use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class X509Util method getCommonName.
public static String getCommonName(X500Name name) {
ParamUtil.requireNonNull("name", name);
RDN[] rdns = name.getRDNs(ObjectIdentifiers.DN_CN);
if (rdns != null && rdns.length > 0) {
RDN rdn = rdns[0];
AttributeTypeAndValue atv = null;
if (rdn.isMultiValued()) {
for (AttributeTypeAndValue m : rdn.getTypesAndValues()) {
if (m.getType().equals(ObjectIdentifiers.DN_CN)) {
atv = m;
break;
}
}
} else {
atv = rdn.getFirst();
}
return (atv == null) ? null : rdnValueToString(atv.getValue());
}
return null;
}
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class SubjectChecker method checkSubjectAttributeNotMultiValued.
private ValidationIssue checkSubjectAttributeNotMultiValued(ASN1ObjectIdentifier type, X500Name subject, X500Name requestedSubject) throws BadCertTemplateException {
ValidationIssue issue = createSubjectIssue(type);
// control
RdnControl rdnControl = subjectControl.getControl(type);
int minOccurs = (rdnControl == null) ? 0 : rdnControl.getMinOccurs();
int maxOccurs = (rdnControl == null) ? 0 : rdnControl.getMaxOccurs();
RDN[] rdns = subject.getRDNs(type);
int rdnsSize = (rdns == null) ? 0 : rdns.length;
if (rdnsSize < minOccurs || rdnsSize > maxOccurs) {
issue.setFailureMessage("number of RDNs '" + rdnsSize + "' is not within [" + minOccurs + ", " + maxOccurs + "]");
return issue;
}
RDN[] requestedRdns = requestedSubject.getRDNs(type);
if (rdnsSize == 0) {
// check optional attribute but is present in requestedSubject
if (maxOccurs > 0 && requestedRdns != null && requestedRdns.length > 0) {
issue.setFailureMessage("is absent but expected present");
}
return issue;
}
StringBuilder failureMsg = new StringBuilder();
// check the encoding
StringType stringType = null;
if (rdnControl != null) {
stringType = rdnControl.getStringType();
}
List<String> requestedCoreAtvTextValues = new LinkedList<>();
if (requestedRdns != null) {
for (RDN requestedRdn : requestedRdns) {
String textValue = getRdnTextValueOfRequest(requestedRdn);
requestedCoreAtvTextValues.add(textValue);
}
if (rdnControl != null && rdnControl.getPatterns() != null) {
// sort the requestedRDNs
requestedCoreAtvTextValues = sort(requestedCoreAtvTextValues, rdnControl.getPatterns());
}
}
if (rdns == null) {
// return always false, only to make the null checker happy
return issue;
}
for (int i = 0; i < rdns.length; i++) {
RDN rdn = rdns[i];
AttributeTypeAndValue[] atvs = rdn.getTypesAndValues();
if (atvs.length > 1) {
failureMsg.append("size of RDN[" + i + "] is '" + atvs.length + "' but expected '1'");
failureMsg.append("; ");
continue;
}
String atvTextValue = getAtvValueString("RDN[" + i + "]", atvs[0], stringType, failureMsg);
if (atvTextValue == null) {
continue;
}
checkAttributeTypeAndValue("RDN[" + i + "]", type, atvTextValue, rdnControl, requestedCoreAtvTextValues, i, failureMsg);
}
int len = failureMsg.length();
if (len > 2) {
failureMsg.delete(len - 2, len);
issue.setFailureMessage(failureMsg.toString());
}
return issue;
}
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project keystore-explorer by kaikramer.
the class X509Ext method getDistributionPointNameString.
private String getDistributionPointNameString(DistributionPointName distributionPointName, String baseIndent) throws IOException {
// @formatter:off
/*
* DistributionPointName ::= CHOICE {
* fullname [0] GeneralNames,
* nameRelativeToCRLIssuer [1] RelativeDistinguishedName
* }
*
* RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF
* AttributeTypeAndValue
*
* AttributeTypeAndValue ::= ASN1Sequence { type AttributeType, value
* AttributeValue }
*/
// @formatter: on
StringBuilder sb = new StringBuilder();
sb.append(baseIndent);
sb.append(res.getString("DistributionPointName"));
sb.append(NEWLINE);
if (distributionPointName.getType() == DistributionPointName.FULL_NAME) {
sb.append(baseIndent);
sb.append(INDENT);
sb.append(res.getString("DistributionPointFullName"));
sb.append(NEWLINE);
GeneralNames generalNames = GeneralNames.getInstance(distributionPointName.getName());
for (GeneralName generalName : generalNames.getNames()) {
sb.append(baseIndent);
sb.append(INDENT);
sb.append(INDENT);
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
} else {
// DistributionPointName.TAG_NAMERELATIVETOCRLISSUER
sb.append(baseIndent);
sb.append(INDENT);
sb.append(res.getString("DistributionPointNameRelativeToCrlIssuer"));
sb.append(NEWLINE);
RDN rdn = RDN.getInstance(distributionPointName.getName());
for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
ASN1ObjectIdentifier attributeType = attributeTypeAndValue.getType();
ASN1Encodable attributeValue = attributeTypeAndValue.getValue();
String attributeTypeStr = getAttributeTypeString(attributeType);
String attributeValueStr = getAttributeValueString(attributeType, attributeValue);
sb.append(baseIndent);
sb.append(INDENT);
sb.append(INDENT);
sb.append(MessageFormat.format("{0}={1}", attributeTypeStr, attributeValueStr));
sb.append(NEWLINE);
}
}
return sb.toString();
}
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project nifi-registry by apache.
the class CertificateUtils method reorderDn.
/**
* Reorders DN to the order the elements appear in the RFC 2253 table
*
* https://www.ietf.org/rfc/rfc2253.txt
*
* String X.500 AttributeType
* ------------------------------
* CN commonName
* L localityName
* ST stateOrProvinceName
* O organizationName
* OU organizationalUnitName
* C countryName
* STREET streetAddress
* DC domainComponent
* UID userid
*
* @param dn a possibly unordered DN
* @return the ordered dn
*/
public static String reorderDn(String dn) {
RDN[] rdNs = new X500Name(dn).getRDNs();
Arrays.sort(rdNs, new Comparator<RDN>() {
@Override
public int compare(RDN o1, RDN o2) {
AttributeTypeAndValue o1First = o1.getFirst();
AttributeTypeAndValue o2First = o2.getFirst();
ASN1ObjectIdentifier o1Type = o1First.getType();
ASN1ObjectIdentifier o2Type = o2First.getType();
Integer o1Rank = dnOrderMap.get(o1Type);
Integer o2Rank = dnOrderMap.get(o2Type);
if (o1Rank == null) {
if (o2Rank == null) {
int idComparison = o1Type.getId().compareTo(o2Type.getId());
if (idComparison != 0) {
return idComparison;
}
return String.valueOf(o1Type).compareTo(String.valueOf(o2Type));
}
return 1;
} else if (o2Rank == null) {
return -1;
}
return o1Rank - o2Rank;
}
});
return new X500Name(rdNs).toString();
}
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project jruby-openssl by jruby.
the class X509Extension method appendTypeAndValue.
private static ByteList appendTypeAndValue(final ByteList out, final AttributeTypeAndValue typeAndValue, final Map<ASN1ObjectIdentifier, String> oidSymbols) {
ASN1ObjectIdentifier type = typeAndValue.getType();
final String sym = oidSymbols.get(type);
if (sym != null) {
out.append(ByteList.plain(sym));
} else {
out.append(ByteList.plain(type.getId()));
}
out.append('=');
valueToString(typeAndValue.getValue(), out);
return out;
}
Aggregations