Example 76 with GeneralNames
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project athenz by yahoo.
the class Crypto method generateX509CSR.
public static String generateX509CSR(PrivateKey privateKey, PublicKey publicKey, String x500Principal, GeneralName[] sanArray) throws OperatorCreationException, IOException {
// Create Distinguished Name
X500Principal subject = new X500Principal(x500Principal);
// Create ContentSigner
JcaContentSignerBuilder csBuilder = new JcaContentSignerBuilder(Crypto.RSA_SHA256);
ContentSigner signer = csBuilder.build(privateKey);
// Create the CSR
PKCS10CertificationRequestBuilder p10Builder = new JcaPKCS10CertificationRequestBuilder(subject, publicKey);
if (sanArray != null) {
ExtensionsGenerator extGen = new ExtensionsGenerator();
GeneralNames subjectAltNames = new GeneralNames(sanArray);
extGen.addExtension(Extension.subjectAlternativeName, false, subjectAltNames);
p10Builder.addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate());
}
PKCS10CertificationRequest csr = p10Builder.build(signer);
// write to openssl PEM format
PemObject pemObject = new PemObject("CERTIFICATE REQUEST", csr.getEncoded());
StringWriter strWriter;
try (JcaPEMWriter pemWriter = new JcaPEMWriter(strWriter = new StringWriter())) {
pemWriter.writeObject(pemObject);
}
return strWriter.toString();
}
Also used :
PKCS10CertificationRequest(org.bouncycastle.pkcs.PKCS10CertificationRequest)
JcaPKCS10CertificationRequest(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest)
PemObject(org.bouncycastle.util.io.pem.PemObject)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
StringWriter(java.io.StringWriter)
JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)
ContentSigner(org.bouncycastle.operator.ContentSigner)
X500Principal(javax.security.auth.x500.X500Principal)
JcaPKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder)
PKCS10CertificationRequestBuilder(org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder)
JcaPEMWriter(org.bouncycastle.openssl.jcajce.JcaPEMWriter)
ExtensionsGenerator(org.bouncycastle.asn1.x509.ExtensionsGenerator)
Example 77 with GeneralNames
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project BiglyBT by BiglySoftware.
the class AttributeCertificateIssuer method match.
@Override
public boolean match(Certificate cert) {
if (!(cert instanceof X509Certificate)) {
return false;
}
X509Certificate x509Cert = (X509Certificate) cert;
if (form instanceof V2Form) {
V2Form issuer = (V2Form) form;
if (issuer.getBaseCertificateID() != null) {
return issuer.getBaseCertificateID().getSerial().getValue().equals(x509Cert.getSerialNumber()) && matchesDN(x509Cert.getIssuerX500Principal(), issuer.getBaseCertificateID().getIssuer());
}
GeneralNames name = issuer.getIssuerName();
if (matchesDN(x509Cert.getSubjectX500Principal(), name)) {
return true;
}
} else {
GeneralNames name = (GeneralNames) form;
if (matchesDN(x509Cert.getSubjectX500Principal(), name)) {
return true;
}
}
return false;
}
Also used :
V2Form(org.gudy.bouncycastle.asn1.x509.V2Form)
GeneralNames(org.gudy.bouncycastle.asn1.x509.GeneralNames)
X509Certificate(java.security.cert.X509Certificate)
Example 78 with GeneralNames
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project BiglyBT by BiglySoftware.
the class AttributeCertificateIssuer method getNames.
private Object[] getNames() {
GeneralNames name;
if (form instanceof V2Form) {
name = ((V2Form) form).getIssuerName();
} else {
name = (GeneralNames) form;
}
GeneralName[] names = name.getNames();
List l = new ArrayList(names.length);
for (int i = 0; i != names.length; i++) {
if (names[i].getTagNo() == GeneralName.directoryName) {
try {
l.add(new X500Principal(((ASN1Encodable) names[i].getName()).getEncoded()));
} catch (IOException e) {
throw new RuntimeException("badly formed Name object");
}
}
}
return l.toArray(new Object[l.size()]);
}
Also used :
V2Form(org.gudy.bouncycastle.asn1.x509.V2Form)
GeneralNames(org.gudy.bouncycastle.asn1.x509.GeneralNames)
ArrayList(java.util.ArrayList)
X500Principal(javax.security.auth.x500.X500Principal)
ArrayList(java.util.ArrayList)
List(java.util.List)
GeneralName(org.gudy.bouncycastle.asn1.x509.GeneralName)
ASN1Encodable(org.gudy.bouncycastle.asn1.ASN1Encodable)
IOException(java.io.IOException)
Example 79 with GeneralNames
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project xipki by xipki.
the class P12ComplexCsrGenCmd method createComplexGeneralNames.
private static GeneralNames createComplexGeneralNames(String prefix) {
List<GeneralName> list = new LinkedList<>();
// otherName
ASN1EncodableVector vec = new ASN1EncodableVector();
vec.add(new ASN1ObjectIdentifier("1.2.3.1"));
vec.add(new DERTaggedObject(true, 0, new DERUTF8String(prefix + "I am otherName 1.2.3.1")));
list.add(new GeneralName(GeneralName.otherName, new DERSequence(vec)));
vec = new ASN1EncodableVector();
vec.add(new ASN1ObjectIdentifier("1.2.3.2"));
vec.add(new DERTaggedObject(true, 0, new DERUTF8String(prefix + "I am otherName 1.2.3.2")));
list.add(new GeneralName(GeneralName.otherName, new DERSequence(vec)));
// rfc822Name
list.add(new GeneralName(GeneralName.rfc822Name, prefix + "info@example.org"));
// dNSName
list.add(new GeneralName(GeneralName.dNSName, prefix + "dns.example.org"));
// directoryName
list.add(new GeneralName(GeneralName.directoryName, new X500Name("CN=demo,C=DE")));
// ediPartyName
vec = new ASN1EncodableVector();
vec.add(new DERTaggedObject(false, 0, new DirectoryString(prefix + "assigner1")));
vec.add(new DERTaggedObject(false, 1, new DirectoryString(prefix + "party1")));
list.add(new GeneralName(GeneralName.ediPartyName, new DERSequence(vec)));
// uniformResourceIdentifier
list.add(new GeneralName(GeneralName.uniformResourceIdentifier, prefix + "uri.example.org"));
// iPAddress
list.add(new GeneralName(GeneralName.iPAddress, "69.1.2.190"));
// registeredID
list.add(new GeneralName(GeneralName.registeredID, "2.3.4.5"));
return new GeneralNames(list.toArray(new GeneralName[0]));
}
Also used :
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERSequence(org.bouncycastle.asn1.DERSequence)
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
X500Name(org.bouncycastle.asn1.x500.X500Name)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
LinkedList(java.util.LinkedList)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 80 with GeneralNames
use of org.openecard.bouncycastle.asn1.x509.GeneralNames in project xipki by xipki.
the class CaUtil method createCrlDistributionPoints.
public static CRLDistPoint createCrlDistributionPoints(List<String> crlUris, X500Name caSubject, X500Name crlSignerSubject) {
ParamUtil.requireNonEmpty("crlUris", crlUris);
int size = crlUris.size();
DistributionPoint[] points = new DistributionPoint[1];
GeneralName[] names = new GeneralName[size];
for (int i = 0; i < size; i++) {
names[i] = new GeneralName(GeneralName.uniformResourceIdentifier, crlUris.get(i));
}
// Distribution Point
GeneralNames gns = new GeneralNames(names);
DistributionPointName pointName = new DistributionPointName(gns);
GeneralNames crlIssuer = null;
if (crlSignerSubject != null && !crlSignerSubject.equals(caSubject)) {
GeneralName crlIssuerName = new GeneralName(crlSignerSubject);
crlIssuer = new GeneralNames(crlIssuerName);
}
points[0] = new DistributionPoint(pointName, null, crlIssuer);
return new CRLDistPoint(points);
}
Also used :
GeneralNames(org.bouncycastle.asn1.x509.GeneralNames)
DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
Aggregations
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)72
GeneralName (org.bouncycastle.asn1.x509.GeneralName)61
IOException (java.io.IOException)31
X509Certificate (java.security.cert.X509Certificate)22
ArrayList (java.util.ArrayList)19
X500Name (org.bouncycastle.asn1.x500.X500Name)19
DERIA5String (org.bouncycastle.asn1.DERIA5String)15
DEROctetString (org.bouncycastle.asn1.DEROctetString)14
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)14
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)14
Date (java.util.Date)13
List (java.util.List)13
X500Principal (javax.security.auth.x500.X500Principal)12
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12
JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)12
GeneralNames (sun.security.x509.GeneralNames)12
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)11
BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)11
JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)11
Test (org.junit.Test)11
