Example 46 with ASN1Encodable
use of org.openecard.bouncycastle.asn1.ASN1Encodable in project xipki by xipki.
the class P12ComplexCsrGenCmd method getSubject.
@Override
protected X500Name getSubject(String subject) {
X500Name name = new X500Name(subject);
List<RDN> list = new LinkedList<>();
RDN[] rs = name.getRDNs();
for (RDN m : rs) {
list.add(m);
}
ASN1ObjectIdentifier id;
// dateOfBirth
if (complexSubject.booleanValue()) {
id = ObjectIdentifiers.DN_DATE_OF_BIRTH;
RDN[] rdns = name.getRDNs(id);
if (rdns == null || rdns.length == 0) {
ASN1Encodable atvValue = new DERGeneralizedTime("19950102120000Z");
RDN rdn = new RDN(id, atvValue);
list.add(rdn);
}
}
// postalAddress
if (complexSubject.booleanValue()) {
id = ObjectIdentifiers.DN_POSTAL_ADDRESS;
RDN[] rdns = name.getRDNs(id);
if (rdns == null || rdns.length == 0) {
ASN1EncodableVector vec = new ASN1EncodableVector();
vec.add(new DERUTF8String("my street 1"));
vec.add(new DERUTF8String("12345 Germany"));
ASN1Sequence atvValue = new DERSequence(vec);
RDN rdn = new RDN(id, atvValue);
list.add(rdn);
}
}
// DN_UNIQUE_IDENTIFIER
id = ObjectIdentifiers.DN_UNIQUE_IDENTIFIER;
RDN[] rdns = name.getRDNs(id);
if (rdns == null || rdns.length == 0) {
DERUTF8String atvValue = new DERUTF8String("abc-def-ghi");
RDN rdn = new RDN(id, atvValue);
list.add(rdn);
}
return new X500Name(list.toArray(new RDN[0]));
}
Also used :
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERSequence(org.bouncycastle.asn1.DERSequence)
DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
X500Name(org.bouncycastle.asn1.x500.X500Name)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
RDN(org.bouncycastle.asn1.x500.RDN)
LinkedList(java.util.LinkedList)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 47 with ASN1Encodable
use of org.openecard.bouncycastle.asn1.ASN1Encodable in project xipki by xipki.
the class ExtractCertFromCrlCmd method execute0.
@Override
protected Object execute0() throws Exception {
X509CRL crl = X509Util.parseCrl(crlFile);
String oidExtnCerts = ObjectIdentifiers.id_xipki_ext_crlCertset.getId();
byte[] extnValue = crl.getExtensionValue(oidExtnCerts);
if (extnValue == null) {
throw new IllegalCmdParamException("no certificate is contained in " + crlFile);
}
extnValue = removingTagAndLenFromExtensionValue(extnValue);
ASN1Set asn1Set = DERSet.getInstance(extnValue);
final int n = asn1Set.size();
if (n == 0) {
throw new CmdFailure("no certificate is contained in " + crlFile);
}
ByteArrayOutputStream out = new ByteArrayOutputStream();
ZipOutputStream zip = new ZipOutputStream(out);
for (int i = 0; i < n; i++) {
ASN1Encodable asn1 = asn1Set.getObjectAt(i);
Certificate cert;
try {
ASN1Sequence seq = ASN1Sequence.getInstance(asn1);
cert = Certificate.getInstance(seq.getObjectAt(0));
} catch (IllegalArgumentException ex) {
// backwards compatibility
cert = Certificate.getInstance(asn1);
}
byte[] certBytes = cert.getEncoded();
String sha1FpCert = HashAlgo.SHA1.hexHash(certBytes);
ZipEntry certZipEntry = new ZipEntry(sha1FpCert + ".der");
zip.putNextEntry(certZipEntry);
try {
zip.write(certBytes);
} finally {
zip.closeEntry();
}
}
zip.flush();
zip.close();
saveVerbose("extracted " + n + " certificates to", new File(outFile), out.toByteArray());
return null;
}
Also used :
X509CRL(java.security.cert.X509CRL)
ZipEntry(java.util.zip.ZipEntry)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Set(org.bouncycastle.asn1.ASN1Set)
CmdFailure(org.xipki.console.karaf.CmdFailure)
ZipOutputStream(java.util.zip.ZipOutputStream)
IllegalCmdParamException(org.xipki.console.karaf.IllegalCmdParamException)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
File(java.io.File)
Certificate(org.bouncycastle.asn1.x509.Certificate)
Example 48 with ASN1Encodable
use of org.openecard.bouncycastle.asn1.ASN1Encodable in project keystore-explorer by kaikramer.
the class DViewCsr method extensionsPressed.
private void extensionsPressed() {
// extract sequence with extensions from csr
Attribute[] attributes = pkcs10Csr.getAttributes(pkcs_9_at_extensionRequest);
X509ExtensionSet x509ExtensionSet = new X509ExtensionSet();
if ((attributes != null) && (attributes.length > 0)) {
ASN1Encodable[] attributeValues = attributes[0].getAttributeValues();
if (attributeValues.length > 0) {
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(attributeValues[0]);
x509ExtensionSet = new X509ExtensionSet(asn1Sequence);
}
}
DViewExtensions dViewExtensions = new DViewExtensions(this, res.getString("DViewCertificate.Extensions.Title"), x509ExtensionSet);
dViewExtensions.setLocationRelativeTo(this);
dViewExtensions.setVisible(true);
}
Also used :
X509ExtensionSet(org.kse.crypto.x509.X509ExtensionSet)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
DViewExtensions(org.kse.gui.dialogs.extensions.DViewExtensions)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
Example 49 with ASN1Encodable
use of org.openecard.bouncycastle.asn1.ASN1Encodable in project keystore-explorer by kaikramer.
the class RdnPanelList method getRdns.
public List<RDN> getRdns(boolean noEmptyRdns) {
List<RDN> rdns = new ArrayList<RDN>();
for (RdnPanel rdnPanel : entries) {
ASN1ObjectIdentifier attrType = OidDisplayNameMapping.getOidForDisplayName(rdnPanel.getAttributeName());
if (noEmptyRdns && StringUtils.trimAndConvertEmptyToNull(rdnPanel.getAttributeValue()) == null) {
continue;
}
ASN1Encodable attrValue = KseX500NameStyle.INSTANCE.stringToValue(attrType, rdnPanel.getAttributeValue());
rdns.add(new RDN(new AttributeTypeAndValue(attrType, attrValue)));
}
return rdns;
}
Also used :
ArrayList(java.util.ArrayList)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
RDN(org.bouncycastle.asn1.x500.RDN)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
Example 50 with ASN1Encodable
use of org.openecard.bouncycastle.asn1.ASN1Encodable in project certmgr by hdecarne.
the class PKCS10CertificateRequest method fromPKCS10.
/**
* Construct {@code PKCS10CertificateRequest} from a PKCS#10 object.
*
* @param pkcs10 The PCKS#10 object.
* @return The constructed {@code PKCS10CertificateRequest}.
* @throws IOException if an I/O error occurs while accessing the PKCS#10 object.
*/
public static PKCS10CertificateRequest fromPKCS10(PKCS10CertificationRequest pkcs10) throws IOException {
JcaPKCS10CertificationRequest csr;
X500Principal subject;
PublicKey publicKey;
Map<String, byte[]> criticalExtensions = new HashMap<>();
Map<String, byte[]> nonCriticalExtensions = new HashMap<>();
try {
if (pkcs10 instanceof JcaPKCS10CertificationRequest) {
csr = (JcaPKCS10CertificationRequest) pkcs10;
} else {
csr = new JcaPKCS10CertificationRequest(pkcs10);
}
subject = new X500Principal(csr.getSubject().getEncoded());
publicKey = csr.getPublicKey();
Attribute[] extensionAttributes = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
if (extensionAttributes != null) {
for (Attribute extensionAttribute : extensionAttributes) {
ASN1Encodable[] values = extensionAttribute.getAttributeValues();
if (values != null) {
for (ASN1Encodable value : values) {
ASN1Primitive[] extensionPrimitives = decodeSequence(value.toASN1Primitive(), 0, Integer.MAX_VALUE);
for (ASN1Primitive extensionPrimitive : extensionPrimitives) {
ASN1Primitive[] sequence = decodeSequence(extensionPrimitive, 2, 3);
String extensionOID = decodePrimitive(sequence[0], ASN1ObjectIdentifier.class).getId();
boolean criticalFlag = true;
byte[] extensionData;
if (sequence.length == 3) {
criticalFlag = decodePrimitive(sequence[1], ASN1Boolean.class).isTrue();
extensionData = sequence[2].getEncoded();
} else {
extensionData = sequence[1].getEncoded();
}
if (criticalFlag) {
criticalExtensions.put(extensionOID, extensionData);
} else {
nonCriticalExtensions.put(extensionOID, extensionData);
}
}
}
}
}
}
} catch (GeneralSecurityException e) {
throw new CertProviderException(e);
}
return new PKCS10CertificateRequest(csr, subject, publicKey, criticalExtensions, nonCriticalExtensions);
}
Also used :
JcaPKCS10CertificationRequest(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest)
HashMap(java.util.HashMap)
Attribute(org.bouncycastle.asn1.pkcs.Attribute)
PublicKey(java.security.PublicKey)
GeneralSecurityException(java.security.GeneralSecurityException)
CertProviderException(de.carne.certmgr.certs.CertProviderException)
X500Principal(javax.security.auth.x500.X500Principal)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)129
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)71
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)56
IOException (java.io.IOException)32
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)31
DEROctetString (org.bouncycastle.asn1.DEROctetString)29
DERIA5String (org.bouncycastle.asn1.DERIA5String)25
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)23
DERSequence (org.bouncycastle.asn1.DERSequence)22
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)21
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)21
ArrayList (java.util.ArrayList)20
GeneralName (org.bouncycastle.asn1.x509.GeneralName)19
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)17
AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)17
X509Certificate (java.security.cert.X509Certificate)15
HashSet (java.util.HashSet)15
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)15
DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)15
DERBMPString (org.bouncycastle.asn1.DERBMPString)14
