Example 76 with Extensions
use of org.bouncycastle.asn1.x509.Extensions in project qpid-broker-j by apache.
the class TlsResourceBuilder method createCertificate.
private static X509Certificate createCertificate(final KeyPair keyPair, final KeyCertificatePair ca, final String dn, final ValidityPeriod validityPeriod, final Extension... extensions) throws CertificateException {
try {
final X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(ca.getCertificate(), generateSerialNumber(), new Date(validityPeriod.getFrom().toEpochMilli()), new Date(validityPeriod.getTo().toEpochMilli()), new X500Name(RFC4519Style.INSTANCE, dn), keyPair.getPublic());
builder.addExtension(Extension.basicConstraints, false, new BasicConstraints(false));
for (Extension e : extensions) {
builder.addExtension(e);
}
return buildX509Certificate(builder, ca.getPrivateKey());
} catch (OperatorException | IOException e) {
throw new CertificateException(e);
}
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)
X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder)
JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)
CertificateException(java.security.cert.CertificateException)
X500Name(org.bouncycastle.asn1.x500.X500Name)
IOException(java.io.IOException)
BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)
Date(java.util.Date)
OperatorException(org.bouncycastle.operator.OperatorException)
Example 77 with Extensions
use of org.bouncycastle.asn1.x509.Extensions in project athenz by yahoo.
the class Crypto method extractX509CSRSANField.
private static List<String> extractX509CSRSANField(PKCS10CertificationRequest certReq, int tagNo) {
List<String> values = new ArrayList<>();
Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
for (Attribute attribute : attributes) {
for (ASN1Encodable value : attribute.getAttributeValues()) {
Extensions extensions = Extensions.getInstance(value);
GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
// /CLOVER:OFF
if (gns == null) {
continue;
}
// /CLOVER:ON
for (GeneralName name : gns.getNames()) {
if (name.getTagNo() == tagNo) {
values.add(((DERIA5String) name.getName()).getString());
}
}
}
}
return values;
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Extensions(org.bouncycastle.asn1.x509.Extensions)
Example 78 with Extensions
use of org.bouncycastle.asn1.x509.Extensions in project robovm by robovm.
the class V3TBSCertificateGenerator method generateTBSCertificate.
public TBSCertificate generateTBSCertificate() {
if ((serialNumber == null) || (signature == null) || (issuer == null) || (startDate == null) || (endDate == null) || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null)) {
throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
}
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(version);
v.add(serialNumber);
v.add(signature);
v.add(issuer);
//
// before and after dates
//
ASN1EncodableVector validity = new ASN1EncodableVector();
validity.add(startDate);
validity.add(endDate);
v.add(new DERSequence(validity));
if (subject != null) {
v.add(subject);
} else {
v.add(new DERSequence());
}
v.add(subjectPublicKeyInfo);
if (issuerUniqueID != null) {
v.add(new DERTaggedObject(false, 1, issuerUniqueID));
}
if (subjectUniqueID != null) {
v.add(new DERTaggedObject(false, 2, subjectUniqueID));
}
if (extensions != null) {
v.add(new DERTaggedObject(true, 3, extensions));
}
return TBSCertificate.getInstance(new DERSequence(v));
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
Example 79 with Extensions
use of org.bouncycastle.asn1.x509.Extensions in project robovm by robovm.
the class X509Extensions method toASN1Primitive.
/**
* <pre>
* Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension
*
* Extension ::= SEQUENCE {
* extnId EXTENSION.&id ({ExtensionSet}),
* critical BOOLEAN DEFAULT FALSE,
* extnValue OCTET STRING }
* </pre>
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector vec = new ASN1EncodableVector();
Enumeration e = ordering.elements();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
X509Extension ext = (X509Extension) extensions.get(oid);
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(oid);
if (ext.isCritical()) {
v.add(DERBoolean.TRUE);
}
v.add(ext.getValue());
vec.add(new DERSequence(v));
}
return new DERSequence(vec);
}
Also used :
Enumeration(java.util.Enumeration)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 80 with Extensions
use of org.bouncycastle.asn1.x509.Extensions in project robovm by robovm.
the class X509V3CertificateGenerator method copyAndAddExtension.
/**
* add a given extension field for the standard extensions tag (tag 3)
* copying the extension value from another certificate.
* @throws CertificateParsingException if the extension cannot be extracted.
*/
public void copyAndAddExtension(String oid, boolean critical, X509Certificate cert) throws CertificateParsingException {
byte[] extValue = cert.getExtensionValue(oid);
if (extValue == null) {
throw new CertificateParsingException("extension " + oid + " not present");
}
try {
ASN1Encodable value = X509ExtensionUtil.fromExtensionValue(extValue);
this.addExtension(oid, critical, value);
} catch (IOException e) {
throw new CertificateParsingException(e.toString());
}
}
Also used :
CertificateParsingException(java.security.cert.CertificateParsingException)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
IOException(java.io.IOException)
Aggregations
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)67
Extensions (org.bouncycastle.asn1.x509.Extensions)62
Extension (org.bouncycastle.asn1.x509.Extension)58
IOException (java.io.IOException)45
DEROctetString (org.bouncycastle.asn1.DEROctetString)39
HashSet (java.util.HashSet)35
Enumeration (java.util.Enumeration)34
X500Name (org.bouncycastle.asn1.x500.X500Name)32
BigInteger (java.math.BigInteger)30
Date (java.util.Date)30
DERIA5String (org.bouncycastle.asn1.DERIA5String)26
X509Certificate (java.security.cert.X509Certificate)25
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)25
ContentSigner (org.bouncycastle.operator.ContentSigner)24
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)23
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)23
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)23
GeneralName (org.bouncycastle.asn1.x509.GeneralName)23
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)22
ArrayList (java.util.ArrayList)21
