Search in sources :

Example 6 with ASN1Set

use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.

the class PKCS10CertificateSigningRequestTestCase method testValidCSRWithAllOptionalElements.

/**
 * Tests a valid PKCS#10 certificate signing request with an EC public key
 * and all optional elements.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidCSRWithAllOptionalElements() throws Exception {
    final EllipticCurvePublicKey publicKey = new EllipticCurvePublicKey(BigInteger.valueOf(1234567890L), BigInteger.valueOf(9876543210L));
    final ArrayList<ObjectPair<OID, ASN1Set>> nonExtensionAttributes = new ArrayList<>(2);
    nonExtensionAttributes.add(new ObjectPair<>(new OID("1.2.3.4"), new ASN1Set()));
    nonExtensionAttributes.add(new ObjectPair<>(new OID("1.2.3.5"), new ASN1Set()));
    PKCS10CertificateSigningRequest csr = new PKCS10CertificateSigningRequest(PKCS10CertificateSigningRequestVersion.V1, SignatureAlgorithmIdentifier.SHA_256_WITH_ECDSA.getOID(), new ASN1Null(), new ASN1BitString(new boolean[2048]), new DN("CN=ldap.example.com,O=Example Corporation,C=US"), PublicKeyAlgorithmIdentifier.EC.getOID(), new ASN1ObjectIdentifier(NamedCurve.SECP256R1.getOID()), publicKey.encode(), publicKey, nonExtensionAttributes, new SubjectKeyIdentifierExtension(false, new ASN1OctetString("keyIdentifier")), new SubjectAlternativeNameExtension(false, new GeneralNamesBuilder().addDNSName("ldap.example.com").build()));
    assertNotNull(csr.toString());
    assertNotNull(csr.toPEM());
    assertFalse(csr.toPEM().isEmpty());
    assertNotNull(csr.toPEMString());
    csr = new PKCS10CertificateSigningRequest(csr.getPKCS10CertificateSigningRequestBytes());
    assertNotNull(csr.getVersion());
    assertEquals(csr.getVersion(), PKCS10CertificateSigningRequestVersion.V1);
    assertNotNull(csr.getSignatureAlgorithmOID());
    assertEquals(csr.getSignatureAlgorithmOID(), SignatureAlgorithmIdentifier.SHA_256_WITH_ECDSA.getOID());
    assertNotNull(csr.getSignatureAlgorithmName());
    assertEquals(csr.getSignatureAlgorithmName(), "SHA-256 with ECDSA");
    assertNotNull(csr.getSignatureAlgorithmNameOrOID());
    assertEquals(csr.getSignatureAlgorithmNameOrOID(), "SHA-256 with ECDSA");
    assertNotNull(csr.getSignatureAlgorithmParameters());
    assertNotNull(csr.getSubjectDN());
    assertEquals(csr.getSubjectDN(), new DN("CN=ldap.example.com,O=Example Corporation,C=US"));
    assertNotNull(csr.getPublicKeyAlgorithmOID());
    assertEquals(csr.getPublicKeyAlgorithmOID(), PublicKeyAlgorithmIdentifier.EC.getOID());
    assertNotNull(csr.getPublicKeyAlgorithmName());
    assertEquals(csr.getPublicKeyAlgorithmName(), "EC");
    assertNotNull(csr.getPublicKeyAlgorithmNameOrOID());
    assertEquals(csr.getPublicKeyAlgorithmNameOrOID(), "EC");
    assertNotNull(csr.getPublicKeyAlgorithmParameters());
    assertNotNull(csr.getEncodedPublicKey());
    assertNotNull(csr.getDecodedPublicKey());
    assertTrue(csr.getDecodedPublicKey() instanceof EllipticCurvePublicKey);
    assertNotNull(csr.getRequestAttributes());
    assertFalse(csr.getRequestAttributes().isEmpty());
    assertEquals(csr.getRequestAttributes().size(), 3);
    assertNotNull(csr.getExtensions());
    assertFalse(csr.getExtensions().isEmpty());
    assertEquals(csr.getExtensions().size(), 2);
    assertNotNull(csr.getSignatureValue());
    assertNotNull(csr.toString());
    assertNotNull(csr.toPEM());
    assertFalse(csr.toPEM().isEmpty());
    assertNotNull(csr.toPEMString());
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ArrayList(java.util.ArrayList) DN(com.unboundid.ldap.sdk.DN) OID(com.unboundid.util.OID) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ObjectPair(com.unboundid.util.ObjectPair) ASN1Null(com.unboundid.asn1.ASN1Null) Test(org.testng.annotations.Test)

Example 7 with ASN1Set

use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.

the class RouteToBackendSetRequestControlTestCase method testDecodeValueSequenceEmptyFallbackSet.

/**
 * Provides test coverage for the attempt to decode a control whose value
 * sequence contains an empty set of routing hint fallback set IDs.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { LDAPException.class })
public void testDecodeValueSequenceEmptyFallbackSet() throws Exception {
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1OctetString("eb-set"), new ASN1Sequence((byte) 0xA1, new ASN1Set(new ASN1OctetString("first-guess-bs")), new ASN1Set()));
    new RouteToBackendSetRequestControl(new Control("1.3.6.1.4.1.30221.2.5.35", false, new ASN1OctetString(valueSequence.encode())));
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) Control(com.unboundid.ldap.sdk.Control) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) Test(org.testng.annotations.Test)

Example 8 with ASN1Set

use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testDecodeMalformedName.

/**
 * Tests the behavior when trying to decode a DN that includes a malformed RDN
 * element, as well as an attribute type OID that is not defined in the
 * schema.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testDecodeMalformedName() throws Exception {
    final ASN1Sequence dnSequence = new ASN1Sequence(new ASN1Set(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4.5.6.7.8")), new ASN1UTF8String("value"))), new ASN1OctetString("not a valid set"));
    X509Certificate.decodeName(dnSequence);
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1UTF8String(com.unboundid.asn1.ASN1UTF8String) OID(com.unboundid.util.OID) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) Test(org.testng.annotations.Test)

Example 9 with ASN1Set

use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.

the class Attribute method decode.

/**
 * Decodes the provided ASN.1 sequence as an LDAP attribute.
 *
 * @param  encodedAttribute  The ASN.1 sequence to be decoded as an LDAP
 *                           attribute.  It must not be {@code null}.
 *
 * @return  The decoded LDAP attribute.
 *
 * @throws  LDAPException  If a problem occurs while attempting to decode the
 *                         provided ASN.1 sequence as an LDAP attribute.
 */
@NotNull()
public static Attribute decode(@NotNull final ASN1Sequence encodedAttribute) throws LDAPException {
    Validator.ensureNotNull(encodedAttribute);
    final ASN1Element[] elements = encodedAttribute.elements();
    if (elements.length != 2) {
        throw new LDAPException(ResultCode.DECODING_ERROR, ERR_ATTR_DECODE_INVALID_COUNT.get(elements.length));
    }
    final String name = ASN1OctetString.decodeAsOctetString(elements[0]).stringValue();
    final ASN1Set valueSet;
    try {
        valueSet = ASN1Set.decodeAsSet(elements[1]);
    } catch (final ASN1Exception ae) {
        Debug.debugException(ae);
        throw new LDAPException(ResultCode.DECODING_ERROR, ERR_ATTR_DECODE_VALUE_SET.get(StaticUtils.getExceptionMessage(ae)), ae);
    }
    final ASN1OctetString[] values = new ASN1OctetString[valueSet.elements().length];
    for (int i = 0; i < values.length; i++) {
        values[i] = ASN1OctetString.decodeAsOctetString(valueSet.elements()[i]);
    }
    return new Attribute(name, CaseIgnoreStringMatchingRule.getInstance(), values);
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1Exception(com.unboundid.asn1.ASN1Exception) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) NotNull(com.unboundid.util.NotNull)

Example 10 with ASN1Set

use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.

the class CRLDistributionPoint method encode.

/**
 * Encodes this CRL distribution point to an ASN.1 element.
 *
 * @return  The encoded CRL distribution point.
 *
 * @throws  CertException  If a problem is encountered while encoding this
 *                         CRL distribution point.
 */
@NotNull()
ASN1Element encode() throws CertException {
    final ArrayList<ASN1Element> elements = new ArrayList<>(3);
    ASN1Element distributionPointElement = null;
    if (fullName != null) {
        distributionPointElement = new ASN1Element(TYPE_FULL_NAME, fullName.encode().getValue());
    } else if (nameRelativeToCRLIssuer != null) {
        final Schema schema;
        try {
            schema = Schema.getDefaultStandardSchema();
        } catch (final Exception e) {
            Debug.debugException(e);
            throw new CertException(ERR_CRL_DP_ENCODE_CANNOT_GET_SCHEMA.get(toString(), String.valueOf(nameRelativeToCRLIssuer), StaticUtils.getExceptionMessage(e)), e);
        }
        final String[] names = nameRelativeToCRLIssuer.getAttributeNames();
        final String[] values = nameRelativeToCRLIssuer.getAttributeValues();
        final ArrayList<ASN1Element> rdnElements = new ArrayList<>(names.length);
        for (int i = 0; i < names.length; i++) {
            final AttributeTypeDefinition at = schema.getAttributeType(names[i]);
            if (at == null) {
                throw new CertException(ERR_CRL_DP_ENCODE_UNKNOWN_ATTR_TYPE.get(toString(), String.valueOf(nameRelativeToCRLIssuer), names[i]));
            }
            try {
                rdnElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(at.getOID()), new ASN1UTF8String(values[i])));
            } catch (final Exception e) {
                Debug.debugException(e);
                throw new CertException(ERR_CRL_DP_ENCODE_ERROR.get(toString(), String.valueOf(nameRelativeToCRLIssuer), StaticUtils.getExceptionMessage(e)), e);
            }
        }
        distributionPointElement = new ASN1Set(TYPE_NAME_RELATIVE_TO_CRL_ISSUER, rdnElements);
    }
    if (distributionPointElement != null) {
        elements.add(new ASN1Element(TYPE_DISTRIBUTION_POINT, distributionPointElement.encode()));
    }
    if (!revocationReasons.equals(EnumSet.allOf(CRLDistributionPointRevocationReason.class))) {
        elements.add(CRLDistributionPointRevocationReason.toBitString(TYPE_REASONS, revocationReasons));
    }
    if (crlIssuer != null) {
        elements.add(new ASN1Element(TYPE_CRL_ISSUER, crlIssuer.encode().getValue()));
    }
    return new ASN1Sequence(elements);
}
Also used : AttributeTypeDefinition(com.unboundid.ldap.sdk.schema.AttributeTypeDefinition) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1UTF8String(com.unboundid.asn1.ASN1UTF8String) ASN1Element(com.unboundid.asn1.ASN1Element) Schema(com.unboundid.ldap.sdk.schema.Schema) ArrayList(java.util.ArrayList) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) NotNull(com.unboundid.util.NotNull)

Aggregations

ASN1Set (org.bouncycastle.asn1.ASN1Set)67 ArrayList (java.util.ArrayList)51 IOException (java.io.IOException)34 ASN1Set (com.unboundid.asn1.ASN1Set)33 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)30 ASN1Sequence (com.unboundid.asn1.ASN1Sequence)30 ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)26 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)22 ASN1Element (com.unboundid.asn1.ASN1Element)21 NotNull (com.unboundid.util.NotNull)21 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)19 List (java.util.List)17 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)17 DEROctetString (org.bouncycastle.asn1.DEROctetString)16 Enumeration (java.util.Enumeration)15 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)14 OutputStream (java.io.OutputStream)12 Test (org.testng.annotations.Test)12 AlgorithmIdentifier (com.github.zhenwei.core.asn1.x509.AlgorithmIdentifier)11 ASN1Enumerated (com.unboundid.asn1.ASN1Enumerated)11