Search in sources :

Example 96 with GeneralNames

use of org.spongycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class DAuthorityKeyIdentifier method prepopulateWithAuthorityCertDetails.

private void prepopulateWithAuthorityCertDetails(X500Name authorityCertName, BigInteger authorityCertSerialNumber) {
    if (authorityCertName != null) {
        try {
            GeneralName generalName = new GeneralName(GeneralName.directoryName, authorityCertName);
            GeneralNames generalNames = new GeneralNames(generalName);
            jgnAuthorityCertIssuer.setGeneralNames(generalNames);
        } catch (Exception ex) {
            DError dError = new DError(this, ex);
            dError.setLocationRelativeTo(this);
            dError.setVisible(true);
            return;
        }
    }
    if (authorityCertSerialNumber != null) {
        jtfAuthorityCertSerialNumber.setText("" + authorityCertSerialNumber.toString());
        jtfAuthorityCertSerialNumber.setCaretPosition(0);
    }
}
Also used : JGeneralNames(org.kse.gui.crypto.generalname.JGeneralNames) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) GeneralName(org.bouncycastle.asn1.x509.GeneralName) IOException(java.io.IOException) DError(org.kse.gui.error.DError)

Example 97 with GeneralNames

use of org.spongycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class DAuthorityKeyIdentifier method okPressed.

private void okPressed() {
    byte[] keyIdentifier = jkiKeyIdentifier.getKeyIdentifier();
    GeneralNames authorityCertIssuer = jgnAuthorityCertIssuer.getGeneralNames();
    BigInteger authorityCertSerialNumber = null;
    String authorityCertSerialNumberStr = jtfAuthorityCertSerialNumber.getText().trim();
    if (authorityCertSerialNumberStr.length() != 0) {
        try {
            authorityCertSerialNumber = new BigInteger(authorityCertSerialNumberStr);
            if (authorityCertSerialNumber.compareTo(BigInteger.ONE) < 0) {
                JOptionPane.showMessageDialog(this, res.getString("DAuthorityKeyIdentifier.AuthorityCertSerialNumberNonZero.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
        } catch (NumberFormatException ex) {
            JOptionPane.showMessageDialog(this, res.getString("DAuthorityKeyIdentifier.AuthorityCertSerialNumberNotInteger.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
            return;
        }
    }
    // serial number are required
    if ((keyIdentifier == null) && ((authorityCertIssuer.getNames().length == 0) || (authorityCertSerialNumber == null))) {
        JOptionPane.showMessageDialog(this, res.getString("DAuthorityKeyIdentifier.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    AuthorityKeyIdentifier authorityKeyIdentifier;
    if ((keyIdentifier != null) && (authorityCertSerialNumber == null)) {
        // only key identifier
        authorityKeyIdentifier = new AuthorityKeyIdentifier(keyIdentifier);
    } else if (keyIdentifier == null) {
        // only issuer / serial
        authorityKeyIdentifier = new AuthorityKeyIdentifier(authorityCertIssuer, authorityCertSerialNumber);
    } else {
        // both
        authorityKeyIdentifier = new AuthorityKeyIdentifier(keyIdentifier, authorityCertIssuer, authorityCertSerialNumber);
    }
    try {
        value = authorityKeyIdentifier.getEncoded(ASN1Encoding.DER);
    } catch (IOException ex) {
        DError dError = new DError(this, ex);
        dError.setLocationRelativeTo(this);
        dError.setVisible(true);
        return;
    }
    closeDialog();
}
Also used : JGeneralNames(org.kse.gui.crypto.generalname.JGeneralNames) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) BigInteger(java.math.BigInteger) AuthorityKeyIdentifier(org.bouncycastle.asn1.x509.AuthorityKeyIdentifier) IOException(java.io.IOException) DError(org.kse.gui.error.DError)

Example 98 with GeneralNames

use of org.spongycastle.asn1.x509.GeneralNames in project keystore-explorer by kaikramer.

the class DIssuerAlternativeName method okPressed.

private void okPressed() {
    GeneralNames issuerAlternativeName = jgnAlternativeName.getGeneralNames();
    if (issuerAlternativeName.getNames().length == 0) {
        JOptionPane.showMessageDialog(this, res.getString("DIssuerAlternativeName.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
        return;
    }
    try {
        value = issuerAlternativeName.getEncoded(ASN1Encoding.DER);
    } catch (IOException ex) {
        DError dError = new DError(this, ex);
        dError.setLocationRelativeTo(this);
        dError.setVisible(true);
        return;
    }
    closeDialog();
}
Also used : JGeneralNames(org.kse.gui.crypto.generalname.JGeneralNames) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) IOException(java.io.IOException) DError(org.kse.gui.error.DError)

Example 99 with GeneralNames

use of org.spongycastle.asn1.x509.GeneralNames in project dcos-commons by mesosphere.

the class CertificateNamesGeneratorTest method testDiscoveryNameAddedAsSan.

@Test
public void testDiscoveryNameAddedAsSan() {
    Mockito.when(mockTaskSpec.getDiscovery()).thenReturn(Optional.of(mockDiscoverySpec));
    Mockito.when(mockDiscoverySpec.getPrefix()).thenReturn(Optional.of("custom-name"));
    CertificateNamesGenerator certificateNamesGenerator = new CertificateNamesGenerator(TestConstants.SERVICE_NAME, mockTaskSpec, mockPodInstance, mockSchedulerConfig);
    GeneralNames sans = certificateNamesGenerator.getSANs();
    Assert.assertEquals(1, sans.getNames().length);
    List<String> names = Arrays.stream(sans.getNames()).map(name -> name.getName().toString()).collect(Collectors.toList());
    Assert.assertEquals(1, names.size());
    Assert.assertTrue(names.contains(String.format("custom-name-0.%s.%s", TestConstants.SERVICE_NAME, Constants.DNS_TLD)));
    // echo -n "custom-name-0.service-name.autoip.dcos.thisdcos.directory" | sha1sum
    Assert.assertEquals("6ce3490a694a0917beec2bd5f7ac978be7a59ef0", certificateNamesGenerator.getSANsHash());
}
Also used : SchedulerConfig(com.mesosphere.sdk.scheduler.SchedulerConfig) java.util(java.util) TestConstants(com.mesosphere.sdk.testutils.TestConstants) RDN(org.bouncycastle.asn1.x500.RDN) Mock(org.mockito.Mock) TaskSpec(com.mesosphere.sdk.specification.TaskSpec) Test(org.junit.Test) DiscoverySpec(com.mesosphere.sdk.specification.DiscoverySpec) BCStyle(org.bouncycastle.asn1.x500.style.BCStyle) Collectors(java.util.stream.Collectors) ResourceSet(com.mesosphere.sdk.specification.ResourceSet) Mockito(org.mockito.Mockito) MockitoAnnotations(org.mockito.MockitoAnnotations) NamedVIPSpec(com.mesosphere.sdk.specification.NamedVIPSpec) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) PodInstance(com.mesosphere.sdk.specification.PodInstance) Constants(com.mesosphere.sdk.offer.Constants) Assert(org.junit.Assert) Before(org.junit.Before) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) Test(org.junit.Test)

Example 100 with GeneralNames

use of org.spongycastle.asn1.x509.GeneralNames in project dcos-commons by mesosphere.

the class CertificateNamesGeneratorTest method testVipsAddedAsSans.

@Test
public void testVipsAddedAsSans() {
    Mockito.when(mockResourceSet.getResources()).thenReturn(Collections.singletonList(mockVIPSpec));
    Mockito.when(mockVIPSpec.getVipName()).thenReturn("test-vip");
    Mockito.when(mockVIPSpec.getPort()).thenReturn(8000L);
    CertificateNamesGenerator certificateNamesGenerator = new CertificateNamesGenerator(TestConstants.SERVICE_NAME, mockTaskSpec, mockPodInstance, mockSchedulerConfig);
    GeneralNames sans = certificateNamesGenerator.getSANs();
    Assert.assertEquals(2, sans.getNames().length);
    List<String> names = Arrays.stream(sans.getNames()).map(name -> name.getName().toString()).collect(Collectors.toList());
    Assert.assertEquals(2, names.size());
    Assert.assertTrue(names.contains(taskDnsName(TestConstants.TASK_NAME, TestConstants.SERVICE_NAME)));
    Assert.assertTrue(names.contains(taskVipName("test-vip", TestConstants.SERVICE_NAME)));
    // echo -n "some-pod-test-task-name.service-name.autoip.dcos.thisdcos.directory;test-vip.service-name.l4lb.thisdcos.directory" | sha1sum
    Assert.assertEquals("99f8ec48101c439ce41eb62662056dc0ff5d227a", certificateNamesGenerator.getSANsHash());
}
Also used : SchedulerConfig(com.mesosphere.sdk.scheduler.SchedulerConfig) java.util(java.util) TestConstants(com.mesosphere.sdk.testutils.TestConstants) RDN(org.bouncycastle.asn1.x500.RDN) Mock(org.mockito.Mock) TaskSpec(com.mesosphere.sdk.specification.TaskSpec) Test(org.junit.Test) DiscoverySpec(com.mesosphere.sdk.specification.DiscoverySpec) BCStyle(org.bouncycastle.asn1.x500.style.BCStyle) Collectors(java.util.stream.Collectors) ResourceSet(com.mesosphere.sdk.specification.ResourceSet) Mockito(org.mockito.Mockito) MockitoAnnotations(org.mockito.MockitoAnnotations) NamedVIPSpec(com.mesosphere.sdk.specification.NamedVIPSpec) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) PodInstance(com.mesosphere.sdk.specification.PodInstance) Constants(com.mesosphere.sdk.offer.Constants) Assert(org.junit.Assert) Before(org.junit.Before) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) Test(org.junit.Test)

Aggregations

GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)72 GeneralName (org.bouncycastle.asn1.x509.GeneralName)61 IOException (java.io.IOException)31 X509Certificate (java.security.cert.X509Certificate)22 ArrayList (java.util.ArrayList)19 X500Name (org.bouncycastle.asn1.x500.X500Name)19 DERIA5String (org.bouncycastle.asn1.DERIA5String)15 DEROctetString (org.bouncycastle.asn1.DEROctetString)14 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)14 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)14 Date (java.util.Date)13 List (java.util.List)13 X500Principal (javax.security.auth.x500.X500Principal)12 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)12 JcaX509CertificateConverter (org.bouncycastle.cert.jcajce.JcaX509CertificateConverter)12 GeneralNames (sun.security.x509.GeneralNames)12 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)11 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)11 JcaContentSignerBuilder (org.bouncycastle.operator.jcajce.JcaContentSignerBuilder)11 Test (org.junit.Test)11