use of org.mozilla.jss.netscape.security.x509.X500Name in project X-Road by nordic-institute.
the class FISubjectClientIdDecoderTest method generateSelfSignedCertificate.
private X509Certificate generateSelfSignedCertificate(String dn, KeyPair pair) throws OperatorCreationException, CertificateException {
ContentSigner signer = new JcaContentSignerBuilder(CryptoUtils.SHA256WITHRSA_ID).build(pair.getPrivate());
X500Name name = new X500Name(dn);
JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(name, BigInteger.ONE, new Date(), new Date(), name, pair.getPublic());
return new JcaX509CertificateConverter().getCertificate(builder.build(signer));
}
use of org.mozilla.jss.netscape.security.x509.X500Name in project X-Road by nordic-institute.
the class AbstractGenerateCertRequest method buildSignedCertRequest.
PKCS10CertificationRequest buildSignedCertRequest(TokenAndKey tokenAndKey, String subjectName) throws Exception {
if (tokenAndKey.getKey().getPublicKey() == null) {
throw new CodedException(X_INTERNAL_ERROR, "Key '%s' has no public key", tokenAndKey.getKeyId());
}
PublicKey publicKey = readPublicKey(tokenAndKey.getKey().getPublicKey());
JcaPKCS10CertificationRequestBuilder certRequestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name(subjectName), publicKey);
ContentSigner signer = new TokenContentSigner(tokenAndKey, this);
PKCS10CertificationRequest request = certRequestBuilder.build(signer);
return request;
}
use of org.mozilla.jss.netscape.security.x509.X500Name in project X-Road by nordic-institute.
the class CertUtils method getSubjectSerialNumber.
/**
* @param cert certificate from which to get the subject serial number
* @return the SerialNumber component of the Subject field.
*/
public static String getSubjectSerialNumber(X509Certificate cert) {
X500Principal principal = cert.getSubjectX500Principal();
X500Name x500name = new X500Name(principal.getName());
return getRDNValue(x500name, BCStyle.SERIALNUMBER);
}
use of org.mozilla.jss.netscape.security.x509.X500Name in project X-Road by nordic-institute.
the class FISubjectClientIdDecoder method getSubjectClientId.
/**
* @param cert certificate from which to construct the client ID
* @return a fully constructed Client identifier from DN of the certificate.
*/
public static ClientId getSubjectClientId(X509Certificate cert) {
X500Principal principal = cert.getSubjectX500Principal();
X500Name x500name = new X500Name(principal.getName());
if (getRDNValue(x500name, BCStyle.SERIALNUMBER) == null) {
if (getRDNValue(x500name, BCStyle.OU) == null) {
return CertUtils.getSubjectClientId(cert);
}
return parseClientIdFromLegacyName(x500name);
}
return parseClientId(x500name);
}
use of org.mozilla.jss.netscape.security.x509.X500Name in project bitcoinj by bitcoinj.
the class X509Utils method getDisplayNameFromCertificate.
/**
* Returns either a string that "sums up" the certificate for humans, in a similar manner to what you might see
* in a web browser, or null if one cannot be extracted. This will typically be the common name (CN) field, but
* can also be the org (O) field, org+location+country if withLocation is set, or the email
* address for S/MIME certificates.
*/
@Nullable
public static String getDisplayNameFromCertificate(@Nonnull X509Certificate certificate, boolean withLocation) throws CertificateParsingException {
X500Name name = new X500Name(certificate.getSubjectX500Principal().getName());
String commonName = null, org = null, location = null, country = null;
for (RDN rdn : name.getRDNs()) {
AttributeTypeAndValue pair = rdn.getFirst();
String val = ((ASN1String) pair.getValue()).getString();
ASN1ObjectIdentifier type = pair.getType();
if (type.equals(RFC4519Style.cn))
commonName = val;
else if (type.equals(RFC4519Style.o))
org = val;
else if (type.equals(RFC4519Style.l))
location = val;
else if (type.equals(RFC4519Style.c))
country = val;
}
final Collection<List<?>> subjectAlternativeNames = certificate.getSubjectAlternativeNames();
String altName = null;
if (subjectAlternativeNames != null)
for (final List<?> subjectAlternativeName : subjectAlternativeNames) if (// rfc822name
(Integer) subjectAlternativeName.get(0) == 1)
altName = (String) subjectAlternativeName.get(1);
if (org != null) {
return withLocation ? Joiner.on(", ").skipNulls().join(org, location, country) : org;
} else if (commonName != null) {
return commonName;
} else {
return altName;
}
}
Aggregations