use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method extKeyUsage.
public X509Builder extKeyUsage(ObjectIdentifier oid) {
try {
v3();
if (extendedKeyUsageExtensionList == null) {
extendedKeyUsageExtensionList = new Vector<ObjectIdentifier>();
}
extendedKeyUsageExtensionList.add(oid);
extendedKeyUsageExtension = new ExtendedKeyUsageExtension(extendedKeyUsageExtensionIsCritical, extendedKeyUsageExtensionList);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(extendedKeyUsageExtension.getExtensionId().toString(), extendedKeyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "extKeyUsage(%s)", oid.toString());
}
return this;
}
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method keyUsageDataEncipherment.
public X509Builder keyUsageDataEncipherment() {
// for encrypting data
try {
v3();
if (keyUsageExtension == null) {
keyUsageExtension = new KeyUsageExtension();
}
keyUsageExtension.set(KeyUsageExtension.DATA_ENCIPHERMENT, true);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "keyUsageDataEncipherment");
}
return this;
}
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method keyUsageDigitalSignature.
public X509Builder keyUsageDigitalSignature() {
// other than CA or CRL; so this applies to API clients
try {
v3();
if (keyUsageExtension == null) {
keyUsageExtension = new KeyUsageExtension();
}
keyUsageExtension.set(KeyUsageExtension.DIGITAL_SIGNATURE, true);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "keyUsageDigitalSignature");
}
return this;
}
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method dnsAlternativeName.
public X509Builder dnsAlternativeName(String dns) {
try {
v3();
String alternativeName = dns;
if (dns.startsWith("dns:")) {
alternativeName = dns.substring(4);
}
DNSName dnsName = new DNSName(alternativeName);
if (alternativeNames == null) {
alternativeNames = new GeneralNames();
}
alternativeNames.add(new GeneralName(dnsName));
SubjectAlternativeNameExtension san = new SubjectAlternativeNameExtension(alternativeNames);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(san.getExtensionId().toString(), san);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "dnsAlternativeName(%s)", dns);
}
return this;
}
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAM by OpenRock.
the class Cert method getTokenFromSubjectAltExt.
private void getTokenFromSubjectAltExt(X509Certificate cert) throws AuthLoginException {
try {
X509CertImpl certImpl = new X509CertImpl(cert.getEncoded());
X509CertInfo cinfo = new X509CertInfo(certImpl.getTBSCertificate());
CertificateExtensions exts = (CertificateExtensions) cinfo.get(X509CertInfo.EXTENSIONS);
SubjectAlternativeNameExtension altNameExt = (SubjectAlternativeNameExtension) exts.get(SubjectAlternativeNameExtension.NAME);
if (altNameExt != null) {
GeneralNames names = (GeneralNames) altNameExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
GeneralName generalname = null;
ObjectIdentifier upnoid = new ObjectIdentifier(UPNOID);
Iterator itr = (Iterator) names.iterator();
while ((userTokenId == null) && itr.hasNext()) {
generalname = (GeneralName) itr.next();
if (generalname != null) {
if (amAuthCert_subjectAltExtMapper.equalsIgnoreCase("UPN") && (generalname.getType() == GeneralNameInterface.NAME_ANY)) {
OtherName othername = (OtherName) generalname.getName();
if (upnoid.equals((Object) (othername.getOID()))) {
byte[] nval = othername.getNameValue();
DerValue derValue = new DerValue(nval);
userTokenId = derValue.getData().getUTF8String();
}
} else if (amAuthCert_subjectAltExtMapper.equalsIgnoreCase("RFC822Name") && (generalname.getType() == GeneralNameInterface.NAME_RFC822)) {
RFC822Name email = (RFC822Name) generalname.getName();
userTokenId = email.getName();
}
}
}
}
} catch (Exception e) {
debug.error("Certificate - " + "Error in getTokenFromSubjectAltExt = ", e);
throw new AuthLoginException(amAuthCert, "CertNoReg", null);
}
}
Aggregations