List of usage examples for org.bouncycastle.asn1.x500 X500Name getRDNs
public RDN[] getRDNs(ASN1ObjectIdentifier attributeType)
From source file:org.jcryptool.visual.jctca.Util.java
License:Open Source License
public static boolean isSignedByJCTCA(KeyStoreAlias ksAlias) { KeyStoreManager ksm = KeyStoreManager.getInstance(); X509Certificate pubKey = null; try {//w w w . j av a2s .c om pubKey = (X509Certificate) ksm.getCertificate(ksAlias); } catch (UnrecoverableEntryException e) { LogUtil.logError(e); } catch (NoSuchAlgorithmException e) { LogUtil.logError(e); } // create X500Name from the X509 certificate Subjects distinguished name X500Name x500name = new X500Name(pubKey.getIssuerDN().toString()); RDN rdn = x500name.getRDNs(BCStyle.OU)[0]; if (rdn.getFirst().getValue().toString().equals("JCT-CA Visual")) {//$NON-NLS-1$ return true; } else { return false; } }
From source file:org.kse.gui.crypto.DDistinguishedNameChooser.java
License:Open Source License
private void okPressed() { if (editable) { X500Name dn = distinguishedNameChooser.getDN(); if (dn == null) { return; }/*from w ww. j a v a 2 s . c o m*/ if (dn.toString().isEmpty()) { JOptionPane.showMessageDialog(this, res.getString("DDistinguishedNameChooser.ValueReqAtLeastOneField.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } for (RDN rdn : dn.getRDNs(BCStyle.C)) { String countryCode = rdn.getFirst().getValue().toString(); if ((countryCode != null) && (countryCode.length() != 2)) { JOptionPane.showMessageDialog(this, res.getString("DDistinguishedNameChooser.CountryCodeTwoChars.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } } distinguishedName = dn; } closeDialog(); }
From source file:org.occiware.mart.security.CertificateManagement.java
License:Apache License
/** * @param name/* w ww .ja va 2s . c o m*/ * @return */ private static String getCommonName(X500Name name) { if (name == null) { return null; } RDN[] rdns = name.getRDNs(BCStyle.CN); if (rdns.length == 0) { return null; } return rdns[0].getFirst().getValue().toString(); }
From source file:org.opendaylight.snbi.southplugin.SNBICAInterfaces.java
License:Open Source License
public HashMap<String, String> getCertificateInfo(X509Certificate cert) { HashMap<String, String> certInfo = new HashMap<String, String>(); X500Name x500name; try {//from www .j a va 2 s . c o m x500name = new JcaX509CertificateHolder(cert).getSubject(); } catch (CertificateEncodingException e) { e.printStackTrace(); return certInfo; } certInfo.put(CertManagerConstants.SUBJECT_NAME, cert.getSubjectDN().getName()); certInfo.put(CertManagerConstants.ISSUER_NAME, cert.getIssuerDN().getName()); certInfo.put(CertManagerConstants.SN, cert.getSerialNumber().toString()); RDN cn = x500name.getRDNs(BCStyle.CN)[0]; certInfo.put(CertManagerConstants.CN, cn.toString()); RDN ou = x500name.getRDNs(BCStyle.OU)[0]; certInfo.put(CertManagerConstants.OU, ou.toString()); certInfo.put(CertManagerConstants.START_DATE, cert.getNotBefore().toString()); certInfo.put(CertManagerConstants.EXPIRY_DATE, cert.getNotAfter().toString()); return certInfo; }
From source file:org.shredzone.acme4j.util.CSRBuilderTest.java
License:Apache License
/** * Checks if the CSR contains the right parameters. * <p>// w ww . j a v a2s .c o m * This is not supposed to be a Bouncy Castle test. If the * {@link PKCS10CertificationRequest} contains the right parameters, we assume that * Bouncy Castle encodes it properly. */ @SuppressWarnings("unchecked") private void csrTest(PKCS10CertificationRequest csr) { X500Name name = csr.getSubject(); assertThat(name.getRDNs(BCStyle.CN), arrayContaining(new RDNMatcher("abc.de"))); assertThat(name.getRDNs(BCStyle.C), arrayContaining(new RDNMatcher("XX"))); assertThat(name.getRDNs(BCStyle.L), arrayContaining(new RDNMatcher("Testville"))); assertThat(name.getRDNs(BCStyle.O), arrayContaining(new RDNMatcher("Testing Co"))); assertThat(name.getRDNs(BCStyle.OU), arrayContaining(new RDNMatcher("Testunit"))); assertThat(name.getRDNs(BCStyle.ST), arrayContaining(new RDNMatcher("ABC"))); Attribute[] attr = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); assertThat(attr.length, is(1)); ASN1Encodable[] extensions = attr[0].getAttrValues().toArray(); assertThat(extensions.length, is(1)); GeneralNames names = GeneralNames.fromExtensions((Extensions) extensions[0], Extension.subjectAlternativeName); assertThat(names.getNames(), arrayContaining(new GeneralNameMatcher("abc.de"), new GeneralNameMatcher("fg.hi"), new GeneralNameMatcher("jklm.no"), new GeneralNameMatcher("pqr.st"), new GeneralNameMatcher("uv.wx"), new GeneralNameMatcher("y.z"))); }
From source file:org.syncany.operations.daemon.WebServer.java
License:Open Source License
private boolean certificateCommonNameChanged(String certificateCommonName) { try {//from w w w . j a va2s . c o m KeyStore userKeyStore = UserConfig.getUserKeyStore(); X509Certificate currentCertificate = (X509Certificate) userKeyStore .getCertificate(CipherParams.CERTIFICATE_IDENTIFIER); if (currentCertificate != null) { X500Name currentCertificateSubject = new JcaX509CertificateHolder(currentCertificate).getSubject(); RDN currentCertificateSubjectCN = currentCertificateSubject.getRDNs(BCStyle.CN)[0]; String currentCertificateSubjectCnStr = IETFUtils .valueToString(currentCertificateSubjectCN.getFirst().getValue()); if (!certificateCommonName.equals(currentCertificateSubjectCnStr)) { logger.log(Level.INFO, "- Certificate regeneration necessary: Cert common name in daemon config changed from " + currentCertificateSubjectCnStr + " to " + certificateCommonName + "."); return true; } } else { logger.log(Level.INFO, "- Certificate regeneration necessary, because no certificate found in key store."); return true; } return false; } catch (Exception e) { throw new RuntimeException( "Cannot (re-)generate server certificate for hostname: " + certificateCommonName, e); } }
From source file:org.tdmx.client.crypto.certificate.PKIXCertificate.java
License:Open Source License
private String getFirstRDN(X500Name x500name, ASN1ObjectIdentifier attributeType) { if (x500name == null) { return null; }/* www. ja va 2 s . c o m*/ RDN[] rdns = x500name.getRDNs(attributeType); if (rdns != null && rdns.length > 0) { return IETFUtils.valueToString(rdns[0].getFirst().getValue()); } return null; }
From source file:org.tdmx.client.crypto.certificate.PKIXCertificate.java
License:Open Source License
private String getSecondLastRDN(X500Name x500name, ASN1ObjectIdentifier attributeType) { if (x500name == null) { return null; }/*w w w . jav a 2 s .co m*/ RDN[] rdns = x500name.getRDNs(attributeType); if (rdns != null && rdns.length > 1) { return IETFUtils.valueToString(rdns[rdns.length - 2].getFirst().getValue()); } return null; }
From source file:org.tdmx.client.crypto.certificate.PKIXCertificate.java
License:Open Source License
private String getLastRDN(X500Name x500name, ASN1ObjectIdentifier attributeType) { if (x500name == null) { return null; }/*from w ww . j a v a 2s. c o m*/ RDN[] rdns = x500name.getRDNs(attributeType); if (rdns != null && rdns.length > 0) { return IETFUtils.valueToString(rdns[rdns.length - 1].getFirst().getValue()); } return null; }
From source file:org.xipki.ca.api.profile.x509.BaseX509Certprofile.java
License:Open Source License
protected void verifySubjectDNOccurence(final X500Name requestedSubject) throws BadCertTemplateException { Set<RDNControl> occurences = getSubjectDNControls(); if (occurences == null) { return;//from www .j a v a 2 s .c o m } ASN1ObjectIdentifier[] types = requestedSubject.getAttributeTypes(); for (ASN1ObjectIdentifier type : types) { RDNControl occu = null; for (RDNControl occurence : occurences) { if (occurence.getType().equals(type)) { occu = occurence; break; } } if (occu == null) { throw new BadCertTemplateException( "subject DN of type " + oidToDisplayName(type) + " is not allowed"); } RDN[] rdns = requestedSubject.getRDNs(type); if (rdns.length > occu.getMaxOccurs() || rdns.length < occu.getMinOccurs()) { throw new BadCertTemplateException("occurrence of subject DN of type " + oidToDisplayName(type) + " not within the allowed range. " + rdns.length + " is not within [" + occu.getMinOccurs() + ", " + occu.getMaxOccurs() + "]"); } } for (RDNControl occurence : occurences) { if (occurence.getMinOccurs() == 0) { continue; } boolean present = false; for (ASN1ObjectIdentifier type : types) { if (occurence.getType().equals(type)) { present = true; break; } } if (present == false) { throw new BadCertTemplateException( "requied subject DN of type " + oidToDisplayName(occurence.getType()) + " is not present"); } } }