Example usage for org.bouncycastle.asn1.x500 X500Name getRDNs

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x500 X500Name getRDNs.

Prototype

public RDN[] getRDNs()

Source Link

Document

return an array of RDNs in structure order.

Usage

From source file:org.cesecore.util.CertToolsTest.java

License:Open Source License

/**
 * Tests encoding DN attributes as UTF-8 or printable string
 */// w  w  w  .  j  a  va 2  s . c o m
@Test
public void testPrintableStringDN() throws Exception {
    log.trace(">testPrintableStringDN()");

    final String dnstr = "C=SE,O=Test,CN=Test";

    final X500Name xn1 = CertTools.stringToBcX500Name(dnstr, new CeSecoreNameStyle(), false);
    assertTrue("When using CeSecoreNameStyle, C was not of PrintableString type",
            xn1.getRDNs()[0].getFirst().getValue() instanceof DERPrintableString);
    assertTrue("When using CeSecoreNameStyle, O was not of UTF8String type",
            xn1.getRDNs()[1].getFirst().getValue() instanceof DERUTF8String);
    assertTrue("When using CeSecoreNameStyle, CN was not of UTF8String type",
            xn1.getRDNs()[2].getFirst().getValue() instanceof DERUTF8String);

    final X500Name xn2 = CertTools.stringToBcX500Name(dnstr, new PrintableStringNameStyle(), false);
    assertTrue("When using PrintableStringNameStyle, C was not of PrintableString type",
            xn2.getRDNs()[0].getFirst().getValue() instanceof DERPrintableString);
    assertTrue("When using PrintableStringNameStyle, O was not of PrintableString type",
            xn2.getRDNs()[1].getFirst().getValue() instanceof DERPrintableString);
    assertTrue("When using PrintableStringNameStyle, CN was not of PrintableString type",
            xn2.getRDNs()[2].getFirst().getValue() instanceof DERPrintableString);

    log.trace("<testPrintableStringDN()");
}

From source file:org.cesecore.util.CeSecoreNameStyle.java

License:Open Source License

/**
 * This method is intended to be used in toString() in BCStyle classes. It is
 * useful e.g. when the DefaultSymbols map is not the default inherited from
 * BCStyle. It is public so it can be re-used by other classes as well
 * (e.g. LdapNameStyle in EJBCA).//from   w  ww.  j ava2  s . com
 */
public static String buildString(Hashtable<ASN1ObjectIdentifier, String> defaultSymbols, X500Name name) {
    StringBuffer buf = new StringBuffer();
    boolean first = true;

    RDN[] rdns = name.getRDNs();

    for (int i = 0; i < rdns.length; i++) {
        if (first) {
            first = false;
        } else {
            buf.append(',');
        }

        if (rdns[i].isMultiValued()) {
            AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues();
            boolean firstAtv = true;

            for (int j = 0; j != atv.length; j++) {
                if (firstAtv) {
                    firstAtv = false;
                } else {
                    buf.append('+');
                }

                IETFUtils.appendTypeAndValue(buf, atv[j], defaultSymbols);
            }
        } else {
            IETFUtils.appendTypeAndValue(buf, rdns[i].getFirst(), defaultSymbols);
        }
    }

    return buf.toString();
}

From source file:org.cryptacular.x509.dn.NameReader.java

License:Open Source License

/**
 * Converts the given X.500 principal to a list of relative distinguished
 * names that contains the attributes comprising the DN.
 *
 * @param  principal  Principal to convert.
 *
 * @return  X500 principal as an RDN sequence.
 *//*from w  ww . java  2s  .c om*/
public static RDNSequence readX500Principal(final X500Principal principal) {
    final X500Name name = X500Name.getInstance(principal.getEncoded());
    final RDNSequence sequence = new RDNSequence();
    for (org.bouncycastle.asn1.x500.RDN rdn : name.getRDNs()) {
        final Attributes attributes = new Attributes();
        for (AttributeTypeAndValue tv : rdn.getTypesAndValues()) {
            attributes.add(tv.getType().getId(), tv.getValue().toString());
        }
        sequence.add(new RDN(attributes));
    }
    return sequence;
}

From source file:org.ejbca.util.LdapToolsTest.java

License:Open Source License

/**
 * Tests name builder with LdapNameStyle class which is used by the LdapTools class.
 *//*w  w  w. j a v a 2  s.  c om*/
@Test
public void test05BuildLdapNameStyle() {
    X500Name ldapName = new X500Name(LdapNameStyle.INSTANCE, LDAP_TEST_DN);

    // LdapNameStyle should return a DN with MAIL and SERIALNUMBER
    X500NameBuilder ldapNameBuilder = new X500NameBuilder(LdapNameStyle.INSTANCE);
    for (RDN rdn : ldapName.getRDNs()) {
        for (AttributeTypeAndValue atv : rdn.getTypesAndValues()) {
            ldapNameBuilder.addRDN(atv);
        }
    }
    assertEquals(LDAP_TEST_DN.toLowerCase(), ldapNameBuilder.build().toString().toLowerCase());

    // CesecoreNameStyle should return a DN with E and SN
    X500NameBuilder cesecoreNameBuilder = new X500NameBuilder(CeSecoreNameStyle.INSTANCE);
    for (RDN rdn : ldapName.getRDNs()) {
        for (AttributeTypeAndValue atv : rdn.getTypesAndValues()) {
            cesecoreNameBuilder.addRDN(atv);
        }
    }
    assertEquals("cn=test person,e=test@example.com,sn=123456-7890",
            cesecoreNameBuilder.build().toString().toLowerCase());
}

From source file:org.globus.gsi.bc.X500NameHelper.java

License:Apache License

/**
 * Creates an instance using existing {@link X500Name X500Name} 
 * object. /*from   w  w  w.ja va  2 s . c  o  m*/
 * This behaves like a copy constructor.
 *
 * @param name existing <code>X500Name</code>
 */
public X500NameHelper(X500Name name) {
    RDN[] rdns = name.getRDNs();
    if (GlobusStyle.toRevert(name)) {
        GlobusStyle.swap(rdns);
    }
    this.seq = new DERSequence(rdns);
}

From source file:org.globus.gsi.bc.X509NameHelper.java

License:Apache License

/**
 * Gets the last name component from the {@link X509Name X509Name} name.
 *
 * @return the last name component. Null if there is none.
 *//* w w  w.  j a va2 s  .  c  o m*/
public static ASN1Set getLastNameEntry(X500Name name) {
    RDN[] rdns = name.getRDNs();
    int size = rdns.length;
    return (size > 0) ? (ASN1Set) rdns[size - 1].toASN1Primitive() : null;
}

From source file:org.graylog.plugins.auth.tls.sso.CertificateTools.java

License:Open Source License

private static Map<String, String> convertCertificateInformation(X509CertificateHolder certificate)
        throws CertificateException {
    final X500NameStyle x500NameStyle = BCStyle.INSTANCE;
    final CertificateInfo<String, String> certInfo = new CertificateInfo<>();

    // Stores relative distinguished names of Subject
    X500Name subject = certificate.getSubject();
    for (RDN rdn : subject.getRDNs()) {
        if (rdn.getFirst() == null) {
            log.warn("Unable to get first RDN");
            continue;
        }/*from ww w  .  j  a v a2s. co m*/
        AttributeTypeAndValue atav = rdn.getFirst();
        if (atav == null) {
            log.warn("Unable to get first AttributeTypeAndValue");
            continue;
        }
        String displayName = x500NameStyle.oidToDisplayName(atav.getType());
        ASN1Encodable value = atav.getValue();
        if (displayName != null && value != null) {
            certInfo.putLogString(displayName, value);
        }
    }

    certInfo.putLogString("CERT_SERIAL", certificate.getSerialNumber());
    certInfo.putLogString("ISSUER", certificate.getIssuer());

    // Convert to java.security.cert.X509Certificate
    X509Certificate jcert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certificate);

    // Set subject alternate names
    // There may be several of the same type in the certificate. This implementation will overwrite in collisions!
    Collection<List<?>> sans = jcert.getSubjectAlternativeNames();
    if (sans != null)
        for (List<?> san : sans) {
            Object[] sanArray = san.toArray();
            switch ((Integer) sanArray[0]) {
            // These are known to be Strings
            case 1:
                if (sanArray[1] != null)
                    certInfo.putLogString("rfc822Name", sanArray[1]);
                break;
            case 2:
                if (sanArray[1] != null)
                    certInfo.putLogString("dNSName", sanArray[1]);
                break;
            case 4:
                if (sanArray[1] != null)
                    certInfo.putLogString("directoryName", sanArray[1]);
                break;
            case 6:
                if (sanArray[1] != null)
                    certInfo.putLogString("uniformResourceIdentifier", sanArray[1]);
                break;
            case 7:
                if (sanArray[1] != null)
                    certInfo.putLogString("iPAddress", sanArray[1]);
                break;
            case 8:
                if (sanArray[1] != null)
                    certInfo.putLogString("registeredID", sanArray[1]);
                break;
            }
        }

    // Populate key usages
    boolean[] keyUsages = jcert.getKeyUsage();
    if (keyUsages != null && keyUsages.length == 9) {
        if (keyUsages[0])
            certInfo.putLogString("Usage digitalSignature", "true");
        if (keyUsages[1])
            certInfo.putLogString("Usage nonRepudiation", "true");
        if (keyUsages[2])
            certInfo.putLogString("Usage keyEncipherment", "true");
        if (keyUsages[3])
            certInfo.putLogString("Usage dataEncipherment", "true");
        if (keyUsages[4])
            certInfo.putLogString("Usage keyAgreement", "true");
        if (keyUsages[5])
            certInfo.putLogString("Usage keyCertSign", "true");
        if (keyUsages[6])
            certInfo.putLogString("Usage cRLSign", "true");
        if (keyUsages[7])
            certInfo.putLogString("Usage encipherOnly", "true");
        if (keyUsages[8])
            certInfo.putLogString("Usage decipherOnly", "true");
    }

    // Populate extended usages
    List<String> extendedUsage = jcert.getExtendedKeyUsage();
    if (extendedUsage != null)
        for (String s : extendedUsage) {
            if (extendedUsageOids.containsKey(s)) {
                certInfo.putLogString("Usage " + extendedUsageOids.get(s), "true");
            } else {
                log.warn("Unknown extended usage OID: {}", s);
            }
        }

    return certInfo;
}

From source file:org.icepdf.ri.common.utility.signatures.SignatureTreeNode.java

License:Apache License

/**
 * Validates the signatures represented by this tree node.  This method is called by a worker thread
 * and once validation is complete the notes states is updated with a call to {@link #refreshSignerNode()}
 *
 * @throws SignatureIntegrityException/*  w  w  w .  j  a v a2 s . c  o  m*/
 */
public void validateSignatureNode() throws SignatureIntegrityException {

    SignatureFieldDictionary fieldDictionary = signatureWidgetAnnotation.getFieldDictionary();
    SignatureDictionary signatureDictionary = signatureWidgetAnnotation.getSignatureDictionary();
    if (fieldDictionary != null) {
        // grab some signer properties right from the annotations dictionary.
        name = signatureDictionary.getName();
        location = signatureDictionary.getLocation();
        reason = signatureDictionary.getReason();
        contact = signatureDictionary.getContactInfo();
        date = signatureDictionary.getDate();

        // getting a signatureValidator should give us a pointer the to the signer cert if all goes well.
        signatureValidator = signatureWidgetAnnotation.getSignatureValidator();
        // try and parse out the signer info.
        X509Certificate certificate = signatureValidator.getSignerCertificate();
        X500Principal principal = certificate.getIssuerX500Principal();
        X500Name x500name = new X500Name(principal.getName());
        if (x500name.getRDNs() != null) {
            commonName = SignatureUtilities.parseRelativeDistinguishedName(x500name, BCStyle.CN);
            organization = SignatureUtilities.parseRelativeDistinguishedName(x500name, BCStyle.O);
            emailAddress = SignatureUtilities.parseRelativeDistinguishedName(x500name, BCStyle.EmailAddress);
        }
        // Start validation process.
        setVerifyingSignature(true);
        signatureValidator.validate();
        setVerifyingSignature(true);
    }

}

From source file:org.icepdf.ri.common.views.annotations.signatures.SignatureValidationStatus.java

License:Apache License

private void validateSignatureNode(SignatureWidgetAnnotation signatureWidgetAnnotation,
        SignatureValidator signatureValidator) throws SignatureIntegrityException {
    SignatureFieldDictionary fieldDictionary = signatureWidgetAnnotation.getFieldDictionary();

    if (fieldDictionary != null) {
        // try and parse out the signer info.
        X509Certificate certificate = signatureValidator.getSignerCertificate();
        X500Principal principal = certificate.getIssuerX500Principal();
        X500Name x500name = new X500Name(principal.getName());
        if (x500name.getRDNs() != null) {
            commonName = SignatureUtilities.parseRelativeDistinguishedName(x500name, BCStyle.CN);
            organization = SignatureUtilities.parseRelativeDistinguishedName(x500name, BCStyle.O);
            emailAddress = SignatureUtilities.parseRelativeDistinguishedName(x500name, BCStyle.EmailAddress);
        }// w w w .  ja v a  2s .  co  m
    }
}

From source file:org.jruby.ext.openssl.Request.java

License:LGPL

private IRubyObject makeRubyName(X500Name name) {
    if (name == null)
        return getRuntime().getNil();

    IRubyObject newName = Utils.newRubyInstance(getRuntime(), "OpenSSL::X509::Name");

    for (RDN rdn : name.getRDNs()) {
        for (AttributeTypeAndValue tv : rdn.getTypesAndValues()) {
            ASN1ObjectIdentifier oid = tv.getType();
            String val = null;
            if (tv.getValue() instanceof ASN1String) {
                val = ((ASN1String) tv.getValue()).getString();
            }/*from  ww w.ja  v a  2 s  .c  om*/
            RubyFixnum typef = getRuntime().newFixnum(ASN1.idForClass(tv.getValue().getClass())); //TODO correct?
            ((X509Name) newName).addEntry(oid, val, typef);
        }
    }

    return newName;
}