use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.
the class KeystoreEditor method importASN1CertificatesToStore.
private boolean importASN1CertificatesToStore(KeyStore store, boolean setEntry, ASN1Set certificates) throws KeystoreEditorException {
Enumeration certificateEnumeration = certificates.getObjects();
try {
while (certificateEnumeration.hasMoreElements()) {
ASN1Primitive asn1Primitive = ((ASN1Encodable) certificateEnumeration.nextElement()).toASN1Primitive();
org.bouncycastle.asn1.x509.Certificate instance = org.bouncycastle.asn1.x509.Certificate.getInstance(asn1Primitive);
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", "BC");
Certificate certificate = certificateFactory.generateCertificate(new ByteArrayInputStream(instance.getEncoded()));
X500Name x500name = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
store.setCertificateEntry(IETFUtils.valueToString(cn.getFirst().getValue()), certificate);
setEntry = true;
}
} catch (CertificateException | NoSuchProviderException | KeyStoreException | IOException e) {
throw new KeystoreEditorException("Unable to import ASN1 certificates to store", e);
}
return setEntry;
}
use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.
the class KeystoreEditor method buildCertChainList.
private List<Certificate> buildCertChainList(String alias, KeyStore store) throws KeystoreEditorException {
try {
Certificate certificate = store.getCertificate(alias);
if (certificate != null) {
X500Name x500nameSubject = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
RDN subjectCn = x500nameSubject.getRDNs(BCStyle.CN)[0];
X500Name x500nameIssuer = new JcaX509CertificateHolder((X509Certificate) certificate).getIssuer();
RDN issuerCn = x500nameIssuer.getRDNs(BCStyle.CN)[0];
String issuer = IETFUtils.valueToString(issuerCn.getFirst().getValue());
String subject = IETFUtils.valueToString(subjectCn.getFirst().getValue());
if (StringUtils.isBlank(issuer) || issuer.equals(subject)) {
List<Certificate> certificates = new ArrayList<>();
certificates.add(certificate);
return certificates;
} else {
List<Certificate> certificates = buildCertChainList(issuer, store);
certificates.add(certificate);
return certificates;
}
} else {
return new ArrayList<>();
}
} catch (CertificateEncodingException | KeyStoreException e) {
throw new KeystoreEditorException("Unable to build cert chain list.", e);
}
}
use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.
the class SubjectUtilsTest method testFilterDNKeepOne.
@Test
public void testFilterDNKeepOne() {
Predicate<RDN> predicate = rdn -> rdn.getTypesAndValues()[0].getType().equals(BCStyle.CN);
String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
assertThat(baseDN, is("CN=Foo"));
}
use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.
the class SubjectUtilsTest method testFilterDNDropOne.
@Test
public void testFilterDNDropOne() {
Predicate<RDN> predicate = rdn -> !rdn.getTypesAndValues()[0].getType().equals(BCStyle.CN);
String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
assertThat(baseDN, is("OU=Engineering,OU=Dev,O=DDF,ST=AZ,C=US"));
}
use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.
the class SubjectUtilsTest method testFilterDNDropMultivalue.
@Test
public void testFilterDNDropMultivalue() {
Predicate<RDN> predicate = rdn -> !rdn.getTypesAndValues()[0].getType().equals(BCStyle.OU);
String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
assertThat(baseDN, is("CN=Foo,O=DDF,ST=AZ,C=US"));
}
Aggregations