Example 26 with Attribute
use of org.bouncycastle.asn1.cms.Attribute in project athenz by yahoo.
the class Crypto method extractX509CSREmail.
public static String extractX509CSREmail(PKCS10CertificationRequest certReq) {
String rfc822 = null;
Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
for (Attribute attribute : attributes) {
for (ASN1Encodable value : attribute.getAttributeValues()) {
Extensions extensions = Extensions.getInstance(value);
GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
for (GeneralName name : gns.getNames()) {
if (name.getTagNo() == GeneralName.rfc822Name) {
rfc822 = (((DERIA5String) name.getName()).getString());
break;
}
}
}
}
return rfc822;
}
Also used :
DERIA5String(org.bouncycastle.asn1.DERIA5String)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Extensions(org.bouncycastle.asn1.x509.Extensions)
Example 27 with Attribute
use of org.bouncycastle.asn1.cms.Attribute in project athenz by yahoo.
the class Crypto method extractX509CSRDnsNames.
public static List<String> extractX509CSRDnsNames(PKCS10CertificationRequest certReq) {
List<String> dnsNames = new ArrayList<>();
Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
for (Attribute attribute : attributes) {
for (ASN1Encodable value : attribute.getAttributeValues()) {
Extensions extensions = Extensions.getInstance(value);
GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
for (GeneralName name : gns.getNames()) {
if (name.getTagNo() == GeneralName.dNSName) {
dnsNames.add(((DERIA5String) name.getName()).getString());
}
}
}
}
return dnsNames;
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
ArrayList(java.util.ArrayList)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Extensions(org.bouncycastle.asn1.x509.Extensions)
Example 28 with Attribute
use of org.bouncycastle.asn1.cms.Attribute in project robovm by robovm.
the class X509AttributeCertificateHolder method getAttributes.
/**
* Return the attributes, if any associated with this request.
*
* @return an array of Attribute, zero length if none present.
*/
public Attribute[] getAttributes() {
ASN1Sequence seq = attrCert.getAcinfo().getAttributes();
Attribute[] attrs = new Attribute[seq.size()];
for (int i = 0; i != seq.size(); i++) {
attrs[i] = Attribute.getInstance(seq.getObjectAt(i));
}
return attrs;
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Attribute(org.bouncycastle.asn1.x509.Attribute)
Example 29 with Attribute
use of org.bouncycastle.asn1.cms.Attribute in project OpenAttestation by OpenAttestation.
the class X509AttrBuilder method build.
public byte[] build() {
if (notBefore == null || notAfter == null) {
// 1 day default
expires(1, TimeUnit.DAYS);
}
if (serialNumber == null) {
dateSerial();
}
if (subjectName == null) {
fault("Subject name is missing");
}
if (issuerName == null) {
fault("Issuer name is missing");
}
if (issuerPrivateKey == null) {
fault("Issuer private key is missing");
}
if (attributes.isEmpty()) {
fault("No attributes selected");
}
try {
if (getFaults().isEmpty()) {
AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256withRSA");
AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
ContentSigner authority = null;
if (issuerPrivateKey != null)
// create a bouncy castle content signer convert using our existing private key
authority = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(PrivateKeyFactory.createKey(issuerPrivateKey.getEncoded()));
// second, prepare the attribute certificate
// which is expected to be a UUID like this: 33766a63-5c55-4461-8a84-5936577df450
AttributeCertificateHolder holder = new AttributeCertificateHolder(subjectName);
AttributeCertificateIssuer issuer = new AttributeCertificateIssuer(issuerName);
X509v2AttributeCertificateBuilder builder = new X509v2AttributeCertificateBuilder(holder, issuer, serialNumber, notBefore, notAfter);
for (Attribute attribute : attributes) {
builder.addAttribute(attribute.oid, attribute.value);
}
// fourth, sign the attribute certificate
if (authority != null) {
X509AttributeCertificateHolder cert;
cert = builder.build(authority);
//X509AttributeCertificate.valueOf(cert.getEncoded());
return cert.getEncoded();
}
}
return null;
} catch (IOException | OperatorCreationException e) {
fault(e, "cannot sign certificate");
return null;
} finally {
done();
}
}
Also used :
X509v2AttributeCertificateBuilder(org.bouncycastle.cert.X509v2AttributeCertificateBuilder)
AttributeCertificateIssuer(org.bouncycastle.cert.AttributeCertificateIssuer)
X509AttributeCertificateHolder(org.bouncycastle.cert.X509AttributeCertificateHolder)
AttributeCertificateHolder(org.bouncycastle.cert.AttributeCertificateHolder)
ContentSigner(org.bouncycastle.operator.ContentSigner)
X509AttributeCertificateHolder(org.bouncycastle.cert.X509AttributeCertificateHolder)
IOException(java.io.IOException)
DefaultDigestAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder)
AlgorithmIdentifier(org.bouncycastle.asn1.x509.AlgorithmIdentifier)
DefaultSignatureAlgorithmIdentifierFinder(org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder)
BcRSAContentSignerBuilder(org.bouncycastle.operator.bc.BcRSAContentSignerBuilder)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
Example 30 with Attribute
use of org.bouncycastle.asn1.cms.Attribute in project XobotOS by xamarin.
the class PrivateKeyInfo method toASN1Object.
/**
* write out an RSA private key with its associated information
* as described in PKCS8.
* <pre>
* PrivateKeyInfo ::= SEQUENCE {
* version Version,
* privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
* privateKey PrivateKey,
* attributes [0] IMPLICIT Attributes OPTIONAL
* }
* Version ::= INTEGER {v1(0)} (v1,...)
*
* PrivateKey ::= OCTET STRING
*
* Attributes ::= SET OF Attribute
* </pre>
*/
public DERObject toASN1Object() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new DERInteger(0));
v.add(algId);
v.add(new DEROctetString(privKey));
if (attributes != null) {
v.add(new DERTaggedObject(false, 0, attributes));
}
return new DERSequence(v);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERInteger(org.bouncycastle.asn1.DERInteger)
Aggregations
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)18
IOException (java.io.IOException)16
ArrayList (java.util.ArrayList)13
List (java.util.List)11
Attribute (org.bouncycastle.asn1.cms.Attribute)10
X509Certificate (java.security.cert.X509Certificate)9
DEROctetString (org.bouncycastle.asn1.DEROctetString)9
DERSequence (org.bouncycastle.asn1.DERSequence)9
GeneralName (org.bouncycastle.asn1.x509.GeneralName)9
Iterator (java.util.Iterator)8
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)8
DERObject (org.bouncycastle.asn1.DERObject)8
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)6
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)6
ASN1Set (org.bouncycastle.asn1.ASN1Set)6
AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)6
Enumeration (java.util.Enumeration)5
X500Principal (javax.security.auth.x500.X500Principal)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
Vector (java.util.Vector)4
