List of usage examples for org.bouncycastle.asn1.pkcs Attribute getAttributeValues
public ASN1Encodable[] getAttributeValues()
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static String extractX509CSREmail(PKCS10CertificationRequest certReq) { String rfc822 = null;//from w w w . java2 s . c om Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributes) { for (ASN1Encodable value : attribute.getAttributeValues()) { Extensions extensions = Extensions.getInstance(value); GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName); for (GeneralName name : gns.getNames()) { if (name.getTagNo() == GeneralName.rfc822Name) { rfc822 = (((DERIA5String) name.getName()).getString()); break; } } } } return rfc822; }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static List<String> extractX509CSRDnsNames(PKCS10CertificationRequest certReq) { List<String> dnsNames = new ArrayList<>(); Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributes) { for (ASN1Encodable value : attribute.getAttributeValues()) { Extensions extensions = Extensions.getInstance(value); GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName); for (GeneralName name : gns.getNames()) { if (name.getTagNo() == GeneralName.dNSName) { dnsNames.add(((DERIA5String) name.getName()).getString()); }//ww w. j av a 2 s . c o m } } } return dnsNames; }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static List<String> extractX509CSRIPAddresses(PKCS10CertificationRequest certReq) { List<String> ipAddresses = new ArrayList<>(); Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributes) { for (ASN1Encodable value : attribute.getAttributeValues()) { Extensions extensions = Extensions.getInstance(value); GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName); for (GeneralName name : gns.getNames()) { if (name.getTagNo() == GeneralName.iPAddress) { try { InetAddress addr = InetAddress .getByAddress(((DEROctetString) name.getName()).getOctets()); ipAddresses.add(addr.getHostAddress()); } catch (UnknownHostException e) { }/* www . j av a2s.c o m*/ } } } } return ipAddresses; }
From source file:de.carne.certmgr.store.provider.bouncycastle.BouncyCastlePKCS10Object.java
License:Open Source License
@Override public Set<String> getExtensionOIDs() throws IOException { HashSet<String> oids = new HashSet<>(); Attribute[] attributes = this.pkcs10Object.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); if (attributes != null) { for (Attribute attribute : attributes) { ASN1Encodable[] values = attribute.getAttributeValues(); if (values != null) { for (ASN1Encodable value : values) { ASN1Decoder decoder = new BouncyCastleASN1Decoder(value.toASN1Primitive()); ASN1Decoder[] entries = decoder.asn1DecodeSequence(-1, -1); for (ASN1Decoder entry : entries) { ASN1Decoder[] extensionEntries = entry.asn1DecodeSequence(2, 3); String extensionOID = extensionEntries[0].asn1DecodeOID(); oids.add(extensionOID); }// ww w . j av a 2 s .c o m } } } } return oids; }
From source file:de.carne.certmgr.store.provider.bouncycastle.BouncyCastlePKCS10Object.java
License:Open Source License
@Override public byte[] getExtensionValue(String oid) throws IOException { byte[] extensionValue = null; Attribute[] attributes = this.pkcs10Object.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); if (attributes != null) { for (Attribute attribute : attributes) { if (extensionValue != null) { break; }// w w w.ja va 2s. c om ASN1Encodable[] values = attribute.getAttributeValues(); if (values != null) { for (ASN1Encodable value : values) { if (extensionValue != null) { break; } ASN1Decoder decoder = new BouncyCastleASN1Decoder(value.toASN1Primitive()); ASN1Decoder[] entries = decoder.asn1DecodeSequence(-1, -1); for (ASN1Decoder entry : entries) { ASN1Decoder[] extensionEntries = entry.asn1DecodeSequence(2, 3); String extensionOID = extensionEntries[0].asn1DecodeOID(); if (oid.equals(extensionOID)) { extensionValue = extensionEntries[extensionEntries.length - 1].getEncoded(); break; } } } } } } return extensionValue; }
From source file:de.carne.certmgr.store.provider.bouncycastle.PKCS12Decoder.java
License:Open Source License
public void decodeCRTBag(X509CertificateHolder bagValue, Attribute[] bagAttributes) { try {/*from w w w . j a va2 s. c o m*/ X509Certificate crt = this.jcaConverter.getCertificate(bagValue); this.decoded.add(crt); for (Attribute bagAttribute : bagAttributes) { if (bagAttribute.getAttrType().equals(PKCS12SafeBag.localKeyIdAttribute)) { decodeKey(bagAttribute.getAttributeValues()[0], crt.getPublicKey()); break; } } } catch (Exception e) { LOG.info(e, null, "Unable to decode CRT data from PKCS#12 bag"); } }
From source file:de.carne.certmgr.store.provider.bouncycastle.PKCS12Decoder.java
License:Open Source License
public void decodeKeyBag(PrivateKeyInfo bagValue, Attribute[] bagAttributes) { try {/* w ww . j a va 2s.c om*/ KeyFactory keyFactory = KeyFactory.getInstance(bagValue.getPrivateKeyAlgorithm().getAlgorithm().getId(), BouncyCastleProvider.PROVIDER_NAME); PrivateKey privateKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(bagValue.getEncoded())); for (Attribute bagAttribute : bagAttributes) { if (bagAttribute.getAttrType().equals(PKCS12SafeBag.localKeyIdAttribute)) { decodeKey(bagAttribute.getAttributeValues()[0], privateKey); break; } } } catch (Exception e) { LOG.info(e, null, "Unable to decode key data from PKCS#12 bag"); } }
From source file:eu.betaas.taas.securitymanager.common.certificate.utils.PKCS12Utils.java
License:Apache License
/** * A method to load BcCredential (consists of certificate chain, end entity * alias and private key of end entity credential) from the PKCS12 file * @param pkcs12FileName: the PKCS12 file name * @param keyPasswd: the password of the key credential * @return//w w w. jav a 2 s. c o m * @throws Exception */ public static BcCredential loadPKCS12Credential(String pkcs12FileName, char[] keyPasswd, int certType) { PKCS12PfxPdu pfxPdu = null; // if(certType == APPS_CERT){ // log.info("Reading AppStoreCertInter.p12 file"); // InputStream is = PKCS12Utils.class.getResourceAsStream(pkcs12FileName); // log.info("AppStoreCertInter.p12 file has been converted to InputStream"); // pfxPdu = new PKCS12PfxPdu(Streams.readAll(is)); // log.info("Read the PKCS12PfxPdu..."); // } // else if(certType == GW_CERT){ // Try to put the AppStoreCertInter.p12 in the karaf, so no need to read // from the resource, e.g. getResourceAsStream log.debug("will start loading PKCS12 file..."); try { pfxPdu = new PKCS12PfxPdu(Streams.readAll(new FileInputStream(pkcs12FileName))); } catch (FileNotFoundException e) { // TODO Auto-generated catch block log.error("PKCS12 file: " + pkcs12FileName + " is not found!!"); e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block log.error("IOException in initializing PKCS12PfxPdu..."); e.printStackTrace(); } log.debug("Loading PKCS12 successfully..."); // } try { if (!pfxPdu.isMacValid(new BcPKCS12MacCalculatorBuilderProvider(BcDefaultDigestProvider.INSTANCE), keyPasswd)) { log.error("PKCS#12 MAC test failed!"); return null; } } catch (PKCSException e) { // TODO Auto-generated catch block e.printStackTrace(); } ContentInfo[] infos = pfxPdu.getContentInfos(); InputDecryptorProvider inputDecryptorProvider = new BcPKCS12PBEInputDecryptorProviderBuilder() .build(keyPasswd); String eeAlias = null; AsymmetricKeyParameter privCred = null; List<X509CertificateHolder> chainList = new ArrayList<X509CertificateHolder>(); // log.info("Start iterating over the ContentInfo..."); for (int i = 0; i != infos.length; i++) { if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData)) { PKCS12SafeBagFactory dataFact = null; try { dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider); } catch (PKCSException e) { // TODO Auto-generated catch block log.error("Error in initiating PKCS12SafeBagFactory..."); e.printStackTrace(); } PKCS12SafeBag[] bags = dataFact.getSafeBags(); for (int b = 0; b != bags.length; b++) { PKCS12SafeBag bag = bags[b]; X509CertificateHolder certHldr = (X509CertificateHolder) bag.getBagValue(); chainList.add(certHldr); log.debug("Found a certificate and add it to certificate chain..."); } } else { PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]); PKCS12SafeBag[] bags = dataFact.getSafeBags(); PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo) bags[0].getBagValue(); PrivateKeyInfo info; AsymmetricKeyParameter privKey = null; try { info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider); privKey = PrivateKeyFactory.createKey(info); } catch (PKCSException e) { // TODO Auto-generated catch block log.error("Error in getting the decrypt private key info..."); e.printStackTrace(); } catch (IOException e) { // TODO Auto-generated catch block log.error("Error in loading private key..."); e.printStackTrace(); } Attribute[] attributes = bags[0].getAttributes(); for (int a = 0; a != attributes.length; a++) { Attribute attr = attributes[a]; if (attr.getAttrType().equals(PKCS12SafeBag.friendlyNameAttribute)) { eeAlias = ((DERBMPString) attr.getAttributeValues()[0]).getString(); privCred = privKey; log.debug("Get end entity alias"); log.debug("Priv. credential D: " + ((ECPrivateKeyParameters) privCred).getD().toString()); } } } } X509CertificateHolder[] chain = new X509CertificateHolder[chainList.size()]; chain = (X509CertificateHolder[]) chainList.toArray(chain); BcCredential cred = new BcCredential(eeAlias, privCred, chain); log.debug("Credential has been loaded!!"); return cred; }
From source file:eu.betaas.taas.securitymanager.common.certificate.utils.PKCS12Utils.java
License:Apache License
/** * A method to load BcCredential (consists of certificate chain, end entity * alias and private key of end entity credential) from the PKCS12 file * @param pfx: the PKCS#12 file in byte/* ww w . j a v a 2 s . co m*/ * @param keyPasswd: the password of the key credential * @return * @throws Exception */ public static BcCredential loadPKCS12Credential(byte[] pfx, char[] keyPasswd) throws Exception { PKCS12PfxPdu pfxPdu = new PKCS12PfxPdu(pfx); if (!pfxPdu.isMacValid(new BcPKCS12MacCalculatorBuilderProvider(BcDefaultDigestProvider.INSTANCE), keyPasswd)) { log.error("PKCS#12 MAC test failed!"); return null; } ContentInfo[] infos = pfxPdu.getContentInfos(); InputDecryptorProvider inputDecryptorProvider = new BcPKCS12PBEInputDecryptorProviderBuilder() .build(keyPasswd); String eeAlias = null; AsymmetricKeyParameter privCred = null; List<X509CertificateHolder> chainList = new ArrayList<X509CertificateHolder>(); // log.debug("Start iterating over the ContentInfo..."); for (int i = 0; i != infos.length; i++) { if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData)) { PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider); PKCS12SafeBag[] bags = dataFact.getSafeBags(); for (int b = 0; b != bags.length; b++) { PKCS12SafeBag bag = bags[b]; X509CertificateHolder certHldr = (X509CertificateHolder) bag.getBagValue(); chainList.add(certHldr); log.debug("Found a certificate and add it to certificate chain..."); } } else { PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]); PKCS12SafeBag[] bags = dataFact.getSafeBags(); PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo) bags[0].getBagValue(); PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider); AsymmetricKeyParameter privKey = PrivateKeyFactory.createKey(info); Attribute[] attributes = bags[0].getAttributes(); for (int a = 0; a != attributes.length; a++) { Attribute attr = attributes[a]; if (attr.getAttrType().equals(PKCS12SafeBag.friendlyNameAttribute)) { eeAlias = ((DERBMPString) attr.getAttributeValues()[0]).getString(); privCred = privKey; log.debug("Get end entity alias"); log.debug("Priv. credential D: " + ((ECPrivateKeyParameters) privCred).getD().toString()); } } } } X509CertificateHolder[] chain = new X509CertificateHolder[chainList.size()]; chain = (X509CertificateHolder[]) chainList.toArray(chain); BcCredential cred = new BcCredential(eeAlias, privCred, chain); return cred; }
From source file:net.sf.keystore_explorer.gui.dialogs.DialogHelper.java
License:Open Source License
private static void populateTextField(Attribute[] attrs, JTextField textField, ASN1ObjectIdentifier pkcs9Attr) { if (attrs != null) { for (Attribute attribute : attrs) { ASN1ObjectIdentifier attributeOid = attribute.getAttrType(); if (attributeOid.equals(pkcs9Attr)) { ASN1Encodable challenge = attribute.getAttributeValues()[0]; // data type can be one of IA5String or UTF8String if (challenge instanceof DERPrintableString) { textField.setText(((DERPrintableString) challenge).getString()); } else if (challenge instanceof DERUTF8String) { textField.setText(((DERUTF8String) challenge).getString()); }//from w ww.ja va 2 s .c om textField.setCaretPosition(0); } } } }