Examples with RDN - org.openecard.bouncycastle.asn1.x500.RDN

Example 36 with RDN

use of org.openecard.bouncycastle.asn1.x500.RDN in project robovm by robovm.

the class IETFUtils method rDNsFromString.

public static RDN[] rDNsFromString(String name, X500NameStyle x500Style) {
    X500NameTokenizer nTok = new X500NameTokenizer(name);
    X500NameBuilder builder = new X500NameBuilder(x500Style);
    while (nTok.hasMoreTokens()) {
        String token = nTok.nextToken();
        if (token.indexOf('+') > 0) {
            X500NameTokenizer pTok = new X500NameTokenizer(token, '+');
            X500NameTokenizer vTok = new X500NameTokenizer(pTok.nextToken(), '=');
            String attr = vTok.nextToken();
            if (!vTok.hasMoreTokens()) {
                throw new IllegalArgumentException("badly formatted directory string");
            }
            String value = vTok.nextToken();
            ASN1ObjectIdentifier oid = x500Style.attrNameToOID(attr.trim());
            if (pTok.hasMoreTokens()) {
                Vector oids = new Vector();
                Vector values = new Vector();
                oids.addElement(oid);
                values.addElement(unescape(value));
                while (pTok.hasMoreTokens()) {
                    vTok = new X500NameTokenizer(pTok.nextToken(), '=');
                    attr = vTok.nextToken();
                    if (!vTok.hasMoreTokens()) {
                        throw new IllegalArgumentException("badly formatted directory string");
                    }
                    value = vTok.nextToken();
                    oid = x500Style.attrNameToOID(attr.trim());
                    oids.addElement(oid);
                    values.addElement(unescape(value));
                }
                builder.addMultiValuedRDN(toOIDArray(oids), toValueArray(values));
            } else {
                builder.addRDN(oid, unescape(value));
            }
        } else {
            X500NameTokenizer vTok = new X500NameTokenizer(token, '=');
            String attr = vTok.nextToken();
            if (!vTok.hasMoreTokens()) {
                throw new IllegalArgumentException("badly formatted directory string");
            }
            String value = vTok.nextToken();
            ASN1ObjectIdentifier oid = x500Style.attrNameToOID(attr.trim());
            builder.addRDN(oid, unescape(value));
        }
    }
    return builder.build().getRDNs();
}

Also used : X500NameBuilder(org.bouncycastle.asn1.x500.X500NameBuilder) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) Vector(java.util.Vector) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 37 with RDN

use of org.openecard.bouncycastle.asn1.x500.RDN in project jmeter by apache.

the class SMIMEAssertion method getEmailFromCert.

/**
     * Extract email addresses from a certificate
     * 
     * @param cert the X509 certificate holder
     * @return a List of all email addresses found
     * @throws CertificateException
     */
private static List<String> getEmailFromCert(X509CertificateHolder cert) throws CertificateException {
    List<String> res = new ArrayList<>();
    X500Name subject = cert.getSubject();
    for (RDN emails : subject.getRDNs(BCStyle.EmailAddress)) {
        for (AttributeTypeAndValue emailAttr : emails.getTypesAndValues()) {
            if (log.isDebugEnabled()) {
                log.debug("Add email from RDN: {}", IETFUtils.valueToString(emailAttr.getValue()));
            }
            res.add(IETFUtils.valueToString(emailAttr.getValue()));
        }
    }
    Extension subjectAlternativeNames = cert.getExtension(Extension.subjectAlternativeName);
    if (subjectAlternativeNames != null) {
        for (GeneralName name : GeneralNames.getInstance(subjectAlternativeNames.getParsedValue()).getNames()) {
            if (name.getTagNo() == GeneralName.rfc822Name) {
                String email = IETFUtils.valueToString(name.getName());
                log.debug("Add email from subjectAlternativeName: {}", email);
                res.add(email);
            }
        }
    }
    return res;
}

Also used : Extension(org.bouncycastle.asn1.x509.Extension) ArrayList(java.util.ArrayList) X500Name(org.bouncycastle.asn1.x500.X500Name) GeneralName(org.bouncycastle.asn1.x509.GeneralName) RDN(org.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)

Example 38 with RDN

use of org.openecard.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class SubjectUtilsTest method testFilterDNKeepOne.

@Test
public void testFilterDNKeepOne() {
    Predicate<RDN> predicate = rdn -> rdn.getTypesAndValues()[0].getType().equals(BCStyle.CN);
    String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
    assertThat(baseDN, is("CN=Foo"));
}

Also used : X509Certificate(java.security.cert.X509Certificate) CoreMatchers(org.hamcrest.CoreMatchers) Arrays(java.util.Arrays) X500Principal(javax.security.auth.x500.X500Principal) SortedSet(java.util.SortedSet) KeyStoreException(java.security.KeyStoreException) BCStyle(org.bouncycastle.asn1.x500.style.BCStyle) Assert.assertThat(org.junit.Assert.assertThat) Attribute(org.opensaml.saml.saml2.core.Attribute) ImmutableList(com.google.common.collect.ImmutableList) AttributeStatement(org.opensaml.saml.saml2.core.AttributeStatement) Map(java.util.Map) Is.is(org.hamcrest.core.Is.is) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) XSString(org.opensaml.core.xml.schema.XSString) Mockito.doReturn(org.mockito.Mockito.doReturn) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) Before(org.junit.Before) SimpleSession(org.apache.shiro.session.mgt.SimpleSession) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Matchers.empty(org.hamcrest.Matchers.empty) ImmutableSet(com.google.common.collect.ImmutableSet) DefaultSecurityManager(org.apache.shiro.mgt.DefaultSecurityManager) RDN(org.bouncycastle.asn1.x500.RDN) ImmutableMap(com.google.common.collect.ImmutableMap) CoreMatchers.hasItems(org.hamcrest.CoreMatchers.hasItems) Predicate(java.util.function.Predicate) IOException(java.io.IOException) KeyStore(java.security.KeyStore) Test(org.junit.Test) CertificateException(java.security.cert.CertificateException) Collectors(java.util.stream.Collectors) List(java.util.List) Assert.assertNull(org.junit.Assert.assertNull) Principal(java.security.Principal) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Collections(java.util.Collections) Assert.assertEquals(org.junit.Assert.assertEquals) Mockito.mock(org.mockito.Mockito.mock) InputStream(java.io.InputStream) XSString(org.opensaml.core.xml.schema.XSString) RDN(org.bouncycastle.asn1.x500.RDN) Test(org.junit.Test)

Example 39 with RDN

use of org.openecard.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class SubjectUtilsTest method testFilterDNDropOne.

@Test
public void testFilterDNDropOne() {
    Predicate<RDN> predicate = rdn -> !rdn.getTypesAndValues()[0].getType().equals(BCStyle.CN);
    String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
    assertThat(baseDN, is("OU=Engineering,OU=Dev,O=DDF,ST=AZ,C=US"));
}

Example 40 with RDN

use of org.openecard.bouncycastle.asn1.x500.RDN in project ddf by codice.

the class SubjectUtilsTest method testFilterDNDropMultivalue.

@Test
public void testFilterDNDropMultivalue() {
    Predicate<RDN> predicate = rdn -> !rdn.getTypesAndValues()[0].getType().equals(BCStyle.OU);
    String baseDN = SubjectUtils.filterDN(dnPrincipal, predicate);
    assertThat(baseDN, is("CN=Foo,O=DDF,ST=AZ,C=US"));
}

Aggregations

RDN (org.bouncycastle.asn1.x500.RDN)55 X500Name (org.bouncycastle.asn1.x500.X500Name)33 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)18 ArrayList (java.util.ArrayList)15 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)15 X509Certificate (java.security.cert.X509Certificate)13 DERIA5String (org.bouncycastle.asn1.DERIA5String)13 AttributeTypeAndValue (org.bouncycastle.asn1.x500.AttributeTypeAndValue)13 IOException (java.io.IOException)12 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)12 LinkedList (java.util.LinkedList)10 DEROctetString (org.bouncycastle.asn1.DEROctetString)10 JcaX509CertificateHolder (org.bouncycastle.cert.jcajce.JcaX509CertificateHolder)10 KeyStoreException (java.security.KeyStoreException)8 List (java.util.List)8 InputStream (java.io.InputStream)7 KeyStore (java.security.KeyStore)7 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7 CertificateException (java.security.cert.CertificateException)7