Example 11 with GeneralName
use of org.mozilla.jss.netscape.security.x509.GeneralName in project wildfly-elytron by wildfly-security.
the class IssuerAlternativeNamesExtension method encodeTo.
public void encodeTo(final ASN1Encoder encoder) {
encoder.startSequence();
for (GeneralName name : issuerAlternativeNames) {
name.encodeTo(encoder);
}
encoder.endSequence();
}
Also used :
GeneralName(org.wildfly.security.x500.GeneralName)
Example 12 with GeneralName
use of org.mozilla.jss.netscape.security.x509.GeneralName in project wildfly-elytron by wildfly-security.
the class EntityUtil method decodeGeneralNames.
/* -- Methods used to decode ASN.1 data structures required for entity authentication -- */
/**
* Decode the next element from the given DER decoder as a {@code GeneralNames} element.
*
* @param decoder the DER decoder
* @return the general names
* @throws ASN1Exception if the next element from the given decoder is not a general names element
*/
public static List<GeneralName> decodeGeneralNames(final DERDecoder decoder) throws ASN1Exception {
List<GeneralName> generalNames = new ArrayList<GeneralName>();
GeneralName generalName = null;
decoder.startSequence();
while (decoder.hasNextElement()) {
out: {
for (int generalNameType = 0; generalNameType <= 8; generalNameType++) {
switch(generalNameType) {
case OTHER_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
decoder.decodeImplicit(generalNameType);
decoder.startSequence();
String typeId = decoder.decodeObjectIdentifier();
byte[] encodedValue = decoder.drainElement();
decoder.endSequence();
generalName = new OtherName(typeId, encodedValue);
break out;
}
break;
case RFC_822_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new RFC822Name(decoder.decodeIA5String());
break out;
}
break;
case DNS_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new DNSName(decoder.decodeIA5String());
break out;
}
break;
case X400_ADDRESS:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
decoder.decodeImplicit(generalNameType);
generalName = new X400Address(decoder.drainElementValue(), true);
break out;
}
break;
case DIRECTORY_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
byte[] encodedName = decoder.drainElementValue();
generalName = new DirectoryName((new X500Principal(encodedName)).getName(X500Principal.CANONICAL));
break out;
}
break;
case EDI_PARTY_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, true)) {
decoder.decodeImplicit(generalNameType);
generalName = new EDIPartyName(decoder.drainElementValue(), true);
break out;
}
break;
case URI_NAME:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new URIName(decoder.decodeIA5String());
break out;
}
break;
case IP_ADDRESS:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new IPAddress(decoder.decodeOctetString());
break out;
}
break;
case REGISTERED_ID:
if (decoder.isNextType(CONTEXT_SPECIFIC_MASK, generalNameType, false)) {
decoder.decodeImplicit(generalNameType);
generalName = new RegisteredID(decoder.decodeObjectIdentifier());
break out;
}
break;
default:
throw saslEntity.asnInvalidGeneralNameType();
}
}
}
generalNames.add(generalName);
}
decoder.endSequence();
return generalNames;
}
Also used :
ArrayList(java.util.ArrayList)
X500Principal(javax.security.auth.x500.X500Principal)
GeneralName(org.wildfly.security.x500.GeneralName)
Example 13 with GeneralName
use of org.mozilla.jss.netscape.security.x509.GeneralName in project wildfly-elytron by wildfly-security.
the class EntityUtil method encodeGeneralNames.
/**
* <p>
* Encode a {@code GeneralNames} element using the given DER encoder, where
* {@code GeneralNames} is defined as:
*
* <pre>
* GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
* </pre>
* </p>
*
* @param encoder the DER encoder
* @param generalNames the general names, as a {@code List} where each entry is a {@link GeneralName}
* @throws ASN1Exception if any of the general names are invalid
*/
public static void encodeGeneralNames(final DEREncoder encoder, List<GeneralName> generalNames) throws ASN1Exception {
encoder.startSequence();
for (GeneralName generalName : generalNames) {
generalName.encodeTo(encoder);
}
encoder.endSequence();
}
Also used :
GeneralName(org.wildfly.security.x500.GeneralName)
Example 14 with GeneralName
use of org.mozilla.jss.netscape.security.x509.GeneralName in project axelor-open-suite by axelor.
the class X509Generator method getAuthorityKeyIdentifier.
/**
* Returns the <code>AuthorityKeyIdentifier</code> corresponding to a given <code>PublicKey</code>
*
* @param publicKey the given public key
* @param issuer the certificate issuer
* @param serial the certificate serial number
* @return the authority key identifier of the public key
* @throws IOException
*/
private AuthorityKeyIdentifier getAuthorityKeyIdentifier(PublicKey publicKey, String issuer, BigInteger serial) throws IOException {
InputStream input;
SubjectPublicKeyInfo keyInfo;
ASN1EncodableVector vector;
input = new ByteArrayInputStream(publicKey.getEncoded());
try (final ASN1InputStream is = new ASN1InputStream(input)) {
keyInfo = SubjectPublicKeyInfo.getInstance((ASN1Sequence) is.readObject());
}
vector = new ASN1EncodableVector();
vector.add(new GeneralName(new X509Name(issuer)));
return new AuthorityKeyIdentifier(keyInfo, GeneralNames.getInstance(new DERSequence(vector)), serial);
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
X509Name(org.bouncycastle.asn1.x509.X509Name)
DERSequence(org.bouncycastle.asn1.DERSequence)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ByteArrayInputStream(java.io.ByteArrayInputStream)
InputStream(java.io.InputStream)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo)
Example 15 with GeneralName
use of org.mozilla.jss.netscape.security.x509.GeneralName in project dubbo-spi-extensions by apache.
the class IstioCitadelCertificateSigner method generateCsr.
private String generateCsr(PublicKey publicKey, ContentSigner signer) throws IOException {
GeneralNames subjectAltNames = new GeneralNames(new GeneralName[] { new GeneralName(6, istioEnv.getCsrHost()) });
ExtensionsGenerator extGen = new ExtensionsGenerator();
extGen.addExtension(Extension.subjectAlternativeName, true, subjectAltNames);
PKCS10CertificationRequest request = new JcaPKCS10CertificationRequestBuilder(new X500Name("O=" + istioEnv.getTrustDomain()), publicKey).addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate()).build(signer);
String csr = generatePemKey("CERTIFICATE REQUEST", request.getEncoded());
if (logger.isDebugEnabled()) {
logger.debug("CSR Request to Istio Citadel. \n" + csr);
}
return csr;
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
X500Name(org.bouncycastle.asn1.x500.X500Name)
ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)
Aggregations
GeneralName (org.bouncycastle.asn1.x509.GeneralName)238
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)113
IOException (java.io.IOException)110
ArrayList (java.util.ArrayList)76
DERIA5String (org.bouncycastle.asn1.DERIA5String)53
X500Name (org.bouncycastle.asn1.x500.X500Name)52
X509Certificate (java.security.cert.X509Certificate)51
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)48
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)47
List (java.util.List)40
BigInteger (java.math.BigInteger)37
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)37
DEROctetString (org.bouncycastle.asn1.DEROctetString)36
ContentSigner (org.bouncycastle.operator.ContentSigner)35
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)31
GeneralName (com.github.zhenwei.core.asn1.x509.GeneralName)30
Date (java.util.Date)30
X500Principal (javax.security.auth.x500.X500Principal)29
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)29
JcaX509v3CertificateBuilder (org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder)29
