List of usage examples for org.bouncycastle.asn1.x500.style IETFUtils rDNsFromString
public static RDN[] rDNsFromString(String name, X500NameStyle x500Style)
From source file:net.sf.keystore_explorer.crypto.x509.KseX500NameStyle.java
License:Open Source License
@Override public RDN[] fromString(String name) { // Parse backwards RDN[] tmp = IETFUtils.rDNsFromString(name, this); RDN[] res = new RDN[tmp.length]; for (int i = 0; i != tmp.length; i++) { res[res.length - i - 1] = tmp[i]; }/* w w w . jav a 2s . com*/ return res; }
From source file:org.apache.accumulo.test.util.CertUtils.java
License:Apache License
private X509CertificateObject generateCert(String keyName, KeyPair kp, boolean isCertAuthority, PublicKey signerPublicKey, PrivateKey signerPrivateKey) throws IOException, CertIOException, OperatorCreationException, CertificateException, NoSuchAlgorithmException { Calendar startDate = Calendar.getInstance(); Calendar endDate = Calendar.getInstance(); endDate.add(Calendar.YEAR, 100); BigInteger serialNumber = BigInteger.valueOf((startDate.getTimeInMillis())); X500Name issuer = new X500Name(IETFUtils.rDNsFromString(issuerDirString, RFC4519Style.INSTANCE)); JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(issuer, serialNumber, startDate.getTime(), endDate.getTime(), issuer, kp.getPublic()); JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils(); certGen.addExtension(Extension.subjectKeyIdentifier, false, extensionUtils.createSubjectKeyIdentifier(kp.getPublic())); certGen.addExtension(Extension.basicConstraints, false, new BasicConstraints(isCertAuthority)); certGen.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(signerPublicKey)); if (isCertAuthority) { certGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign)); }//w ww . j a v a 2s. c om X509CertificateHolder cert = certGen .build(new JcaContentSignerBuilder(signingAlgorithm).build(signerPrivateKey)); return new X509CertificateObject(cert.toASN1Structure()); }
From source file:org.cesecore.util.CertTools.java
License:Open Source License
/** * Method used to insert a CN postfix into DN by extracting the first found CN appending cnpostfix and then replacing the original CN with the new * one in DN.//from w ww . j av a2s .c o m * * If no CN could be found in DN then should the given DN be returned untouched * * @param dn the DN to manipulate, cannot be null * @param cnpostfix the postfix to insert, cannot be null * @param nameStyle Controls how the name is encoded. Usually it should be a CeSecoreNameStyle. * @return the new DN */ public static String insertCNPostfix(String dn, String cnpostfix, X500NameStyle nameStyle) { if (log.isTraceEnabled()) { log.trace(">insertCNPostfix: dn=" + dn + ", cnpostfix=" + cnpostfix); } if (dn == null) { return null; } final RDN[] rdns = IETFUtils.rDNsFromString(dn, nameStyle); final X500NameBuilder nameBuilder = new X500NameBuilder(nameStyle); boolean replaced = false; for (final RDN rdn : rdns) { final AttributeTypeAndValue[] attributeTypeAndValues = rdn.getTypesAndValues(); for (final AttributeTypeAndValue atav : attributeTypeAndValues) { if (atav.getType() != null) { final String currentSymbol = CeSecoreNameStyle.DefaultSymbols.get(atav.getType()); if (!replaced && "CN".equals(currentSymbol)) { nameBuilder.addRDN(atav.getType(), IETFUtils.valueToString(atav.getValue()) + cnpostfix); replaced = true; } else { nameBuilder.addRDN(atav); } } } } final String ret = nameBuilder.build().toString(); if (log.isTraceEnabled()) { log.trace("<reverseDN: " + ret); } return ret; }
From source file:org.eclipse.milo.opcua.stack.core.util.CertificateUtil.java
License:Open Source License
/** * Generate a {@link PKCS10CertificationRequest}. * * @param keyPair the {@link KeyPair} containing Public and Private keys. * @param subjectName the subject name, in RFC 4519 style. (CN=foo,O=bar) * @param sanUri the URI to request in the SAN. * @param sanDnsNames the DNS names to request in the SAN. * @param sanIpAddresses the IP addresses to request in the SAN. * @param signatureAlgorithm the signature algorithm to use when generating the signature to validate the * certificate. * @return a {@link PKCS10CertificationRequest}. * @throws Exception if creating the signing request fails for any reason. *///from www. jav a 2 s . co m public static PKCS10CertificationRequest generateCsr(KeyPair keyPair, String subjectName, String sanUri, List<String> sanDnsNames, List<String> sanIpAddresses, String signatureAlgorithm) throws Exception { X500Name subject = new X500Name(IETFUtils.rDNsFromString(subjectName, RFC4519Style.INSTANCE)); return generateCsr(keyPair, subject, sanUri, sanDnsNames, sanIpAddresses, signatureAlgorithm); }