Search in sources :

Example 11 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class Modification method encode.

/**
 * Encodes this modification to an ASN.1 sequence suitable for use in the LDAP
 * protocol.
 *
 * @return  An ASN.1 sequence containing the encoded value.
 */
@NotNull()
public ASN1Sequence encode() {
    final ASN1Element[] attrElements = { new ASN1OctetString(attributeName), new ASN1Set(values) };
    final ASN1Element[] modificationElements = { new ASN1Enumerated(modificationType.intValue()), new ASN1Sequence(attrElements) };
    return new ASN1Sequence(modificationElements);
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1Enumerated(com.unboundid.asn1.ASN1Enumerated) ASN1Element(com.unboundid.asn1.ASN1Element) NotNull(com.unboundid.util.NotNull)

Example 12 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class RouteToBackendSetRequestControl method createRoutingHintRequest.

/**
 * Creates a new route to backend set request control that may be used to
 * provide a hint as to the backend set(s) to which the operation should be
 * forwarded, and an optional specification of fallback sets.
 *
 * @param  isCritical                        Indicates whether the control
 *                                           should be marked critical.
 * @param  entryBalancingRequestProcessorID  The identifier for the
 *                                           entry-balancing request processor
 *                                           with which the backend set IDs
 *                                           are associated.  It must not be
 *                                           {@code null}.
 * @param  firstGuessSetIDs                  The backend set ID(s) for the
 *                                           backend set(s) to try first.  It
 *                                           must not be {@code null} or
 *                                           empty.
 * @param  fallbackSetIDs                    The backend set ID(s) for the
 *                                           backend set(s) to use if none of
 *                                           the servers in the first guess
 *                                           set returns a success result.
 *                                           If this is {@code null}, then the
 *                                           server will use a default
 *                                           fallback set of all backend sets
 *                                           not included in the first guess.
 *                                           If this is not {@code null}, then
 *                                           it must also be non-empty.
 *
 * @return  The route to backend set request control created from the
 *          provided information.
 */
@NotNull()
public static RouteToBackendSetRequestControl createRoutingHintRequest(final boolean isCritical, @NotNull final String entryBalancingRequestProcessorID, @NotNull final Collection<String> firstGuessSetIDs, @Nullable final Collection<String> fallbackSetIDs) {
    Validator.ensureNotNull(firstGuessSetIDs);
    Validator.ensureFalse(firstGuessSetIDs.isEmpty());
    if (fallbackSetIDs != null) {
        Validator.ensureFalse(fallbackSetIDs.isEmpty());
    }
    final ArrayList<ASN1Element> backendSetsElements = new ArrayList<>(2);
    final ArrayList<ASN1Element> firstGuessElements = new ArrayList<>(firstGuessSetIDs.size());
    for (final String s : firstGuessSetIDs) {
        firstGuessElements.add(new ASN1OctetString(s));
    }
    backendSetsElements.add(new ASN1Set(firstGuessElements));
    if (fallbackSetIDs != null) {
        final ArrayList<ASN1Element> fallbackElements = new ArrayList<>(fallbackSetIDs.size());
        for (final String s : fallbackSetIDs) {
            fallbackElements.add(new ASN1OctetString(s));
        }
        backendSetsElements.add(new ASN1Set(fallbackElements));
    }
    final RouteToBackendSetRoutingType routingType = RouteToBackendSetRoutingType.ROUTING_HINT;
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1OctetString(entryBalancingRequestProcessorID), new ASN1Sequence(routingType.getBERType(), backendSetsElements));
    return new RouteToBackendSetRequestControl(isCritical, new ASN1OctetString(valueSequence.encode()), entryBalancingRequestProcessorID, routingType, null, firstGuessSetIDs, fallbackSetIDs);
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1Element(com.unboundid.asn1.ASN1Element) ArrayList(java.util.ArrayList) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) NotNull(com.unboundid.util.NotNull)

Example 13 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class UniquenessRequestControl method encodeValue.

/**
 * Encodes the provided information into an octet string that is suitable for
 * use as the value of this control.
 *
 * @param  uniquenessID  A value that will be used to correlate this request
 *                       control with its corresponding response control.  It
 *                       must not be {@code null}.
 * @param  properties    The set of properties for this control.  It must not
 *                       be {@code null}.
 *
 * @return  The encoded value that was created.
 */
@NotNull()
private static ASN1OctetString encodeValue(@NotNull final String uniquenessID, @NotNull final UniquenessRequestControlProperties properties) {
    final ArrayList<ASN1Element> elements = new ArrayList<>(10);
    elements.add(new ASN1OctetString(TYPE_UNIQUENESS_ID, uniquenessID));
    final Set<String> attributeTypes = properties.getAttributeTypes();
    if (!attributeTypes.isEmpty()) {
        final ArrayList<ASN1Element> attributeTypeElements = new ArrayList<>(attributeTypes.size());
        for (final String attributeType : attributeTypes) {
            attributeTypeElements.add(new ASN1OctetString(attributeType));
        }
        elements.add(new ASN1Set(TYPE_ATTRIBUTE_TYPES, attributeTypeElements));
    }
    final UniquenessMultipleAttributeBehavior multipleAttributeBehavior = properties.getMultipleAttributeBehavior();
    if (multipleAttributeBehavior != UniquenessMultipleAttributeBehavior.UNIQUE_WITHIN_EACH_ATTRIBUTE) {
        elements.add(new ASN1Enumerated(TYPE_MULTIPLE_ATTRIBUTE_BEHAVIOR, multipleAttributeBehavior.intValue()));
    }
    final String baseDN = properties.getBaseDN();
    if (baseDN != null) {
        elements.add(new ASN1OctetString(TYPE_BASE_DN, baseDN));
    }
    final Filter filter = properties.getFilter();
    if (filter != null) {
        elements.add(new ASN1Element(TYPE_FILTER, filter.encode().encode()));
    }
    if (properties.preventConflictsWithSoftDeletedEntries()) {
        elements.add(new ASN1Boolean(TYPE_PREVENT_CONFLICTS_WITH_SOFT_DELETED_ENTRIES, true));
    }
    final UniquenessValidationLevel preCommitValidationLevel = properties.getPreCommitValidationLevel();
    if (preCommitValidationLevel != UniquenessValidationLevel.ALL_SUBTREE_VIEWS) {
        elements.add(new ASN1Enumerated(TYPE_PRE_COMMIT_VALIDATION_LEVEL, preCommitValidationLevel.intValue()));
    }
    final UniquenessValidationLevel postCommitValidationLevel = properties.getPostCommitValidationLevel();
    if (postCommitValidationLevel != UniquenessValidationLevel.ALL_SUBTREE_VIEWS) {
        elements.add(new ASN1Enumerated(TYPE_POST_COMMIT_VALIDATION_LEVEL, postCommitValidationLevel.intValue()));
    }
    if (!properties.alertOnPostCommitConflictDetection()) {
        elements.add(new ASN1Boolean(TYPE_ALERT_ON_POST_VALIDATION_CONFLICT_DETECTION, false));
    }
    if (properties.createConflictPreventionDetailsEntry()) {
        elements.add(new ASN1Boolean(TYPE_CREATE_CONFLICT_PREVENTION_DETAILS_ENTRY, true));
    }
    return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ArrayList(java.util.ArrayList) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) Filter(com.unboundid.ldap.sdk.Filter) ASN1Enumerated(com.unboundid.asn1.ASN1Enumerated) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1Boolean(com.unboundid.asn1.ASN1Boolean) NotNull(com.unboundid.util.NotNull)

Example 14 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class PKCS10CertificateSigningRequest method generateSignature.

/**
 * Generates a signature for the certificate signing request with the provided
 * information.
 *
 * @param  signatureAlgorithm            The signature algorithm to use to
 *                                       generate the signature.  This must
 *                                       not be {@code null}.
 * @param  privateKey                    The private key to use to sign the
 *                                       certificate signing request.  This
 *                                       must not be {@code null}.
 * @param  subjectDN                     The subject DN for the certificate
 *                                       signing request.  This must not be
 *                                       {@code null}.
 * @param  publicKeyAlgorithmOID         The OID for the public key algorithm.
 *                                       This must not be {@code null}.
 * @param  publicKeyAlgorithmParameters  The encoded public key algorithm
 *                                       parameters.  This may be
 *                                       {@code null} if no parameters are
 *                                       needed.
 * @param  encodedPublicKey              The encoded representation of the
 *                                       public key.  This must not be
 *                                       {@code null}.
 * @param  extensions                    The set of extensions to include in
 *                                       the certificate signing request.
 *                                       This must not be {@code null} but
 *                                       may be empty.
 *
 * @return  An encoded representation of the generated signature.
 *
 * @throws  CertException  If a problem is encountered while generating the
 *                         certificate.
 */
@NotNull()
private static ASN1BitString generateSignature(@NotNull final SignatureAlgorithmIdentifier signatureAlgorithm, @NotNull final PrivateKey privateKey, @NotNull final DN subjectDN, @NotNull final OID publicKeyAlgorithmOID, @Nullable final ASN1Element publicKeyAlgorithmParameters, @NotNull final ASN1BitString encodedPublicKey, @NotNull final X509CertificateExtension... extensions) throws CertException {
    // Get and initialize the signature generator.
    final Signature signature;
    try {
        signature = CryptoHelper.getSignature(signatureAlgorithm.getJavaName());
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_CSR_GEN_SIGNATURE_CANNOT_GET_SIGNATURE_GENERATOR.get(signatureAlgorithm.getJavaName(), StaticUtils.getExceptionMessage(e)), e);
    }
    try {
        signature.initSign(privateKey);
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_CSR_GEN_SIGNATURE_CANNOT_INIT_SIGNATURE_GENERATOR.get(signatureAlgorithm.getJavaName(), StaticUtils.getExceptionMessage(e)), e);
    }
    // compute its signature.
    try {
        final ArrayList<ASN1Element> requestInfoElements = new ArrayList<>(4);
        requestInfoElements.add(new ASN1Integer(PKCS10CertificateSigningRequestVersion.V1.getIntValue()));
        requestInfoElements.add(X509Certificate.encodeName(subjectDN));
        if (publicKeyAlgorithmParameters == null) {
            requestInfoElements.add(new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(publicKeyAlgorithmOID)), encodedPublicKey));
        } else {
            requestInfoElements.add(new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(publicKeyAlgorithmOID), publicKeyAlgorithmParameters), encodedPublicKey));
        }
        final ArrayList<ASN1Element> attrElements = new ArrayList<>(1);
        if ((extensions != null) && (extensions.length > 0)) {
            final ArrayList<ASN1Element> extensionElements = new ArrayList<>(extensions.length);
            for (final X509CertificateExtension e : extensions) {
                extensionElements.add(e.encode());
            }
            attrElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(ATTRIBUTE_OID_EXTENSIONS), new ASN1Set(new ASN1Sequence(extensionElements))));
        }
        requestInfoElements.add(new ASN1Set(TYPE_ATTRIBUTES, attrElements));
        final byte[] certificationRequestInfoBytes = new ASN1Sequence(requestInfoElements).encode();
        signature.update(certificationRequestInfoBytes);
        final byte[] signatureBytes = signature.sign();
        return new ASN1BitString(ASN1BitString.getBitsForBytes(signatureBytes));
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_CSR_GEN_SIGNATURE_CANNOT_COMPUTE.get(signatureAlgorithm.getJavaName(), StaticUtils.getExceptionMessage(e)), e);
    }
}
Also used : ArrayList(java.util.ArrayList) ASN1Integer(com.unboundid.asn1.ASN1Integer) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) Signature(java.security.Signature) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) NotNull(com.unboundid.util.NotNull)

Example 15 with ASN1Set

use of com.unboundid.asn1.ASN1Set in project ldapsdk by pingidentity.

the class X509Certificate method encodeName.

/**
 * Encodes the provided DN as an X.509 name for inclusion in an encoded
 * certificate.
 *
 * @param  dn  The DN to encode.
 *
 * @return  The encoded X.509 name.
 *
 * @throws  CertException  If a problem is encountered while encoding the
 *                         provided DN as an X.509 name.
 */
@NotNull()
static ASN1Element encodeName(@NotNull final DN dn) throws CertException {
    final Schema schema;
    try {
        schema = Schema.getDefaultStandardSchema();
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new CertException(ERR_CERT_ENCODE_NAME_CANNOT_GET_SCHEMA.get(String.valueOf(dn), StaticUtils.getExceptionMessage(e)), e);
    }
    final RDN[] rdns = dn.getRDNs();
    final ArrayList<ASN1Element> rdnSequenceElements = new ArrayList<>(rdns.length);
    for (int i = rdns.length - 1; i >= 0; i--) {
        final RDN rdn = rdns[i];
        final String[] names = rdn.getAttributeNames();
        final String[] values = rdn.getAttributeValues();
        final ArrayList<ASN1Element> rdnElements = new ArrayList<>(names.length);
        for (int j = 0; j < names.length; j++) {
            final AttributeTypeDefinition at = schema.getAttributeType(names[j]);
            if (at == null) {
                throw new CertException(ERR_CERT_ENCODE_NAME_UNKNOWN_ATTR_TYPE.get(String.valueOf(dn), names[j]));
            }
            try {
                rdnElements.add(new ASN1Sequence(new ASN1ObjectIdentifier(at.getOID()), new ASN1UTF8String(values[j])));
            } catch (final Exception e) {
                Debug.debugException(e);
                throw new CertException(ERR_CERT_ENCODE_NAME_ERROR.get(String.valueOf(dn), StaticUtils.getExceptionMessage(e)), e);
            }
        }
        rdnSequenceElements.add(new ASN1Set(rdnElements));
    }
    return new ASN1Sequence(rdnSequenceElements);
}
Also used : ASN1UTF8String(com.unboundid.asn1.ASN1UTF8String) Schema(com.unboundid.ldap.sdk.schema.Schema) ArrayList(java.util.ArrayList) ASN1UTF8String(com.unboundid.asn1.ASN1UTF8String) ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Exception(com.unboundid.asn1.ASN1Exception) CertificateException(java.security.cert.CertificateException) AttributeTypeDefinition(com.unboundid.ldap.sdk.schema.AttributeTypeDefinition) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Set(com.unboundid.asn1.ASN1Set) ASN1Element(com.unboundid.asn1.ASN1Element) RDN(com.unboundid.ldap.sdk.RDN) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) NotNull(com.unboundid.util.NotNull)

Aggregations

ASN1Set (org.bouncycastle.asn1.ASN1Set)67 ArrayList (java.util.ArrayList)51 ASN1Set (com.unboundid.asn1.ASN1Set)33 IOException (java.io.IOException)32 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)30 ASN1Sequence (com.unboundid.asn1.ASN1Sequence)30 ASN1Set (com.github.zhenwei.core.asn1.ASN1Set)26 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)22 ASN1Element (com.unboundid.asn1.ASN1Element)21 NotNull (com.unboundid.util.NotNull)21 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)19 List (java.util.List)17 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)17 DEROctetString (org.bouncycastle.asn1.DEROctetString)16 Enumeration (java.util.Enumeration)14 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)14 OutputStream (java.io.OutputStream)12 Test (org.testng.annotations.Test)12 ASN1Enumerated (com.unboundid.asn1.ASN1Enumerated)11 X509Certificate (java.security.cert.X509Certificate)11