Examples with GeneralName org.bouncycastle.asn1.x509.GeneralName used on opensource projects

Example 96 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project fdroidclient by f-droid.

the class LocalRepoKeyStore method generateSelfSignedCertChain.

private Certificate generateSelfSignedCertChain(KeyPair kp, X500Name subject, String hostname) throws CertificateException, OperatorCreationException, IOException {
    SecureRandom rand = new SecureRandom();
    PrivateKey privKey = kp.getPrivate();
    PublicKey pubKey = kp.getPublic();
    ContentSigner sigGen = new JcaContentSignerBuilder(DEFAULT_SIG_ALG).build(privKey);
    SubjectPublicKeyInfo subPubKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(pubKey.getEncoded()));
    // now
    Date now = new Date();
    /* force it to use a English/Gregorian dates for the cert, hardly anyone
           ever looks at the cert metadata anyway, and its very likely that they
           understand English/Gregorian dates */
    Calendar c = new GregorianCalendar(Locale.ENGLISH);
    c.setTime(now);
    c.add(Calendar.YEAR, 1);
    Time startTime = new Time(now, Locale.ENGLISH);
    Time endTime = new Time(c.getTime(), Locale.ENGLISH);
    X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(subject, BigInteger.valueOf(rand.nextLong()), startTime, endTime, subject, subPubKeyInfo);
    if (hostname != null) {
        GeneralNames subjectAltName = new GeneralNames(new GeneralName(GeneralName.iPAddress, hostname));
        v3CertGen.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
    }
    X509CertificateHolder certHolder = v3CertGen.build(sigGen);
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}

Example 97 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project qpid-broker-j by apache.

the class TlsResourceBuilder method createDistributionPointExtension.

private static Extension createDistributionPointExtension(final String crlUri) throws CertificateException {
    try {
        final GeneralName generalName = new GeneralName(GeneralName.uniformResourceIdentifier, crlUri);
        final DistributionPointName pointName = new DistributionPointName(new GeneralNames(generalName));
        final DistributionPoint[] points = new DistributionPoint[] { new DistributionPoint(pointName, null, null) };
        return new Extension(Extension.cRLDistributionPoints, false, new CRLDistPoint(points).getEncoded());
    } catch (IOException e) {
        throw new CertificateException(e);
    }
}

Example 98 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project dcos-commons by mesosphere.

the class CertificateNamesGenerator method getSANs.

/**
 * Returns additional Subject Alternative Names for service certificates.
 */
public GeneralNames getSANs() {
    List<GeneralName> generalNames = new ArrayList<>();
    generalNames.add(new GeneralName(GeneralName.dNSName, autoIpHostname));
    // Process VIP names, if any
    vipSpecs.stream().map(vipSpec -> new GeneralName(GeneralName.dNSName, EndpointUtils.toVipHostname(serviceName, schedulerConfig, new EndpointUtils.VipInfo(vipSpec.getVipName(), (int) vipSpec.getPort())))).forEach(generalNames::add);
    return new GeneralNames(generalNames.toArray(new GeneralName[0]));
}

Example 99 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project dcos-commons by mesosphere.

the class CertificateAuthorityClientTest method createCSR.

private byte[] createCSR() throws IOException, OperatorCreationException {
    KeyPair keyPair = KEY_PAIR_GENERATOR.generateKeyPair();
    X500Name name = new X500NameBuilder().addRDN(BCStyle.CN, "issuer").build();
    ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
    extensionsGenerator.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature));
    extensionsGenerator.addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(new KeyPurposeId[] { KeyPurposeId.id_kp_clientAuth, KeyPurposeId.id_kp_serverAuth }));
    GeneralNames subAtlNames = new GeneralNames(new GeneralName[] { new GeneralName(GeneralName.dNSName, "test.com"), new GeneralName(GeneralName.iPAddress, TEST_IP_ADDR) });
    extensionsGenerator.addExtension(Extension.subjectAlternativeName, true, subAtlNames);
    ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").build(keyPair.getPrivate());
    PKCS10CertificationRequestBuilder csrBuilder = new JcaPKCS10CertificationRequestBuilder(name, keyPair.getPublic()).addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extensionsGenerator.generate());
    return PEMUtils.toPEM(csrBuilder.build(signer));
}

Example 100 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project robovm by robovm.

the class GeneralSubtree method toASN1Primitive.

/**
     * Produce an object suitable for an ASN1OutputStream.
     * 
     * Returns:
     * 
     * <pre>
     *       GeneralSubtree ::= SEQUENCE 
     *       {
     *         base                    GeneralName,
     *         minimum         [0]     BaseDistance DEFAULT 0,
     *         maximum         [1]     BaseDistance OPTIONAL 
     *       }
     * </pre>
     * 
     * @return a ASN1Primitive
     */
public ASN1Primitive toASN1Primitive() {
    ASN1EncodableVector v = new ASN1EncodableVector();
    v.add(base);
    if (minimum != null && !minimum.getValue().equals(ZERO)) {
        v.add(new DERTaggedObject(false, 0, minimum));
    }
    if (maximum != null) {
        v.add(new DERTaggedObject(false, 1, maximum));
    }
    return new DERSequence(v);
}