Example 11 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project keystore-explorer by kaikramer.
the class SpkacSubject method getRdn.
private String getRdn(X500Name name, ASN1ObjectIdentifier rdnOid) {
RDN[] rdns = name.getRDNs(rdnOid);
if (rdns.length > 0) {
RDN rdn = rdns[0];
String value = rdn.getFirst().getValue().toString();
return value;
}
return null;
}
Also used :
RDN(org.bouncycastle.asn1.x500.RDN)
Example 12 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project xipki by xipki.
the class BaseX509Certprofile method createPostalAddressRdn.
private static RDN createPostalAddressRdn(ASN1ObjectIdentifier type, ASN1Encodable rdnValue, RdnControl control, int index) throws BadCertTemplateException {
ParamUtil.requireNonNull("type", type);
if (!(rdnValue instanceof ASN1Sequence)) {
throw new BadCertTemplateException("rdnValue of RDN postalAddress has incorrect syntax");
}
ASN1Sequence seq = (ASN1Sequence) rdnValue;
final int size = seq.size();
if (size < 1 || size > 6) {
throw new BadCertTemplateException("Sequence size of RDN postalAddress is not within [1, 6]: " + size);
}
ASN1EncodableVector vec = new ASN1EncodableVector();
for (int i = 0; i < size; i++) {
ASN1Encodable line = seq.getObjectAt(i);
String text;
if (line instanceof ASN1String && !(line instanceof DERUniversalString)) {
text = ((ASN1String) line).getString();
} else {
throw new BadCertTemplateException(String.format("postalAddress[%d] has incorrect syntax", i));
}
ASN1Encodable asn1Line = createRdnValue(text, type, control, index);
vec.add(asn1Line);
}
return new RDN(type, new DERSequence(vec));
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERSequence(org.bouncycastle.asn1.DERSequence)
BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
ASN1String(org.bouncycastle.asn1.ASN1String)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
ASN1String(org.bouncycastle.asn1.ASN1String)
RDN(org.bouncycastle.asn1.x500.RDN)
Example 13 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project xipki by xipki.
the class BaseX509Certprofile method createDateOfBirthRdn.
private static RDN createDateOfBirthRdn(ASN1ObjectIdentifier type, ASN1Encodable rdnValue) throws BadCertTemplateException {
ParamUtil.requireNonNull("type", type);
String text;
ASN1Encodable newRdnValue = null;
if (rdnValue instanceof ASN1GeneralizedTime) {
text = ((ASN1GeneralizedTime) rdnValue).getTimeString();
newRdnValue = rdnValue;
} else if (rdnValue instanceof ASN1String && !(rdnValue instanceof DERUniversalString)) {
text = ((ASN1String) rdnValue).getString();
} else {
throw new BadCertTemplateException("Value of RDN dateOfBirth has incorrect syntax");
}
if (!SubjectDnSpec.PATTERN_DATE_OF_BIRTH.matcher(text).matches()) {
throw new BadCertTemplateException("Value of RDN dateOfBirth does not have format YYYMMDD000000Z");
}
if (newRdnValue == null) {
newRdnValue = new DERGeneralizedTime(text);
}
return new RDN(type, newRdnValue);
}
Also used :
DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime)
BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
ASN1String(org.bouncycastle.asn1.ASN1String)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
ASN1String(org.bouncycastle.asn1.ASN1String)
RDN(org.bouncycastle.asn1.x500.RDN)
Example 14 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project xipki by xipki.
the class BaseX509Certprofile method verifySubjectDnOccurence.
protected void verifySubjectDnOccurence(X500Name requestedSubject) throws BadCertTemplateException {
ParamUtil.requireNonNull("requestedSubject", requestedSubject);
SubjectControl occurences = getSubjectControl();
if (occurences == null) {
return;
}
ASN1ObjectIdentifier[] types = requestedSubject.getAttributeTypes();
for (ASN1ObjectIdentifier type : types) {
RdnControl occu = occurences.getControl(type);
if (occu == null) {
throw new BadCertTemplateException(String.format("subject DN of type %s is not allowed", oidToDisplayName(type)));
}
RDN[] rdns = requestedSubject.getRDNs(type);
if (rdns.length > occu.getMaxOccurs() || rdns.length < occu.getMinOccurs()) {
throw new BadCertTemplateException(String.format("occurrence of subject DN of type %s not within the allowed range. " + "%d is not within [%d, %d]", oidToDisplayName(type), rdns.length, occu.getMinOccurs(), occu.getMaxOccurs()));
}
}
for (ASN1ObjectIdentifier m : occurences.getTypes()) {
RdnControl occurence = occurences.getControl(m);
if (occurence.getMinOccurs() == 0) {
continue;
}
boolean present = false;
for (ASN1ObjectIdentifier type : types) {
if (occurence.getType().equals(type)) {
present = true;
break;
}
}
if (!present) {
throw new BadCertTemplateException(String.format("required subject DN of type %s is not present", oidToDisplayName(occurence.getType())));
}
}
}
Also used :
RdnControl(org.xipki.ca.api.profile.RdnControl)
BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException)
RDN(org.bouncycastle.asn1.x500.RDN)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 15 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project xipki by xipki.
the class BaseX509Certprofile method getRdns.
private static RDN[] getRdns(RDN[] rdns, ASN1ObjectIdentifier type) {
ParamUtil.requireNonNull("rdns", rdns);
ParamUtil.requireNonNull("type", type);
List<RDN> ret = new ArrayList<>(1);
for (int i = 0; i < rdns.length; i++) {
RDN rdn = rdns[i];
if (rdn.getFirst().getType().equals(type)) {
ret.add(rdn);
}
}
return CollectionUtil.isEmpty(ret) ? null : ret.toArray(new RDN[0]);
}Aggregations
RDN (org.bouncycastle.asn1.x500.RDN)55
X500Name (org.bouncycastle.asn1.x500.X500Name)33
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)18
ArrayList (java.util.ArrayList)15
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)15
X509Certificate (java.security.cert.X509Certificate)13
DERIA5String (org.bouncycastle.asn1.DERIA5String)13
AttributeTypeAndValue (org.bouncycastle.asn1.x500.AttributeTypeAndValue)13
IOException (java.io.IOException)12
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)12
LinkedList (java.util.LinkedList)10
DEROctetString (org.bouncycastle.asn1.DEROctetString)10
JcaX509CertificateHolder (org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)10
KeyStoreException (java.security.KeyStoreException)8
List (java.util.List)8
InputStream (java.io.InputStream)7
KeyStore (java.security.KeyStore)7
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
CertificateException (java.security.cert.CertificateException)7
