Example 26 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project otertool by wuntee.
the class SmaliWorkshop method createKeystoreWithSecretKey.
public static KeyStore createKeystoreWithSecretKey(String alias) throws KeyStoreException, NoSuchAlgorithmException, NoSuchProviderException, CertificateException, IOException, InvalidKeyException, SignatureException {
KeyStore ret = KeyStore.getInstance(KeyStore.getDefaultType());
ret.load(null);
int keysize = 1024;
int validity = 10000;
String keyAlgName = "RSA";
String sigAlgName = "SHA1WithRSA";
CertAndKeyGen keypair = new CertAndKeyGen(keyAlgName, sigAlgName, null);
X500Name x500Name = new X500Name(OterStatics.SOME_STRING, OterStatics.SOME_STRING, OterStatics.SOME_STRING, OterStatics.SOME_STRING, OterStatics.SOME_STRING, OterStatics.SOME_STRING);
keypair.generate(keysize);
PrivateKey privKey = keypair.getPrivateKey();
X509Certificate[] chain = new X509Certificate[1];
chain[0] = keypair.getSelfCertificate(x500Name, (long) validity * 24 * 60 * 60);
ret.setKeyEntry(alias, privKey, OterStatics.SOME_STRING.toCharArray(), chain);
return (ret);
}
Also used :
PrivateKey(java.security.PrivateKey)
CertAndKeyGen(sun.security.x509.CertAndKeyGen)
X500Name(sun.security.x509.X500Name)
KeyStore(java.security.KeyStore)
X509Certificate(java.security.cert.X509Certificate)
Example 27 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project nhin-d by DirectProject.
the class ViewTrustBundlePKCS7 method viewBundle.
@SuppressWarnings({ "rawtypes" })
public boolean viewBundle(File trustDir) {
try {
//System.out.println("File:"+trustDir.getName());
if (!trustDir.getName().endsWith(".p7m")) {
byte[] trustBundleByte = loadFileData(trustDir);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
CMSSignedData dataParser = new CMSSignedData(trustBundleByte);
ContentInfo contentInfo = dataParser.getContentInfo();
SignedData signedData = SignedData.getInstance(contentInfo.getContent());
Enumeration certificates = signedData.getCertificates().getObjects();
StringBuffer output = new StringBuffer();
int counter = 1;
String chk = "Absent";
while (certificates.hasMoreElements()) {
DERObject certObj = (DERObject) certificates.nextElement();
InputStream in = new ByteArrayInputStream(certObj.getDEREncoded());
X509Certificate cert = (X509Certificate) cf.generateCertificate(in);
X500Name x500name = new JcaX509CertificateHolder(cert).getSubject();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
output.append("Trust Anchor :" + counter + "\n");
output.append("Common Name :" + IETFUtils.valueToString(cn.getFirst().getValue()) + "\n");
output.append("DN :" + cert.getSubjectDN().getName() + "\n\n");
counter++;
}
if (signedData.getEncapContentInfo().getContent() != null) {
//chk = new String(signedData.getEncapContentInfo().getContent().getDERObject().getEncoded(),"UTF-8");
chk = new String(signedData.getEncapContentInfo().getContent().getDERObject().getDEREncoded(), "UTF-8");
}
output.append("Meta Data :\n" + chk);
error = output.toString();
} else //end of if check of file type
{
StringBuffer output = new StringBuffer();
int counter = 1;
String chk = "Absent";
byte[] trustBundleByte = loadFileData(trustDir);
CMSSignedData dataParser = new CMSSignedData(trustBundleByte);
ContentInfo contentInfo = dataParser.getContentInfo();
SignedData signedData = SignedData.getInstance(contentInfo.getContent());
CMSSignedData encapInfoBundle = new CMSSignedData(new CMSProcessableByteArray(signedData.getEncapContentInfo().getContent().getDERObject().getEncoded()), contentInfo);
SignedData encapMetaData = SignedData.getInstance(encapInfoBundle.getContentInfo().getContent());
//System.out.println("ENCAP META DATA"+new String(encapMetaData.getEncapContentInfo().getContent().getDERObject().getEncoded(),"UTF-8"));
CMSProcessableByteArray cin = new CMSProcessableByteArray(((ASN1OctetString) encapMetaData.getEncapContentInfo().getContent()).getOctets());
CertificateFactory ucf = CertificateFactory.getInstance("X.509");
CMSSignedData unsignedParser = new CMSSignedData(cin.getInputStream());
ContentInfo unsginedEncapInfo = unsignedParser.getContentInfo();
SignedData metaData = SignedData.getInstance(unsginedEncapInfo.getContent());
Enumeration certificates = metaData.getCertificates().getObjects();
while (certificates.hasMoreElements()) {
DERObject certObj = (DERObject) certificates.nextElement();
InputStream bin = new ByteArrayInputStream(certObj.getDEREncoded());
X509Certificate cert = (X509Certificate) ucf.generateCertificate(bin);
X500Name x500name = new JcaX509CertificateHolder(cert).getSubject();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
output.append("Trust Anchor :" + counter + "\n");
output.append("Common Name :" + IETFUtils.valueToString(cn.getFirst().getValue()) + "\n");
output.append("DN :" + cert.getSubjectDN().getName() + "\n\n");
counter++;
}
if (metaData.getEncapContentInfo().getContent() != null) {
//chk = new String(signedData.getEncapContentInfo().getContent().getDERObject().getEncoded(),"UTF-8");
chk = new String(metaData.getEncapContentInfo().getContent().getDERObject().getDEREncoded(), "UTF-8");
}
output.append("Meta Data :\n" + chk);
error = output.toString();
}
//end of .p7m check if
}//end of try
catch (IOException io) {
//io.printStackTrace(System.err);
return false;
} catch (CMSException cm) {
//cm.printStackTrace(System.err);
return false;
} catch (Exception e) {
//e.printStackTrace(System.err);
return false;
}
return true;
}
Also used :
CMSProcessableByteArray(org.bouncycastle.cms.CMSProcessableByteArray)
Enumeration(java.util.Enumeration)
SignedData(org.bouncycastle.asn1.cms.SignedData)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
X500Name(org.bouncycastle.asn1.x500.X500Name)
IOException(java.io.IOException)
CertificateFactory(java.security.cert.CertificateFactory)
CMSSignedData(org.bouncycastle.cms.CMSSignedData)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
X509Certificate(java.security.cert.X509Certificate)
CMSException(org.bouncycastle.cms.CMSException)
IOException(java.io.IOException)
DERObject(org.bouncycastle.asn1.DERObject)
EncryptedContentInfo(org.bouncycastle.asn1.cms.EncryptedContentInfo)
ContentInfo(org.bouncycastle.asn1.cms.ContentInfo)
ByteArrayInputStream(java.io.ByteArrayInputStream)
RDN(org.bouncycastle.asn1.x500.RDN)
CMSException(org.bouncycastle.cms.CMSException)
Example 28 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project jdk8u_jdk by JetBrains.
the class EmailKeyword method main.
public static void main(String[] arg) throws Exception {
X500Name dN;
dN = new X500Name("EMAIL=johndoe@example.com");
System.out.println(dN.getName());
dN = new X500Name("EMAILADDRESS=johndoe@example.com");
System.out.println(dN.getName());
}
Also used :
X500Name(sun.security.x509.X500Name)
Example 29 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project jdk8u_jdk by JetBrains.
the class BadName method main.
public static void main(String[] args) throws Exception {
try {
// This used to throw java.lang.OutOfMemoryError, from which no
// recovery is possible.
// In the example below, the correct DN would be: "CN=John Doe"
X500Name name = new X500Name("John Doe");
System.out.println(name.toString());
} catch (IOException ioe) {
}
}
Also used :
X500Name(sun.security.x509.X500Name)
IOException(java.io.IOException)
Example 30 with X500Name
use of org.bouncycastle.asn1.x500.X500Name in project jdk8u_jdk by JetBrains.
the class X509CertSelectorTest method testNameConstraints.
// Tests matching on the name constraints contained in the certificate.
private void testNameConstraints() throws IOException {
System.out.println("X.509 Certificate Match on name constraints");
// bad match
GeneralSubtrees subjectTree = new GeneralSubtrees();
subjectTree.add(getGeneralSubtree((X500Name) cert.getSubjectDN()));
NameConstraintsExtension ext = new NameConstraintsExtension((GeneralSubtrees) null, subjectTree);
X509CertSelector selector = new X509CertSelector();
selector.setNameConstraints(ext.getExtensionValue());
checkMatch(selector, cert, false);
// good match
ext = new NameConstraintsExtension(subjectTree, null);
selector.setNameConstraints(ext.getExtensionValue());
checkMatch(selector, cert, true);
}
Also used :
GeneralSubtrees(sun.security.x509.GeneralSubtrees)
X509CertSelector(java.security.cert.X509CertSelector)
X500Name(sun.security.x509.X500Name)
NameConstraintsExtension(sun.security.x509.NameConstraintsExtension)
Aggregations
X500Name (org.bouncycastle.asn1.x500.X500Name)54
X509Certificate (java.security.cert.X509Certificate)39
X500Name (sun.security.x509.X500Name)30
IOException (java.io.IOException)23
Date (java.util.Date)22
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)20
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)19
BigInteger (java.math.BigInteger)18
SecureRandom (java.security.SecureRandom)16
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)16
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)15
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)15
KeyPair (java.security.KeyPair)12
PrivateKey (java.security.PrivateKey)12
CertificateEncodingException (java.security.cert.CertificateEncodingException)12
RDN (org.bouncycastle.asn1.x500.RDN)12
ContentSigner (org.bouncycastle.operator.ContentSigner)12
KeyStore (java.security.KeyStore)11
ArrayList (java.util.ArrayList)10
GeneralName (org.bouncycastle.asn1.x509.GeneralName)10
