use of com.github.zhenwei.core.asn1.pkcs.Attribute in project xipki by xipki.
the class CaUtil method getExtensions.
public static Extensions getExtensions(CertificationRequestInfo csr) {
ParamUtil.requireNonNull("csr", csr);
ASN1Set attrs = csr.getAttributes();
for (int i = 0; i < attrs.size(); i++) {
Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) {
return Extensions.getInstance(attr.getAttributeValues()[0]);
}
}
return null;
}
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project xipki by xipki.
the class CheckCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
Set<String> issuerNames = qaSystemManager.getIssuerNames();
if (isEmpty(issuerNames)) {
throw new IllegalCmdParamException("no issuer is configured");
}
if (issuerName == null) {
if (issuerNames.size() != 1) {
throw new IllegalCmdParamException("no issuer is specified");
}
issuerName = issuerNames.iterator().next();
}
if (!issuerNames.contains(issuerName)) {
throw new IllegalCmdParamException("issuer " + issuerName + " is not within the configured issuers " + issuerNames);
}
X509IssuerInfo issuerInfo = qaSystemManager.getIssuer(issuerName);
X509CertprofileQa qa = qaSystemManager.getCertprofile(profileName);
if (qa == null) {
throw new IllegalCmdParamException("found no certificate profile named '" + profileName + "'");
}
CertificationRequest csr = CertificationRequest.getInstance(IoUtil.read(csrFile));
Extensions extensions = null;
CertificationRequestInfo reqInfo = csr.getCertificationRequestInfo();
ASN1Set attrs = reqInfo.getAttributes();
for (int i = 0; i < attrs.size(); i++) {
Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) {
extensions = Extensions.getInstance(attr.getAttributeValues()[0]);
}
}
byte[] certBytes = IoUtil.read(certFile);
ValidationResult result = qa.checkCert(certBytes, issuerInfo, reqInfo.getSubject(), reqInfo.getSubjectPublicKeyInfo(), extensions);
StringBuilder sb = new StringBuilder();
sb.append(certFile).append(" (certprofile ").append(profileName).append(")\n");
sb.append("\tcertificate is ");
sb.append(result.isAllSuccessful() ? "valid" : "invalid");
if (verbose.booleanValue()) {
for (ValidationIssue issue : result.getValidationIssues()) {
sb.append("\n");
format(issue, " ", sb);
}
}
println(sb.toString());
if (!result.isAllSuccessful()) {
throw new CmdFailure("certificate is invalid");
}
return null;
}
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project certmgr by hdecarne.
the class PKCS10CertificateRequest method fromPKCS10.
/**
* Construct {@code PKCS10CertificateRequest} from a PKCS#10 object.
*
* @param pkcs10 The PCKS#10 object.
* @return The constructed {@code PKCS10CertificateRequest}.
* @throws IOException if an I/O error occurs while accessing the PKCS#10 object.
*/
public static PKCS10CertificateRequest fromPKCS10(PKCS10CertificationRequest pkcs10) throws IOException {
JcaPKCS10CertificationRequest csr;
X500Principal subject;
PublicKey publicKey;
Map<String, byte[]> criticalExtensions = new HashMap<>();
Map<String, byte[]> nonCriticalExtensions = new HashMap<>();
try {
if (pkcs10 instanceof JcaPKCS10CertificationRequest) {
csr = (JcaPKCS10CertificationRequest) pkcs10;
} else {
csr = new JcaPKCS10CertificationRequest(pkcs10);
}
subject = new X500Principal(csr.getSubject().getEncoded());
publicKey = csr.getPublicKey();
Attribute[] extensionAttributes = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
if (extensionAttributes != null) {
for (Attribute extensionAttribute : extensionAttributes) {
ASN1Encodable[] values = extensionAttribute.getAttributeValues();
if (values != null) {
for (ASN1Encodable value : values) {
ASN1Primitive[] extensionPrimitives = decodeSequence(value.toASN1Primitive(), 0, Integer.MAX_VALUE);
for (ASN1Primitive extensionPrimitive : extensionPrimitives) {
ASN1Primitive[] sequence = decodeSequence(extensionPrimitive, 2, 3);
String extensionOID = decodePrimitive(sequence[0], ASN1ObjectIdentifier.class).getId();
boolean criticalFlag = true;
byte[] extensionData;
if (sequence.length == 3) {
criticalFlag = decodePrimitive(sequence[1], ASN1Boolean.class).isTrue();
extensionData = sequence[2].getEncoded();
} else {
extensionData = sequence[1].getEncoded();
}
if (criticalFlag) {
criticalExtensions.put(extensionOID, extensionData);
} else {
nonCriticalExtensions.put(extensionOID, extensionData);
}
}
}
}
}
}
} catch (GeneralSecurityException e) {
throw new CertProviderException(e);
}
return new PKCS10CertificateRequest(csr, subject, publicKey, criticalExtensions, nonCriticalExtensions);
}
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project keystore-explorer by kaikramer.
the class Pkcs10Util method getExtensions.
/**
* Extract sequence with extensions from CSR
*
* @param pkcs10Csr The CSR
* @return Extensions from that CSR (if any)
*/
public static X509ExtensionSet getExtensions(PKCS10CertificationRequest pkcs10Csr) {
Attribute[] attributes = pkcs10Csr.getAttributes(pkcs_9_at_extensionRequest);
X509ExtensionSet x509ExtensionSet = new X509ExtensionSet();
if ((attributes != null) && (attributes.length > 0)) {
ASN1Encodable[] attributeValues = attributes[0].getAttributeValues();
if (attributeValues.length > 0) {
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(attributeValues[0]);
x509ExtensionSet = new X509ExtensionSet(asn1Sequence);
}
}
return x509ExtensionSet;
}
use of com.github.zhenwei.core.asn1.pkcs.Attribute in project keystore-explorer by kaikramer.
the class DViewCsr method populatePkcs10CsrDetails.
private void populatePkcs10CsrDetails() throws CryptoException {
jtfFormat.setText(res.getString("DViewCsr.jtfFormat.Pkcs10.text"));
jtfFormat.setCaretPosition(0);
jdnSubject.setDistinguishedName(pkcs10Csr.getSubject());
jbPem.setEnabled(true);
jbAsn1.setEnabled(true);
Attribute[] extReqAttr = pkcs10Csr.getAttributes(pkcs_9_at_extensionRequest);
if (extReqAttr != null && extReqAttr.length > 0) {
jbExtensions.setEnabled(true);
} else {
jbExtensions.setEnabled(false);
}
DialogHelper.populatePkcs10Challenge(pkcs10Csr.getAttributes(), jtfChallenge);
DialogHelper.populatePkcs10UnstructuredName(pkcs10Csr.getAttributes(), jtfUnstructuredName);
populatePublicKey(getPkcs10PublicKey());
String sigAlgId = pkcs10Csr.getSignatureAlgorithm().getAlgorithm().getId();
byte[] sigAlgParamsEncoded = extractSigAlgParams();
SignatureType sigAlg = SignatureType.resolveOid(sigAlgId, sigAlgParamsEncoded);
if (sigAlg != null) {
jtfSignatureAlgorithm.setText(sigAlg.friendly());
} else {
jtfSignatureAlgorithm.setText(sigAlgId);
}
jtfSignatureAlgorithm.setCaretPosition(0);
}
Aggregations