Examples with Attributes - org.bouncycastle.asn1.cms.Attributes

Example 56 with Attributes

use of org.bouncycastle.asn1.cms.Attributes in project athenz by yahoo.

the class Crypto method extractX509CSRIPAddresses.

public static List<String> extractX509CSRIPAddresses(PKCS10CertificationRequest certReq) {
    List<String> ipAddresses = new ArrayList<>();
    Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
    for (Attribute attribute : attributes) {
        for (ASN1Encodable value : attribute.getAttributeValues()) {
            Extensions extensions = Extensions.getInstance(value);
            GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
            // /CLOVER:OFF
            if (gns == null) {
                continue;
            }
            // /CLOVER:ON
            for (GeneralName name : gns.getNames()) {
                if (name.getTagNo() == GeneralName.iPAddress) {
                    try {
                        InetAddress addr = InetAddress.getByAddress(((DEROctetString) name.getName()).getOctets());
                        ipAddresses.add(addr.getHostAddress());
                    } catch (UnknownHostException ignored) {
                    }
                }
            }
        }
    }
    return ipAddresses;
}

Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) UnknownHostException(java.net.UnknownHostException) Attribute(org.bouncycastle.asn1.pkcs.Attribute) GeneralName(org.bouncycastle.asn1.x509.GeneralName) Extensions(org.bouncycastle.asn1.x509.Extensions) InetAddress(java.net.InetAddress)

Example 57 with Attributes

use of org.bouncycastle.asn1.cms.Attributes in project fabric-sdk-java by hyperledger.

the class HFCAClientIT method testRegisterAttributesNONE.

/**
 * Test that we get no attributes.
 *
 * @throws Exception
 */
@Test
public void testRegisterAttributesNONE() throws Exception {
    SampleUser user = new SampleUser("mrAttributesNone", TEST_ADMIN_ORG, sampleStore);
    RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
    String password = "mrAttributespassword";
    rr.setSecret(password);
    rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
    rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
    rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
    user.setEnrollmentSecret(client.register(rr, admin));
    if (!user.getEnrollmentSecret().equals(password)) {
        fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
    }
    EnrollmentRequest req = new EnrollmentRequest();
    // empty ensure no attributes.
    req.addAttrReq();
    user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret(), req));
    Enrollment enrollment = user.getEnrollment();
    String cert = enrollment.getCert();
    String certdec = getStringCert(cert);
    assertFalse(format("Contains testattrDEFAULTATTR in certificate decoded: %s", certdec), certdec.contains("\"testattrDEFAULTATTR\"") || certdec.contains("\"mrAttributesValueDEFAULTATTR\""));
    assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
    assertFalse(format("Contains testattr2 in certificate decoded: %s", certdec), certdec.contains("\"testattr2\"") || certdec.contains("\"mrAttributesValue2\""));
}

Also used : EnrollmentRequest(org.hyperledger.fabric_ca.sdk.EnrollmentRequest) Attribute(org.hyperledger.fabric_ca.sdk.Attribute) Enrollment(org.hyperledger.fabric.sdk.Enrollment) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) RegistrationRequest(org.hyperledger.fabric_ca.sdk.RegistrationRequest) SampleUser(org.hyperledger.fabric.sdkintegration.SampleUser) Test(org.junit.Test)

Example 58 with Attributes

use of org.bouncycastle.asn1.cms.Attributes in project fabric-sdk-java by hyperledger.

the class HFCAClientIT method testRegisterAttributesDefault.

/**
 * Test that we get default attributes.
 *
 * @throws Exception
 */
@Test
public void testRegisterAttributesDefault() throws Exception {
    if (testConfig.isRunningAgainstFabric10()) {
        // needs v1.1
        return;
    }
    SampleUser user = new SampleUser("mrAttributesDefault", TEST_ADMIN_ORG, sampleStore);
    RegistrationRequest rr = new RegistrationRequest(user.getName(), TEST_USER1_AFFILIATION);
    String password = "mrAttributespassword";
    rr.setSecret(password);
    rr.addAttribute(new Attribute("testattr1", "mrAttributesValue1"));
    rr.addAttribute(new Attribute("testattr2", "mrAttributesValue2"));
    rr.addAttribute(new Attribute("testattrDEFAULTATTR", "mrAttributesValueDEFAULTATTR", true));
    user.setEnrollmentSecret(client.register(rr, admin));
    if (!user.getEnrollmentSecret().equals(password)) {
        fail("Secret returned from RegistrationRequest not match : " + user.getEnrollmentSecret());
    }
    user.setEnrollment(client.enroll(user.getName(), user.getEnrollmentSecret()));
    Enrollment enrollment = user.getEnrollment();
    String cert = enrollment.getCert();
    String certdec = getStringCert(cert);
    assertTrue(format("Missing testattrDEFAULTATTR in certficate decoded: %s", certdec), certdec.contains("\"testattrDEFAULTATTR\":\"mrAttributesValueDEFAULTATTR\""));
    // Since request and no attribute requests at all defaults should be in certificate.
    assertFalse(format("Contains testattr1 in certificate decoded: %s", certdec), certdec.contains("\"testattr1\"") || certdec.contains("\"mrAttributesValue1\""));
    assertFalse(format("Contains testattr2 in certificate decoded: %s", certdec), certdec.contains("\"testattr2\"") || certdec.contains("\"mrAttributesValue2\""));
}

Also used : Attribute(org.hyperledger.fabric_ca.sdk.Attribute) Enrollment(org.hyperledger.fabric.sdk.Enrollment) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) RegistrationRequest(org.hyperledger.fabric_ca.sdk.RegistrationRequest) SampleUser(org.hyperledger.fabric.sdkintegration.SampleUser) Test(org.junit.Test)

Example 59 with Attributes

use of org.bouncycastle.asn1.cms.Attributes in project fabric-sdk-java by hyperledger.

the class HFCAClientIT method getIdentityReq.

private HFCAIdentity getIdentityReq(String enrollmentID, String type) throws InvalidArgumentException {
    String password = "password";
    HFCAIdentity ident = client.newHFCAIdentity(enrollmentID);
    ident.setSecret(password);
    ident.setAffiliation(TEST_USER1_AFFILIATION);
    ident.setMaxEnrollments(1);
    ident.setType(type);
    Collection<Attribute> attributes = new ArrayList<Attribute>();
    attributes.add(new Attribute("testattr1", "valueattr1"));
    ident.setAttributes(attributes);
    return ident;
}

Also used : HFCAIdentity(org.hyperledger.fabric_ca.sdk.HFCAIdentity) Attribute(org.hyperledger.fabric_ca.sdk.Attribute) ArrayList(java.util.ArrayList) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)

Example 60 with Attributes

use of org.bouncycastle.asn1.cms.Attributes in project jruby-openssl by jruby.

the class SignerInfoWithPkey method toASN1Object.

/**
 * Produce an object suitable for an ASN1OutputStream.
 * <pre>
 *  SignerInfo ::= SEQUENCE {
 *      version Version,
 *      issuerAndSerialNumber IssuerAndSerialNumber,
 *      digestAlgorithm DigestAlgorithmIdentifier,
 *      authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
 *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
 *      encryptedDigest EncryptedDigest,
 *      unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
 *  }
 *
 *  EncryptedDigest ::= OCTET STRING
 *
 *  DigestAlgorithmIdentifier ::= AlgorithmIdentifier
 *
 *  DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
 * </pre>
 */
public ASN1Encodable toASN1Object() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(version);
    v.add(issuerAndSerialNumber);
    v.add(digAlgorithm);
    if (authenticatedAttributes != null) {
        v.add(new DERTaggedObject(false, 0, authenticatedAttributes));
    }
    v.add(digEncryptionAlgorithm);
    v.add(encryptedDigest);
    if (unauthenticatedAttributes != null) {
        v.add(new DERTaggedObject(false, 1, unauthenticatedAttributes));
    }
    return new DLSequence(v);
}

Also used : DLSequence(org.bouncycastle.asn1.DLSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)

Aggregations

ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)20 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)19 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)16 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)15 DEROctetString (org.bouncycastle.asn1.DEROctetString)13 X509Certificate (java.security.cert.X509Certificate)12 IOException (java.io.IOException)10 Date (java.util.Date)10 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)10 DERSequence (org.bouncycastle.asn1.DERSequence)9 DERIA5String (org.bouncycastle.asn1.DERIA5String)8 DERSet (org.bouncycastle.asn1.DERSet)8 Attribute (org.bouncycastle.asn1.cms.Attribute)8 AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)8 GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)8 ByteArrayInputStream (java.io.ByteArrayInputStream)7 BigInteger (java.math.BigInteger)7 KeyStore (java.security.KeyStore)7 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)7 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)7