Search in sources :

Example 21 with JcaX509CertificateHolder

use of org.bouncycastle.cert.jcajce.JcaX509CertificateHolder in project Conversations by siacs.

the class CryptoHelper method extractCertificateInformation.

public static Bundle extractCertificateInformation(X509Certificate certificate) {
    Bundle information = new Bundle();
    try {
        JcaX509CertificateHolder holder = new JcaX509CertificateHolder(certificate);
        X500Name subject = holder.getSubject();
        try {
            information.putString("subject_cn", subject.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
        } catch (Exception e) {
        // ignored
        }
        try {
            information.putString("subject_o", subject.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
        } catch (Exception e) {
        // ignored
        }
        X500Name issuer = holder.getIssuer();
        try {
            information.putString("issuer_cn", issuer.getRDNs(BCStyle.CN)[0].getFirst().getValue().toString());
        } catch (Exception e) {
        // ignored
        }
        try {
            information.putString("issuer_o", issuer.getRDNs(BCStyle.O)[0].getFirst().getValue().toString());
        } catch (Exception e) {
        // ignored
        }
        try {
            information.putString("sha1", getFingerprintCert(certificate.getEncoded()));
        } catch (Exception e) {
        }
        return information;
    } catch (CertificateEncodingException e) {
        return information;
    }
}
Also used : Bundle(android.os.Bundle) CertificateEncodingException(java.security.cert.CertificateEncodingException) X500Name(org.bouncycastle.asn1.x500.X500Name) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) CertificateParsingException(java.security.cert.CertificateParsingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertificateEncodingException(java.security.cert.CertificateEncodingException)

Example 22 with JcaX509CertificateHolder

use of org.bouncycastle.cert.jcajce.JcaX509CertificateHolder in project Conversations by siacs.

the class CryptoHelper method extractJidAndName.

public static Pair<Jid, String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, IllegalArgumentException, CertificateParsingException {
    Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
    List<String> emails = new ArrayList<>();
    if (alternativeNames != null) {
        for (List<?> san : alternativeNames) {
            Integer type = (Integer) san.get(0);
            if (type == 1) {
                emails.add((String) san.get(1));
            }
        }
    }
    X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
    if (emails.size() == 0 && x500name.getRDNs(BCStyle.EmailAddress).length > 0) {
        emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
    }
    String name = x500name.getRDNs(BCStyle.CN).length > 0 ? IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()) : null;
    if (emails.size() >= 1) {
        return new Pair<>(Jid.of(emails.get(0)), name);
    } else if (name != null) {
        try {
            Jid jid = Jid.of(name);
            if (jid.isBareJid() && jid.getLocal() != null) {
                return new Pair<>(jid, null);
            }
        } catch (IllegalArgumentException e) {
            return null;
        }
    }
    return null;
}
Also used : Jid(eu.siacs.conversations.xmpp.Jid) ArrayList(java.util.ArrayList) X500Name(org.bouncycastle.asn1.x500.X500Name) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) ArrayList(java.util.ArrayList) List(java.util.List) Pair(android.util.Pair)

Example 23 with JcaX509CertificateHolder

use of org.bouncycastle.cert.jcajce.JcaX509CertificateHolder in project syncany by syncany.

the class WebServer method certificateCommonNameChanged.

private boolean certificateCommonNameChanged(String certificateCommonName) {
    try {
        KeyStore userKeyStore = UserConfig.getUserKeyStore();
        X509Certificate currentCertificate = (X509Certificate) userKeyStore.getCertificate(CipherParams.CERTIFICATE_IDENTIFIER);
        if (currentCertificate != null) {
            X500Name currentCertificateSubject = new JcaX509CertificateHolder(currentCertificate).getSubject();
            RDN currentCertificateSubjectCN = currentCertificateSubject.getRDNs(BCStyle.CN)[0];
            String currentCertificateSubjectCnStr = IETFUtils.valueToString(currentCertificateSubjectCN.getFirst().getValue());
            if (!certificateCommonName.equals(currentCertificateSubjectCnStr)) {
                logger.log(Level.INFO, "- Certificate regeneration necessary: Cert common name in daemon config changed from " + currentCertificateSubjectCnStr + " to " + certificateCommonName + ".");
                return true;
            }
        } else {
            logger.log(Level.INFO, "- Certificate regeneration necessary, because no certificate found in key store.");
            return true;
        }
        return false;
    } catch (Exception e) {
        throw new RuntimeException("Cannot (re-)generate server certificate for hostname: " + certificateCommonName, e);
    }
}
Also used : X500Name(org.bouncycastle.asn1.x500.X500Name) KeyStore(java.security.KeyStore) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) RDN(org.bouncycastle.asn1.x500.RDN) X509Certificate(java.security.cert.X509Certificate)

Example 24 with JcaX509CertificateHolder

use of org.bouncycastle.cert.jcajce.JcaX509CertificateHolder in project athenz by yahoo.

the class SocketTest method getCN.

private String getCN(Certificate[] certificates) throws CertificateEncodingException {
    final X509Certificate[] clientCerts = (X509Certificate[]) certificates;
    final X500Name certificateHolder = new JcaX509CertificateHolder(clientCerts[0]).getSubject();
    final RDN commonName = certificateHolder.getRDNs(BCStyle.CN)[0];
    return IETFUtils.valueToString(commonName.getFirst().getValue());
}
Also used : X500Name(org.bouncycastle.asn1.x500.X500Name) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) RDN(org.bouncycastle.asn1.x500.RDN) X509Certificate(java.security.cert.X509Certificate)

Example 25 with JcaX509CertificateHolder

use of org.bouncycastle.cert.jcajce.JcaX509CertificateHolder in project Pix-Art-Messenger by kriztan.

the class XmppDomainVerifier method getCommonNames.

private static List<String> getCommonNames(X509Certificate certificate) {
    List<String> domains = new ArrayList<>();
    try {
        X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
        RDN[] rdns = x500name.getRDNs(BCStyle.CN);
        for (int i = 0; i < rdns.length; ++i) {
            domains.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[i].getFirst().getValue()));
        }
        return domains;
    } catch (CertificateEncodingException e) {
        return domains;
    }
}
Also used : ArrayList(java.util.ArrayList) CertificateEncodingException(java.security.cert.CertificateEncodingException) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) X500Name(org.bouncycastle.asn1.x500.X500Name) JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder) RDN(org.bouncycastle.asn1.x500.RDN)

Aggregations

JcaX509CertificateHolder (org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)28 X500Name (org.bouncycastle.asn1.x500.X500Name)17 CertificateEncodingException (java.security.cert.CertificateEncodingException)13 X509Certificate (java.security.cert.X509Certificate)12 IOException (java.io.IOException)11 RDN (org.bouncycastle.asn1.x500.RDN)11 ArrayList (java.util.ArrayList)8 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)7 ByteArrayInputStream (java.io.ByteArrayInputStream)5 GeneralSecurityException (java.security.GeneralSecurityException)5 CertificateFactory (java.security.cert.CertificateFactory)5 DERIA5String (org.bouncycastle.asn1.DERIA5String)5 InputStream (java.io.InputStream)4 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)4 ContentSigner (org.bouncycastle.operator.ContentSigner)4 MalformedURLException (java.net.MalformedURLException)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)3 Extension (org.bouncycastle.asn1.x509.Extension)3 OperatorCreationException (org.bouncycastle.operator.OperatorCreationException)3