use of de.carne.certmgr.certs.x509.GeneralName in project athenz by yahoo.
the class Crypto method extractX509CSREmail.
public static String extractX509CSREmail(PKCS10CertificationRequest certReq) {
String rfc822 = null;
Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
for (Attribute attribute : attributes) {
for (ASN1Encodable value : attribute.getAttributeValues()) {
Extensions extensions = Extensions.getInstance(value);
GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
for (GeneralName name : gns.getNames()) {
if (name.getTagNo() == GeneralName.rfc822Name) {
rfc822 = (((DERIA5String) name.getName()).getString());
break;
}
}
}
}
return rfc822;
}
use of de.carne.certmgr.certs.x509.GeneralName in project athenz by yahoo.
the class Crypto method extractX509CSRDnsNames.
public static List<String> extractX509CSRDnsNames(PKCS10CertificationRequest certReq) {
List<String> dnsNames = new ArrayList<>();
Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
for (Attribute attribute : attributes) {
for (ASN1Encodable value : attribute.getAttributeValues()) {
Extensions extensions = Extensions.getInstance(value);
GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
for (GeneralName name : gns.getNames()) {
if (name.getTagNo() == GeneralName.dNSName) {
dnsNames.add(((DERIA5String) name.getName()).getString());
}
}
}
}
return dnsNames;
}
use of de.carne.certmgr.certs.x509.GeneralName in project fdroidclient by f-droid.
the class LocalRepoKeyStore method generateSelfSignedCertChain.
private Certificate generateSelfSignedCertChain(KeyPair kp, X500Name subject, String hostname) throws CertificateException, OperatorCreationException, IOException {
SecureRandom rand = new SecureRandom();
PrivateKey privKey = kp.getPrivate();
PublicKey pubKey = kp.getPublic();
ContentSigner sigGen = new JcaContentSignerBuilder(DEFAULT_SIG_ALG).build(privKey);
SubjectPublicKeyInfo subPubKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(pubKey.getEncoded()));
// now
Date now = new Date();
/* force it to use a English/Gregorian dates for the cert, hardly anyone
ever looks at the cert metadata anyway, and its very likely that they
understand English/Gregorian dates */
Calendar c = new GregorianCalendar(Locale.ENGLISH);
c.setTime(now);
c.add(Calendar.YEAR, 1);
Time startTime = new Time(now, Locale.ENGLISH);
Time endTime = new Time(c.getTime(), Locale.ENGLISH);
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(subject, BigInteger.valueOf(rand.nextLong()), startTime, endTime, subject, subPubKeyInfo);
if (hostname != null) {
GeneralNames subjectAltName = new GeneralNames(new GeneralName(GeneralName.iPAddress, hostname));
v3CertGen.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
}
X509CertificateHolder certHolder = v3CertGen.build(sigGen);
return new JcaX509CertificateConverter().getCertificate(certHolder);
}
use of de.carne.certmgr.certs.x509.GeneralName in project dcos-commons by mesosphere.
the class CertificateNamesGenerator method getSANs.
/**
* Returns additional Subject Alternative Names for service certificates.
*/
public GeneralNames getSANs() {
List<GeneralName> generalNames = new ArrayList<>();
generalNames.add(new GeneralName(GeneralName.dNSName, autoIpHostname));
// Process VIP names, if any
vipSpecs.stream().map(vipSpec -> new GeneralName(GeneralName.dNSName, EndpointUtils.toVipHostname(serviceName, new EndpointUtils.VipInfo(vipSpec.getVipName(), (int) vipSpec.getPort())))).forEach(vipGeneralName -> generalNames.add(vipGeneralName));
return new GeneralNames(generalNames.toArray(new GeneralName[generalNames.size()]));
}
use of de.carne.certmgr.certs.x509.GeneralName in project keystore-explorer by kaikramer.
the class X509Ext method getSubjectInformationAccessStringValue.
private String getSubjectInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
SubjectInfoAccess subjectInfoAccess = SubjectInfoAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : subjectInfoAccess.getAccessDescriptionList()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else // Unrecognised Access Method OID
{
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("SubjectInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(INDENT);
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Aggregations