Search in sources :

Example 41 with GeneralName

use of de.carne.certmgr.certs.x509.GeneralName in project keystore-explorer by kaikramer.

the class X509Ext method getProcurationStringValue.

private String getProcurationStringValue(byte[] octets) throws IOException {
    // @formatter:off
    /*
			ProcurationSyntax ::= SEQUENCE
			{
				country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
				typeOfSubstitution [2] EXPLICIT DirectoryString(SIZE(1..128)) OPTIONAL,
				signingFor [3] EXPLICIT SigningFor
			}

			SigningFor ::= CHOICE
			{
				thirdPerson GeneralName,
				certRef IssuerSerial
			}
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    ProcurationSyntax procurationSyntax = ProcurationSyntax.getInstance(octets);
    String country = procurationSyntax.getCountry();
    DirectoryString typeOfSubstitution = procurationSyntax.getTypeOfSubstitution();
    GeneralName thirdPerson = procurationSyntax.getThirdPerson();
    IssuerSerial certRef = procurationSyntax.getCertRef();
    if (country != null) {
        sb.append(MessageFormat.format(res.getString("Procuration.Country"), country));
        sb.append(NEWLINE);
    }
    if (typeOfSubstitution != null) {
        sb.append(MessageFormat.format(res.getString("Procuration.TypeOfSubstitution"), typeOfSubstitution.toString()));
        sb.append(NEWLINE);
    }
    if (thirdPerson != null) {
        sb.append(MessageFormat.format(res.getString("Procuration.ThirdPerson"), GeneralNameUtil.toString(thirdPerson)));
        sb.append(NEWLINE);
    }
    if (certRef != null) {
        sb.append(res.getString("Procuration.CertRef"));
        sb.append(NEWLINE);
        sb.append(INDENT);
        sb.append(res.getString("Procuration.CertRef.Issuer"));
        for (GeneralName generalName : certRef.getIssuer().getNames()) {
            sb.append(INDENT);
            sb.append(INDENT);
            sb.append(GeneralNameUtil.toString(generalName));
            sb.append(NEWLINE);
        }
        sb.append(NEWLINE);
        sb.append(INDENT);
        sb.append(MessageFormat.format(res.getString("Procuration.CertRef.SN"), HexUtil.getHexString(certRef.getSerial().getValue())));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) ProcurationSyntax(org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERGeneralString(org.bouncycastle.asn1.DERGeneralString) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Example 42 with GeneralName

use of de.carne.certmgr.certs.x509.GeneralName in project keystore-explorer by kaikramer.

the class DGeneralNameChooser method okPressed.

private void okPressed() {
    try {
        GeneralName newGeneralName = null;
        if (jrbDirectoryName.isSelected()) {
            X500Name directoryName = jdnDirectoryName.getDistinguishedName();
            if (directoryName == null) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.DirectoryNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newGeneralName = new GeneralName(GeneralName.directoryName, directoryName);
        } else if (jrbDnsName.isSelected()) {
            String dnsName = jtfDnsName.getText().trim();
            if (dnsName.length() == 0) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.DnsNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newGeneralName = new GeneralName(GeneralName.dNSName, new DERIA5String(dnsName));
        } else if (jrbIpAddress.isSelected()) {
            String ipAddress = jtfIpAddress.getText().trim();
            if (ipAddress.length() == 0) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.IpAddressValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            if (!IPAddress.isValid(ipAddress)) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.NotAValidIP.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newGeneralName = new GeneralName(GeneralName.iPAddress, ipAddress);
        } else if (jrbRegisteredId.isSelected()) {
            ASN1ObjectIdentifier registeredId = joiRegisteredId.getObjectId();
            if (registeredId == null) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.RegisteredIdValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newGeneralName = new GeneralName(GeneralName.registeredID, registeredId);
        } else if (jrbRfc822Name.isSelected()) {
            String rfc822Name = jtfRfc822Name.getText().trim();
            if (rfc822Name.length() == 0) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.Rfc822NameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newGeneralName = new GeneralName(GeneralName.rfc822Name, new DERIA5String(rfc822Name));
        } else if (jrbUniformResourceIdentifier.isSelected()) {
            String uniformResourceIdentifier = jtfUniformResourceIdentifier.getText().trim();
            if (uniformResourceIdentifier.length() == 0) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.UniformResourceIdentifierValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newGeneralName = new GeneralName(GeneralName.uniformResourceIdentifier, new DERIA5String(uniformResourceIdentifier));
        } else if (jrbPrincipalName.isSelected()) {
            String upnString = jtfPrincipalName.getText().trim();
            if (upnString.length() == 0) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.PrincipalNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            ASN1EncodableVector asn1Vector = new ASN1EncodableVector();
            asn1Vector.add(new ASN1ObjectIdentifier(GeneralNameUtil.UPN_OID));
            asn1Vector.add(new DERTaggedObject(true, 0, new DERUTF8String(upnString)));
            newGeneralName = new GeneralName(GeneralName.otherName, new DERSequence(asn1Vector));
        }
        generalName = newGeneralName;
    } catch (Exception ex) {
        DError dError = new DError(this, ex);
        dError.setLocationRelativeTo(this);
        dError.setVisible(true);
        return;
    }
    closeDialog();
}
Also used : DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERSequence(org.bouncycastle.asn1.DERSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) GeneralName(org.bouncycastle.asn1.x509.GeneralName) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) UnknownHostException(java.net.UnknownHostException) DError(org.kse.gui.error.DError)

Example 43 with GeneralName

use of de.carne.certmgr.certs.x509.GeneralName in project keystore-explorer by kaikramer.

the class JGeneralName method editGeneralName.

private void editGeneralName() {
    Container container = getTopLevelAncestor();
    DGeneralNameChooser dGeneralNameChooser = null;
    if (container instanceof JDialog) {
        dGeneralNameChooser = new DGeneralNameChooser((JDialog) container, title, generalName);
        dGeneralNameChooser.setLocationRelativeTo(container);
        dGeneralNameChooser.setVisible(true);
    } else if (container instanceof JFrame) {
        dGeneralNameChooser = new DGeneralNameChooser((JFrame) container, title, generalName);
        dGeneralNameChooser.setLocationRelativeTo(container);
        dGeneralNameChooser.setVisible(true);
    }
    GeneralName newGeneralName = dGeneralNameChooser.getGeneralName();
    if (newGeneralName == null) {
        return;
    }
    setGeneralName(newGeneralName);
}
Also used : Container(java.awt.Container) JFrame(javax.swing.JFrame) GeneralName(org.bouncycastle.asn1.x509.GeneralName) JDialog(javax.swing.JDialog)

Example 44 with GeneralName

use of de.carne.certmgr.certs.x509.GeneralName in project keystore-explorer by kaikramer.

the class DGeneralSubtreeChooser method okPressed.

private void okPressed() {
    GeneralName base = jgnBase.getGeneralName();
    if (base == null) {
        JOptionPane.showMessageDialog(this, res.getString("DGeneralSubtreeChooser.BaseValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    int minimum = -1;
    String minimumStr = jtfMinimum.getText().trim();
    if (minimumStr.length() == 0) {
        JOptionPane.showMessageDialog(this, res.getString("DGeneralSubtreeChooser.MinimumValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    if (minimumStr.length() > 0) {
        try {
            minimum = Integer.parseInt(minimumStr);
        } catch (NumberFormatException ex) {
            JOptionPane.showMessageDialog(this, res.getString("DGeneralSubtreeChooser.InvalidMinimumValue.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
            return;
        }
        if (minimum < 0) {
            JOptionPane.showMessageDialog(this, res.getString("DGeneralSubtreeChooser.InvalidMinimumValue.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
            return;
        }
    }
    int maximum = -1;
    String maximumStr = jtfMaximum.getText().trim();
    if (maximumStr.length() > 0) {
        try {
            maximum = Integer.parseInt(maximumStr);
        } catch (NumberFormatException ex) {
            JOptionPane.showMessageDialog(this, res.getString("DGeneralSubtreeChooser.InvalidMaximumValue.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
            return;
        }
        if (maximum < 0) {
            JOptionPane.showMessageDialog(this, res.getString("DGeneralSubtreeChooser.InvalidMaximumValue.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
            return;
        }
    }
    BigInteger asn1Minimum = (minimum != -1) ? BigInteger.valueOf(minimum) : null;
    BigInteger asn1Maximum = (maximum != -1) ? BigInteger.valueOf(maximum) : null;
    generalSubtree = new GeneralSubtree(base, asn1Minimum, asn1Maximum);
    closeDialog();
}
Also used : BigInteger(java.math.BigInteger) JGeneralName(org.kse.gui.crypto.generalname.JGeneralName) GeneralName(org.bouncycastle.asn1.x509.GeneralName) GeneralSubtree(org.bouncycastle.asn1.x509.GeneralSubtree)

Example 45 with GeneralName

use of de.carne.certmgr.certs.x509.GeneralName in project Spark by igniterealtime.

the class SparkTrustManager method loadCRL.

public Collection<X509CRL> loadCRL(X509Certificate[] chain) throws IOException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, CertStoreException, CRLException, CertificateException {
    // for each certificate in chain
    for (X509Certificate cert : chain) {
        if (cert.getExtensionValue(Extension.cRLDistributionPoints.getId()) != null) {
            ASN1Primitive primitive = JcaX509ExtensionUtils.parseExtensionValue(cert.getExtensionValue(Extension.cRLDistributionPoints.getId()));
            // extract distribution point extension
            CRLDistPoint distPoint = CRLDistPoint.getInstance(primitive);
            DistributionPoint[] dp = distPoint.getDistributionPoints();
            // each distribution point extension can hold number of distribution points
            for (DistributionPoint d : dp) {
                DistributionPointName dpName = d.getDistributionPoint();
                // Look for URIs in fullName
                if (dpName != null && dpName.getType() == DistributionPointName.FULL_NAME) {
                    GeneralName[] genNames = GeneralNames.getInstance(dpName.getName()).getNames();
                    // Look for an URI
                    for (GeneralName genName : genNames) {
                        // extract url
                        URL url = new URL(genName.getName().toString());
                        try {
                            // download from Internet to the collection
                            crlCollection.add(downloadCRL(url));
                        } catch (CertificateException | CRLException e) {
                            throw new CRLException("Couldn't download CRL");
                        }
                    }
                }
            }
        } else {
            Log.warning("Certificate " + cert.getSubjectX500Principal().getName().toString() + " have no CRLs");
        }
        // parameters for cert store is collection type, using collection with crl create parameters
        CollectionCertStoreParameters params = new CollectionCertStoreParameters(crlCollection);
        // this parameters are next used for creation of certificate store with crls
        crlStore = CertStore.getInstance("Collection", params);
    }
    return crlCollection;
}
Also used : DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName) CertificateException(java.security.cert.CertificateException) X509Certificate(java.security.cert.X509Certificate) URL(java.net.URL) CollectionCertStoreParameters(java.security.cert.CollectionCertStoreParameters) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) CRLException(java.security.cert.CRLException)

Aggregations

GeneralName (org.bouncycastle.asn1.x509.GeneralName)125 GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)58 IOException (java.io.IOException)50 DERIA5String (org.bouncycastle.asn1.DERIA5String)36 ArrayList (java.util.ArrayList)34 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)32 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)31 X500Name (org.bouncycastle.asn1.x500.X500Name)30 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)28 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)27 X509Certificate (java.security.cert.X509Certificate)25 DEROctetString (org.bouncycastle.asn1.DEROctetString)24 List (java.util.List)21 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)19 Date (java.util.Date)18 GeneralName (org.apache.harmony.security.x509.GeneralName)18 DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)18 DERSequence (org.bouncycastle.asn1.DERSequence)17 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)16 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)16