Examples with GeneralNames com.github.zhenwei.core.asn1.x509.GeneralNames used on opensource projects

Search in sources :

Example 71 with GeneralNames

use of com.github.zhenwei.core.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class DDistributionPointsChooser method okPressed.

private void okPressed() {
    DistributionPointName distributionPointName;
    ReasonFlags reasonFlags = null;
    int reasons = 0;
    if (jcbKeyCompromise.isSelected()) {
        reasons = reasons | ReasonFlags.keyCompromise;
    }
    if (jcbCACompromise.isSelected()) {
        reasons = reasons | ReasonFlags.cACompromise;
    }
    if (jcbAffiliationChanged.isSelected()) {
        reasons = reasons | ReasonFlags.affiliationChanged;
    }
    if (jcbSuperseded.isSelected()) {
        reasons = reasons | ReasonFlags.superseded;
    }
    if (jcbCessationOfOperation.isSelected()) {
        reasons = reasons | ReasonFlags.cessationOfOperation;
    }
    if (jcbCertificateHold.isSelected()) {
        reasons = reasons | ReasonFlags.certificateHold;
    }
    if (jcbPrivilegeWithdrawn.isSelected()) {
        reasons = reasons | ReasonFlags.privilegeWithdrawn;
    }
    if (jcbAACompromise.isSelected()) {
        reasons = reasons | ReasonFlags.aACompromise;
    }
    if (reasons > 0) {
        reasonFlags = new ReasonFlags(reasons);
    }
    if (jgnDistributionPointFullName.getGeneralNames().getNames().length == 0) {
        JOptionPane.showMessageDialog(this, res.getString("DDistributionPointsChooser.DistributionPointFullNameNumberNonZero.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    } else {
        distributionPointName = new DistributionPointName(jgnDistributionPointFullName.getGeneralNames());
    }
    GeneralNames cRLIssuer = null;
    if (jgnDistributionPointCrlIssuer.getGeneralNames().getNames().length > 0) {
        cRLIssuer = jgnDistributionPointCrlIssuer.getGeneralNames();
    }
    distributionPoint = new DistributionPoint(distributionPointName, reasonFlags, cRLIssuer);
    closeDialog();
}
Also used : JGeneralNames(org.kse.gui.crypto.generalname.JGeneralNames) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) ReasonFlags(org.bouncycastle.asn1.x509.ReasonFlags) DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)

Example 72 with GeneralNames

use of com.github.zhenwei.core.asn1.x509.GeneralNames in project zookeeper by apache.

the class QuorumSSLTest method buildEndEntityCert.

public X509Certificate buildEndEntityCert(KeyPair keyPair, X509Certificate caCert, PrivateKey caPrivateKey, String hostname, String ipAddress, String crlPath, Integer ocspPort) throws Exception {
    X509CertificateHolder holder = new JcaX509CertificateHolder(caCert);
    ContentSigner signer = new JcaContentSignerBuilder("SHA256WithRSAEncryption").build(caPrivateKey);
    List<GeneralName> generalNames = new ArrayList<>();
    if (hostname != null) {
        generalNames.add(new GeneralName(GeneralName.dNSName, hostname));
    }
    if (ipAddress != null) {
        generalNames.add(new GeneralName(GeneralName.iPAddress, ipAddress));
    }
    SubjectPublicKeyInfo entityKeyInfo = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(PublicKeyFactory.createKey(keyPair.getPublic().getEncoded()));
    X509ExtensionUtils extensionUtils = new BcX509ExtensionUtils();
    JcaX509v3CertificateBuilder jcaX509v3CertificateBuilder = new JcaX509v3CertificateBuilder(holder.getSubject(), new BigInteger(128, new Random()), certStartTime, certEndTime, new X500Name("CN=Test End Entity Certificate"), keyPair.getPublic());
    X509v3CertificateBuilder certificateBuilder = jcaX509v3CertificateBuilder.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(holder)).addExtension(Extension.subjectKeyIdentifier, false, extensionUtils.createSubjectKeyIdentifier(entityKeyInfo)).addExtension(Extension.basicConstraints, true, new BasicConstraints(false)).addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));
    if (!generalNames.isEmpty()) {
        certificateBuilder.addExtension(Extension.subjectAlternativeName, true, new GeneralNames(generalNames.toArray(new GeneralName[] {})));
    }
    if (crlPath != null) {
        DistributionPointName distPointOne = new DistributionPointName(new GeneralNames(new GeneralName(GeneralName.uniformResourceIdentifier, "file://" + crlPath)));
        certificateBuilder.addExtension(Extension.cRLDistributionPoints, false, new CRLDistPoint(new DistributionPoint[] { new DistributionPoint(distPointOne, null, null) }));
    }
    if (ocspPort != null) {
        certificateBuilder.addExtension(Extension.authorityInfoAccess, false, new AuthorityInformationAccess(X509ObjectIdentifiers.ocspAccessMethod, new GeneralName(GeneralName.uniformResourceIdentifier, "http://" + hostname + ":" + ocspPort)));
    }
    return new JcaX509CertificateConverter().getCertificate(certificateBuilder.build(signer));
}
Also used : AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) ArrayList(java.util.ArrayList) DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName) KeyUsage(org.bouncycastle.asn1.x509.KeyUsage) X500Name(org.bouncycastle.asn1.x500.X500Name) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Random(java.util.Random) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder) BigInteger(java.math.BigInteger) GeneralName(org.bouncycastle.asn1.x509.GeneralName) BcX509ExtensionUtils(org.bouncycastle.cert.bc.BcX509ExtensionUtils) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) X509ExtensionUtils(org.bouncycastle.cert.X509ExtensionUtils) BcX509ExtensionUtils(org.bouncycastle.cert.bc.BcX509ExtensionUtils) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)

Example 73 with GeneralNames

use of com.github.zhenwei.core.asn1.x509.GeneralNames in project jmulticard by ctt-gob-es.

the class X509CRLHolder method init.

private void init(CertificateList x509CRL) {
    this.x509CRL = x509CRL;
    this.extensions = x509CRL.getTBSCertList().getExtensions();
    this.isIndirect = isIndirectCRL(extensions);
    this.issuerName = new GeneralNames(new GeneralName(x509CRL.getIssuer()));
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Example 74 with GeneralNames

use of com.github.zhenwei.core.asn1.x509.GeneralNames in project signer by demoiselle.

the class SigningCertificate method getValue.

@Override
public Attribute getValue() {
    try {
        X509Certificate cert = (X509Certificate) certificates[0];
        Digest digest = DigestFactory.getInstance().factoryDefault();
        digest.setAlgorithm(DigestAlgorithmEnum.SHA_1);
        byte[] hash = digest.digest(cert.getEncoded());
        X500Name dirName = new X500Name(cert.getSubjectDN().getName());
        GeneralName name = new GeneralName(dirName);
        GeneralNames issuer = new GeneralNames(name);
        ASN1Integer serial = new ASN1Integer(cert.getSerialNumber());
        IssuerSerial issuerSerial = new IssuerSerial(issuer, serial);
        ESSCertID essCertId = new ESSCertID(hash, issuerSerial);
        return new Attribute(identifier, new DERSet(new DERSequence(new ASN1Encodable[] { new DERSequence(essCertId), new DERSequence(DERNull.INSTANCE) })));
    } catch (CertificateEncodingException ex) {
        throw new SignerException(ex.getMessage());
    }
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) Digest(org.demoiselle.signer.cryptography.Digest) SignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedAttribute) Attribute(org.bouncycastle.asn1.cms.Attribute) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DERSet(org.bouncycastle.asn1.DERSet) X509Certificate(java.security.cert.X509Certificate) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) ESSCertID(org.bouncycastle.asn1.ess.ESSCertID) GeneralName(org.bouncycastle.asn1.x509.GeneralName) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException)

Example 75 with GeneralNames

use of com.github.zhenwei.core.asn1.x509.GeneralNames in project signer by demoiselle.

the class CertificateRefs method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        int chainSize = certificates.length - 1;
        OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];
        for (int i = 1; i <= chainSize; i++) {
            X509Certificate issuerCert = null;
            X509Certificate cert = (X509Certificate) certificates[i];
            if (i < chainSize) {
                issuerCert = (X509Certificate) certificates[i + 1];
            } else {
                // raiz
                issuerCert = (X509Certificate) certificates[i];
            }
            Digest digest = DigestFactory.getInstance().factoryDefault();
            digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
            byte[] certHash = digest.digest(cert.getEncoded());
            // X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
            X500Name dirName = new JcaX509CertificateHolder(issuerCert).getSubject();
            GeneralName name = new GeneralName(dirName);
            GeneralNames issuer = new GeneralNames(name);
            ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
            IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
            AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
            OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
            arrayOtherCertID[i - 1] = otherCertID;
        }
        return new Attribute(identifier, new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
    } catch (CertificateEncodingException e) {
        throw new SignerException(e.getMessage());
    }
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) Digest(org.demoiselle.signer.cryptography.Digest) Attribute(org.bouncycastle.asn1.cms.Attribute) UnsignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.UnsignedAttribute) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) DERSet(org.bouncycastle.asn1.DERSet) X509Certificate(java.security.cert.X509Certificate) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) OtherCertID(org.bouncycastle.asn1.ess.OtherCertID) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException)

Aggregations

GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)140 GeneralName (org.bouncycastle.asn1.x509.GeneralName)124 IOException (java.io.IOException)68 X509Certificate (java.security.cert.X509Certificate)46 X500Name (org.bouncycastle.asn1.x500.X500Name)45 ContentSigner (org.bouncycastle.operator.ContentSigner)41 ArrayList (java.util.ArrayList)40 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)40 BigInteger (java.math.BigInteger)33 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)32 List (java.util.List)27 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)27 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)27 Date (java.util.Date)26 JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)26 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)25 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)23 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)23 X500Principal (javax.security.auth.x500.X500Principal)22 DERIA5String (org.bouncycastle.asn1.DERIA5String)20
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial