Example 6 with CertificateExtensions
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method extKeyUsage.
public X509Builder extKeyUsage(ObjectIdentifier oid) {
try {
v3();
if (extendedKeyUsageExtensionList == null) {
extendedKeyUsageExtensionList = new Vector<ObjectIdentifier>();
}
extendedKeyUsageExtensionList.add(oid);
extendedKeyUsageExtension = new ExtendedKeyUsageExtension(extendedKeyUsageExtensionIsCritical, extendedKeyUsageExtensionList);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(extendedKeyUsageExtension.getExtensionId().toString(), extendedKeyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "extKeyUsage(%s)", oid.toString());
}
return this;
}
Also used :
ExtendedKeyUsageExtension(sun.security.x509.ExtendedKeyUsageExtension)
CertificateExtensions(sun.security.x509.CertificateExtensions)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Example 7 with CertificateExtensions
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method keyUsageDataEncipherment.
public X509Builder keyUsageDataEncipherment() {
// for encrypting data
try {
v3();
if (keyUsageExtension == null) {
keyUsageExtension = new KeyUsageExtension();
}
keyUsageExtension.set(KeyUsageExtension.DATA_ENCIPHERMENT, true);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "keyUsageDataEncipherment");
}
return this;
}
Also used :
CertificateExtensions(sun.security.x509.CertificateExtensions)
KeyUsageExtension(sun.security.x509.KeyUsageExtension)
ExtendedKeyUsageExtension(sun.security.x509.ExtendedKeyUsageExtension)
Example 8 with CertificateExtensions
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method keyUsageDigitalSignature.
public X509Builder keyUsageDigitalSignature() {
// other than CA or CRL; so this applies to API clients
try {
v3();
if (keyUsageExtension == null) {
keyUsageExtension = new KeyUsageExtension();
}
keyUsageExtension.set(KeyUsageExtension.DIGITAL_SIGNATURE, true);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "keyUsageDigitalSignature");
}
return this;
}
Also used :
CertificateExtensions(sun.security.x509.CertificateExtensions)
KeyUsageExtension(sun.security.x509.KeyUsageExtension)
ExtendedKeyUsageExtension(sun.security.x509.ExtendedKeyUsageExtension)
Example 9 with CertificateExtensions
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAttestation by OpenAttestation.
the class X509Builder method dnsAlternativeName.
public X509Builder dnsAlternativeName(String dns) {
try {
v3();
String alternativeName = dns;
if (dns.startsWith("dns:")) {
alternativeName = dns.substring(4);
}
DNSName dnsName = new DNSName(alternativeName);
if (alternativeNames == null) {
alternativeNames = new GeneralNames();
}
alternativeNames.add(new GeneralName(dnsName));
SubjectAlternativeNameExtension san = new SubjectAlternativeNameExtension(alternativeNames);
if (certificateExtensions == null) {
certificateExtensions = new CertificateExtensions();
}
certificateExtensions.set(san.getExtensionId().toString(), san);
info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
} catch (Exception e) {
fault(e, "dnsAlternativeName(%s)", dns);
}
return this;
}
Also used :
GeneralNames(sun.security.x509.GeneralNames)
SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension)
CertificateExtensions(sun.security.x509.CertificateExtensions)
GeneralName(sun.security.x509.GeneralName)
DNSName(sun.security.x509.DNSName)
Example 10 with CertificateExtensions
use of org.mozilla.jss.netscape.security.x509.CertificateExtensions in project OpenAM by OpenRock.
the class Cert method getTokenFromSubjectAltExt.
private void getTokenFromSubjectAltExt(X509Certificate cert) throws AuthLoginException {
try {
X509CertImpl certImpl = new X509CertImpl(cert.getEncoded());
X509CertInfo cinfo = new X509CertInfo(certImpl.getTBSCertificate());
CertificateExtensions exts = (CertificateExtensions) cinfo.get(X509CertInfo.EXTENSIONS);
SubjectAlternativeNameExtension altNameExt = (SubjectAlternativeNameExtension) exts.get(SubjectAlternativeNameExtension.NAME);
if (altNameExt != null) {
GeneralNames names = (GeneralNames) altNameExt.get(SubjectAlternativeNameExtension.SUBJECT_NAME);
GeneralName generalname = null;
ObjectIdentifier upnoid = new ObjectIdentifier(UPNOID);
Iterator itr = (Iterator) names.iterator();
while ((userTokenId == null) && itr.hasNext()) {
generalname = (GeneralName) itr.next();
if (generalname != null) {
if (amAuthCert_subjectAltExtMapper.equalsIgnoreCase("UPN") && (generalname.getType() == GeneralNameInterface.NAME_ANY)) {
OtherName othername = (OtherName) generalname.getName();
if (upnoid.equals((Object) (othername.getOID()))) {
byte[] nval = othername.getNameValue();
DerValue derValue = new DerValue(nval);
userTokenId = derValue.getData().getUTF8String();
}
} else if (amAuthCert_subjectAltExtMapper.equalsIgnoreCase("RFC822Name") && (generalname.getType() == GeneralNameInterface.NAME_RFC822)) {
RFC822Name email = (RFC822Name) generalname.getName();
userTokenId = email.getName();
}
}
}
}
} catch (Exception e) {
debug.error("Certificate - " + "Error in getTokenFromSubjectAltExt = ", e);
throw new AuthLoginException(amAuthCert, "CertNoReg", null);
}
}
Also used :
X509CertInfo(sun.security.x509.X509CertInfo)
SubjectAlternativeNameExtension(sun.security.x509.SubjectAlternativeNameExtension)
OtherName(sun.security.x509.OtherName)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
CertificateExtensions(sun.security.x509.CertificateExtensions)
UnsupportedCallbackException(javax.security.auth.callback.UnsupportedCallbackException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
GeneralNames(sun.security.x509.GeneralNames)
RFC822Name(sun.security.x509.RFC822Name)
X509CertImpl(sun.security.x509.X509CertImpl)
DerValue(sun.security.util.DerValue)
Iterator(java.util.Iterator)
GeneralName(sun.security.x509.GeneralName)
ObjectIdentifier(sun.security.util.ObjectIdentifier)
Aggregations
CertificateExtensions (sun.security.x509.CertificateExtensions)21
KeyUsageExtension (sun.security.x509.KeyUsageExtension)9
IOException (java.io.IOException)8
Date (java.util.Date)8
ExtendedKeyUsageExtension (sun.security.x509.ExtendedKeyUsageExtension)8
SubjectAlternativeNameExtension (sun.security.x509.SubjectAlternativeNameExtension)7
CertificateException (java.security.cert.CertificateException)6
GeneralName (sun.security.x509.GeneralName)6
GeneralNames (sun.security.x509.GeneralNames)6
X509CertImpl (sun.security.x509.X509CertImpl)6
X509CertInfo (sun.security.x509.X509CertInfo)6
CertificateExtensions (org.mozilla.jss.netscape.security.x509.CertificateExtensions)5
ObjectIdentifier (sun.security.util.ObjectIdentifier)4
X500Name (sun.security.x509.X500Name)4
BigInteger (java.math.BigInteger)3
SecureRandom (java.security.SecureRandom)3
X509Certificate (java.security.cert.X509Certificate)3
ObjectIdentifier (org.mozilla.jss.netscape.security.util.ObjectIdentifier)3
CertificateX509Key (org.mozilla.jss.netscape.security.x509.CertificateX509Key)3
X509CertInfo (org.mozilla.jss.netscape.security.x509.X509CertInfo)3
