List of usage examples for org.bouncycastle.asn1.x500 X500Name getRDNs
public RDN[] getRDNs(ASN1ObjectIdentifier attributeType)
From source file:com.guardtime.ksi.trust.X509CertificateSubjectRdnSelector.java
License:Apache License
private boolean contains(X500Name name, RDN rdn) { RDN[] certificateRdnValues = name.getRDNs(rdn.getFirst().getType()); for (RDN certRDN : certificateRdnValues) { if (certRDN.getFirst().getValue().equals(rdn.getFirst().getValue())) { return true; }// w ww . j ava 2s . c o m } return false; }
From source file:com.helger.peppol.as2client.AS2ClientHelper.java
License:Apache License
/** * @param aCert// ww w . j av a 2 s .c om * Source certificate. May not be <code>null</code>. * @return The common name of the certificate subject * @throws CertificateEncodingException * In case of an internal error */ @Nonnull public static String getSubjectCommonName(@Nonnull final X509Certificate aCert) throws CertificateEncodingException { ValueEnforcer.notNull(aCert, "Certificate"); final X500Name x500name = new JcaX509CertificateHolder(aCert).getSubject(); final RDN cn = x500name.getRDNs(BCStyle.CN)[0]; return IETFUtils.valueToString(cn.getFirst().getValue()); }
From source file:com.motorolamobility.studio.android.certmanager.ui.dialogs.CertificateInfoDialog.java
License:Apache License
@Override protected Control createDialogArea(Composite parent) { Composite newComposite = (Composite) super.createDialogArea(parent); X509Certificate cert = null;/*from w ww .j a v a 2 s . c om*/ try { cert = entry.getX509Certificate(); if (cert != null) { X500Name x500name = new JcaX509CertificateHolder(cert).getSubject(); RDN commonName = x500name.getRDNs(BCStyle.CN).length >= 1 ? x500name.getRDNs(BCStyle.CN)[0] : null; RDN organization = x500name.getRDNs(BCStyle.O).length >= 1 ? x500name.getRDNs(BCStyle.O)[0] : null; RDN organizationUnit = x500name.getRDNs(BCStyle.OU).length >= 1 ? x500name.getRDNs(BCStyle.OU)[0] : null; RDN country = x500name.getRDNs(BCStyle.C).length >= 1 ? x500name.getRDNs(BCStyle.C)[0] : null; RDN state = x500name.getRDNs(BCStyle.ST).length >= 1 ? x500name.getRDNs(BCStyle.ST)[0] : null; RDN locality = x500name.getRDNs(BCStyle.L).length >= 1 ? x500name.getRDNs(BCStyle.L)[0] : null; block.createInfoBlock(newComposite, entry.getAlias(), printCertInfo(commonName), printCertInfo(organization), printCertInfo(organizationUnit), printCertInfo(country), printCertInfo(state), printCertInfo(locality), cert.getNotAfter(), cert.getNotBefore()); } else { //not found Android certificate expected (X509Certificate) EclipseUtils.showErrorDialog( CertificateManagerNLS.CertificateInfoDialog_UnknownCertificateKeypairType, CertificateManagerNLS.CertificatePropertiesHandler_ErrorGettingCertificateOrKeypairProperties); } } catch (Exception e) { EclipseUtils.showErrorDialog( CertificateManagerNLS.CertificatePropertiesHandler_ErrorGettingCertificateOrKeypairProperties, e.getMessage()); StudioLogger.error(CertificateInfoDialog.class, CertificateManagerNLS.CertificatePropertiesHandler_ErrorGettingCertificateOrKeypairProperties, e); } return newComposite; }
From source file:com.motorolamobility.studio.android.certmanager.ui.model.EntryNode.java
License:Apache License
/** * /*from www . ja v a 2 s . c om*/ * @param keyStoreModel * @param alias * @throws KeyStoreManagerException * if the alias is already listed in the tree */ public EntryNode(ITreeNode keyStoreModel, String alias) throws KeyStoreManagerException { this.alias = alias.toLowerCase(); setParent(keyStoreModel); if (!isKeyPairEntry()) { keyStoreModel.addChild(this); } // notify key entry addition // KeyStoreModelEventManager.getInstance().fireEvent(this, KeyStoreModelEvent.EventType.ADD); // Obtaining certificate to get tooltip information X509Certificate cert = getX509Certificate(); if (cert != null) { X500Name x500name; try { x500name = new JcaX509CertificateHolder(cert).getSubject(); RDN commonName = x500name.getRDNs(BCStyle.CN).length >= 1 ? x500name.getRDNs(BCStyle.CN)[0] : null; RDN organization = x500name.getRDNs(BCStyle.O).length >= 1 ? x500name.getRDNs(BCStyle.O)[0] : null; // Adding tooltip information String org = organization != null ? organization.getFirst().getValue().toString() : CertificateManagerNLS.CertificateInfoDialog_NotAvailableProperty; String name = commonName != null ? commonName.getFirst().getValue().toString() : CertificateManagerNLS.CertificateInfoDialog_NotAvailableProperty; this.setTooltip(NLS.bind(CertificateManagerNLS.CertificateBlock_KeyTooltip, org, name)); } catch (CertificateEncodingException e) { String errorMsg = "Error getting data from certificate"; StudioLogger.error(EntryNode.class, errorMsg, e); throw new KeyStoreManagerException(errorMsg, e); } } }
From source file:com.oath.auth.SocketTest.java
License:Apache License
private String getCN(Certificate[] certificates) throws CertificateEncodingException { final X509Certificate[] clientCerts = (X509Certificate[]) certificates; final X500Name certificateHolder = new JcaX509CertificateHolder(clientCerts[0]).getSubject(); final RDN commonName = certificateHolder.getRDNs(BCStyle.CN)[0]; return IETFUtils.valueToString(commonName.getFirst().getValue()); }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static String extractX509CSRCommonName(PKCS10CertificationRequest certReq) { String cn = null;//from ww w .ja v a2 s. c o m X500Name x500name = certReq.getSubject(); RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0]; if (cnRdn != null) { cn = IETFUtils.valueToString(cnRdn.getFirst().getValue()); } return cn; }
From source file:com.yahoo.athenz.auth.util.Crypto.java
License:Apache License
public static String extractX509CertCommonName(X509Certificate x509Cert) { // in case there are multiple CNs, we're only looking at the first one String cn = null;/* w w w . java 2s .c o m*/ String principalName = x509Cert.getSubjectX500Principal().getName(); if (principalName != null && !principalName.isEmpty()) { X500Name x500name = new X500Name(principalName); RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0]; if (cnRdn != null) { cn = IETFUtils.valueToString(cnRdn.getFirst().getValue()); } } return cn; }
From source file:com.yahoo.athenz.zts.ZTSClientTest.java
License:Apache License
@Test public void testGenerateInstanceRefreshRequestSubDomain() { File privkey = new File("./src/test/resources/test_private_k0.pem"); PrivateKey privateKey = Crypto.loadPrivateKey(privkey); InstanceRefreshRequest req = ZTSClient.generateInstanceRefreshRequest("coretech.system", "test", privateKey, "aws", 3600); assertNotNull(req);/*ww w .j a va 2 s . c o m*/ PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr()); assertEquals("coretech.system.test", Crypto.extractX509CSRCommonName(certReq)); X500Name x500name = certReq.getSubject(); RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0]; assertEquals("coretech.system.test", IETFUtils.valueToString(cnRdn.getFirst().getValue())); assertEquals("test.coretech-system.aws.athenz.cloud", Crypto.extractX509CSRDnsNames(certReq).get(0)); }
From source file:cz.etruhla.mailsigner.Helpers.java
License:Apache License
/** * vybere z certifikatu vsechny emaily ktere muze podepsat * /*from w w w. jav a 2s . c om*/ * @param cert * @return * @throws CertificateParsingException * @throws AddressException */ public static Set<InternetAddress> getEmailAddresses(X509Certificate cert) throws CertificateParsingException, AddressException { HashSet<InternetAddress> addresses = new HashSet<InternetAddress>(); X500Name x500name = new X500Name(cert.getSubjectDN().getName()); RDN[] ems; ems = x500name.getRDNs(BCStyle.EmailAddress);// Email address (RSA // PKCS#9 extension) - // IA5String. if (ems != null && ems.length > 0) { for (RDN em : ems) { addresses.add(new InternetAddress(IETFUtils.valueToString(em.getFirst().getValue()))); } } ems = x500name.getRDNs(BCStyle.E);// email address in Verisign // certificates if (ems != null && ems.length > 0) { for (RDN em : ems) { addresses.add(new InternetAddress(IETFUtils.valueToString(em.getFirst().getValue()))); } } // projeti subject alternative name if (cert.getSubjectAlternativeNames() != null) { for (List<?> l : cert.getSubjectAlternativeNames()) { if ((Integer) (l.get(0)) == SUBALTNAME_RFC822NAME) { addresses.add(new InternetAddress((String) (l.get(1)))); } } } return addresses; }
From source file:edu.nps.moves.mmowgli.CACManager.java
License:Open Source License
private static void parseCert(String cert, CACData data) { cert = cert.replace(' ', '\r'); cert = cert.replace("BEGIN\rCERTIFICATE", "BEGIN CERTIFICATE"); cert = cert.replace("END\rCERTIFICATE", "END CERTIFICATE"); PEMParser pr = new PEMParser(new StringReader(cert)); try {/*from www .j a v a 2 s .c om*/ Object o = pr.readObject(); pr.close(); if (o instanceof X509CertificateHolder) { X509CertificateHolder x509 = (X509CertificateHolder) o; X500Name x500name = x509.getSubject(); RDN cnRdns[] = x500name.getRDNs(BCStyle.CN); String cn = IETFUtils.valueToString(cnRdns[0].getFirst().getValue()); parseCN(cn, data); GeneralNames gns = GeneralNames.fromExtensions(x509.getExtensions(), Extension.subjectAlternativeName); if (gns != null) { GeneralName[] subjectAltNames = gns.getNames(); for (GeneralName gn : subjectAltNames) { if (gn.getTagNo() == GeneralName.rfc822Name) { // check for email String s = DERIA5String.getInstance(gn.getName()).getString(); if (s.contains("@")) { data.userEmail = s; break; } } } } // Create the unique card identifier (issuer+serial) which when hashed goes into the database for quick login String uniqueCertId = x509.getIssuer().toString() + " " + x509.getSerialNumber().toString(); MessageDigest md = MessageDigest.getInstance("SHA-256"); md.update(uniqueCertId.getBytes("UTF-8")); // or UTF-16 byte[] digest = md.digest(); data.cacId = Hex.encodeHexString(digest); /* Alternatively, this will do a salted hash, but the output is not the same for the same input; better security * but the login performance would be bad since the user list has to be polled instead of indexed try { data.cacId = PasswordHash.createHash(uniqueCertId); } catch(Exception ex) { MSysOut.println(MmowgliConstants.SYSTEM_LOGS,"Program error, could not create CAC hash; auto-login disabled"); data.cacId = null; } System.out.println("data cacId: "+data.cacId); */ } } catch (IOException | NoSuchAlgorithmException ex) { MSysOut.println(MmowgliConstants.SYSTEM_LOGS, ex.getClass().getSimpleName() + ": Program error, could not parse CAC"); data.cacId = null; data.isCACPresent = false; } // Some informational stuff /* this gives same info as the x509 methods below RDN rdns[] = x500name.getRDNs(); for(RDN rdn : rdns) { AttributeTypeAndValue[] tandV = rdn.getTypesAndValues(); for(AttributeTypeAndValue tv : tandV) { System.out.println(tv.getType()); System.out.println(IETFUtils.valueToString(tv.getType())); System.out.println(tv.getValue()); System.out.println(IETFUtils.valueToString(tv.getValue())); } } */ /* System.out.println("X509 version: "+x509.getVersionNumber()); System.out.println("X509 Serial num: "+x509.getSerialNumber()); System.out.println("X509 Sig algo: "+x509.getSignatureAlgorithm().getAlgorithm().toASN1Primitive()); System.out.println("X509 Issuer: "+x509.getIssuer()); System.out.println("X509 Not before: "+x509.getNotBefore()); System.out.println("X509 Not after: "+x509.getNotAfter()); System.out.println("X509 Subject: "+x509.getSubject()); System.out.println("X509 Subject Public Key Info: "+x509.getSubjectPublicKeyInfo().getAlgorithm().getAlgorithm()); */ /* System.out.println("CriticalExtensionOIDs: "); Set<?> set = x509.getCriticalExtensionOIDs(); Iterator<?> itr = set.iterator(); while(itr.hasNext()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)itr.next(); System.out.println(oid.toString()+" : "+x509.getExtension(oid).getParsedValue()); } System.out.println("NonCriticalExtensionOIDs: "); set = x509.getNonCriticalExtensionOIDs(); itr = set.iterator(); while(itr.hasNext()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)itr.next(); System.out.println(oid.toString()+" : "+x509.getExtension(oid).getParsedValue()); } System.out.println("Other api: getExtensionOIDs"); List<?> lis = x509.getExtensionOIDs(); itr = lis.iterator(); while(itr.hasNext()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)itr.next(); System.out.println(oid.toString()+" : "+x509.getExtension(oid).getParsedValue()); } System.out.println("From the extensions \"block\""); Extensions exts = x509.getExtensions(); ASN1ObjectIdentifier[] ids = exts.getExtensionOIDs(); for(ASN1ObjectIdentifier oid : ids) { org.bouncycastle.asn1.x509.Extension ext = exts.getExtension(oid); System.out.println(oid.toString()+": "+IETFUtils.valueToString(ext.getParsedValue())); } // */ }