use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project athenz by yahoo.
the class Crypto method generateX509CSR.
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {
// Create Distinguished Name
X500Principal subject = new X500Principal(x500Principal);
// Create ContentSigner
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
ContentSigner signer = csBuilder.build(privateKey);
// Create the CSR
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey);
if (sanArray != null) {
ExtensionsGenerator extGen = new ExtensionsGenerator();
GeneralNames subjectAltNames = new GeneralNames(sanArray);
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
}
PKCS10CertificationRequest csr = p10Builder.build(signer);
// write to openssl PEM format
PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
StringWriter strWriter;
try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
pemWriter.writeObject(pemObject);
}
return strWriter.toString();
}
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project BiglyBT by BiglySoftware.
the class AttributeCertificateIssuer method match.
@Override
public boolean match(Certificate cert) {
if (!(cert instanceof X509Certificate)) {
return false;
}
X509Certificate x509Cert = (X509Certificate) cert;
if (form instanceof V2Form) {
V2Form issuer = (V2Form) form;
if (issuer.getBaseCertificateID() != null) {
return issuer.getBaseCertificateID().getSerial().getValue().equals(x509Cert.getSerialNumber()) && matchesDN(x509Cert.getIssuerX500Principal(), issuer.getBaseCertificateID().getIssuer());
}
GeneralNames name = issuer.getIssuerName();
if (matchesDN(x509Cert.getSubjectX500Principal(), name)) {
return true;
}
} else {
GeneralNames name = (GeneralNames) form;
if (matchesDN(x509Cert.getSubjectX500Principal(), name)) {
return true;
}
}
return false;
}
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project BiglyBT by BiglySoftware.
the class AttributeCertificateIssuer method getNames.
private Object[] getNames() {
GeneralNames name;
if (form instanceof V2Form) {
name = ((V2Form) form).getIssuerName();
} else {
name = (GeneralNames) form;
}
GeneralName[] names = name.getNames();
List l = new ArrayList(names.length);
for (int i = 0; i != names.length; i++) {
if (names[i].getTagNo() == GeneralName.directoryName) {
try {
l.add(new X500Principal(((ASN1Encodable) names[i].getName()).getEncoded()));
} catch (IOException e) {
throw new RuntimeException("badly formed Name object");
}
}
}
return l.toArray(new Object[l.size()]);
}
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project xipki by xipki.
the class P12ComplexCsrGenCmd method createComplexGeneralNames.
private static GeneralNames createComplexGeneralNames(String prefix) {
List<GeneralName> list = new LinkedList<>();
// otherName
ASN1EncodableVector vec = new ASN1EncodableVector();
vec.add(new ASN1ObjectIdentifier("1.2.3.1"));
vec.add(new DERTaggedObject(true, 0, new DERUTF8String(prefix + "I am otherName 1.2.3.1")));
list.add(new GeneralName(GeneralName.otherName, new DERSequence(vec)));
vec = new ASN1EncodableVector();
vec.add(new ASN1ObjectIdentifier("1.2.3.2"));
vec.add(new DERTaggedObject(true, 0, new DERUTF8String(prefix + "I am otherName 1.2.3.2")));
list.add(new GeneralName(GeneralName.otherName, new DERSequence(vec)));
// rfc822Name
list.add(new GeneralName(GeneralName.rfc822Name, prefix + "info@example.org"));
// dNSName
list.add(new GeneralName(GeneralName.dNSName, prefix + "dns.example.org"));
// directoryName
list.add(new GeneralName(GeneralName.directoryName, new X500Name("CN=demo,C=DE")));
// ediPartyName
vec = new ASN1EncodableVector();
vec.add(new DERTaggedObject(false, 0, new DirectoryString(prefix + "assigner1")));
vec.add(new DERTaggedObject(false, 1, new DirectoryString(prefix + "party1")));
list.add(new GeneralName(GeneralName.ediPartyName, new DERSequence(vec)));
// uniformResourceIdentifier
list.add(new GeneralName(GeneralName.uniformResourceIdentifier, prefix + "uri.example.org"));
// iPAddress
list.add(new GeneralName(GeneralName.iPAddress, "69.1.2.190"));
// registeredID
list.add(new GeneralName(GeneralName.registeredID, "2.3.4.5"));
return new GeneralNames(list.toArray(new GeneralName[0]));
}
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project xipki by xipki.
the class CaUtil method createCrlDistributionPoints.
public static CRLDistPoint createCrlDistributionPoints(List<String> crlUris, X500Name caSubject, X500Name crlSignerSubject) {
ParamUtil.requireNonEmpty("crlUris", crlUris);
int size = crlUris.size();
DistributionPoint[] points = new DistributionPoint[1];
GeneralName[] names = new GeneralName[size];
for (int i = 0; i < size; i++) {
names[i] = new GeneralName(GeneralName.uniformResourceIdentifier, crlUris.get(i));
}
// Distribution Point
GeneralNames gns = new GeneralNames(names);
DistributionPointName pointName = new DistributionPointName(gns);
GeneralNames crlIssuer = null;
if (crlSignerSubject != null && !crlSignerSubject.equals(caSubject)) {
GeneralName crlIssuerName = new GeneralName(crlSignerSubject);
crlIssuer = new GeneralNames(crlIssuerName);
}
points[0] = new DistributionPoint(pointName, null, crlIssuer);
return new CRLDistPoint(points);
}
Aggregations