Examples with ASN1Set com.unboundid.asn1.ASN1Set used on opensource projects

Example 6 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class PKCS10CertificateSigningRequestTestCase method testValidCSRWithAllOptionalElements.

/**
 * Tests a valid PKCS#10 certificate signing request with an EC public key
 * and all optional elements.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test()
public void testValidCSRWithAllOptionalElements() throws Exception {
    final EllipticCurvePublicKey publicKey = new EllipticCurvePublicKey(BigInteger.valueOf(1234567890L), BigInteger.valueOf(9876543210L));
    final ArrayList<ObjectPair<OID, ASN1Set>> nonExtensionAttributes = new ArrayList<>(2);
    nonExtensionAttributes.add(new ObjectPair<>(new OID("1.2.3.4"), new ASN1Set()));
    nonExtensionAttributes.add(new ObjectPair<>(new OID("1.2.3.5"), new ASN1Set()));
    PKCS10CertificateSigningRequest csr = new PKCS10CertificateSigningRequest(PKCS10CertificateSigningRequestVersion.V1, SignatureAlgorithmIdentifier.SHA_256_WITH_ECDSA.getOID(), new ASN1Null(), new ASN1BitString(new boolean[2048]), new DN("CN=ldap.example.com,O=Example Corporation,C=US"), PublicKeyAlgorithmIdentifier.EC.getOID(), new ASN1ObjectIdentifier(NamedCurve.SECP256R1.getOID()), publicKey.encode(), publicKey, nonExtensionAttributes, new SubjectKeyIdentifierExtension(false, new ASN1OctetString("keyIdentifier")), new SubjectAlternativeNameExtension(false, new GeneralNamesBuilder().addDNSName("ldap.example.com").build()));
    assertNotNull(csr.toString());
    assertNotNull(csr.toPEM());
    assertFalse(csr.toPEM().isEmpty());
    assertNotNull(csr.toPEMString());
    csr = new PKCS10CertificateSigningRequest(csr.getPKCS10CertificateSigningRequestBytes());
    assertNotNull(csr.getVersion());
    assertEquals(csr.getVersion(), PKCS10CertificateSigningRequestVersion.V1);
    assertNotNull(csr.getSignatureAlgorithmOID());
    assertEquals(csr.getSignatureAlgorithmOID(), SignatureAlgorithmIdentifier.SHA_256_WITH_ECDSA.getOID());
    assertNotNull(csr.getSignatureAlgorithmName());
    assertEquals(csr.getSignatureAlgorithmName(), "SHA-256 with ECDSA");
    assertNotNull(csr.getSignatureAlgorithmNameOrOID());
    assertEquals(csr.getSignatureAlgorithmNameOrOID(), "SHA-256 with ECDSA");
    assertNotNull(csr.getSignatureAlgorithmParameters());
    assertNotNull(csr.getSubjectDN());
    assertEquals(csr.getSubjectDN(), new DN("CN=ldap.example.com,O=Example Corporation,C=US"));
    assertNotNull(csr.getPublicKeyAlgorithmOID());
    assertEquals(csr.getPublicKeyAlgorithmOID(), PublicKeyAlgorithmIdentifier.EC.getOID());
    assertNotNull(csr.getPublicKeyAlgorithmName());
    assertEquals(csr.getPublicKeyAlgorithmName(), "EC");
    assertNotNull(csr.getPublicKeyAlgorithmNameOrOID());
    assertEquals(csr.getPublicKeyAlgorithmNameOrOID(), "EC");
    assertNotNull(csr.getPublicKeyAlgorithmParameters());
    assertNotNull(csr.getEncodedPublicKey());
    assertNotNull(csr.getDecodedPublicKey());
    assertTrue(csr.getDecodedPublicKey() instanceof EllipticCurvePublicKey);
    assertNotNull(csr.getRequestAttributes());
    assertFalse(csr.getRequestAttributes().isEmpty());
    assertEquals(csr.getRequestAttributes().size(), 3);
    assertNotNull(csr.getExtensions());
    assertFalse(csr.getExtensions().isEmpty());
    assertEquals(csr.getExtensions().size(), 2);
    assertNotNull(csr.getSignatureValue());
    assertNotNull(csr.toString());
    assertNotNull(csr.toPEM());
    assertFalse(csr.toPEM().isEmpty());
    assertNotNull(csr.toPEMString());
}

Example 7 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class RouteToBackendSetRequestControlTestCase method testDecodeValueSequenceEmptyFallbackSet.

/**
 * Provides test coverage for the attempt to decode a control whose value
 * sequence contains an empty set of routing hint fallback set IDs.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { LDAPException.class })
public void testDecodeValueSequenceEmptyFallbackSet() throws Exception {
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1OctetString("eb-set"), new ASN1Sequence((byte) 0xA1, new ASN1Set(new ASN1OctetString("first-guess-bs")), new ASN1Set()));
    new RouteToBackendSetRequestControl(new Control("1.3.6.1.4.1.30221.2.5.35", false, new ASN1OctetString(valueSequence.encode())));
}

Example 8 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testDecodeMalformedName.

/**
 * Tests the behavior when trying to decode a DN that includes a malformed RDN
 * element, as well as an attribute type OID that is not defined in the
 * schema.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testDecodeMalformedName() throws Exception {
    final ASN1Sequence dnSequence = new ASN1Sequence(new ASN1Set(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4.5.6.7.8")), new ASN1UTF8String("value"))), new ASN1OctetString("not a valid set"));
    X509Certificate.decodeName(dnSequence);
}

Example 9 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class Attribute method decode.

/**
 * Decodes the provided ASN.1 sequence as an LDAP attribute.
 *
 * @param  encodedAttribute  The ASN.1 sequence to be decoded as an LDAP
 *                           attribute.  It must not be {@code null}.
 *
 * @return  The decoded LDAP attribute.
 *
 * @throws  LDAPException  If a problem occurs while attempting to decode the
 *                         provided ASN.1 sequence as an LDAP attribute.
 */
@NotNull()
public static Attribute decode(@NotNull final ASN1Sequence encodedAttribute) throws LDAPException {
    Validator.ensureNotNull(encodedAttribute);
    final ASN1Element[] elements = encodedAttribute.elements();
    if (elements.length != 2) {
        throw new LDAPException(ResultCode.DECODING_ERROR, ERR_ATTR_DECODE_INVALID_COUNT.get(elements.length));
    }
    final String name = ASN1OctetString.decodeAsOctetString(elements[0]).stringValue();
    final ASN1Set valueSet;
    try {
        valueSet = ASN1Set.decodeAsSet(elements[1]);
    } catch (final ASN1Exception ae) {
        Debug.debugException(ae);
        throw new LDAPException(ResultCode.DECODING_ERROR, ERR_ATTR_DECODE_VALUE_SET.get(StaticUtils.getExceptionMessage(ae)), ae);
    }
    final ASN1OctetString[] values = new ASN1OctetString[valueSet.elements().length];
    for (int i = 0; i < values.length; i++) {
        values[i] = ASN1OctetString.decodeAsOctetString(valueSet.elements()[i]);
    }
    return new Attribute(name, CaseIgnoreStringMatchingRule.getInstance(), values);
}

Example 10 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class CRLDistributionPoint method encode.

/**
 * Encodes this CRL distribution point to an ASN.1 element.
 *
 * @return  The encoded CRL distribution point.
 *
 * @throws  CertException  If a problem is encountered while encoding this
 *                         CRL distribution point.
 */
@NotNull()
ASN1Element encode() throws CertException {
    final ArrayList<ASN1Element> elements = new ArrayList<>(3);
    ASN1Element distributionPointElement = null;
    if (fullName != null) {
        distributionPointElement = new ASN1Element(TYPE_FULL_NAME, fullName.encode().getValue());
    } else if (nameRelativeToCRLIssuer != null) {
        final Schema schema;
        try {
            schema = Schema.getDefaultStandardSchema();
        } catch (final Exception e) {
            Debug.debugException(e);
            throw new CertException(ERR_CRL_DP_ENCODE_CANNOT_GET_SCHEMA.get(toString(), String.valueOf(nameRelativeToCRLIssuer), StaticUtils.getExceptionMessage(e)), e);
        }
        final String[] names = nameRelativeToCRLIssuer.getAttributeNames();
        final String[] values = nameRelativeToCRLIssuer.getAttributeValues();
        final ArrayList<ASN1Element> rdnElements = new ArrayList<>(names.length);
        for (int i = 0; i < names.length; i++) {
            final AttributeTypeDefinition at = schema.getAttributeType(names[i]);
            if (at == null) {
                throw new CertException(ERR_CRL_DP_ENCODE_UNKNOWN_ATTR_TYPE.get(toString(), String.valueOf(nameRelativeToCRLIssuer), names[i]));
            }
            try {
                rdnElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(at.getOID()), new ASN1UTF8String(values[i])));
            } catch (final Exception e) {
                Debug.debugException(e);
                throw new CertException(ERR_CRL_DP_ENCODE_ERROR.get(toString(), String.valueOf(nameRelativeToCRLIssuer), StaticUtils.getExceptionMessage(e)), e);
            }
        }
        distributionPointElement = new ASN1Set(TYPE_NAME_RELATIVE_TO_CRL_ISSUER, rdnElements);
    }
    if (distributionPointElement != null) {
        elements.add(new ASN1Element(TYPE_DISTRIBUTION_POINT, distributionPointElement.encode()));
    }
    if (!revocationReasons.equals(EnumSet.allOf(CRLDistributionPointRevocationReason.class))) {
        elements.add(CRLDistributionPointRevocationReason.toBitString(TYPE_REASONS, revocationReasons));
    }
    if (crlIssuer != null) {
        elements.add(new ASN1Element(TYPE_CRL_ISSUER, crlIssuer.encode().getValue()));
    }
    return new ASN1Sequence(elements);
}