Example 31 with DERUTF8String
use of org.bouncycastle.asn1.DERUTF8String in project xipki by xipki.
the class P12ComplexCsrGenCmd method getAdditionalExtensions.
@Override
protected List<Extension> getAdditionalExtensions() throws BadInputException {
List<Extension> extensions = new LinkedList<>();
// extension admission (Germany standard commonpki)
ASN1EncodableVector vec = new ASN1EncodableVector();
DirectoryString[] dummyItems = new DirectoryString[] { new DirectoryString("dummy") };
ProfessionInfo pi = new ProfessionInfo(null, dummyItems, null, "aaaab", null);
Admissions admissions = new Admissions(null, null, new ProfessionInfo[] { pi });
vec.add(admissions);
AdmissionSyntax adSyn = new AdmissionSyntax(null, new DERSequence(vec));
try {
extensions.add(new Extension(ObjectIdentifiers.id_extension_admission, false, adSyn.getEncoded()));
} catch (IOException ex) {
throw new BadInputException(ex.getMessage(), ex);
}
// extension subjectDirectoryAttributes (RFC 3739)
Vector<Attribute> attrs = new Vector<>();
ASN1GeneralizedTime dateOfBirth = new ASN1GeneralizedTime("19800122120000Z");
attrs.add(new Attribute(ObjectIdentifiers.DN_DATE_OF_BIRTH, new DERSet(dateOfBirth)));
DERPrintableString gender = new DERPrintableString("M");
attrs.add(new Attribute(ObjectIdentifiers.DN_GENDER, new DERSet(gender)));
DERUTF8String placeOfBirth = new DERUTF8String("Berlin");
attrs.add(new Attribute(ObjectIdentifiers.DN_PLACE_OF_BIRTH, new DERSet(placeOfBirth)));
String[] countryOfCitizenshipList = { "DE", "FR" };
for (String country : countryOfCitizenshipList) {
DERPrintableString val = new DERPrintableString(country);
attrs.add(new Attribute(ObjectIdentifiers.DN_COUNTRY_OF_CITIZENSHIP, new DERSet(val)));
}
String[] countryOfResidenceList = { "DE" };
for (String country : countryOfResidenceList) {
DERPrintableString val = new DERPrintableString(country);
attrs.add(new Attribute(ObjectIdentifiers.DN_COUNTRY_OF_RESIDENCE, new DERSet(val)));
}
SubjectDirectoryAttributes subjectDirAttrs = new SubjectDirectoryAttributes(attrs);
try {
extensions.add(new Extension(Extension.subjectDirectoryAttributes, false, subjectDirAttrs.getEncoded()));
} catch (IOException ex) {
throw new BadInputException(ex.getMessage(), ex);
}
return extensions;
}
Also used :
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
Attribute(org.bouncycastle.asn1.x509.Attribute)
SubjectDirectoryAttributes(org.bouncycastle.asn1.x509.SubjectDirectoryAttributes)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
IOException(java.io.IOException)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERSet(org.bouncycastle.asn1.DERSet)
LinkedList(java.util.LinkedList)
Extension(org.bouncycastle.asn1.x509.Extension)
BadInputException(org.xipki.security.exception.BadInputException)
DERSequence(org.bouncycastle.asn1.DERSequence)
AdmissionSyntax(org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax)
Admissions(org.bouncycastle.asn1.isismtt.x509.Admissions)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
Vector(java.util.Vector)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ProfessionInfo(org.bouncycastle.asn1.isismtt.x509.ProfessionInfo)
Example 32 with DERUTF8String
use of org.bouncycastle.asn1.DERUTF8String in project xipki by xipki.
the class X509Ca method addXipkiCertset.
// method generateCrl
/**
* Add XiPKI extension CrlCertSet.
*
* <pre>
* Xipki-CrlCertSet ::= SET OF Xipki-CrlCert
*
* Xipki-CrlCert ::= SEQUENCE {
* serial INTEGER
* cert [0] EXPLICIT Certificate OPTIONAL
* profileName [1] EXPLICIT UTF8String OPTIONAL
* }
* </pre>
*/
private void addXipkiCertset(X509v2CRLBuilder crlBuilder, boolean deltaCrl, CrlControl control, Date notExpireAt, boolean onlyCaCerts, boolean onlyUserCerts) throws OperationException {
if (deltaCrl || !control.isXipkiCertsetIncluded()) {
return;
}
ASN1EncodableVector vector = new ASN1EncodableVector();
final int numEntries = 100;
long startId = 1;
List<SerialWithId> serials;
do {
serials = certstore.getCertSerials(caIdent, notExpireAt, startId, numEntries, false, onlyCaCerts, onlyUserCerts);
long maxId = 1;
for (SerialWithId sid : serials) {
if (sid.getId() > maxId) {
maxId = sid.getId();
}
ASN1EncodableVector vec = new ASN1EncodableVector();
vec.add(new ASN1Integer(sid.getSerial()));
Integer profileId = null;
if (control.isXipkiCertsetCertIncluded()) {
X509CertificateInfo certInfo;
try {
certInfo = certstore.getCertificateInfoForId(caIdent, caCert, sid.getId(), caIdNameMap);
} catch (CertificateException ex) {
throw new OperationException(ErrorCode.SYSTEM_FAILURE, "CertificateException: " + ex.getMessage());
}
Certificate cert = Certificate.getInstance(certInfo.getCert().getEncodedCert());
vec.add(new DERTaggedObject(true, 0, cert));
if (control.isXipkiCertsetProfilenameIncluded()) {
profileId = certInfo.getProfile().getId();
}
} else if (control.isXipkiCertsetProfilenameIncluded()) {
profileId = certstore.getCertProfileForId(caIdent, sid.getId());
}
if (profileId != null) {
String profileName = caIdNameMap.getCertprofileName(profileId);
vec.add(new DERTaggedObject(true, 1, new DERUTF8String(profileName)));
}
vector.add(new DERSequence(vec));
}
// end for
startId = maxId + 1;
} while (serials.size() >= numEntries);
try {
crlBuilder.addExtension(ObjectIdentifiers.id_xipki_ext_crlCertset, false, new DERSet(vector));
} catch (CertIOException ex) {
throw new OperationException(ErrorCode.INVALID_EXTENSION, "CertIOException: " + ex.getMessage());
}
}
Also used :
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
X509CertificateInfo(org.xipki.ca.api.publisher.x509.X509CertificateInfo)
CertificateException(java.security.cert.CertificateException)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERSet(org.bouncycastle.asn1.DERSet)
CertIOException(org.bouncycastle.cert.CertIOException)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
BigInteger(java.math.BigInteger)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
OperationException(org.xipki.ca.api.OperationException)
Certificate(org.bouncycastle.asn1.x509.Certificate)
X509Certificate(java.security.cert.X509Certificate)
Example 33 with DERUTF8String
use of org.bouncycastle.asn1.DERUTF8String in project xipki by xipki.
the class CmpCaClient method requestCertViaCrmf.
public X509Certificate requestCertViaCrmf(String certProfile, PrivateKey privateKey, SubjectPublicKeyInfo publicKeyInfo, String subject) throws Exception {
CertTemplateBuilder certTemplateBuilder = new CertTemplateBuilder();
certTemplateBuilder.setSubject(new X500Name(subject));
certTemplateBuilder.setPublicKey(publicKeyInfo);
CertRequest certReq = new CertRequest(1, certTemplateBuilder.build(), null);
ProofOfPossessionSigningKeyBuilder popoBuilder = new ProofOfPossessionSigningKeyBuilder(certReq);
ContentSigner popoSigner = buildSigner(privateKey);
POPOSigningKey popoSk = popoBuilder.build(popoSigner);
ProofOfPossession popo = new ProofOfPossession(popoSk);
AttributeTypeAndValue certprofileInfo = new AttributeTypeAndValue(CMPObjectIdentifiers.regInfo_utf8Pairs, new DERUTF8String("CERT-PROFILE?" + certProfile + "%"));
AttributeTypeAndValue[] atvs = { certprofileInfo };
CertReqMsg certReqMsg = new CertReqMsg(certReq, popo, atvs);
PKIBody body = new PKIBody(PKIBody.TYPE_CERT_REQ, new CertReqMessages(certReqMsg));
ProtectedPKIMessageBuilder builder = new ProtectedPKIMessageBuilder(PKIHeader.CMP_2000, requestorSubject, responderSubject);
builder.setMessageTime(new Date());
builder.setTransactionID(randomTransactionId());
builder.setSenderNonce(randomSenderNonce());
builder.addGeneralInfo(new InfoTypeAndValue(CMPObjectIdentifiers.it_implicitConfirm, DERNull.INSTANCE));
builder.setBody(body);
ProtectedPKIMessage request = builder.build(requestorSigner);
PKIMessage response = transmit(request);
return parseEnrollCertResult(response);
}
Also used :
ProtectedPKIMessage(org.bouncycastle.cert.cmp.ProtectedPKIMessage)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
GeneralPKIMessage(org.bouncycastle.cert.cmp.GeneralPKIMessage)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
CertReqMessages(org.bouncycastle.asn1.crmf.CertReqMessages)
CertReqMsg(org.bouncycastle.asn1.crmf.CertReqMsg)
ContentSigner(org.bouncycastle.operator.ContentSigner)
ProtectedPKIMessage(org.bouncycastle.cert.cmp.ProtectedPKIMessage)
ProofOfPossession(org.bouncycastle.asn1.crmf.ProofOfPossession)
X500Name(org.bouncycastle.asn1.x500.X500Name)
AttributeTypeAndValue(org.bouncycastle.asn1.crmf.AttributeTypeAndValue)
Date(java.util.Date)
CertTemplateBuilder(org.bouncycastle.asn1.crmf.CertTemplateBuilder)
CertRequest(org.bouncycastle.asn1.crmf.CertRequest)
InfoTypeAndValue(org.bouncycastle.asn1.cmp.InfoTypeAndValue)
ProofOfPossessionSigningKeyBuilder(org.bouncycastle.cert.crmf.ProofOfPossessionSigningKeyBuilder)
ProtectedPKIMessageBuilder(org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder)
POPOSigningKey(org.bouncycastle.asn1.crmf.POPOSigningKey)
Example 34 with DERUTF8String
use of org.bouncycastle.asn1.DERUTF8String in project xipki by xipki.
the class Asn1GenDSAKeypairParams method toASN1Primitive.
@Override
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector vector = new ASN1EncodableVector();
vector.add(new Asn1P11SlotIdentifier(slotId));
vector.add(new DERUTF8String(label));
vector.add(new Asn1NewKeyControl(control));
vector.add(new ASN1Integer(p));
vector.add(new ASN1Integer(q));
vector.add(new ASN1Integer(g));
return new DERSequence(vector);
}
Also used :
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
Example 35 with DERUTF8String
use of org.bouncycastle.asn1.DERUTF8String in project signer by demoiselle.
the class OIDGeneric method getInstance.
/**
* Instance for OIDGeneric.
*
* @param data
* Set of bytes with the contents of the certificate.
* @return Object GenericOID
* @throws IOException exception of input/output
* @throws Exception general exception
*/
public static OIDGeneric getInstance(byte[] data) throws IOException, Exception {
is = new ASN1InputStream(data);
DLSequence sequence = (DLSequence) is.readObject();
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) sequence.getObjectAt(0);
DERTaggedObject taggedObject = (DERTaggedObject) sequence.getObjectAt(1);
DERTaggedObject taggedObject2 = (DERTaggedObject) taggedObject.getObject();
DEROctetString octet = null;
DERPrintableString print = null;
DERUTF8String utf8 = null;
DERIA5String ia5 = null;
try {
octet = (DEROctetString) taggedObject2.getObject();
} catch (Exception e) {
try {
print = (DERPrintableString) taggedObject2.getObject();
} catch (Exception e1) {
try {
utf8 = (DERUTF8String) taggedObject2.getObject();
} catch (Exception e2) {
ia5 = (DERIA5String) taggedObject2.getObject();
}
}
}
String className = getPackageName() + oid.getId().replaceAll("[.]", "_");
OIDGeneric oidGenerico;
try {
oidGenerico = (OIDGeneric) Class.forName(className).newInstance();
} catch (InstantiationException e) {
throw new Exception(coreMessagesBundle.getString("error.class.instance", className), e);
} catch (IllegalAccessException e) {
throw new Exception(coreMessagesBundle.getString("error.class.illegal.access", className), e);
} catch (ClassNotFoundException e) {
oidGenerico = new OIDGeneric();
}
oidGenerico.oid = oid.getId();
if (octet != null) {
oidGenerico.data = new String(octet.getOctets());
} else {
if (print != null) {
oidGenerico.data = print.getString();
} else {
if (utf8 != null) {
oidGenerico.data = utf8.getString();
} else {
oidGenerico.data = ia5.getString();
}
}
}
oidGenerico.initialize();
return oidGenerico;
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
IOException(java.io.IOException)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DLSequence(org.bouncycastle.asn1.DLSequence)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)42
DERSequence (org.bouncycastle.asn1.DERSequence)25
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)19
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)17
DEROctetString (org.bouncycastle.asn1.DEROctetString)17
DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)15
IOException (java.io.IOException)14
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)14
DERIA5String (org.bouncycastle.asn1.DERIA5String)14
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)13
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)13
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)12
X500Name (org.bouncycastle.asn1.x500.X500Name)11
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)9
GeneralName (org.bouncycastle.asn1.x509.GeneralName)9
X509Certificate (java.security.cert.X509Certificate)8
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)8
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)7
BigInteger (java.math.BigInteger)6
Date (java.util.Date)6
