Examples with RDN org.bouncycastle.asn1.x500.RDN used on opensource projects

Search in sources :

Example 16 with RDN

use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class KeystoreEditor method importASN1CertificatesToStore.

private boolean importASN1CertificatesToStore(KeyStore store, boolean setEntry, ASN1Set certificates) throws KeystoreEditorException {
    Enumeration certificateEnumeration = certificates.getObjects();
    try {
        while (certificateEnumeration.hasMoreElements()) {
            ASN1Primitive asn1Primitive = ((ASN1Encodable) certificateEnumeration.nextElement()).toASN1Primitive();
            org.bouncycastle.asn1.x509.Certificate instance = org.bouncycastle.asn1.x509.Certificate.getInstance(asn1Primitive);
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509", "BC");
            Certificate certificate = certificateFactory.generateCertificate(new ByteArrayInputStream(instance.getEncoded()));
            X500Name x500name = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
            RDN cn = x500name.getRDNs(BCStyle.CN)[0];
            store.setCertificateEntry(IETFUtils.valueToString(cn.getFirst().getValue()), certificate);
            setEntry = true;
        }
    } catch (CertificateException | NoSuchProviderException | KeyStoreException | IOException e) {
        throw new KeystoreEditorException("Unable to import ASN1 certificates to store", e);
    }
    return setEntry;
}
Also used : Enumeration(java.util.Enumeration) CertificateException(java.security.cert.CertificateException) X500Name(org.bouncycastle.asn1.x500.X500Name) KeyStoreException(java.security.KeyStoreException) IOException(java.io.IOException) CertificateFactory(java.security.cert.CertificateFactory) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) X509Certificate(java.security.cert.X509Certificate) ByteArrayInputStream(java.io.ByteArrayInputStream) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) NoSuchProviderException(java.security.NoSuchProviderException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) RDN(org.bouncycastle.asn1.x500.RDN) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 17 with RDN

use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class KeystoreEditor method buildCertChainList.

private List<Certificate> buildCertChainList(String alias, KeyStore store) throws KeystoreEditorException {
    try {
        Certificate certificate = store.getCertificate(alias);
        if (certificate != null) {
            X500Name x500nameSubject = new JcaX509CertificateHolder((X509Certificate) certificate).getSubject();
            RDN subjectCn = x500nameSubject.getRDNs(BCStyle.CN)[0];
            X500Name x500nameIssuer = new JcaX509CertificateHolder((X509Certificate) certificate).getIssuer();
            RDN issuerCn = x500nameIssuer.getRDNs(BCStyle.CN)[0];
            String issuer = IETFUtils.valueToString(issuerCn.getFirst().getValue());
            String subject = IETFUtils.valueToString(subjectCn.getFirst().getValue());
            if (StringUtils.isBlank(issuer) || issuer.equals(subject)) {
                List<Certificate> certificates = new ArrayList<>();
                certificates.add(certificate);
                return certificates;
            } else {
                List<Certificate> certificates = buildCertChainList(issuer, store);
                certificates.add(certificate);
                return certificates;
            }
        } else {
            return new ArrayList<>();
        }
    } catch (CertificateEncodingException | KeyStoreException e) {
        throw new KeystoreEditorException("Unable to build cert chain list.", e);
    }
}
Also used : ArrayList(java.util.ArrayList) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) KeyStoreException(java.security.KeyStoreException) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) RDN(org.bouncycastle.asn1.x500.RDN) X509Certificate(java.security.cert.X509Certificate) X509Certificate(java.security.cert.X509Certificate) Certificate(java.security.cert.Certificate)

Example 18 with RDN

use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class SubjectUtilsTest method testFilterDNKeepOne.

@Test
public void testFilterDNKeepOne() {
    Predicate<RDN> predicate = rdn -> rdn.getTypesAndValues()[0].getType().equals(BCStyle.CN);
    String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
    assertThat(baseDN, is("CN=Foo"));
}
Also used : X509Certificate(java.security.cert.X509Certificate) CoreMatchers(org.hamcrest.CoreMatchers) Arrays(java.util.Arrays) X500Principal(javax.security.auth.x500.X500Principal) SortedSet(java.util.SortedSet) KeyStoreException(java.security.KeyStoreException) BCStyle(org.bouncycastle.asn1.x500.style.BCStyle) Assert.assertThat(org.junit.Assert.assertThat) Attribute(org.opensaml.saml.saml2.core.Attribute) ImmutableList(com.google.common.collect.ImmutableList) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Map(java.util.Map) Is.is(org.hamcrest.core.Is.is) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) XSString(org.opensaml.core.xml.schema.XSString) Mockito.doReturn(org.mockito.Mockito.doReturn) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) Before(org.junit.Before) SimpleSession(org.apache.shiro.session.mgt.SimpleSession) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Matchers.empty(org.hamcrest.Matchers.empty) ImmutableSet(com.google.common.collect.ImmutableSet) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) RDN(org.bouncycastle.asn1.x500.RDN) ImmutableMap(com.google.common.collect.ImmutableMap) CoreMatchers.hasItems(org.hamcrest.CoreMatchers.hasItems) Predicate(java.util.function.Predicate) IOException(java.io.IOException) KeyStore(java.security.KeyStore) Test(org.junit.Test) CertificateException(java.security.cert.CertificateException) Collectors(java.util.stream.Collectors) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Principal(java.security.Principal) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) Mockito.mock(org.mockito.Mockito.mock) InputStream(java.io.InputStream) XSString(org.opensaml.core.xml.schema.XSString) RDN(org.bouncycastle.asn1.x500.RDN) Test(org.junit.Test)

Example 19 with RDN

use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class SubjectUtilsTest method testFilterDNDropOne.

@Test
public void testFilterDNDropOne() {
    Predicate<RDN> predicate = rdn -> !rdn.getTypesAndValues()[0].getType().equals(BCStyle.CN);
    String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
    assertThat(baseDN, is("OU=Engineering,OU=Dev,O=DDF,ST=AZ,C=US"));
}
Also used : X509Certificate(java.security.cert.X509Certificate) CoreMatchers(org.hamcrest.CoreMatchers) Arrays(java.util.Arrays) X500Principal(javax.security.auth.x500.X500Principal) SortedSet(java.util.SortedSet) KeyStoreException(java.security.KeyStoreException) BCStyle(org.bouncycastle.asn1.x500.style.BCStyle) Assert.assertThat(org.junit.Assert.assertThat) Attribute(org.opensaml.saml.saml2.core.Attribute) ImmutableList(com.google.common.collect.ImmutableList) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Map(java.util.Map) Is.is(org.hamcrest.core.Is.is) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) XSString(org.opensaml.core.xml.schema.XSString) Mockito.doReturn(org.mockito.Mockito.doReturn) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) Before(org.junit.Before) SimpleSession(org.apache.shiro.session.mgt.SimpleSession) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Matchers.empty(org.hamcrest.Matchers.empty) ImmutableSet(com.google.common.collect.ImmutableSet) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) RDN(org.bouncycastle.asn1.x500.RDN) ImmutableMap(com.google.common.collect.ImmutableMap) CoreMatchers.hasItems(org.hamcrest.CoreMatchers.hasItems) Predicate(java.util.function.Predicate) IOException(java.io.IOException) KeyStore(java.security.KeyStore) Test(org.junit.Test) CertificateException(java.security.cert.CertificateException) Collectors(java.util.stream.Collectors) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Principal(java.security.Principal) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) Mockito.mock(org.mockito.Mockito.mock) InputStream(java.io.InputStream) XSString(org.opensaml.core.xml.schema.XSString) RDN(org.bouncycastle.asn1.x500.RDN) Test(org.junit.Test)

Example 20 with RDN

use of org.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class SubjectUtilsTest method testFilterDNDropMultivalue.

@Test
public void testFilterDNDropMultivalue() {
    Predicate<RDN> predicate = rdn -> !rdn.getTypesAndValues()[0].getType().equals(BCStyle.OU);
    String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
    assertThat(baseDN, is("CN=Foo,O=DDF,ST=AZ,C=US"));
}
Also used : X509Certificate(java.security.cert.X509Certificate) CoreMatchers(org.hamcrest.CoreMatchers) Arrays(java.util.Arrays) X500Principal(javax.security.auth.x500.X500Principal) SortedSet(java.util.SortedSet) KeyStoreException(java.security.KeyStoreException) BCStyle(org.bouncycastle.asn1.x500.style.BCStyle) Assert.assertThat(org.junit.Assert.assertThat) Attribute(org.opensaml.saml.saml2.core.Attribute) ImmutableList(com.google.common.collect.ImmutableList) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Map(java.util.Map) Is.is(org.hamcrest.core.Is.is) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) XSString(org.opensaml.core.xml.schema.XSString) Mockito.doReturn(org.mockito.Mockito.doReturn) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) Before(org.junit.Before) SimpleSession(org.apache.shiro.session.mgt.SimpleSession) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Matchers.empty(org.hamcrest.Matchers.empty) ImmutableSet(com.google.common.collect.ImmutableSet) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) RDN(org.bouncycastle.asn1.x500.RDN) ImmutableMap(com.google.common.collect.ImmutableMap) CoreMatchers.hasItems(org.hamcrest.CoreMatchers.hasItems) Predicate(java.util.function.Predicate) IOException(java.io.IOException) KeyStore(java.security.KeyStore) Test(org.junit.Test) CertificateException(java.security.cert.CertificateException) Collectors(java.util.stream.Collectors) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Principal(java.security.Principal) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) Mockito.mock(org.mockito.Mockito.mock) InputStream(java.io.InputStream) XSString(org.opensaml.core.xml.schema.XSString) RDN(org.bouncycastle.asn1.x500.RDN) Test(org.junit.Test)

Aggregations

RDN (org.bouncycastle.asn1.x500.RDN)17 IOException (java.io.IOException)12 X509Certificate (java.security.cert.X509Certificate)12 X500Name (org.bouncycastle.asn1.x500.X500Name)12 KeyStoreException (java.security.KeyStoreException)8 InputStream (java.io.InputStream)7 KeyStore (java.security.KeyStore)7 CertificateException (java.security.cert.CertificateException)7 List (java.util.List)7 JcaX509CertificateHolder (org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)7 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)6 Principal (java.security.Principal)6 Map (java.util.Map)6 ImmutableList (com.google.common.collect.ImmutableList)5 ImmutableMap (com.google.common.collect.ImmutableMap)5 ImmutableSet (com.google.common.collect.ImmutableSet)5 SecurityAssertion (ddf.security.assertion.SecurityAssertion)5 ArrayList (java.util.ArrayList)5 Arrays (java.util.Arrays)5 Collections (java.util.Collections)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial