use of org.bouncycastle.asn1.x509.GeneralName in project athenz by yahoo.
the class Crypto method extractX509CSRDnsNames.
public static List<String> extractX509CSRDnsNames(PKCS10CertificationRequest certReq) {
List<String> dnsNames = new ArrayList<>();
Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
for (Attribute attribute : attributes) {
for (ASN1Encodable value : attribute.getAttributeValues()) {
Extensions extensions = Extensions.getInstance(value);
GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
for (GeneralName name : gns.getNames()) {
if (name.getTagNo() == GeneralName.dNSName) {
dnsNames.add(((DERIA5String) name.getName()).getString());
}
}
}
}
return dnsNames;
}
use of org.bouncycastle.asn1.x509.GeneralName in project fdroidclient by f-droid.
the class LocalRepoKeyStore method generateSelfSignedCertChain.
private Certificate generateSelfSignedCertChain(KeyPair kp, X500Name subject, String hostname) throws CertificateException, OperatorCreationException, IOException {
SecureRandom rand = new SecureRandom();
PrivateKey privKey = kp.getPrivate();
PublicKey pubKey = kp.getPublic();
ContentSigner sigGen = new JcaContentSignerBuilder(DEFAULT_SIG_ALG).build(privKey);
SubjectPublicKeyInfo subPubKeyInfo = new SubjectPublicKeyInfo(ASN1Sequence.getInstance(pubKey.getEncoded()));
// now
Date now = new Date();
/* force it to use a English/Gregorian dates for the cert, hardly anyone
ever looks at the cert metadata anyway, and its very likely that they
understand English/Gregorian dates */
Calendar c = new GregorianCalendar(Locale.ENGLISH);
c.setTime(now);
c.add(Calendar.YEAR, 1);
Time startTime = new Time(now, Locale.ENGLISH);
Time endTime = new Time(c.getTime(), Locale.ENGLISH);
X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(subject, BigInteger.valueOf(rand.nextLong()), startTime, endTime, subject, subPubKeyInfo);
if (hostname != null) {
GeneralNames subjectAltName = new GeneralNames(new GeneralName(GeneralName.iPAddress, hostname));
v3CertGen.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
}
X509CertificateHolder certHolder = v3CertGen.build(sigGen);
return new JcaX509CertificateConverter().getCertificate(certHolder);
}
use of org.bouncycastle.asn1.x509.GeneralName in project keystore-explorer by kaikramer.
the class X509Ext method getSubjectInformationAccessStringValue.
private String getSubjectInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
SubjectInfoAccess subjectInfoAccess = SubjectInfoAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : subjectInfoAccess.getAccessDescriptionList()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else // Unrecognised Access Method OID
{
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("SubjectInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(INDENT);
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
use of org.bouncycastle.asn1.x509.GeneralName in project keystore-explorer by kaikramer.
the class X509Ext method getProcurationStringValue.
private String getProcurationStringValue(byte[] octets) throws IOException {
// @formatter:off
/*
ProcurationSyntax ::= SEQUENCE
{
country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
typeOfSubstitution [2] EXPLICIT DirectoryString(SIZE(1..128)) OPTIONAL,
signingFor [3] EXPLICIT SigningFor
}
SigningFor ::= CHOICE
{
thirdPerson GeneralName,
certRef IssuerSerial
}
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
ProcurationSyntax procurationSyntax = ProcurationSyntax.getInstance(octets);
String country = procurationSyntax.getCountry();
DirectoryString typeOfSubstitution = procurationSyntax.getTypeOfSubstitution();
GeneralName thirdPerson = procurationSyntax.getThirdPerson();
IssuerSerial certRef = procurationSyntax.getCertRef();
if (country != null) {
sb.append(MessageFormat.format(res.getString("Procuration.Country"), country));
sb.append(NEWLINE);
}
if (typeOfSubstitution != null) {
sb.append(MessageFormat.format(res.getString("Procuration.TypeOfSubstitution"), typeOfSubstitution.toString()));
sb.append(NEWLINE);
}
if (thirdPerson != null) {
sb.append(MessageFormat.format(res.getString("Procuration.ThirdPerson"), GeneralNameUtil.toString(thirdPerson)));
sb.append(NEWLINE);
}
if (certRef != null) {
sb.append(res.getString("Procuration.CertRef"));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("Procuration.CertRef.Issuer"));
for (GeneralName generalName : certRef.getIssuer().getNames()) {
sb.append(INDENT);
sb.append(INDENT);
sb.append(GeneralNameUtil.toString(generalName));
sb.append(NEWLINE);
}
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("Procuration.CertRef.SN"), HexUtil.getHexString(certRef.getSerial().getValue())));
sb.append(NEWLINE);
}
return sb.toString();
}
use of org.bouncycastle.asn1.x509.GeneralName in project keystore-explorer by kaikramer.
the class DGeneralNameChooser method okPressed.
private void okPressed() {
try {
GeneralName newGeneralName = null;
if (jrbDirectoryName.isSelected()) {
X500Name directoryName = jdnDirectoryName.getDistinguishedName();
if (directoryName == null) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.DirectoryNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
newGeneralName = new GeneralName(GeneralName.directoryName, directoryName);
} else if (jrbDnsName.isSelected()) {
String dnsName = jtfDnsName.getText().trim();
if (dnsName.length() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.DnsNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
newGeneralName = new GeneralName(GeneralName.dNSName, new DERIA5String(dnsName));
} else if (jrbIpAddress.isSelected()) {
String ipAddress = jtfIpAddress.getText().trim();
if (ipAddress.length() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.IpAddressValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
if (!IPAddress.isValid(ipAddress)) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.NotAValidIP.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
newGeneralName = new GeneralName(GeneralName.iPAddress, ipAddress);
} else if (jrbRegisteredId.isSelected()) {
ASN1ObjectIdentifier registeredId = joiRegisteredId.getObjectId();
if (registeredId == null) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.RegisteredIdValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
newGeneralName = new GeneralName(GeneralName.registeredID, registeredId);
} else if (jrbRfc822Name.isSelected()) {
String rfc822Name = jtfRfc822Name.getText().trim();
if (rfc822Name.length() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.Rfc822NameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
newGeneralName = new GeneralName(GeneralName.rfc822Name, new DERIA5String(rfc822Name));
} else if (jrbUniformResourceIdentifier.isSelected()) {
String uniformResourceIdentifier = jtfUniformResourceIdentifier.getText().trim();
if (uniformResourceIdentifier.length() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.UniformResourceIdentifierValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
newGeneralName = new GeneralName(GeneralName.uniformResourceIdentifier, new DERIA5String(uniformResourceIdentifier));
} else if (jrbPrincipalName.isSelected()) {
String upnString = jtfPrincipalName.getText().trim();
if (upnString.length() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.PrincipalNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
ASN1EncodableVector asn1Vector = new ASN1EncodableVector();
asn1Vector.add(new ASN1ObjectIdentifier(GeneralNameUtil.UPN_OID));
asn1Vector.add(new DERTaggedObject(true, 0, new DERUTF8String(upnString)));
newGeneralName = new GeneralName(GeneralName.otherName, new DERSequence(asn1Vector));
}
generalName = newGeneralName;
} catch (Exception ex) {
DError dError = new DError(this, ex);
dError.setLocationRelativeTo(this);
dError.setVisible(true);
return;
}
closeDialog();
}
Aggregations