Example 76 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project robovm by robovm.
the class X509CRLObject method getRevokedCertificate.
public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) {
Enumeration certs = c.getRevokedCertificateEnumeration();
// the issuer
X500Name previousCertificateIssuer = null;
while (certs.hasMoreElements()) {
TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry) certs.nextElement();
if (serialNumber.equals(entry.getUserCertificate().getValue())) {
return new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
}
if (isIndirect && entry.hasExtensions()) {
Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null) {
previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
}
return null;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
Enumeration(java.util.Enumeration)
TBSCertList(org.bouncycastle.asn1.x509.TBSCertList)
X500Name(org.bouncycastle.asn1.x500.X500Name)
X509CRLEntry(java.security.cert.X509CRLEntry)
Example 77 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project robovm by robovm.
the class X509CRLObject method loadCRLEntries.
private Set loadCRLEntries() {
Set entrySet = new HashSet();
Enumeration certs = c.getRevokedCertificateEnumeration();
// the issuer
X500Name previousCertificateIssuer = null;
while (certs.hasMoreElements()) {
TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry) certs.nextElement();
X509CRLEntryObject crlEntry = new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
entrySet.add(crlEntry);
if (isIndirect && entry.hasExtensions()) {
Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null) {
previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
}
return entrySet;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
HashSet(java.util.HashSet)
Set(java.util.Set)
Enumeration(java.util.Enumeration)
TBSCertList(org.bouncycastle.asn1.x509.TBSCertList)
X500Name(org.bouncycastle.asn1.x500.X500Name)
X509CRLEntry(java.security.cert.X509CRLEntry)
HashSet(java.util.HashSet)
Example 78 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testPathToName.
/*
* Tests matching on the name constraints extension contained in the
* certificate.
*/
private void testPathToName() throws IOException {
System.out.println("X.509 Certificate Match on pathToName");
X509CertSelector selector = null;
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.30"));
byte[] encoded = in.getOctetString();
NameConstraintsExtension ext = new NameConstraintsExtension(false, encoded);
GeneralSubtrees permitted = (GeneralSubtrees) ext.get(PERMITTED_SUBTREES);
GeneralSubtrees excluded = (GeneralSubtrees) ext.get(EXCLUDED_SUBTREES);
// bad matches on pathToName within excluded subtrees
if (excluded != null) {
Iterator<GeneralSubtree> e = excluded.iterator();
while (e.hasNext()) {
GeneralSubtree tree = e.next();
if (tree.getName().getType() == NAME_DIRECTORY) {
X500Name excludedDN1 = new X500Name(tree.getName().toString());
X500Name excludedDN2 = new X500Name("CN=Bogus, " + tree.getName().toString());
DerOutputStream derDN1 = new DerOutputStream();
DerOutputStream derDN2 = new DerOutputStream();
excludedDN1.encode(derDN1);
excludedDN2.encode(derDN2);
selector = new X509CertSelector();
selector.addPathToName(NAME_DIRECTORY, derDN1.toByteArray());
checkMatch(selector, cert, false);
selector.setPathToNames(null);
selector.addPathToName(NAME_DIRECTORY, derDN2.toByteArray());
checkMatch(selector, cert, false);
}
}
}
// good matches on pathToName within permitted subtrees
if (permitted != null) {
Iterator<GeneralSubtree> e = permitted.iterator();
while (e.hasNext()) {
GeneralSubtree tree = e.next();
if (tree.getName().getType() == NAME_DIRECTORY) {
X500Name permittedDN1 = new X500Name(tree.getName().toString());
X500Name permittedDN2 = new X500Name("CN=good, " + tree.getName().toString());
DerOutputStream derDN1 = new DerOutputStream();
DerOutputStream derDN2 = new DerOutputStream();
permittedDN1.encode(derDN1);
permittedDN2.encode(derDN2);
selector = new X509CertSelector();
selector.addPathToName(NAME_DIRECTORY, derDN1.toByteArray());
checkMatch(selector, cert, true);
selector.setPathToNames(null);
selector.addPathToName(NAME_DIRECTORY, derDN2.toByteArray());
checkMatch(selector, cert, true);
}
}
}
}
Also used :
DerOutputStream(sun.security.util.DerOutputStream)
GeneralSubtrees(sun.security.x509.GeneralSubtrees)
X509CertSelector(java.security.cert.X509CertSelector)
DerInputStream(sun.security.util.DerInputStream)
NameConstraintsExtension(sun.security.x509.NameConstraintsExtension)
GeneralSubtree(sun.security.x509.GeneralSubtree)
X500Name(sun.security.x509.X500Name)
Example 79 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project jdk8u_jdk by JetBrains.
the class SmallPrimeExponentP method main.
public static void main(String[] argv) throws Exception {
String osName = System.getProperty("os.name");
if (!osName.startsWith("Windows")) {
System.out.println("Not windows");
return;
}
KeyStore ks = KeyStore.getInstance("Windows-MY");
ks.load(null, null);
CertAndKeyGen ckg = new CertAndKeyGen("RSA", "SHA1withRSA");
ckg.setRandom(new SecureRandom());
boolean see63 = false, see65 = false;
while (!see63 || !see65) {
ckg.generate(1024);
RSAPrivateCrtKey k = (RSAPrivateCrtKey) ckg.getPrivateKey();
int len = k.getPrimeExponentP().toByteArray().length;
if (len == 63 || len == 65) {
if (len == 63) {
if (see63)
continue;
else
see63 = true;
}
if (len == 65) {
if (see65)
continue;
else
see65 = true;
}
System.err.print(len);
ks.setKeyEntry("anything", k, null, new X509Certificate[] { ckg.getSelfCertificate(new X500Name("CN=Me"), 1000) });
}
System.err.print('.');
}
ks.store(null, null);
}
Also used :
RSAPrivateCrtKey(java.security.interfaces.RSAPrivateCrtKey)
CertAndKeyGen(sun.security.tools.keytool.CertAndKeyGen)
SecureRandom(java.security.SecureRandom)
X500Name(sun.security.x509.X500Name)
KeyStore(java.security.KeyStore)
Example 80 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project jdk8u_jdk by JetBrains.
the class PKCS10AttrEncoding method main.
public static void main(String[] args) throws Exception {
// initializations
int len = ids.length;
Object[] values = { new ObjectIdentifier("1.2.3.4"), new GregorianCalendar(1970, 1, 25, 8, 56, 7).getTime(), "challenging" };
for (int j = 0; j < len; j++) {
constructedMap.put(ids[j], values[j]);
}
X500Name subject = new X500Name("cn=Test");
KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSA");
String sigAlg = "DSA";
keyGen.initialize(512);
KeyPair pair = keyGen.generateKeyPair();
X509Key publicKey = (X509Key) pair.getPublic();
PrivateKey privateKey = pair.getPrivate();
Signature signature = Signature.getInstance(sigAlg);
signature.initSign(privateKey);
// Create the PKCS10 request
PKCS10Attribute[] attrs = new PKCS10Attribute[len];
for (int j = 0; j < len; j++) {
attrs[j] = new PKCS10Attribute(ids[j], values[j]);
}
PKCS10 req = new PKCS10(publicKey, new PKCS10Attributes(attrs));
System.out.println("List of attributes in constructed PKCS10 " + "request: ");
checkAttributes(req.getAttributes().getElements());
// Encode the PKCS10 request and generate another PKCS10 request from
// the encoded byte array
req.encodeAndSign(subject, signature);
PKCS10 resp = new PKCS10(req.getEncoded());
System.out.println("List of attributes in DER encoded PKCS10 Request:");
checkAttributes(resp.getAttributes().getElements());
if (failedCount > 0) {
throw new RuntimeException("Attributes Compared : Failed");
}
System.out.println("Attributes Compared : Pass");
}
Also used :
PKCS10Attribute(sun.security.pkcs10.PKCS10Attribute)
KeyPair(java.security.KeyPair)
PrivateKey(java.security.PrivateKey)
PKCS10Attributes(sun.security.pkcs10.PKCS10Attributes)
GregorianCalendar(java.util.GregorianCalendar)
X500Name(sun.security.x509.X500Name)
KeyPairGenerator(java.security.KeyPairGenerator)
X509Key(sun.security.x509.X509Key)
PKCS10(sun.security.pkcs10.PKCS10)
Signature(java.security.Signature)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Aggregations
X500Name (org.bouncycastle.asn1.x500.X500Name)58
X509Certificate (java.security.cert.X509Certificate)45
X500Name (sun.security.x509.X500Name)39
IOException (java.io.IOException)25
Date (java.util.Date)25
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)23
BigInteger (java.math.BigInteger)20
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)20
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)19
SecureRandom (java.security.SecureRandom)18
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)18
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)17
PrivateKey (java.security.PrivateKey)14
CertificateEncodingException (java.security.cert.CertificateEncodingException)14
KeyPair (java.security.KeyPair)13
KeyStore (java.security.KeyStore)13
RDN (org.bouncycastle.asn1.x500.RDN)13
ContentSigner (org.bouncycastle.operator.ContentSigner)13
ArrayList (java.util.ArrayList)11
GeneralName (org.bouncycastle.asn1.x509.GeneralName)10
