Search in sources :

Example 21 with AttributeTypeAndValue

use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.

the class X509Util method getCommonName.

public static String getCommonName(X500Name name) {
    ParamUtil.requireNonNull("name", name);
    RDN[] rdns = name.getRDNs(ObjectIdentifiers.DN_CN);
    if (rdns != null && rdns.length > 0) {
        RDN rdn = rdns[0];
        AttributeTypeAndValue atv = null;
        if (rdn.isMultiValued()) {
            for (AttributeTypeAndValue m : rdn.getTypesAndValues()) {
                if (m.getType().equals(ObjectIdentifiers.DN_CN)) {
                    atv = m;
                    break;
                }
            }
        } else {
            atv = rdn.getFirst();
        }
        return (atv == null) ? null : rdnValueToString(atv.getValue());
    }
    return null;
}
Also used : RDN(org.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)

Example 22 with AttributeTypeAndValue

use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.

the class SubjectChecker method checkSubjectAttributeNotMultiValued.

private ValidationIssue checkSubjectAttributeNotMultiValued(ASN1ObjectIdentifier type, X500Name subject, X500Name requestedSubject) throws BadCertTemplateException {
    ValidationIssue issue = createSubjectIssue(type);
    // control
    RdnControl rdnControl = subjectControl.getControl(type);
    int minOccurs = (rdnControl == null) ? 0 : rdnControl.getMinOccurs();
    int maxOccurs = (rdnControl == null) ? 0 : rdnControl.getMaxOccurs();
    RDN[] rdns = subject.getRDNs(type);
    int rdnsSize = (rdns == null) ? 0 : rdns.length;
    if (rdnsSize < minOccurs || rdnsSize > maxOccurs) {
        issue.setFailureMessage("number of RDNs '" + rdnsSize + "' is not within [" + minOccurs + ", " + maxOccurs + "]");
        return issue;
    }
    RDN[] requestedRdns = requestedSubject.getRDNs(type);
    if (rdnsSize == 0) {
        // check optional attribute but is present in requestedSubject
        if (maxOccurs > 0 && requestedRdns != null && requestedRdns.length > 0) {
            issue.setFailureMessage("is absent but expected present");
        }
        return issue;
    }
    StringBuilder failureMsg = new StringBuilder();
    // check the encoding
    StringType stringType = null;
    if (rdnControl != null) {
        stringType = rdnControl.getStringType();
    }
    List<String> requestedCoreAtvTextValues = new LinkedList<>();
    if (requestedRdns != null) {
        for (RDN requestedRdn : requestedRdns) {
            String textValue = getRdnTextValueOfRequest(requestedRdn);
            requestedCoreAtvTextValues.add(textValue);
        }
        if (rdnControl != null && rdnControl.getPatterns() != null) {
            // sort the requestedRDNs
            requestedCoreAtvTextValues = sort(requestedCoreAtvTextValues, rdnControl.getPatterns());
        }
    }
    if (rdns == null) {
        // return always false, only to make the null checker happy
        return issue;
    }
    for (int i = 0; i < rdns.length; i++) {
        RDN rdn = rdns[i];
        AttributeTypeAndValue[] atvs = rdn.getTypesAndValues();
        if (atvs.length > 1) {
            failureMsg.append("size of RDN[" + i + "] is '" + atvs.length + "' but expected '1'");
            failureMsg.append("; ");
            continue;
        }
        String atvTextValue = getAtvValueString("RDN[" + i + "]", atvs[0], stringType, failureMsg);
        if (atvTextValue == null) {
            continue;
        }
        checkAttributeTypeAndValue("RDN[" + i + "]", type, atvTextValue, rdnControl, requestedCoreAtvTextValues, i, failureMsg);
    }
    int len = failureMsg.length();
    if (len > 2) {
        failureMsg.delete(len - 2, len);
        issue.setFailureMessage(failureMsg.toString());
    }
    return issue;
}
Also used : RdnControl(org.xipki.ca.api.profile.RdnControl) StringType(org.xipki.ca.api.profile.StringType) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERT61String(org.bouncycastle.asn1.DERT61String) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) ValidationIssue(org.xipki.common.qa.ValidationIssue) RDN(org.bouncycastle.asn1.x500.RDN) LinkedList(java.util.LinkedList) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)

Example 23 with AttributeTypeAndValue

use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project keystore-explorer by kaikramer.

the class X509Ext method getDistributionPointNameString.

private String getDistributionPointNameString(DistributionPointName distributionPointName, String baseIndent) throws IOException {
    // @formatter:off
    /*
		 * DistributionPointName ::= CHOICE {
		 * 		fullname [0] GeneralNames,
		 * 		nameRelativeToCRLIssuer [1] RelativeDistinguishedName
		 * }
		 *
		 * RelativeDistinguishedName ::= SET SIZE (1 .. MAX) OF
		 * AttributeTypeAndValue
		 *
		 * AttributeTypeAndValue ::= ASN1Sequence { type AttributeType, value
		 * AttributeValue }
		 */
    // @formatter: on
    StringBuilder sb = new StringBuilder();
    sb.append(baseIndent);
    sb.append(res.getString("DistributionPointName"));
    sb.append(NEWLINE);
    if (distributionPointName.getType() == DistributionPointName.FULL_NAME) {
        sb.append(baseIndent);
        sb.append(INDENT);
        sb.append(res.getString("DistributionPointFullName"));
        sb.append(NEWLINE);
        GeneralNames generalNames = GeneralNames.getInstance(distributionPointName.getName());
        for (GeneralName generalName : generalNames.getNames()) {
            sb.append(baseIndent);
            sb.append(INDENT);
            sb.append(INDENT);
            sb.append(GeneralNameUtil.toString(generalName));
            sb.append(NEWLINE);
        }
    } else {
        // DistributionPointName.TAG_NAMERELATIVETOCRLISSUER
        sb.append(baseIndent);
        sb.append(INDENT);
        sb.append(res.getString("DistributionPointNameRelativeToCrlIssuer"));
        sb.append(NEWLINE);
        RDN rdn = RDN.getInstance(distributionPointName.getName());
        for (AttributeTypeAndValue attributeTypeAndValue : rdn.getTypesAndValues()) {
            ASN1ObjectIdentifier attributeType = attributeTypeAndValue.getType();
            ASN1Encodable attributeValue = attributeTypeAndValue.getValue();
            String attributeTypeStr = getAttributeTypeString(attributeType);
            String attributeValueStr = getAttributeValueString(attributeType, attributeValue);
            sb.append(baseIndent);
            sb.append(INDENT);
            sb.append(INDENT);
            sb.append(MessageFormat.format("{0}={1}", attributeTypeStr, attributeValueStr));
            sb.append(NEWLINE);
        }
    }
    return sb.toString();
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERGeneralString(org.bouncycastle.asn1.DERGeneralString) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERIA5String(org.bouncycastle.asn1.DERIA5String) RDN(org.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 24 with AttributeTypeAndValue

use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project nifi-registry by apache.

the class CertificateUtils method reorderDn.

/**
 * Reorders DN to the order the elements appear in the RFC 2253 table
 *
 * https://www.ietf.org/rfc/rfc2253.txt
 *
 * String  X.500 AttributeType
 * ------------------------------
 * CN      commonName
 * L       localityName
 * ST      stateOrProvinceName
 * O       organizationName
 * OU      organizationalUnitName
 * C       countryName
 * STREET  streetAddress
 * DC      domainComponent
 * UID     userid
 *
 * @param dn a possibly unordered DN
 * @return the ordered dn
 */
public static String reorderDn(String dn) {
    RDN[] rdNs = new X500Name(dn).getRDNs();
    Arrays.sort(rdNs, new Comparator<RDN>() {

        @Override
        public int compare(RDN o1, RDN o2) {
            AttributeTypeAndValue o1First = o1.getFirst();
            AttributeTypeAndValue o2First = o2.getFirst();
            ASN1ObjectIdentifier o1Type = o1First.getType();
            ASN1ObjectIdentifier o2Type = o2First.getType();
            Integer o1Rank = dnOrderMap.get(o1Type);
            Integer o2Rank = dnOrderMap.get(o2Type);
            if (o1Rank == null) {
                if (o2Rank == null) {
                    int idComparison = o1Type.getId().compareTo(o2Type.getId());
                    if (idComparison != 0) {
                        return idComparison;
                    }
                    return String.valueOf(o1Type).compareTo(String.valueOf(o2Type));
                }
                return 1;
            } else if (o2Rank == null) {
                return -1;
            }
            return o1Rank - o2Rank;
        }
    });
    return new X500Name(rdNs).toString();
}
Also used : BigInteger(java.math.BigInteger) X500Name(org.bouncycastle.asn1.x500.X500Name) RDN(org.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 25 with AttributeTypeAndValue

use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project jruby-openssl by jruby.

the class X509Extension method appendTypeAndValue.

private static ByteList appendTypeAndValue(final ByteList out, final AttributeTypeAndValue typeAndValue, final Map<ASN1ObjectIdentifier, String> oidSymbols) {
    ASN1ObjectIdentifier type = typeAndValue.getType();
    final String sym = oidSymbols.get(type);
    if (sym != null) {
        out.append(ByteList.plain(sym));
    } else {
        out.append(ByteList.plain(type.getId()));
    }
    out.append('=');
    valueToString(typeAndValue.getValue(), out);
    return out;
}
Also used : ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) RubyString(org.jruby.RubyString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

AttributeTypeAndValue (org.bouncycastle.asn1.x500.AttributeTypeAndValue)13 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12 RDN (org.bouncycastle.asn1.x500.RDN)12 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)8 DERIA5String (org.bouncycastle.asn1.DERIA5String)7 X500Name (org.bouncycastle.asn1.x500.X500Name)7 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)6 ASN1String (org.bouncycastle.asn1.ASN1String)6 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)6 DERUniversalString (org.bouncycastle.asn1.DERUniversalString)6 ArrayList (java.util.ArrayList)5 DERBMPString (org.bouncycastle.asn1.DERBMPString)4 LinkedList (java.util.LinkedList)3 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3 DEROctetString (org.bouncycastle.asn1.DEROctetString)3 DERT61String (org.bouncycastle.asn1.DERT61String)3 PKIBody (org.bouncycastle.asn1.cmp.PKIBody)3 PKIMessage (org.bouncycastle.asn1.cmp.PKIMessage)3 AttributeTypeAndValue (org.bouncycastle.asn1.crmf.AttributeTypeAndValue)3 CertReqMessages (org.bouncycastle.asn1.crmf.CertReqMessages)3