Example 31 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project jruby-openssl by jruby.
the class X509Name method fromRDNElement.
private void fromRDNElement(final RDN rdn) {
final Ruby runtime = getRuntime();
for (AttributeTypeAndValue tv : rdn.getTypesAndValues()) {
oids.add(tv.getType());
final ASN1Encodable val = tv.getValue();
addValue(val);
addType(runtime, val);
}
}
Also used :
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
Ruby(org.jruby.Ruby)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
Example 32 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project jruby-openssl by jruby.
the class X509Name method fromASN1Sequence.
void fromASN1Sequence(final ASN1Sequence seq) {
oids.clear();
values.clear();
types.clear();
if (seq != null) {
for (Enumeration e = seq.getObjects(); e.hasMoreElements(); ) {
ASN1Object element = (ASN1Object) e.nextElement();
if (element instanceof RDN) {
fromRDNElement((RDN) element);
} else if (element instanceof ASN1Sequence) {
fromASN1Sequence(element);
} else {
fromASN1Set(element);
}
}
}
}
Also used :
Enumeration(java.util.Enumeration)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Object(org.bouncycastle.asn1.ASN1Object)
RDN(org.bouncycastle.asn1.x500.RDN)
Example 33 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project keywhiz by square.
the class LdapAuthenticator method rolesFromDN.
private Set<String> rolesFromDN(String userDN) throws LDAPException, GeneralSecurityException {
SearchRequest searchRequest = new SearchRequest(config.getRoleBaseDN(), SearchScope.SUB, Filter.createEqualityFilter("uniqueMember", userDN));
Set<String> roles = Sets.newLinkedHashSet();
LDAPConnection connection = connectionFactory.getLDAPConnection();
try {
SearchResult sr = connection.search(searchRequest);
for (SearchResultEntry sre : sr.getSearchEntries()) {
X500Name x500Name = new X500Name(sre.getDN());
RDN[] rdns = x500Name.getRDNs(BCStyle.CN);
if (rdns.length == 0) {
logger.error("Could not create X500 Name for role:" + sre.getDN());
} else {
String commonName = IETFUtils.valueToString(rdns[0].getFirst().getValue());
roles.add(commonName);
}
}
} finally {
connection.close();
}
return roles;
}
Also used :
SearchRequest(com.unboundid.ldap.sdk.SearchRequest)
SearchResult(com.unboundid.ldap.sdk.SearchResult)
LDAPConnection(com.unboundid.ldap.sdk.LDAPConnection)
X500Name(org.bouncycastle.asn1.x500.X500Name)
RDN(org.bouncycastle.asn1.x500.RDN)
SearchResultEntry(com.unboundid.ldap.sdk.SearchResultEntry)
Example 34 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project keywhiz by square.
the class ClientAuthFactory method getClientName.
static Optional<String> getClientName(ContainerRequest request) {
Principal principal = request.getSecurityContext().getUserPrincipal();
if (principal == null) {
return Optional.empty();
}
X500Name name = new X500Name(principal.getName());
RDN[] rdns = name.getRDNs(BCStyle.CN);
if (rdns.length == 0) {
logger.warn("Certificate does not contain CN=xxx,...: {}", principal.getName());
return Optional.empty();
}
return Optional.of(IETFUtils.valueToString(rdns[0].getFirst().getValue()));
}Example 35 with RDN
use of org.openecard.bouncycastle.asn1.x500.RDN in project syncany by syncany.
the class WebServer method certificateCommonNameChanged.
private boolean certificateCommonNameChanged(String certificateCommonName) {
try {
KeyStore userKeyStore = UserConfig.getUserKeyStore();
X509Certificate currentCertificate = (X509Certificate) userKeyStore.getCertificate(CipherParams.CERTIFICATE_IDENTIFIER);
if (currentCertificate != null) {
X500Name currentCertificateSubject = new JcaX509CertificateHolder(currentCertificate).getSubject();
RDN currentCertificateSubjectCN = currentCertificateSubject.getRDNs(BCStyle.CN)[0];
String currentCertificateSubjectCnStr = IETFUtils.valueToString(currentCertificateSubjectCN.getFirst().getValue());
if (!certificateCommonName.equals(currentCertificateSubjectCnStr)) {
logger.log(Level.INFO, "- Certificate regeneration necessary: Cert common name in daemon config changed from " + currentCertificateSubjectCnStr + " to " + certificateCommonName + ".");
return true;
}
} else {
logger.log(Level.INFO, "- Certificate regeneration necessary, because no certificate found in key store.");
return true;
}
return false;
} catch (Exception e) {
throw new RuntimeException("Cannot (re-)generate server certificate for hostname: " + certificateCommonName, e);
}
}
Also used :
X500Name(org.bouncycastle.asn1.x500.X500Name)
KeyStore(java.security.KeyStore)
JcaX509CertificateHolder(org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)
RDN(org.bouncycastle.asn1.x500.RDN)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
RDN (org.bouncycastle.asn1.x500.RDN)55
X500Name (org.bouncycastle.asn1.x500.X500Name)33
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)18
ArrayList (java.util.ArrayList)15
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)15
X509Certificate (java.security.cert.X509Certificate)13
DERIA5String (org.bouncycastle.asn1.DERIA5String)13
AttributeTypeAndValue (org.bouncycastle.asn1.x500.AttributeTypeAndValue)13
IOException (java.io.IOException)12
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)12
LinkedList (java.util.LinkedList)10
DEROctetString (org.bouncycastle.asn1.DEROctetString)10
JcaX509CertificateHolder (org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)10
KeyStoreException (java.security.KeyStoreException)8
List (java.util.List)8
InputStream (java.io.InputStream)7
KeyStore (java.security.KeyStore)7
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
CertificateException (java.security.cert.CertificateException)7
