i < seq.size(); i++) {
                    vec.add(seq.getObjectAt(i));
                }
            } else {
                vec.add(existingValue);
            }
            vec.add(current.getRealValue());
            // existing.setRealValue( new DLSequence(vec) );
            final X509Extension existingDup = existing.clone();
            existingDup.setRealValue(new DLSequence(vec));
            unique.put(oid, existingDup);
        } catch (IOException ex) {
            throw getRuntime().newIOErrorFromException(ex);
        }
    }
    return unique.values();
}
Also used : IOException(java.io.IOException) LinkedHashMap(java.util.LinkedHashMap) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DLSequence(org.bouncycastle.asn1.DLSequence) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 38 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project certmgr by hdecarne.

the class CRLDistributionPointsController method init.

/**
 * Initialize the dialog with existing extension data.
 *
 * @param data The extension data to use.
 * @param expertMode Whether to run in expert mode ({@code true}) or not ({@code false}).
 * @return This controller.
 */
public CRLDistributionPointsController init(CRLDistributionPointsExtensionData data, boolean expertMode) {
    init(expertMode);
    this.ctlCritical.setSelected(data.getCritical());
    ObservableList<GeneralName> nameItems = this.ctlNames.getItems();
    for (DistributionPoint distributionPoint : data) {
        DistributionPointName distributionPointName = distributionPoint.getName();
        if (distributionPointName != null) {
            GeneralNames names = distributionPointName.getFullName();
            if (names != null) {
                for (GeneralName name : names) {
                    nameItems.add(name);
                }
            }
            break;
        }
    }
    return this;
}
Also used : GeneralNames(de.carne.certmgr.certs.x509.GeneralNames) DistributionPointName(de.carne.certmgr.certs.x509.DistributionPointName) GeneralName(de.carne.certmgr.certs.x509.GeneralName) DistributionPoint(de.carne.certmgr.certs.x509.DistributionPoint)

Example 39 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project certmgr by hdecarne.

the class CRLDistributionPointsController method validateAndGetDistributionPoint.

private DistributionPoint validateAndGetDistributionPoint() throws ValidationException {
    GeneralNames names = new GeneralNames();
    int nameCount = 0;
    for (GeneralName name : this.ctlNames.getItems()) {
        names.addName(name);
        nameCount++;
    }
    InputValidator.isTrue(nameCount > 0, CRLDistributionPointsI18N::formatSTR_MESSAGE_NO_NAMES);
    return new DistributionPoint(new DistributionPointName(names));
}
Also used : GeneralNames(de.carne.certmgr.certs.x509.GeneralNames) DistributionPointName(de.carne.certmgr.certs.x509.DistributionPointName) GeneralName(de.carne.certmgr.certs.x509.GeneralName) DistributionPoint(de.carne.certmgr.certs.x509.DistributionPoint) DistributionPoint(de.carne.certmgr.certs.x509.DistributionPoint)

Example 40 with GeneralNames

use of com.android.org.bouncycastle.asn1.x509.GeneralNames in project certmgr by hdecarne.

the class ASN1DataTest method testGeneralNames.

/**
 * Test encoding & decoding of {@link GeneralNames} object.
 */
@Test
public void testGeneralNames() {
    try {
        GeneralNames in = new GeneralNames();
        DirectoryName inNameA = new DirectoryName(new X500Principal("CN=localhost"));
        GenericName inNameB = new GenericName(GeneralNameType.X400_ADDRESS, new DEROctetString("test".getBytes()).getEncoded());
        IPAddressName inNameC = new IPAddressName(InetAddress.getByName("127.0.0.1"), null);
        IPAddressName inNameD = new IPAddressName(InetAddress.getByName("127.0.0.1"), InetAddress.getByName("255.255.255.255"));
        IPAddressName inNameE = new IPAddressName(InetAddress.getByName("::1"), null);
        IPAddressName inNameF = new IPAddressName(InetAddress.getByName("::1"), InetAddress.getByName("ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"));
        OtherName inNameG = new OtherName("1.2.3.4", new DEROctetString("test".getBytes()).getEncoded());
        RegisteredIDName inNameH = new RegisteredIDName("1.2.3.4");
        StringName inNameI = new StringName(GeneralNameType.UNIFORM_RESOURCE_IDENTIFIER, "https://localhost/test.crl");
        in.addName(inNameA);
        in.addName(inNameB);
        in.addName(inNameC);
        in.addName(inNameD);
        in.addName(inNameE);
        in.addName(inNameF);
        in.addName(inNameG);
        in.addName(inNameH);
        in.addName(inNameI);
        byte[] inEncoded = in.getEncoded();
        GeneralNames out = GeneralNames.decode(decodeBytes(inEncoded));
        byte[] outEncoded = out.getEncoded();
        Assert.assertArrayEquals(inEncoded, outEncoded);
    } catch (IOException e) {
        e.printStackTrace();
        Assert.fail(e.getLocalizedMessage());
    }
}
Also used : GenericName(de.carne.certmgr.certs.x509.GenericName) GeneralNames(de.carne.certmgr.certs.x509.GeneralNames) IPAddressName(de.carne.certmgr.certs.x509.IPAddressName) RegisteredIDName(de.carne.certmgr.certs.x509.RegisteredIDName) StringName(de.carne.certmgr.certs.x509.StringName) OtherName(de.carne.certmgr.certs.x509.OtherName) X500Principal(javax.security.auth.x500.X500Principal) IOException(java.io.IOException) DirectoryName(de.carne.certmgr.certs.x509.DirectoryName) DEROctetString(org.bouncycastle.asn1.DEROctetString) Test(org.junit.Test)

Aggregations

GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)79 GeneralName (org.bouncycastle.asn1.x509.GeneralName)67 IOException (java.io.IOException)33 X509Certificate (java.security.cert.X509Certificate)26 X500Name (org.bouncycastle.asn1.x500.X500Name)22 ArrayList (java.util.ArrayList)21 DERIA5String (org.bouncycastle.asn1.DERIA5String)16 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)16 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)16 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)15 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)15 ContentSigner (org.bouncycastle.operator.ContentSigner)15 BigInteger (java.math.BigInteger)14 DEROctetString (org.bouncycastle.asn1.DEROctetString)14 JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)14 List (java.util.List)13 X500Principal (javax.security.auth.x500.X500Principal)13 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)13 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)13 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)13