Example 1 with GeneralNamesBuilder
use of org.bouncycastle.asn1.x509.GeneralNamesBuilder in project ddf by codice.
the class CertificateSigningRequestTest method testNewCertificateBuilderWithSan.
@Test
public void testNewCertificateBuilderWithSan() throws Exception {
final DateTime start = DateTime.now().minusDays(1);
final DateTime end = start.plusYears(100);
final KeyPair kp = makeKeyPair();
csr.setSerialNumber(1);
csr.setNotBefore(start);
csr.setNotAfter(end);
csr.setCommonName("A");
csr.setSubjectKeyPair(kp);
csr.addSubjectAlternativeNames("IP:1.2.3.4", "DNS:A");
final X509Certificate issuerCert = mock(X509Certificate.class);
doReturn(new X500Principal("CN=Duke, OU=JavaSoft, O=Sun Microsystems, C=US")).when(issuerCert).getSubjectX500Principal();
final JcaX509v3CertificateBuilder builder = csr.newCertificateBuilder(issuerCert);
final X509CertificateHolder holder = builder.build(new DemoCertificateAuthority().getContentSigner());
assertThat(holder.getSerialNumber(), equalTo(BigInteger.ONE));
assertThat(holder.getNotBefore(), equalTo(new Time(start.toDate()).getDate()));
assertThat(holder.getNotAfter(), equalTo(new Time(end.toDate()).getDate()));
assertThat(holder.getSubject().toString(), equalTo("cn=A"));
assertThat("Unable to validate public key", holder.getSubjectPublicKeyInfo(), equalTo(SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded())));
final org.bouncycastle.asn1.x509.Extension csn = holder.getExtension(org.bouncycastle.asn1.x509.Extension.subjectAlternativeName);
assertThat(csn.getParsedValue().toASN1Primitive().getEncoded(ASN1Encoding.DER), equalTo(new GeneralNamesBuilder().addName(new GeneralName(GeneralName.iPAddress, "1.2.3.4")).addName(new GeneralName(GeneralName.dNSName, "A")).build().getEncoded(ASN1Encoding.DER)));
}
Also used :
KeyPair(java.security.KeyPair)
Time(org.bouncycastle.asn1.x509.Time)
DateTime(org.joda.time.DateTime)
DateTime(org.joda.time.DateTime)
X509Certificate(java.security.cert.X509Certificate)
GeneralNamesBuilder(org.bouncycastle.asn1.x509.GeneralNamesBuilder)
JcaX509v3CertificateBuilder(org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)
X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)
X500Principal(javax.security.auth.x500.X500Principal)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Test(org.junit.Test)
Example 2 with GeneralNamesBuilder
use of org.bouncycastle.asn1.x509.GeneralNamesBuilder in project credhub by cloudfoundry-incubator.
the class CertificateGenerationParameters method buildAlternativeNames.
private GeneralNames buildAlternativeNames(CertificateGenerationRequestParameters params) {
String[] alternativeNamesList = params.getAlternativeNames();
if (alternativeNamesList == null) {
return null;
}
GeneralNamesBuilder builder = new GeneralNamesBuilder();
for (String name : alternativeNamesList) {
if (InetAddresses.isInetAddress(name)) {
builder.addName(new GeneralName(GeneralName.iPAddress, name));
} else {
builder.addName(new GeneralName(GeneralName.dNSName, name));
}
}
return builder.build();
}
Also used :
GeneralNamesBuilder(org.bouncycastle.asn1.x509.GeneralNamesBuilder)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
Aggregations
GeneralName (org.bouncycastle.asn1.x509.GeneralName)2
GeneralNamesBuilder (org.bouncycastle.asn1.x509.GeneralNamesBuilder)2
KeyPair (java.security.KeyPair)1
X509Certificate (java.security.cert.X509Certificate)1
X500Principal (javax.security.auth.x500.X500Principal)1
Time (org.bouncycastle.asn1.x509.Time)1
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)1
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)1
DateTime (org.joda.time.DateTime)1
Test (org.junit.Test)1
