Search in sources :

Example 86 with Principal

use of java.security.Principal in project XobotOS by xamarin.

the class JarUtils method createChain.

private static X509Certificate[] createChain(X509Certificate signer, X509Certificate[] candidates) {
    LinkedList chain = new LinkedList();
    chain.add(0, signer);
    // Signer is self-signed
    if (signer.getSubjectDN().equals(signer.getIssuerDN())) {
        return (X509Certificate[]) chain.toArray(new X509Certificate[1]);
    }
    Principal issuer = signer.getIssuerDN();
    X509Certificate issuerCert;
    int count = 1;
    while (true) {
        issuerCert = findCert(issuer, candidates);
        if (issuerCert == null) {
            break;
        }
        chain.add(issuerCert);
        count++;
        if (issuerCert.getSubjectDN().equals(issuerCert.getIssuerDN())) {
            break;
        }
        issuer = issuerCert.getIssuerDN();
    }
    return (X509Certificate[]) chain.toArray(new X509Certificate[count]);
}
Also used : LinkedList(java.util.LinkedList) X509Certificate(java.security.cert.X509Certificate) X500Principal(javax.security.auth.x500.X500Principal) Principal(java.security.Principal)

Example 87 with Principal

use of java.security.Principal in project XobotOS by xamarin.

the class KeyManagerImpl method chooseAlias.

private String[] chooseAlias(String[] keyTypes, Principal[] issuers) {
    if (keyTypes == null || keyTypes.length == 0) {
        return null;
    }
    List<Principal> issuersList = (issuers == null) ? null : Arrays.asList(issuers);
    ArrayList<String> found = new ArrayList<String>();
    for (Enumeration<String> aliases = hash.keys(); aliases.hasMoreElements(); ) {
        final String alias = aliases.nextElement();
        final KeyStore.PrivateKeyEntry entry = hash.get(alias);
        final Certificate[] chain = entry.getCertificateChain();
        final Certificate cert = chain[0];
        final String certKeyAlg = cert.getPublicKey().getAlgorithm();
        final String certSigAlg = (cert instanceof X509Certificate ? ((X509Certificate) cert).getSigAlgName().toUpperCase(Locale.US) : null);
        for (String keyAlgorithm : keyTypes) {
            if (keyAlgorithm == null) {
                continue;
            }
            String sigAlgorithm;
            // handle cases like EC_EC and EC_RSA
            int index = keyAlgorithm.indexOf('_');
            if (index == -1) {
                sigAlgorithm = keyAlgorithm;
            } else {
                sigAlgorithm = keyAlgorithm.substring(index + 1);
                keyAlgorithm = keyAlgorithm.substring(0, index);
            }
            // key algorithm does not match
            if (!certKeyAlg.equals(keyAlgorithm)) {
                continue;
            }
            // sig algorithm does not match
            if (certSigAlg != null && !certSigAlg.contains(sigAlgorithm)) {
                continue;
            }
            // no issuers to match, just add to return list and continue
            if (issuers == null || issuers.length == 0) {
                found.add(alias);
                continue;
            }
            // check that a certificate in the chain was issued by one of the specified issuers
            loop: for (Certificate certFromChain : chain) {
                if (!(certFromChain instanceof X509Certificate)) {
                    // skip non-X509Certificates
                    continue;
                }
                X509Certificate xcertFromChain = (X509Certificate) certFromChain;
                /*
                     * Note use of X500Principal from
                     * getIssuerX500Principal as opposed to Principal
                     * from getIssuerDN. Principal.equals test does
                     * not work in the case where
                     * xcertFromChain.getIssuerDN is a bouncycastle
                     * org.bouncycastle.jce.X509Principal.
                     */
                X500Principal issuerFromChain = xcertFromChain.getIssuerX500Principal();
                if (issuersList.contains(issuerFromChain)) {
                    found.add(alias);
                }
            }
        }
    }
    if (!found.isEmpty()) {
        return found.toArray(new String[found.size()]);
    }
    return null;
}
Also used : ArrayList(java.util.ArrayList) KeyStore(java.security.KeyStore) X509Certificate(java.security.cert.X509Certificate) PrivateKeyEntry(java.security.KeyStore.PrivateKeyEntry) X500Principal(javax.security.auth.x500.X500Principal) X500Principal(javax.security.auth.x500.X500Principal) Principal(java.security.Principal) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 88 with Principal

use of java.security.Principal in project XobotOS by xamarin.

the class AttributeCertificateHolder method getPrincipals.

private Principal[] getPrincipals(GeneralNames names) {
    Object[] p = this.getNames(names.getNames());
    List l = new ArrayList();
    for (int i = 0; i != p.length; i++) {
        if (p[i] instanceof Principal) {
            l.add(p[i]);
        }
    }
    return (Principal[]) l.toArray(new Principal[l.size()]);
}
Also used : ArrayList(java.util.ArrayList) ArrayList(java.util.ArrayList) List(java.util.List) X509Principal(org.bouncycastle.jce.X509Principal) X500Principal(javax.security.auth.x500.X500Principal) Principal(java.security.Principal)

Example 89 with Principal

use of java.security.Principal in project goci by EBISPOT.

the class CurrentUserDetailsService method getUserFromRequest.

/**
     * Update a study status
     *
     * @param request request from which to obtain current user
     * @return SecureUser that represents currently logged in user
     */
public SecureUser getUserFromRequest(HttpServletRequest request) {
    Principal principal = request.getUserPrincipal();
    String name = principal.getName();
    return secureUserRepository.findByEmail(name);
}
Also used : Principal(java.security.Principal)

Example 90 with Principal

use of java.security.Principal in project android_frameworks_base by DirtyUnicorns.

the class WiFiKeyManager method chooseClientAlias.

@Override
public String chooseClientAlias(String[] keyTypes, Principal[] issuers, Socket socket) {
    Map<String, Integer> keyPrefs = new HashMap<>(keyTypes.length);
    int pref = 0;
    for (String keyType : keyTypes) {
        keyPrefs.put(keyType, pref++);
    }
    List<AliasEntry> aliases = new ArrayList<>();
    if (issuers != null) {
        for (Principal issuer : issuers) {
            if (issuer instanceof X500Principal) {
                String[] aliasAndKey = mAliases.get((X500Principal) issuer);
                if (aliasAndKey != null) {
                    Integer preference = keyPrefs.get(aliasAndKey[1]);
                    if (preference != null) {
                        aliases.add(new AliasEntry(preference, aliasAndKey[0]));
                    }
                }
            }
        }
    } else {
        for (String[] aliasAndKey : mAliases.values()) {
            Integer preference = keyPrefs.get(aliasAndKey[1]);
            if (preference != null) {
                aliases.add(new AliasEntry(preference, aliasAndKey[0]));
            }
        }
    }
    Collections.sort(aliases);
    return aliases.isEmpty() ? null : aliases.get(0).getAlias();
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) X500Principal(javax.security.auth.x500.X500Principal) X500Principal(javax.security.auth.x500.X500Principal) Principal(java.security.Principal)

Aggregations

Principal (java.security.Principal)931 Test (org.junit.Test)243 Subject (javax.security.auth.Subject)114 EveryonePrincipal (org.apache.jackrabbit.oak.spi.security.principal.EveryonePrincipal)114 HashSet (java.util.HashSet)89 User (org.apache.jackrabbit.api.security.user.User)75 Group (org.apache.jackrabbit.api.security.user.Group)74 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)58 Privilege (javax.jcr.security.Privilege)57 RepositoryException (javax.jcr.RepositoryException)51 IOException (java.io.IOException)50 ArrayList (java.util.ArrayList)48 HttpServletRequest (javax.servlet.http.HttpServletRequest)47 TestPrincipal (org.apache.jackrabbit.core.security.TestPrincipal)45 AbstractSecurityTest (org.apache.jackrabbit.oak.AbstractSecurityTest)43 EveryonePrincipal (org.apache.jackrabbit.core.security.principal.EveryonePrincipal)42 PrincipalIterator (org.apache.jackrabbit.api.security.principal.PrincipalIterator)40 HashMap (java.util.HashMap)39 PrincipalImpl (org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl)39 X500Principal (javax.security.auth.x500.X500Principal)38