Search in sources :

Example 86 with GeneralNames

use of org.apache.harmony.security.x509.GeneralNames in project certmgr by hdecarne.

the class SubjectAlternativeNameController method onApply.

private void onApply(ActionEvent evt) {
    try {
        boolean critical = this.ctlCritical.isSelected();
        GeneralNames names = validateAndGetNames();
        this.extensionDataResult = new SubjectAlternativeNameExtensionData(critical, names);
    } catch (ValidationException e) {
        ValidationAlerts.error(e).showAndWait();
        evt.consume();
    }
}
Also used : ValidationException(de.carne.jfx.util.validation.ValidationException) GeneralNames(de.carne.certmgr.certs.x509.GeneralNames) SubjectAlternativeNameExtensionData(de.carne.certmgr.certs.x509.SubjectAlternativeNameExtensionData)

Example 87 with GeneralNames

use of org.apache.harmony.security.x509.GeneralNames in project certmgr by hdecarne.

the class SubjectAlternativeNameController method validateAndGetNames.

private GeneralNames validateAndGetNames() throws ValidationException {
    GeneralNames names = new GeneralNames();
    int nameCount = 0;
    for (GeneralName name : this.ctlNames.getItems()) {
        names.addName(name);
        nameCount++;
    }
    InputValidator.isTrue(nameCount > 0, SubjectAlternativeNameI18N::formatSTR_MESSAGE_NO_NAMES);
    return names;
}
Also used : GeneralNames(de.carne.certmgr.certs.x509.GeneralNames) GeneralName(de.carne.certmgr.certs.x509.GeneralName)

Example 88 with GeneralNames

use of org.apache.harmony.security.x509.GeneralNames in project vespa by vespa-engine.

the class Pkcs10CsrBuilder method build.

public Pkcs10Csr build() {
    try {
        PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, keyPair.getPublic());
        ExtensionsGenerator extGen = new ExtensionsGenerator();
        if (basicConstraintsExtension != null) {
            extGen.addExtension(Extension.basicConstraints, basicConstraintsExtension.isCritical, new BasicConstraints(basicConstraintsExtension.isCertAuthorityCertificate));
        }
        if (!subjectAlternativeNames.isEmpty()) {
            GeneralNames generalNames = new GeneralNames(subjectAlternativeNames.stream().map(san -> new GeneralName(GeneralName.dNSName, san)).toArray(GeneralName[]::new));
            extGen.addExtension(Extension.subjectAlternativeName, false, generalNames);
        }
        requestBuilder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithm.getAlgorithmName()).setProvider(BouncyCastleProviderHolder.getInstance()).build(keyPair.getPrivate());
        return new Pkcs10Csr(requestBuilder.build(contentSigner));
    } catch (OperatorCreationException e) {
        throw new RuntimeException(e);
    } catch (IOException e) {
        throw new UncheckedIOException(e);
    }
}
Also used : JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder) PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder) UncheckedIOException(java.io.UncheckedIOException) IOException(java.io.IOException) UncheckedIOException(java.io.UncheckedIOException) ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)

Example 89 with GeneralNames

use of org.apache.harmony.security.x509.GeneralNames in project signer by demoiselle.

the class SigningCertificateV2 method getValue.

@Override
public Attribute getValue() throws SignerException {
    try {
        X509Certificate cert = (X509Certificate) certificates[0];
        X509Certificate issuerCert = (X509Certificate) certificates[1];
        Digest digest = DigestFactory.getInstance().factoryDefault();
        digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
        byte[] certHash = digest.digest(cert.getEncoded());
        X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
        GeneralName name = new GeneralName(dirName);
        GeneralNames issuer = new GeneralNames(name);
        ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
        IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
        // SHA-256
        AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
        ESSCertIDv2 essCertIDv2 = new ESSCertIDv2(algId, certHash, issuerSerial);
        // return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(essCertIDv2)));
        return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[] { new DERSequence(essCertIDv2) })));
    } catch (CertificateEncodingException ex) {
        throw new SignerException(ex.getMessage());
    }
}
Also used : IssuerSerial(org.bouncycastle.asn1.x509.IssuerSerial) Digest(org.demoiselle.signer.cryptography.Digest) SignedAttribute(org.demoiselle.signer.policy.impl.cades.pkcs7.attribute.SignedAttribute) Attribute(org.bouncycastle.asn1.cms.Attribute) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) DERSet(org.bouncycastle.asn1.DERSet) X509Certificate(java.security.cert.X509Certificate) AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) ESSCertIDv2(org.bouncycastle.asn1.ess.ESSCertIDv2) GeneralName(org.bouncycastle.asn1.x509.GeneralName) SignerException(org.demoiselle.signer.policy.impl.cades.SignerException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 90 with GeneralNames

use of org.apache.harmony.security.x509.GeneralNames in project keystore-explorer by kaikramer.

the class X509Ext method getAuthorityKeyIdentifierStringValue.

private String getAuthorityKeyIdentifierStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * AuthorityKeyIdentifier ::= ASN1Sequence { keyIdentifier [0]
		 * KeyIdentifier OPTIONAL, authorityCertIssuer [1] GeneralNames
		 * OPTIONAL, authorityCertSerialNumber [2] CertificateSerialNumber
		 * OPTIONAL }
		 *
		 * KeyIdentifier ::= OCTET STRING
		 *
		 * GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
		 *
		 * CertificateSerialNumber ::= ASN1Integer
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    AuthorityKeyIdentifier authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(value);
    byte[] keyIdentifier = authorityKeyIdentifier.getKeyIdentifier();
    GeneralNames authorityCertIssuer = authorityKeyIdentifier.getAuthorityCertIssuer();
    BigInteger certificateSerialNumber = authorityKeyIdentifier.getAuthorityCertSerialNumber();
    if (keyIdentifier != null) {
        // Optional
        // Output as a hex string
        sb.append(MessageFormat.format(res.getString("AuthorityKeyIdentifier"), HexUtil.getHexString(keyIdentifier)));
        sb.append(NEWLINE);
    }
    if (authorityCertIssuer != null) {
        // Optional
        sb.append(res.getString("CertificateIssuer"));
        sb.append(NEWLINE);
        for (GeneralName generalName : authorityCertIssuer.getNames()) {
            sb.append(INDENT);
            sb.append(GeneralNameUtil.toString(generalName));
            sb.append(NEWLINE);
        }
    }
    if (certificateSerialNumber != null) {
        // Optional
        // Output as an integer
        sb.append(MessageFormat.format(res.getString("CertificateSerialNumber"), HexUtil.getHexString(certificateSerialNumber)));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) BigInteger(java.math.BigInteger) AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Aggregations

GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)86 GeneralName (org.bouncycastle.asn1.x509.GeneralName)71 IOException (java.io.IOException)37 X509Certificate (java.security.cert.X509Certificate)27 X500Name (org.bouncycastle.asn1.x500.X500Name)24 ArrayList (java.util.ArrayList)23 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)19 ContentSigner (org.bouncycastle.operator.ContentSigner)18 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)18 BigInteger (java.math.BigInteger)16 X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)16 JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)16 List (java.util.List)15 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)15 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)15 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)15 X500Principal (javax.security.auth.x500.X500Principal)14 DERIA5String (org.bouncycastle.asn1.DERIA5String)14 GeneralNames (sun.security.x509.GeneralNames)14 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)13