use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.
the class PKCS10CertificateSigningRequestTestCase method testValidCSRWithAllOptionalElements.
/**
* Tests a valid PKCS#10 certificate signing request with an EC public key
* and all optional elements.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test()
public void testValidCSRWithAllOptionalElements() throws Exception {
final EllipticCurvePublicKey publicKey = new EllipticCurvePublicKey(BigInteger.valueOf(1234567890L), BigInteger.valueOf(9876543210L));
final ArrayList<ObjectPair<OID, ASN1Set>> nonExtensionAttributes = new ArrayList<>(2);
nonExtensionAttributes.add(new ObjectPair<>(new OID("1.2.3.4"), new ASN1Set()));
nonExtensionAttributes.add(new ObjectPair<>(new OID("1.2.3.5"), new ASN1Set()));
PKCS10CertificateSigningRequest csr = new PKCS10CertificateSigningRequest(PKCS10CertificateSigningRequestVersion.V1, SignatureAlgorithmIdentifier.SHA_256_WITH_ECDSA.getOID(), new ASN1Null(), new ASN1BitString(new boolean[2048]), new DN("CN=ldap.example.com,O=Example Corporation,C=US"), PublicKeyAlgorithmIdentifier.EC.getOID(), new ASN1ObjectIdentifier(NamedCurve.SECP256R1.getOID()), publicKey.encode(), publicKey, nonExtensionAttributes, new SubjectKeyIdentifierExtension(false, new ASN1OctetString("keyIdentifier")), new SubjectAlternativeNameExtension(false, new GeneralNamesBuilder().addDNSName("ldap.example.com").build()));
assertNotNull(csr.toString());
assertNotNull(csr.toPEM());
assertFalse(csr.toPEM().isEmpty());
assertNotNull(csr.toPEMString());
csr = new PKCS10CertificateSigningRequest(csr.getPKCS10CertificateSigningRequestBytes());
assertNotNull(csr.getVersion());
assertEquals(csr.getVersion(), PKCS10CertificateSigningRequestVersion.V1);
assertNotNull(csr.getSignatureAlgorithmOID());
assertEquals(csr.getSignatureAlgorithmOID(), SignatureAlgorithmIdentifier.SHA_256_WITH_ECDSA.getOID());
assertNotNull(csr.getSignatureAlgorithmName());
assertEquals(csr.getSignatureAlgorithmName(), "SHA-256 with ECDSA");
assertNotNull(csr.getSignatureAlgorithmNameOrOID());
assertEquals(csr.getSignatureAlgorithmNameOrOID(), "SHA-256 with ECDSA");
assertNotNull(csr.getSignatureAlgorithmParameters());
assertNotNull(csr.getSubjectDN());
assertEquals(csr.getSubjectDN(), new DN("CN=ldap.example.com,O=Example Corporation,C=US"));
assertNotNull(csr.getPublicKeyAlgorithmOID());
assertEquals(csr.getPublicKeyAlgorithmOID(), PublicKeyAlgorithmIdentifier.EC.getOID());
assertNotNull(csr.getPublicKeyAlgorithmName());
assertEquals(csr.getPublicKeyAlgorithmName(), "EC");
assertNotNull(csr.getPublicKeyAlgorithmNameOrOID());
assertEquals(csr.getPublicKeyAlgorithmNameOrOID(), "EC");
assertNotNull(csr.getPublicKeyAlgorithmParameters());
assertNotNull(csr.getEncodedPublicKey());
assertNotNull(csr.getDecodedPublicKey());
assertTrue(csr.getDecodedPublicKey() instanceof EllipticCurvePublicKey);
assertNotNull(csr.getRequestAttributes());
assertFalse(csr.getRequestAttributes().isEmpty());
assertEquals(csr.getRequestAttributes().size(), 3);
assertNotNull(csr.getExtensions());
assertFalse(csr.getExtensions().isEmpty());
assertEquals(csr.getExtensions().size(), 2);
assertNotNull(csr.getSignatureValue());
assertNotNull(csr.toString());
assertNotNull(csr.toPEM());
assertFalse(csr.toPEM().isEmpty());
assertNotNull(csr.toPEMString());
}
use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.
the class RouteToBackendSetRequestControlTestCase method testDecodeValueSequenceEmptyFallbackSet.
/**
* Provides test coverage for the attempt to decode a control whose value
* sequence contains an empty set of routing hint fallback set IDs.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { LDAPException.class })
public void testDecodeValueSequenceEmptyFallbackSet() throws Exception {
final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1OctetString("eb-set"), new ASN1Sequence((byte) 0xA1, new ASN1Set(new ASN1OctetString("first-guess-bs")), new ASN1Set()));
new RouteToBackendSetRequestControl(new Control("1.3.6.1.4.1.30221.2.5.35", false, new ASN1OctetString(valueSequence.encode())));
}
use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testDecodeMalformedName.
/**
* Tests the behavior when trying to decode a DN that includes a malformed RDN
* element, as well as an attribute type OID that is not defined in the
* schema.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testDecodeMalformedName() throws Exception {
final ASN1Sequence dnSequence = new ASN1Sequence(new ASN1Set(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4.5.6.7.8")), new ASN1UTF8String("value"))), new ASN1OctetString("not a valid set"));
X509Certificate.decodeName(dnSequence);
}
use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.
the class Attribute method decode.
/**
* Decodes the provided ASN.1 sequence as an LDAP attribute.
*
* @param encodedAttribute The ASN.1 sequence to be decoded as an LDAP
* attribute. It must not be {@code null}.
*
* @return The decoded LDAP attribute.
*
* @throws LDAPException If a problem occurs while attempting to decode the
* provided ASN.1 sequence as an LDAP attribute.
*/
@NotNull()
public static Attribute decode(@NotNull final ASN1Sequence encodedAttribute) throws LDAPException {
Validator.ensureNotNull(encodedAttribute);
final ASN1Element[] elements = encodedAttribute.elements();
if (elements.length != 2) {
throw new LDAPException(ResultCode.DECODING_ERROR, ERR_ATTR_DECODE_INVALID_COUNT.get(elements.length));
}
final String name = ASN1OctetString.decodeAsOctetString(elements[0]).stringValue();
final ASN1Set valueSet;
try {
valueSet = ASN1Set.decodeAsSet(elements[1]);
} catch (final ASN1Exception ae) {
Debug.debugException(ae);
throw new LDAPException(ResultCode.DECODING_ERROR, ERR_ATTR_DECODE_VALUE_SET.get(StaticUtils.getExceptionMessage(ae)), ae);
}
final ASN1OctetString[] values = new ASN1OctetString[valueSet.elements().length];
for (int i = 0; i < values.length; i++) {
values[i] = ASN1OctetString.decodeAsOctetString(valueSet.elements()[i]);
}
return new Attribute(name, CaseIgnoreStringMatchingRule.getInstance(), values);
}
use of com.github.zhenwei.core.asn1.ASN1Set in project ldapsdk by pingidentity.
the class CRLDistributionPoint method encode.
/**
* Encodes this CRL distribution point to an ASN.1 element.
*
* @return The encoded CRL distribution point.
*
* @throws CertException If a problem is encountered while encoding this
* CRL distribution point.
*/
@NotNull()
ASN1Element encode() throws CertException {
final ArrayList<ASN1Element> elements = new ArrayList<>(3);
ASN1Element distributionPointElement = null;
if (fullName != null) {
distributionPointElement = new ASN1Element(TYPE_FULL_NAME, fullName.encode().getValue());
} else if (nameRelativeToCRLIssuer != null) {
final Schema schema;
try {
schema = Schema.getDefaultStandardSchema();
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CRL_DP_ENCODE_CANNOT_GET_SCHEMA.get(toString(), String.valueOf(nameRelativeToCRLIssuer), StaticUtils.getExceptionMessage(e)), e);
}
final String[] names = nameRelativeToCRLIssuer.getAttributeNames();
final String[] values = nameRelativeToCRLIssuer.getAttributeValues();
final ArrayList<ASN1Element> rdnElements = new ArrayList<>(names.length);
for (int i = 0; i < names.length; i++) {
final AttributeTypeDefinition at = schema.getAttributeType(names[i]);
if (at == null) {
throw new CertException(ERR_CRL_DP_ENCODE_UNKNOWN_ATTR_TYPE.get(toString(), String.valueOf(nameRelativeToCRLIssuer), names[i]));
}
try {
rdnElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(at.getOID()), new ASN1UTF8String(values[i])));
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CRL_DP_ENCODE_ERROR.get(toString(), String.valueOf(nameRelativeToCRLIssuer), StaticUtils.getExceptionMessage(e)), e);
}
}
distributionPointElement = new ASN1Set(TYPE_NAME_RELATIVE_TO_CRL_ISSUER, rdnElements);
}
if (distributionPointElement != null) {
elements.add(new ASN1Element(TYPE_DISTRIBUTION_POINT, distributionPointElement.encode()));
}
if (!revocationReasons.equals(EnumSet.allOf(CRLDistributionPointRevocationReason.class))) {
elements.add(CRLDistributionPointRevocationReason.toBitString(TYPE_REASONS, revocationReasons));
}
if (crlIssuer != null) {
elements.add(new ASN1Element(TYPE_CRL_ISSUER, crlIssuer.encode().getValue()));
}
return new ASN1Sequence(elements);
}
Aggregations