Search in sources :

Example 96 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project keystore-explorer by kaikramer.

the class DObjectIdChooser method okPressed.

private void okPressed() {
    String firstArc = "" + jcbFirstArc.getSelectedItem();
    String secondArc = "" + jcbSecondArc.getSelectedItem();
    String remainingArcs = jtfRemainingArcs.getText().trim();
    ASN1ObjectIdentifier newObjectId = new ASN1ObjectIdentifier(firstArc + "." + secondArc + "." + remainingArcs);
    try {
        ObjectIdUtil.validate(newObjectId);
    } catch (InvalidObjectIdException e) {
        JOptionPane.showMessageDialog(this, e.getMessage(), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    objectId = newObjectId;
    closeDialog();
}
Also used : ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) InvalidObjectIdException(org.kse.utilities.oid.InvalidObjectIdException)

Example 97 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method createQcStatements.

private static ExtensionValueType createQcStatements(boolean requireRequestExt) {
    QcStatements extValue = new QcStatements();
    QcStatementType statement = new QcStatementType();
    // QcCompliance
    statement.setStatementId(createOidType(ObjectIdentifiers.id_etsi_qcs_QcCompliance));
    extValue.getQcStatement().add(statement);
    // QC SCD
    statement = new QcStatementType();
    statement.setStatementId(createOidType(ObjectIdentifiers.id_etsi_qcs_QcSSCD));
    extValue.getQcStatement().add(statement);
    // QC RetentionPeriod
    statement = new QcStatementType();
    statement.setStatementId(createOidType(ObjectIdentifiers.id_etsi_qcs_QcRetentionPeriod));
    QcStatementValueType statementValue = new QcStatementValueType();
    statementValue.setQcRetentionPeriod(10);
    statement.setStatementValue(statementValue);
    extValue.getQcStatement().add(statement);
    // QC LimitValue
    statement = new QcStatementType();
    statement.setStatementId(createOidType(ObjectIdentifiers.id_etsi_qcs_QcLimitValue));
    statementValue = new QcStatementValueType();
    QcEuLimitValueType euLimit = new QcEuLimitValueType();
    euLimit.setCurrency("EUR");
    Range2Type rangeAmount = new Range2Type();
    int min = 100;
    rangeAmount.setMin(min);
    rangeAmount.setMax(requireRequestExt ? 200 : min);
    euLimit.setAmount(rangeAmount);
    Range2Type rangeExponent = new Range2Type();
    min = 10;
    rangeExponent.setMin(min);
    rangeExponent.setMax(requireRequestExt ? 20 : min);
    euLimit.setExponent(rangeExponent);
    statementValue.setQcEuLimitValue(euLimit);
    statement.setStatementValue(statementValue);
    extValue.getQcStatement().add(statement);
    // QC PDS
    statement = new QcStatementType();
    statement.setStatementId(createOidType(ObjectIdentifiers.id_etsi_qcs_QcPDS));
    extValue.getQcStatement().add(statement);
    statementValue = new QcStatementValueType();
    statement.setStatementValue(statementValue);
    PdsLocationsType pdsLocations = new PdsLocationsType();
    statementValue.setPdsLocations(pdsLocations);
    PdsLocationType pdsLocation = new PdsLocationType();
    pdsLocations.getPdsLocation().add(pdsLocation);
    pdsLocation.setUrl("http://pki.example.org/pds/en");
    pdsLocation.setLanguage("en");
    pdsLocation = new PdsLocationType();
    pdsLocations.getPdsLocation().add(pdsLocation);
    pdsLocation.setUrl("http://pki.example.org/pds/de");
    pdsLocation.setLanguage("de");
    // QC Constant value
    statement = new QcStatementType();
    statement.setStatementId(createOidType(new ASN1ObjectIdentifier("1.2.3.4.5"), "dummy"));
    statementValue = new QcStatementValueType();
    ConstantValueType value = new ConstantValueType();
    try {
        value.setValue(DERNull.INSTANCE.getEncoded());
    } catch (IOException ex) {
        throw new RuntimeException(ex);
    }
    value.setDescription("DER NULL");
    statementValue.setConstant(value);
    statement.setStatementValue(statementValue);
    extValue.getQcStatement().add(statement);
    return createExtensionValueType(extValue);
}
Also used : QcStatements(org.xipki.ca.certprofile.x509.jaxb.QcStatements) ConstantValueType(org.xipki.ca.certprofile.x509.jaxb.ConstantValueType) Range2Type(org.xipki.ca.certprofile.x509.jaxb.Range2Type) QcStatementValueType(org.xipki.ca.certprofile.x509.jaxb.QcStatementValueType) QcStatementType(org.xipki.ca.certprofile.x509.jaxb.QcStatementType) PdsLocationsType(org.xipki.ca.certprofile.x509.jaxb.PdsLocationsType) IOException(java.io.IOException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) QcEuLimitValueType(org.xipki.ca.certprofile.x509.jaxb.QcEuLimitValueType) PdsLocationType(org.xipki.ca.certprofile.x509.jaxb.PdsLocationType)

Example 98 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileExtended.

// method certprofileMaxTime
private static X509ProfileType certprofileExtended() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile extended", X509CertLevel.EndEntity, "5y", false);
    profile.setDuplicateKey(true);
    // Subject
    Subject subject = profile.getSubject();
    subject.setDuplicateSubjectPermitted(true);
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1, new String[] { REGEX_FQDN }, null, null));
    // Extensions
    // Extensions - general
    ExtensionsType extensions = profile.getExtensions();
    // SubjectToSubjectAltName
    extensions.setSubjectToSubjectAltNames(new SubjectToSubjectAltNamesType());
    SubjectToSubjectAltNameType s2sType = new SubjectToSubjectAltNameType();
    extensions.getSubjectToSubjectAltNames().getSubjectToSubjectAltName().add(s2sType);
    s2sType.setSource(createOidType(ObjectIdentifiers.DN_CN));
    s2sType.setTarget(new Target());
    s2sType.getTarget().setDnsName("");
    // Extensions - controls
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - SubjectAltNames
    SubjectAltName subjectAltNameMode = new SubjectAltName();
    subjectAltNameMode.setDnsName("");
    subjectAltNameMode.setIpAddress("");
    ExtensionValueType extensionValue = createExtensionValueType(subjectAltNameMode);
    list.add(createExtension(Extension.subjectAlternativeName, true, false, extensionValue));
    // Extensions - basicConstraints
    extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.DIGITAL_SIGNATURE, KeyUsageEnum.DATA_ENCIPHERMENT, KeyUsageEnum.KEY_ENCIPHERMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_serverAuth }, new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_clientAuth });
    list.add(createExtension(Extension.extendedKeyUsage, true, false, extensionValue));
    // Extensions - tlsFeature
    extensionValue = createTlsFeature(new TlsExtensionType[] { TlsExtensionType.STATUS_REQUEST, TlsExtensionType.CLIENT_CERTIFICATE_URL });
    list.add(createExtension(ObjectIdentifiers.id_pe_tlsfeature, true, true, extensionValue));
    // Extensions - SMIMECapabilities
    extensionValue = createSmimeCapabilities();
    list.add(createExtension(ObjectIdentifiers.id_smimeCapabilities, true, false, extensionValue));
    // Extensions - 1.2.3.4.1 (demo-ca-extraInfo)
    list.add(createExtension(new ASN1ObjectIdentifier("1.2.3.4.1"), true, false, null, "demo-ca-extraInfo"));
    // Extensions - 1.2.3.4.2 (demo-other-namespace)
    String xmlBlock = "<sequence xmlns='urn:extra'>" + "\n          <text>aaa</text>" + "\n          <text>bbb</text>" + "\n        </sequence>";
    Element element;
    try {
        element = XmlUtil.getDocumentElment(xmlBlock.getBytes());
    } catch (IOException | SAXException ex) {
        throw new RuntimeException(ex.getMessage(), ex);
    }
    ExtensionValueType extnValue = new ExtensionValueType();
    extnValue.setAny(element);
    list.add(createExtension(new ASN1ObjectIdentifier("1.2.3.4.2"), true, false, extnValue, "demo-other-namespace"));
    return profile;
}
Also used : TlsExtensionType(org.xipki.security.TlsExtensionType) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) SubjectToSubjectAltNamesType(org.xipki.ca.certprofile.x509.jaxb.SubjectToSubjectAltNamesType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) IOException(java.io.IOException) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum) SAXException(org.xml.sax.SAXException) Target(org.xipki.ca.certprofile.x509.jaxb.SubjectToSubjectAltNameType.Target) SubjectToSubjectAltNameType(org.xipki.ca.certprofile.x509.jaxb.SubjectToSubjectAltNameType) SubjectAltName(org.xipki.ca.certprofile.x509.jaxb.SubjectAltName) ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 99 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileQc.

// method certprofileMultipleValuedRdn
private static X509ProfileType certprofileQc() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile qc", X509CertLevel.EndEntity, "5y", false);
    // Subject
    Subject subject = profile.getSubject();
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_organizationIdentifier, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1));
    // Extensions
    // Extensions - general
    ExtensionsType extensions = profile.getExtensions();
    // Extensions - controls
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, false, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.CONTENT_COMMITMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_timeStamping }, null);
    list.add(createExtension(Extension.extendedKeyUsage, true, true, extensionValue));
    // privateKeyUsagePeriod
    extensionValue = createPrivateKeyUsagePeriod("3y");
    list.add(createExtension(Extension.privateKeyUsagePeriod, true, false, extensionValue));
    // QcStatements
    extensionValue = createQcStatements(false);
    list.add(createExtension(Extension.qCStatements, true, false, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 100 with ASN1ObjectIdentifier

use of com.github.zhenwei.core.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method createKeyAlgorithms.

// method getBaseProfile
private static KeyAlgorithms createKeyAlgorithms(ASN1ObjectIdentifier[] curveIds) {
    KeyAlgorithms ret = new KeyAlgorithms();
    List<AlgorithmType> list = ret.getAlgorithm();
    // RSA
    AlgorithmType algorithm = new AlgorithmType();
    list.add(algorithm);
    algorithm.getAlgorithm().add(createOidType(PKCSObjectIdentifiers.rsaEncryption, "RSA"));
    RSAParameters rsaParams = new RSAParameters();
    algorithm.setParameters(createKeyParametersType(rsaParams));
    RangesType ranges = new RangesType();
    rsaParams.setModulusLength(ranges);
    List<RangeType> modulusLengths = ranges.getRange();
    modulusLengths.add(createRange(1024));
    modulusLengths.add(createRange(2048));
    modulusLengths.add(createRange(3072));
    modulusLengths.add(createRange(4096));
    // DSA
    algorithm = new AlgorithmType();
    list.add(algorithm);
    algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_dsa, "DSA"));
    DSAParameters dsaParams = new DSAParameters();
    algorithm.setParameters(createKeyParametersType(dsaParams));
    ranges = new RangesType();
    dsaParams.setPLength(ranges);
    List<RangeType> plengths = ranges.getRange();
    plengths.add(createRange(1024));
    plengths.add(createRange(2048));
    plengths.add(createRange(3072));
    ranges = new RangesType();
    dsaParams.setQLength(ranges);
    List<RangeType> qlengths = ranges.getRange();
    qlengths.add(createRange(160));
    qlengths.add(createRange(224));
    qlengths.add(createRange(256));
    // EC
    algorithm = new AlgorithmType();
    list.add(algorithm);
    algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_ecPublicKey, "EC"));
    ECParameters ecParams = new ECParameters();
    algorithm.setParameters(createKeyParametersType(ecParams));
    if (curveIds != null && curveIds.length > 0) {
        Curves curves = new Curves();
        ecParams.setCurves(curves);
        for (ASN1ObjectIdentifier curveId : curveIds) {
            String name = AlgorithmUtil.getCurveName(curveId);
            curves.getCurve().add(createOidType(curveId, name));
        }
    }
    ecParams.setPointEncodings(new PointEncodings());
    final Byte unpressed = 4;
    ecParams.getPointEncodings().getPointEncoding().add(unpressed);
    return ret;
}
Also used : RSAParameters(org.xipki.ca.certprofile.x509.jaxb.RSAParameters) KeyAlgorithms(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.KeyAlgorithms) ECParameters(org.xipki.ca.certprofile.x509.jaxb.ECParameters) PointEncodings(org.xipki.ca.certprofile.x509.jaxb.ECParameters.PointEncodings) RangeType(org.xipki.ca.certprofile.x509.jaxb.RangeType) AlgorithmType(org.xipki.ca.certprofile.x509.jaxb.AlgorithmType) RangesType(org.xipki.ca.certprofile.x509.jaxb.RangesType) DSAParameters(org.xipki.ca.certprofile.x509.jaxb.DSAParameters) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) Curves(org.xipki.ca.certprofile.x509.jaxb.ECParameters.Curves)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)545 IOException (java.io.IOException)161 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)126 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)87 DEROctetString (org.bouncycastle.asn1.DEROctetString)87 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)73 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)71 Enumeration (java.util.Enumeration)70 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)70 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)69 ArrayList (java.util.ArrayList)65 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)64 BigInteger (java.math.BigInteger)60 DERSequence (org.bouncycastle.asn1.DERSequence)60 HashSet (java.util.HashSet)57 DERIA5String (org.bouncycastle.asn1.DERIA5String)52 X500Name (org.bouncycastle.asn1.x500.X500Name)52 X509Certificate (java.security.cert.X509Certificate)50 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)47 Extension (org.bouncycastle.asn1.x509.Extension)46