use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.
the class Modification method encode.
/**
* Encodes this modification to an ASN.1 sequence suitable for use in the LDAP
* protocol.
*
* @return An ASN.1 sequence containing the encoded value.
*/
@NotNull()
public ASN1Sequence encode() {
final ASN1Element[] attrElements = { new ASN1OctetString(attributeName), new ASN1Set(values) };
final ASN1Element[] modificationElements = { new ASN1Enumerated(modificationType.intValue()), new ASN1Sequence(attrElements) };
return new ASN1Sequence(modificationElements);
}
use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.
the class RouteToBackendSetRequestControl method createRoutingHintRequest.
/**
* Creates a new route to backend set request control that may be used to
* provide a hint as to the backend set(s) to which the operation should be
* forwarded, and an optional specification of fallback sets.
*
* @param isCritical Indicates whether the control
* should be marked critical.
* @param entryBalancingRequestProcessorID The identifier for the
* entry-balancing request processor
* with which the backend set IDs
* are associated. It must not be
* {@code null}.
* @param firstGuessSetIDs The backend set ID(s) for the
* backend set(s) to try first. It
* must not be {@code null} or
* empty.
* @param fallbackSetIDs The backend set ID(s) for the
* backend set(s) to use if none of
* the servers in the first guess
* set returns a success result.
* If this is {@code null}, then the
* server will use a default
* fallback set of all backend sets
* not included in the first guess.
* If this is not {@code null}, then
* it must also be non-empty.
*
* @return The route to backend set request control created from the
* provided information.
*/
@NotNull()
public static RouteToBackendSetRequestControl createRoutingHintRequest(final boolean isCritical, @NotNull final String entryBalancingRequestProcessorID, @NotNull final Collection<String> firstGuessSetIDs, @Nullable final Collection<String> fallbackSetIDs) {
Validator.ensureNotNull(firstGuessSetIDs);
Validator.ensureFalse(firstGuessSetIDs.isEmpty());
if (fallbackSetIDs != null) {
Validator.ensureFalse(fallbackSetIDs.isEmpty());
}
final ArrayList<ASN1Element> backendSetsElements = new ArrayList<>(2);
final ArrayList<ASN1Element> firstGuessElements = new ArrayList<>(firstGuessSetIDs.size());
for (final String s : firstGuessSetIDs) {
firstGuessElements.add(new ASN1OctetString(s));
}
backendSetsElements.add(new ASN1Set(firstGuessElements));
if (fallbackSetIDs != null) {
final ArrayList<ASN1Element> fallbackElements = new ArrayList<>(fallbackSetIDs.size());
for (final String s : fallbackSetIDs) {
fallbackElements.add(new ASN1OctetString(s));
}
backendSetsElements.add(new ASN1Set(fallbackElements));
}
final RouteToBackendSetRoutingType routingType = RouteToBackendSetRoutingType.ROUTING_HINT;
final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1OctetString(entryBalancingRequestProcessorID), new ASN1Sequence(routingType.getBERType(), backendSetsElements));
return new RouteToBackendSetRequestControl(isCritical, new ASN1OctetString(valueSequence.encode()), entryBalancingRequestProcessorID, routingType, null, firstGuessSetIDs, fallbackSetIDs);
}
use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.
the class UniquenessRequestControl method encodeValue.
/**
* Encodes the provided information into an octet string that is suitable for
* use as the value of this control.
*
* @param uniquenessID A value that will be used to correlate this request
* control with its corresponding response control. It
* must not be {@code null}.
* @param properties The set of properties for this control. It must not
* be {@code null}.
*
* @return The encoded value that was created.
*/
@NotNull()
private static ASN1OctetString encodeValue(@NotNull final String uniquenessID, @NotNull final UniquenessRequestControlProperties properties) {
final ArrayList<ASN1Element> elements = new ArrayList<>(10);
elements.add(new ASN1OctetString(TYPE_UNIQUENESS_ID, uniquenessID));
final Set<String> attributeTypes = properties.getAttributeTypes();
if (!attributeTypes.isEmpty()) {
final ArrayList<ASN1Element> attributeTypeElements = new ArrayList<>(attributeTypes.size());
for (final String attributeType : attributeTypes) {
attributeTypeElements.add(new ASN1OctetString(attributeType));
}
elements.add(new ASN1Set(TYPE_ATTRIBUTE_TYPES, attributeTypeElements));
}
final UniquenessMultipleAttributeBehavior multipleAttributeBehavior = properties.getMultipleAttributeBehavior();
if (multipleAttributeBehavior != UniquenessMultipleAttributeBehavior.UNIQUE_WITHIN_EACH_ATTRIBUTE) {
elements.add(new ASN1Enumerated(TYPE_MULTIPLE_ATTRIBUTE_BEHAVIOR, multipleAttributeBehavior.intValue()));
}
final String baseDN = properties.getBaseDN();
if (baseDN != null) {
elements.add(new ASN1OctetString(TYPE_BASE_DN, baseDN));
}
final Filter filter = properties.getFilter();
if (filter != null) {
elements.add(new ASN1Element(TYPE_FILTER, filter.encode().encode()));
}
if (properties.preventConflictsWithSoftDeletedEntries()) {
elements.add(new ASN1Boolean(TYPE_PREVENT_CONFLICTS_WITH_SOFT_DELETED_ENTRIES, true));
}
final UniquenessValidationLevel preCommitValidationLevel = properties.getPreCommitValidationLevel();
if (preCommitValidationLevel != UniquenessValidationLevel.ALL_SUBTREE_VIEWS) {
elements.add(new ASN1Enumerated(TYPE_PRE_COMMIT_VALIDATION_LEVEL, preCommitValidationLevel.intValue()));
}
final UniquenessValidationLevel postCommitValidationLevel = properties.getPostCommitValidationLevel();
if (postCommitValidationLevel != UniquenessValidationLevel.ALL_SUBTREE_VIEWS) {
elements.add(new ASN1Enumerated(TYPE_POST_COMMIT_VALIDATION_LEVEL, postCommitValidationLevel.intValue()));
}
if (!properties.alertOnPostCommitConflictDetection()) {
elements.add(new ASN1Boolean(TYPE_ALERT_ON_POST_VALIDATION_CONFLICT_DETECTION, false));
}
if (properties.createConflictPreventionDetailsEntry()) {
elements.add(new ASN1Boolean(TYPE_CREATE_CONFLICT_PREVENTION_DETAILS_ENTRY, true));
}
return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.
the class PKCS10CertificateSigningRequest method generateSignature.
/**
* Generates a signature for the certificate signing request with the provided
* information.
*
* @param signatureAlgorithm The signature algorithm to use to
* generate the signature. This must
* not be {@code null}.
* @param privateKey The private key to use to sign the
* certificate signing request. This
* must not be {@code null}.
* @param subjectDN The subject DN for the certificate
* signing request. This must not be
* {@code null}.
* @param publicKeyAlgorithmOID The OID for the public key algorithm.
* This must not be {@code null}.
* @param publicKeyAlgorithmParameters The encoded public key algorithm
* parameters. This may be
* {@code null} if no parameters are
* needed.
* @param encodedPublicKey The encoded representation of the
* public key. This must not be
* {@code null}.
* @param extensions The set of extensions to include in
* the certificate signing request.
* This must not be {@code null} but
* may be empty.
*
* @return An encoded representation of the generated signature.
*
* @throws CertException If a problem is encountered while generating the
* certificate.
*/
@NotNull()
private static ASN1BitString generateSignature(@NotNull final SignatureAlgorithmIdentifier signatureAlgorithm, @NotNull final PrivateKey privateKey, @NotNull final DN subjectDN, @NotNull final OID publicKeyAlgorithmOID, @Nullable final ASN1Element publicKeyAlgorithmParameters, @NotNull final ASN1BitString encodedPublicKey, @NotNull final X509CertificateExtension... extensions) throws CertException {
// Get and initialize the signature generator.
final Signature signature;
try {
signature = CryptoHelper.getSignature(signatureAlgorithm.getJavaName());
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CSR_GEN_SIGNATURE_CANNOT_GET_SIGNATURE_GENERATOR.get(signatureAlgorithm.getJavaName(), StaticUtils.getExceptionMessage(e)), e);
}
try {
signature.initSign(privateKey);
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CSR_GEN_SIGNATURE_CANNOT_INIT_SIGNATURE_GENERATOR.get(signatureAlgorithm.getJavaName(), StaticUtils.getExceptionMessage(e)), e);
}
// compute its signature.
try {
final ArrayList<ASN1Element> requestInfoElements = new ArrayList<>(4);
requestInfoElements.add(new ASN1Integer(PKCS10CertificateSigningRequestVersion.V1.getIntValue()));
requestInfoElements.add(X509Certificate.encodeName(subjectDN));
if (publicKeyAlgorithmParameters == null) {
requestInfoElements.add(new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(publicKeyAlgorithmOID)), encodedPublicKey));
} else {
requestInfoElements.add(new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(publicKeyAlgorithmOID), publicKeyAlgorithmParameters), encodedPublicKey));
}
final ArrayList<ASN1Element> attrElements = new ArrayList<>(1);
if ((extensions != null) && (extensions.length > 0)) {
final ArrayList<ASN1Element> extensionElements = new ArrayList<>(extensions.length);
for (final X509CertificateExtension e : extensions) {
extensionElements.add(e.encode());
}
attrElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(ATTRIBUTE_OID_EXTENSIONS), new ASN1Set(new ASN1Sequence(extensionElements))));
}
requestInfoElements.add(new ASN1Set(TYPE_ATTRIBUTES, attrElements));
final byte[] certificationRequestInfoBytes = new ASN1Sequence(requestInfoElements).encode();
signature.update(certificationRequestInfoBytes);
final byte[] signatureBytes = signature.sign();
return new ASN1BitString(ASN1BitString.getBitsForBytes(signatureBytes));
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CSR_GEN_SIGNATURE_CANNOT_COMPUTE.get(signatureAlgorithm.getJavaName(), StaticUtils.getExceptionMessage(e)), e);
}
}
use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.
the class X509Certificate method encodeName.
/**
* Encodes the provided DN as an X.509 name for inclusion in an encoded
* certificate.
*
* @param dn The DN to encode.
*
* @return The encoded X.509 name.
*
* @throws CertException If a problem is encountered while encoding the
* provided DN as an X.509 name.
*/
@NotNull()
static ASN1Element encodeName(@NotNull final DN dn) throws CertException {
final Schema schema;
try {
schema = Schema.getDefaultStandardSchema();
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CERT_ENCODE_NAME_CANNOT_GET_SCHEMA.get(String.valueOf(dn), StaticUtils.getExceptionMessage(e)), e);
}
final RDN[] rdns = dn.getRDNs();
final ArrayList<ASN1Element> rdnSequenceElements = new ArrayList<>(rdns.length);
for (int i = rdns.length - 1; i >= 0; i--) {
final RDN rdn = rdns[i];
final String[] names = rdn.getAttributeNames();
final String[] values = rdn.getAttributeValues();
final ArrayList<ASN1Element> rdnElements = new ArrayList<>(names.length);
for (int j = 0; j < names.length; j++) {
final AttributeTypeDefinition at = schema.getAttributeType(names[j]);
if (at == null) {
throw new CertException(ERR_CERT_ENCODE_NAME_UNKNOWN_ATTR_TYPE.get(String.valueOf(dn), names[j]));
}
try {
rdnElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(at.getOID()), new ASN1UTF8String(values[j])));
} catch (final Exception e) {
Debug.debugException(e);
throw new CertException(ERR_CERT_ENCODE_NAME_ERROR.get(String.valueOf(dn), StaticUtils.getExceptionMessage(e)), e);
}
}
rdnSequenceElements.add(new ASN1Set(rdnElements));
}
return new ASN1Sequence(rdnSequenceElements);
}
Aggregations