Examples with ASN1ObjectIdentifier org.bouncycastle.asn1.ASN1ObjectIdentifier used on opensource projects

Search in sources :

Example 61 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileQc.

// method certprofileMultipleValuedRdn
private static X509ProfileType certprofileQc() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile qc", X509CertLevel.EndEntity, "5y", false);
    // Subject
    Subject subject = profile.getSubject();
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_organizationIdentifier, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1));
    // Extensions
    // Extensions - general
    ExtensionsType extensions = profile.getExtensions();
    // Extensions - controls
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, false, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.CONTENT_COMMITMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_timeStamping }, null);
    list.add(createExtension(Extension.extendedKeyUsage, true, true, extensionValue));
    // privateKeyUsagePeriod
    extensionValue = createPrivateKeyUsagePeriod("3y");
    list.add(createExtension(Extension.privateKeyUsagePeriod, true, false, extensionValue));
    // QcStatements
    extensionValue = createQcStatements(false);
    list.add(createExtension(Extension.qCStatements, true, false, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 62 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method createKeyAlgorithms.

// method getBaseProfile
private static KeyAlgorithms createKeyAlgorithms(ASN1ObjectIdentifier[] curveIds) {
    KeyAlgorithms ret = new KeyAlgorithms();
    List<AlgorithmType> list = ret.getAlgorithm();
    // RSA
    AlgorithmType algorithm = new AlgorithmType();
    list.add(algorithm);
    algorithm.getAlgorithm().add(createOidType(PKCSObjectIdentifiers.rsaEncryption, "RSA"));
    RSAParameters rsaParams = new RSAParameters();
    algorithm.setParameters(createKeyParametersType(rsaParams));
    RangesType ranges = new RangesType();
    rsaParams.setModulusLength(ranges);
    List<RangeType> modulusLengths = ranges.getRange();
    modulusLengths.add(createRange(1024));
    modulusLengths.add(createRange(2048));
    modulusLengths.add(createRange(3072));
    modulusLengths.add(createRange(4096));
    // DSA
    algorithm = new AlgorithmType();
    list.add(algorithm);
    algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_dsa, "DSA"));
    DSAParameters dsaParams = new DSAParameters();
    algorithm.setParameters(createKeyParametersType(dsaParams));
    ranges = new RangesType();
    dsaParams.setPLength(ranges);
    List<RangeType> plengths = ranges.getRange();
    plengths.add(createRange(1024));
    plengths.add(createRange(2048));
    plengths.add(createRange(3072));
    ranges = new RangesType();
    dsaParams.setQLength(ranges);
    List<RangeType> qlengths = ranges.getRange();
    qlengths.add(createRange(160));
    qlengths.add(createRange(224));
    qlengths.add(createRange(256));
    // EC
    algorithm = new AlgorithmType();
    list.add(algorithm);
    algorithm.getAlgorithm().add(createOidType(X9ObjectIdentifiers.id_ecPublicKey, "EC"));
    ECParameters ecParams = new ECParameters();
    algorithm.setParameters(createKeyParametersType(ecParams));
    if (curveIds != null && curveIds.length > 0) {
        Curves curves = new Curves();
        ecParams.setCurves(curves);
        for (ASN1ObjectIdentifier curveId : curveIds) {
            String name = AlgorithmUtil.getCurveName(curveId);
            curves.getCurve().add(createOidType(curveId, name));
        }
    }
    ecParams.setPointEncodings(new PointEncodings());
    final Byte unpressed = 4;
    ecParams.getPointEncodings().getPointEncoding().add(unpressed);
    return ret;
}
Also used : RSAParameters(org.xipki.ca.certprofile.x509.jaxb.RSAParameters) KeyAlgorithms(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.KeyAlgorithms) ECParameters(org.xipki.ca.certprofile.x509.jaxb.ECParameters) PointEncodings(org.xipki.ca.certprofile.x509.jaxb.ECParameters.PointEncodings) RangeType(org.xipki.ca.certprofile.x509.jaxb.RangeType) AlgorithmType(org.xipki.ca.certprofile.x509.jaxb.AlgorithmType) RangesType(org.xipki.ca.certprofile.x509.jaxb.RangesType) DSAParameters(org.xipki.ca.certprofile.x509.jaxb.DSAParameters) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) Curves(org.xipki.ca.certprofile.x509.jaxb.ECParameters.Curves)

Example 63 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method createBiometricInfo.

// method createQcStatements
private static ExtensionValueType createBiometricInfo() {
    BiometricInfo extValue = new BiometricInfo();
    // type
    // predefined image (0)
    BiometricTypeType type = new BiometricTypeType();
    extValue.getType().add(type);
    IntWithDescType predefined = new IntWithDescType();
    predefined.setValue(0);
    predefined.setDescription("image");
    type.setPredefined(predefined);
    // predefined handwritten-signature(1)
    type = new BiometricTypeType();
    predefined = new IntWithDescType();
    predefined.setValue(1);
    predefined.setDescription("handwritten-signature");
    type.setPredefined(predefined);
    extValue.getType().add(type);
    // OID
    type = new BiometricTypeType();
    type.setOid(createOidType(new ASN1ObjectIdentifier("1.2.3.4.5.6"), "dummy biometric type"));
    extValue.getType().add(type);
    // hash algorithm
    HashAlgo[] hashAlgos = new HashAlgo[] { HashAlgo.SHA256, HashAlgo.SHA384 };
    for (HashAlgo hashAlgo : hashAlgos) {
        extValue.getHashAlgorithm().add(createOidType(hashAlgo.getOid(), hashAlgo.getName()));
    }
    extValue.setIncludeSourceDataUri(TripleState.REQUIRED);
    return createExtensionValueType(extValue);
}
Also used : BiometricInfo(org.xipki.ca.certprofile.x509.jaxb.BiometricInfo) BiometricTypeType(org.xipki.ca.certprofile.x509.jaxb.BiometricTypeType) HashAlgo(org.xipki.security.HashAlgo) IntWithDescType(org.xipki.ca.certprofile.x509.jaxb.IntWithDescType) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 64 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileTlsWithIncSerial.

// method certprofileTlsC
private static X509ProfileType certprofileTlsWithIncSerial() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile tls-inc-sn " + "(serial number will be added automatically)", X509CertLevel.EndEntity, "5y", false);
    profile.setDuplicateKey(true);
    // Subject
    Subject subject = profile.getSubject();
    subject.setDuplicateSubjectPermitted(true);
    subject.setIncSerialNumber(true);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1, new String[] { REGEX_FQDN }, null, null));
    // Extensions
    // Extensions - general
    ExtensionsType extensions = profile.getExtensions();
    // Extensions - controls
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.DIGITAL_SIGNATURE, KeyUsageEnum.DATA_ENCIPHERMENT, KeyUsageEnum.KEY_ENCIPHERMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_serverAuth }, new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_clientAuth });
    list.add(createExtension(Extension.extendedKeyUsage, true, false, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 65 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method sortOidList.

private static List<ASN1ObjectIdentifier> sortOidList(List<ASN1ObjectIdentifier> oids) {
    ParamUtil.requireNonNull("oids", oids);
    List<String> list = new ArrayList<>(oids.size());
    for (ASN1ObjectIdentifier m : oids) {
        list.add(m.getId());
    }
    Collections.sort(list);
    List<ASN1ObjectIdentifier> sorted = new ArrayList<>(oids.size());
    for (String m : list) {
        for (ASN1ObjectIdentifier n : oids) {
            if (m.equals(n.getId()) && !sorted.contains(n)) {
                sorted.add(n);
            }
        }
    }
    return sorted;
}
Also used : ArrayList(java.util.ArrayList) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)331 IOException (java.io.IOException)85 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)80 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)61 DEROctetString (org.bouncycastle.asn1.DEROctetString)60 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57 DERIA5String (org.bouncycastle.asn1.DERIA5String)57 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)52 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)50 DERSequence (org.bouncycastle.asn1.DERSequence)47 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)44 ASN1String (org.bouncycastle.asn1.ASN1String)41 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)38 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)37 Extension (org.bouncycastle.asn1.x509.Extension)36 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 ArrayList (java.util.ArrayList)34 BigInteger (java.math.BigInteger)33 X500Name (org.bouncycastle.asn1.x500.X500Name)33 HashSet (java.util.HashSet)31
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial