Examples with ExtensionValueType org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType used on opensource projects

Search in sources :

Example 26 with ExtensionValueType

use of org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileScep.

// method certprofileOcsp
private static X509ProfileType certprofileScep() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile scep", X509CertLevel.EndEntity, "5y", false);
    profile.setKeyAlgorithms(createRSAKeyAlgorithms());
    // Subject
    Subject subject = profile.getSubject();
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1));
    // Extensions
    ExtensionsType extensions = profile.getExtensions();
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.DIGITAL_SIGNATURE, KeyUsageEnum.KEY_ENCIPHERMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 27 with ExtensionValueType

use of org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType in project xipki by xipki.

the class ProfileConfCreatorDemo method createSmimeCapabilities.

private static ExtensionValueType createSmimeCapabilities() {
    SMIMECapabilities caps = new SMIMECapabilities();
    // DES-EDE3-CBC
    SMIMECapability cap = new SMIMECapability();
    caps.getSMIMECapability().add(cap);
    cap.setCapabilityID(createOidType(new ASN1ObjectIdentifier("1.2.840.113549.3.7"), "DES-EDE3-CBC"));
    // RC2-CBC keysize 128
    cap = new SMIMECapability();
    caps.getSMIMECapability().add(cap);
    cap.setCapabilityID(createOidType(new ASN1ObjectIdentifier("1.2.840.113549.3.2"), "RC2-CBC"));
    cap.setParameters(new org.xipki.ca.certprofile.x509.jaxb.SMIMECapability.Parameters());
    cap.getParameters().setInteger(BigInteger.valueOf(128));
    // RC2-CBC keysize 64
    cap = new SMIMECapability();
    caps.getSMIMECapability().add(cap);
    cap.setCapabilityID(createOidType(new ASN1ObjectIdentifier("1.2.840.113549.3.2"), "RC2-CBC"));
    cap.setParameters(new org.xipki.ca.certprofile.x509.jaxb.SMIMECapability.Parameters());
    Base64BinaryWithDescType binary = new Base64BinaryWithDescType();
    try {
        binary.setValue(new ASN1Integer(64).getEncoded());
        binary.setDescription("INTEGER 64");
    } catch (IOException ex) {
        throw new RuntimeException(ex.getMessage());
    }
    cap.getParameters().setBase64Binary(binary);
    return createExtensionValueType(caps);
}
Also used : SMIMECapabilities(org.xipki.ca.certprofile.x509.jaxb.SMIMECapabilities) Base64BinaryWithDescType(org.xipki.ca.certprofile.x509.jaxb.Base64BinaryWithDescType) SMIMECapability(org.xipki.ca.certprofile.x509.jaxb.SMIMECapability) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IOException(java.io.IOException) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 28 with ExtensionValueType

use of org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileMultipleOus.

// method certprofileGsmcK
private static X509ProfileType certprofileMultipleOus() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile multiple-ous", X509CertLevel.EndEntity, "5y", false);
    // Subject
    Subject subject = profile.getSubject();
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    final String regexOu1 = "[A-Z]{1,1}[\\d]{5,5}";
    final String regexOu2 = "[\\d]{5,5}";
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 2, 2, new String[] { regexOu1, regexOu2 }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1));
    // Extensions
    // Extensions - general
    ExtensionsType extensions = profile.getExtensions();
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - basicConstraints
    ExtensionValueType extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.CONTENT_COMMITMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    return profile;
}
Also used : ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)

Example 29 with ExtensionValueType

use of org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType in project xipki by xipki.

the class ProfileConfCreatorDemo method createConstantExtValue.

private static ExtensionValueType createConstantExtValue(byte[] bytes, String desc) {
    ConstantExtValue extValue = new ConstantExtValue();
    extValue.setValue(bytes);
    if (StringUtil.isNotBlank(desc)) {
        extValue.setDescription(desc);
    }
    return createExtensionValueType(extValue);
}
Also used : ConstantExtValue(org.xipki.ca.certprofile.x509.jaxb.ConstantExtValue)

Example 30 with ExtensionValueType

use of org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType in project xipki by xipki.

the class ProfileConfCreatorDemo method certprofileTls.

// method certprofileScep
private static X509ProfileType certprofileTls() throws Exception {
    X509ProfileType profile = getBaseProfile("certprofile tls", X509CertLevel.EndEntity, "5y", true);
    profile.setDuplicateKey(true);
    // Subject
    Subject subject = profile.getSubject();
    subject.setDuplicateSubjectPermitted(true);
    subject.setIncSerialNumber(false);
    List<RdnType> rdnControls = subject.getRdn();
    rdnControls.add(createRdn(ObjectIdentifiers.DN_C, 1, 1, new String[] { "DE|FR" }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_O, 1, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_OU, 0, 1));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_SN, 0, 1, new String[] { REGEX_SN }, null, null));
    rdnControls.add(createRdn(ObjectIdentifiers.DN_CN, 1, 1, new String[] { REGEX_FQDN }, null, null));
    // Extensions
    // Extensions - general
    ExtensionsType extensions = profile.getExtensions();
    // SubjectToSubjectAltName
    extensions.setSubjectToSubjectAltNames(new SubjectToSubjectAltNamesType());
    SubjectToSubjectAltNameType s2sType = new SubjectToSubjectAltNameType();
    extensions.getSubjectToSubjectAltNames().getSubjectToSubjectAltName().add(s2sType);
    s2sType.setSource(createOidType(ObjectIdentifiers.DN_CN));
    s2sType.setTarget(new Target());
    s2sType.getTarget().setDnsName("");
    // Extensions - controls
    List<ExtensionType> list = extensions.getExtension();
    list.add(createExtension(Extension.subjectKeyIdentifier, true, false, null));
    list.add(createExtension(Extension.cRLDistributionPoints, false, false, null));
    list.add(createExtension(Extension.freshestCRL, false, false, null));
    // Extensions - SubjectAltNames
    SubjectAltName subjectAltNameMode = new SubjectAltName();
    subjectAltNameMode.setDnsName("");
    subjectAltNameMode.setIpAddress("");
    ExtensionValueType extensionValue = createExtensionValueType(subjectAltNameMode);
    list.add(createExtension(Extension.subjectAlternativeName, true, false, extensionValue));
    // Extensions - basicConstraints
    extensionValue = null;
    list.add(createExtension(Extension.basicConstraints, true, true, extensionValue));
    // Extensions - AuthorityInfoAccess
    extensionValue = createAuthorityInfoAccess();
    list.add(createExtension(Extension.authorityInfoAccess, true, false, extensionValue));
    // Extensions - AuthorityKeyIdentifier
    extensionValue = createAuthorityKeyIdentifier(true);
    list.add(createExtension(Extension.authorityKeyIdentifier, true, false, extensionValue));
    // Extensions - keyUsage
    extensionValue = createKeyUsages(new KeyUsageEnum[] { KeyUsageEnum.DIGITAL_SIGNATURE, KeyUsageEnum.DATA_ENCIPHERMENT, KeyUsageEnum.KEY_ENCIPHERMENT }, null);
    list.add(createExtension(Extension.keyUsage, true, true, extensionValue));
    // Extensions - extenedKeyUsage
    extensionValue = createExtendedKeyUsage(new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_serverAuth }, new ASN1ObjectIdentifier[] { ObjectIdentifiers.id_kp_clientAuth });
    list.add(createExtension(Extension.extendedKeyUsage, true, false, extensionValue));
    // Extensions - tlsFeature
    extensionValue = createTlsFeature(new TlsExtensionType[] { TlsExtensionType.STATUS_REQUEST, TlsExtensionType.CLIENT_CERTIFICATE_URL });
    list.add(createExtension(ObjectIdentifiers.id_pe_tlsfeature, true, true, extensionValue));
    // Extensions - SMIMECapabilities
    extensionValue = createSmimeCapabilities();
    list.add(createExtension(ObjectIdentifiers.id_smimeCapabilities, true, false, extensionValue));
    return profile;
}
Also used : TlsExtensionType(org.xipki.security.TlsExtensionType) SubjectToSubjectAltNamesType(org.xipki.ca.certprofile.x509.jaxb.SubjectToSubjectAltNamesType) X509ProfileType(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType) ExtensionValueType(org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType) Subject(org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject) RdnType(org.xipki.ca.certprofile.x509.jaxb.RdnType) KeyUsageEnum(org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum) Target(org.xipki.ca.certprofile.x509.jaxb.SubjectToSubjectAltNameType.Target) SubjectToSubjectAltNameType(org.xipki.ca.certprofile.x509.jaxb.SubjectToSubjectAltNameType) SubjectAltName(org.xipki.ca.certprofile.x509.jaxb.SubjectAltName) ExtensionsType(org.xipki.ca.certprofile.x509.jaxb.ExtensionsType) ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType) TlsExtensionType(org.xipki.security.TlsExtensionType) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

TlsExtensionType (org.xipki.security.TlsExtensionType)18 ExtensionType (org.xipki.ca.certprofile.x509.jaxb.ExtensionType)17 ExtensionValueType (org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType)17 KeyUsageEnum (org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)17 ExtensionsType (org.xipki.ca.certprofile.x509.jaxb.ExtensionsType)16 RdnType (org.xipki.ca.certprofile.x509.jaxb.RdnType)16 X509ProfileType (org.xipki.ca.certprofile.x509.jaxb.X509ProfileType)16 Subject (org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject)16 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)15 SubjectAltName (org.xipki.ca.certprofile.x509.jaxb.SubjectAltName)4 IOException (java.io.IOException)3 AuthorityInfoAccess (org.xipki.ca.certprofile.x509.jaxb.AuthorityInfoAccess)3 AdmissionSyntax (org.xipki.ca.certprofile.x509.jaxb.AdmissionSyntax)2 AdmissionsType (org.xipki.ca.certprofile.x509.jaxb.AdmissionsType)2 CertificatePolicies (org.xipki.ca.certprofile.x509.jaxb.CertificatePolicies)2 CertificatePolicyInformationType (org.xipki.ca.certprofile.x509.jaxb.CertificatePolicyInformationType)2 ConstantValueType (org.xipki.ca.certprofile.x509.jaxb.ConstantValueType)2 ExtendedKeyUsage (org.xipki.ca.certprofile.x509.jaxb.ExtendedKeyUsage)2 GeneralNameType (org.xipki.ca.certprofile.x509.jaxb.GeneralNameType)2 OtherName (org.xipki.ca.certprofile.x509.jaxb.GeneralNameType.OtherName)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial