Examples with ASN1ObjectIdentifier org.bouncycastle.asn1.ASN1ObjectIdentifier used on opensource projects

Search in sources :

Example 66 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileTlsC.

// method certprofileTls
private static X509ProfileType certprofileTlsC() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile tls-c", X509CertLevel.EndEntity, "5y", false);
    // Subject
    Subject subject = profile.getSubject();
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1));
    // Extensions
    ExtensionsType extensions = profile.getExtensions();
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.DIGITAL_SIGNATURE, KeyUsageEnum.DATA_ENCIPHERMENT, KeyUsageEnum.KEY_ENCIPHERMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_clientAuth }, null);
    list.add(createExtension(Extension.extendedKeyUsage, true, false, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 67 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileOcsp.

// method certprofileSubCaComplex
private static X509ProfileType certprofileOcsp() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile ocsp", X509CertLevel.EndEntity, "5y", false);
    // Subject
    Subject subject = profile.getSubject();
    subject.setIncSerialNumber(true);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_organizationIdentifier, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1));
    // Extensions
    ExtensionsType extensions = profile.getExtensions();
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    list.add(createExtension(ObjectIdentifiers.id_extension_pkix_ocsp_nocheck, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.CONTENT_COMMITMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_OCSPSigning }, null);
    list.add(createExtension(Extension.extendedKeyUsage, true, false, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 68 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method createExtendedKeyUsage.

private static ExtensionValueType createExtendedKeyUsage(ASN1ObjectIdentifier[] requiredUsages, ASN1ObjectIdentifier[] optionalUsages) {
    ExtendedKeyUsage extValue = new ExtendedKeyUsage();
    if (requiredUsages != null) {
        List<ASN1ObjectIdentifier> oids = Arrays.asList(requiredUsages);
        oids = sortOidList(oids);
        for (ASN1ObjectIdentifier usage : oids) {
            extValue.getUsage().add(createSingleExtKeyUsage(usage, true));
        }
    }
    if (optionalUsages != null) {
        List<ASN1ObjectIdentifier> oids = Arrays.asList(optionalUsages);
        oids = sortOidList(oids);
        for (ASN1ObjectIdentifier usage : oids) {
            extValue.getUsage().add(createSingleExtKeyUsage(usage, false));
        }
    }
    return createExtensionValueType(extValue);
}
Also used : ExtendedKeyUsage(org.xipki.ca.certprofile.x509.jaxb.ExtendedKeyUsage) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 69 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class ProfileConfCreatorDemo method createCertificatePolicies.

private static ExtensionValueType createCertificatePolicies(ASN1ObjectIdentifier... policyOids) {
    if (policyOids == null || policyOids.length == 0) {
        return null;
    }
    CertificatePolicies extValue = new CertificatePolicies();
    List<CertificatePolicyInformationType> pis = extValue.getCertificatePolicyInformation();
    for (ASN1ObjectIdentifier oid : policyOids) {
        CertificatePolicyInformationType single = new CertificatePolicyInformationType();
        pis.add(single);
        single.setPolicyIdentifier(createOidType(oid));
    }
    return createExtensionValueType(extValue);
}
Also used : CertificatePolicyInformationType(org.xipki.ca.certprofile.x509.jaxb.CertificatePolicyInformationType) CertificatePolicies(org.xipki.ca.certprofile.x509.jaxb.CertificatePolicies) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 70 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class XmlX509CertprofileUtil method convertKeyParametersOption.

private static KeyParametersOption convertKeyParametersOption(AlgorithmType type) throws CertprofileException {
    ParamUtil.requireNonNull("type", type);
    if (type.getParameters() == null || type.getParameters().getAny() == null) {
        return KeyParametersOption.ALLOW_ALL;
    }
    Object paramsObj = type.getParameters().getAny();
    if (paramsObj instanceof ECParameters) {
        ECParameters params = (ECParameters) paramsObj;
        KeyParametersOption.ECParamatersOption option = new KeyParametersOption.ECParamatersOption();
        if (params.getCurves() != null) {
            Curves curves = params.getCurves();
            Set<ASN1ObjectIdentifier> curveOids = toOidSet(curves.getCurve());
            option.setCurveOids(curveOids);
        }
        if (params.getPointEncodings() != null) {
            List<Byte> bytes = params.getPointEncodings().getPointEncoding();
            Set<Byte> pointEncodings = new HashSet<>(bytes);
            option.setPointEncodings(pointEncodings);
        }
        return option;
    } else if (paramsObj instanceof RSAParameters) {
        RSAParameters params = (RSAParameters) paramsObj;
        KeyParametersOption.RSAParametersOption option = new KeyParametersOption.RSAParametersOption();
        Set<Range> modulusLengths = buildParametersMap(params.getModulusLength());
        option.setModulusLengths(modulusLengths);
        return option;
    } else if (paramsObj instanceof RSAPSSParameters) {
        RSAPSSParameters params = (RSAPSSParameters) paramsObj;
        KeyParametersOption.RSAPSSParametersOption option = new KeyParametersOption.RSAPSSParametersOption();
        Set<Range> modulusLengths = buildParametersMap(params.getModulusLength());
        option.setModulusLengths(modulusLengths);
        return option;
    } else if (paramsObj instanceof DSAParameters) {
        DSAParameters params = (DSAParameters) paramsObj;
        KeyParametersOption.DSAParametersOption option = new KeyParametersOption.DSAParametersOption();
        Set<Range> plengths = buildParametersMap(params.getPLength());
        option.setPlengths(plengths);
        Set<Range> qlengths = buildParametersMap(params.getQLength());
        option.setQlengths(qlengths);
        return option;
    } else if (paramsObj instanceof DHParameters) {
        DHParameters params = (DHParameters) paramsObj;
        KeyParametersOption.DHParametersOption option = new KeyParametersOption.DHParametersOption();
        Set<Range> plengths = buildParametersMap(params.getPLength());
        option.setPlengths(plengths);
        Set<Range> qlengths = buildParametersMap(params.getQLength());
        option.setQlengths(qlengths);
        return option;
    } else if (paramsObj instanceof GostParameters) {
        GostParameters params = (GostParameters) paramsObj;
        KeyParametersOption.GostParametersOption option = new KeyParametersOption.GostParametersOption();
        Set<ASN1ObjectIdentifier> set = toOidSet(params.getPublicKeyParamSet());
        option.setPublicKeyParamSets(set);
        set = toOidSet(params.getDigestParamSet());
        option.setDigestParamSets(set);
        set = toOidSet(params.getEncryptionParamSet());
        option.setEncryptionParamSets(set);
        return option;
    } else {
        throw new CertprofileException("unknown public key parameters type " + paramsObj.getClass().getName());
    }
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) ECParameters(org.xipki.ca.certprofile.x509.jaxb.ECParameters) CertprofileException(org.xipki.ca.api.profile.CertprofileException) GostParameters(org.xipki.ca.certprofile.x509.jaxb.GostParameters) RSAPSSParameters(org.xipki.ca.certprofile.x509.jaxb.RSAPSSParameters) HashSet(java.util.HashSet) RSAParameters(org.xipki.ca.certprofile.x509.jaxb.RSAParameters) DHParameters(org.xipki.ca.certprofile.x509.jaxb.DHParameters) Range(org.xipki.ca.api.profile.Range) KeyParametersOption(org.xipki.ca.api.profile.KeyParametersOption) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DSAParameters(org.xipki.ca.certprofile.x509.jaxb.DSAParameters) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) Curves(org.xipki.ca.certprofile.x509.jaxb.ECParameters.Curves)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)331 IOException (java.io.IOException)85 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)80 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)61 DEROctetString (org.bouncycastle.asn1.DEROctetString)60 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57 DERIA5String (org.bouncycastle.asn1.DERIA5String)57 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)52 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)50 DERSequence (org.bouncycastle.asn1.DERSequence)47 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)44 ASN1String (org.bouncycastle.asn1.ASN1String)41 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)38 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)37 Extension (org.bouncycastle.asn1.x509.Extension)36 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 ArrayList (java.util.ArrayList)34 BigInteger (java.math.BigInteger)33 X500Name (org.bouncycastle.asn1.x500.X500Name)33 HashSet (java.util.HashSet)31
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial