use of org.mozilla.jss.netscape.security.x509.GeneralName in project wildfly-elytron by wildfly-security.
the class IssuerAlternativeNamesExtension method encodeTo.
public void encodeTo(final ASN1Encoder encoder) {
encoder.startSequence();
for (GeneralName name : issuerAlternativeNames) {
name.encodeTo(encoder);
}
encoder.endSequence();
}
use of org.mozilla.jss.netscape.security.x509.GeneralName in project wildfly-elytron by wildfly-security.
the class EntityUtil method decodeGeneralNames.
/* -- Methods used to decode ASN.1 data structures required for entity authentication -- */
/**
* Decode the next element from the given DER decoder as a {@code GeneralNames} element.
*
* @param decoder the DER decoder
* @return the general names
* @throws ASN1Exception if the next element from the given decoder is not a general names element
*/
public static List<GeneralName> decodeGeneralNames(final DERDecoder decoder) throws ASN1Exception {
List<GeneralName> generalNames = new ArrayList<GeneralName>();
GeneralName generalName = null;
decoder.startSequence();
while (decoder.hasNextElement()) {
out: {
for (int generalNameType = 0; generalNameType <= 8; generalNameType++) {
switch(generalNameType) {
case OTHER_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
decoder.decodeImplicit(generalNameType);
decoder.startSequence();
String typeId = decoder.decodeObjectIdentifier();
byte[] encodedValue = decoder.drainElement();
decoder.endSequence();
generalName = new OtherName(typeId, encodedValue);
break out;
}
break;
case RFC_822_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new RFC822Name(decoder.decodeIA5String());
break out;
}
break;
case DNS_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new DNSName(decoder.decodeIA5String());
break out;
}
break;
case X400_ADDRESS:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
decoder.decodeImplicit(generalNameType);
generalName = new X400Address(decoder.drainElementValue(), true);
break out;
}
break;
case DIRECTORY_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
byte[] encodedName = decoder.drainElementValue();
generalName = new DirectoryName((new X500Principal(encodedName)).getName(X500Principal.CANONICAL));
break out;
}
break;
case EDI_PARTY_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
decoder.decodeImplicit(generalNameType);
generalName = new EDIPartyName(decoder.drainElementValue(), true);
break out;
}
break;
case URI_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new URIName(decoder.decodeIA5String());
break out;
}
break;
case IP_ADDRESS:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new IPAddress(decoder.decodeOctetString());
break out;
}
break;
case REGISTERED_ID:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new RegisteredID(decoder.decodeObjectIdentifier());
break out;
}
break;
default:
throw saslEntity.asnInvalidGeneralNameType();
}
}
}
generalNames.add(generalName);
}
decoder.endSequence();
return generalNames;
}
use of org.mozilla.jss.netscape.security.x509.GeneralName in project wildfly-elytron by wildfly-security.
the class EntityUtil method encodeGeneralNames.
/**
* <p>
* Encode a {@code GeneralNames} element using the given DER encoder, where
* {@code GeneralNames} is defined as:
*
* <pre>
* GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
* </pre>
* </p>
*
* @param encoder the DER encoder
* @param generalNames the general names, as a {@code List} where each entry is a {@link GeneralName}
* @throws ASN1Exception if any of the general names are invalid
*/
public static void encodeGeneralNames(final DEREncoder encoder, List<GeneralName> generalNames) throws ASN1Exception {
encoder.startSequence();
for (GeneralName generalName : generalNames) {
generalName.encodeTo(encoder);
}
encoder.endSequence();
}
use of org.mozilla.jss.netscape.security.x509.GeneralName in project axelor-open-suite by axelor.
the class X509Generator method getAuthorityKeyIdentifier.
/**
* Returns the <code>AuthorityKeyIdentifier</code> corresponding to a given <code>PublicKey</code>
*
* @param publicKey the given public key
* @param issuer the certificate issuer
* @param serial the certificate serial number
* @return the authority key identifier of the public key
* @throws IOException
*/
private AuthorityKeyIdentifier getAuthorityKeyIdentifier(PublicKey publicKey, String issuer, BigInteger serial) throws IOException {
InputStream input;
SubjectPublicKeyInfo keyInfo;
ASN1EncodableVector vector;
input = new ByteArrayInputStream(publicKey.getEncoded());
try (final ASN1InputStream is = new ASN1InputStream(input)) {
keyInfo = SubjectPublicKeyInfo.getInstance((ASN1Sequence) is.readObject());
}
vector = new ASN1EncodableVector();
vector.add(new GeneralName(new X509Name(issuer)));
return new AuthorityKeyIdentifier(keyInfo, GeneralNames.getInstance(new DERSequence(vector)), serial);
}
use of org.mozilla.jss.netscape.security.x509.GeneralName in project dubbo-spi-extensions by apache.
the class IstioCitadelCertificateSigner method generateCsr.
private String generateCsr(PublicKey publicKey, ContentSigner signer) throws IOException {
GeneralNames subjectAltNames = new GeneralNames(new GeneralName[] { new GeneralName(6, istioEnv.getCsrHost()) });
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, true, subjectAltNames);
PKCS10CertificationRequest request = new JcaPKCS10CertificationRequestBuilder(new X500Name("O=" + istioEnv.getTrustDomain()), publicKey).addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()).build(signer);
String csr = generatePemKey("CERTIFICATE REQUEST", request.getEncoded());
if (logger.isDebugEnabled()) {
logger.debug("CSR Request to Istio Citadel. \n" + csr);
}
return csr;
}
Aggregations