List of usage examples for org.bouncycastle.asn1.x500 X500Name X500Name
public X500Name(String dirName)
From source file:org.xipki.ca.server.impl.X509CA.java
License:Open Source License
private static Object[] incSerialNumber(final IdentifiedX509Certprofile profile, final X500Name origName, final String latestSN) throws BadFormatException { RDN[] rdns = origName.getRDNs();/*from w w w . ja va 2 s .co m*/ int commonNameIndex = -1; int serialNumberIndex = -1; for (int i = 0; i < rdns.length; i++) { RDN rdn = rdns[i]; ASN1ObjectIdentifier type = rdn.getFirst().getType(); if (ObjectIdentifiers.DN_CN.equals(type)) { commonNameIndex = i; } else if (ObjectIdentifiers.DN_SERIALNUMBER.equals(type)) { serialNumberIndex = i; } } String newSerialNumber = profile.incSerialNumber(latestSN); RDN serialNumberRdn = new RDN(ObjectIdentifiers.DN_SERIALNUMBER, new DERPrintableString(newSerialNumber)); X500Name newName; if (serialNumberIndex != -1) { rdns[serialNumberIndex] = serialNumberRdn; newName = new X500Name(rdns); } else { List<RDN> newRdns = new ArrayList<>(rdns.length + 1); if (commonNameIndex == -1) { newRdns.add(serialNumberRdn); } for (int i = 0; i < rdns.length; i++) { newRdns.add(rdns[i]); if (i == commonNameIndex) { newRdns.add(serialNumberRdn); } } newName = new X500Name(newRdns.toArray(new RDN[0])); } return new Object[] { newName, newSerialNumber }; }
From source file:org.xipki.common.util.X509Util.java
License:Open Source License
public static X500Name reverse(final X500Name name) { RDN[] orig = name.getRDNs();/*from w ww . j ava 2s. c o m*/ int n = orig.length; RDN[] _new = new RDN[n]; for (int i = 0; i < n; i++) { _new[i] = orig[n - 1 - i]; } return new X500Name(_new); }
From source file:org.xipki.common.util.X509Util.java
License:Open Source License
private static X500Name sortX500Name(final X500Name name, final boolean backwards) { RDN[] requstedRDNs = name.getRDNs(); List<RDN> rdns = new LinkedList<>(); List<ASN1ObjectIdentifier> sortedDNs = backwards ? ObjectIdentifiers.getBackwardDNs() : ObjectIdentifiers.getForwardDNs(); int size = sortedDNs.size(); for (int i = 0; i < size; i++) { ASN1ObjectIdentifier type = sortedDNs.get(i); RDN[] thisRDNs = getRDNs(requstedRDNs, type); int n = thisRDNs == null ? 0 : thisRDNs.length; if (n == 0) { continue; }//from w w w. j av a 2 s . com for (RDN thisRDN : thisRDNs) { rdns.add(thisRDN); } } return new X500Name(rdns.toArray(new RDN[0])); }
From source file:org.xipki.commons.security.HttpsHostnameVerifier.java
License:Open Source License
/** * Verify that the host name is an acceptable match with * the server's authentication scheme.//w ww . j av a2s. c om * * @param hostname the host name * @param session SSLSession used on the connection to host * @return true if the host name is acceptable */ @Override public boolean verify(final String hostname, final SSLSession session) { ParamUtil.requireNonNull("hostname", hostname); if (trustAll) { return true; } LOG.info("hostname: {}", hostname); String commonName = null; try { Principal peerPrincipal = session.getPeerPrincipal(); if (peerPrincipal == null) { return false; } commonName = X509Util.getCommonName(new X500Name(peerPrincipal.getName())); LOG.info("commonName: {}", commonName); } catch (Exception ex) { LogUtil.error(LOG, ex); return false; } Set<String> hostnames = hostnameMap.get(commonName); return (hostnames == null) ? false : hostnames.contains(hostname); }
From source file:org.xipki.commons.security.pkcs12.P12KeypairGenerator.java
License:Open Source License
private static P12KeypairGenerationResult generateIdentity(final KeyPairWithSubjectPublicKeyInfo kp, final P12KeystoreGenerationParameters params, final String selfSignedCertSubject) throws Exception { Date now = new Date(); Date notBefore = new Date(now.getTime() - 10 * MIN); // 10 minutes past Date notAfter = new Date(notBefore.getTime() + 3650 * DAY); String dnStr = (selfSignedCertSubject == null) ? "CN=DUMMY" : selfSignedCertSubject; X500Name subjectDn = new X500Name(dnStr); SubjectPublicKeyInfo subjectPublicKeyInfo = kp.getSubjectPublicKeyInfo(); ContentSigner contentSigner = getContentSigner(kp.getKeypair().getPrivate()); // Generate keystore X509v3CertificateBuilder certGenerator = new X509v3CertificateBuilder(subjectDn, BigInteger.valueOf(1), notBefore, notAfter, subjectDn, subjectPublicKeyInfo); KeyAndCertPair identity = new KeyAndCertPair(certGenerator.build(contentSigner), kp.getKeypair().getPrivate()); KeyStore ks = KeyUtil.getKeyStore("PKCS12"); ks.load(null, params.getPassword()); ks.setKeyEntry("main", identity.getKey(), params.getPassword(), new Certificate[] { identity.getJceCert() }); ByteArrayOutputStream ksStream = new ByteArrayOutputStream(); try {// w w w. j av a2s . c om ks.store(ksStream, params.getPassword()); } finally { ksStream.flush(); } P12KeypairGenerationResult result = new P12KeypairGenerationResult(ksStream.toByteArray()); result.setKeystoreObject(ks); return result; }
From source file:org.xipki.commons.security.shell.CertRequestGenCommandSupport.java
License:Open Source License
protected X500Name getSubject(final String subjectText) { ParamUtil.requireNonBlank("subjectText", subjectText); return new X500Name(subjectText); }
From source file:org.xipki.commons.security.shell.p12.P12ComplexCertRequestGenCmd.java
License:Open Source License
@Override protected X500Name getSubject(final String subject) { X500Name name = new X500Name(subject); List<RDN> list = new LinkedList<>(); RDN[] rs = name.getRDNs();/*from ww w .j a v a 2 s. co m*/ for (RDN m : rs) { list.add(m); } ASN1ObjectIdentifier id; // dateOfBirth if (complexSubject.booleanValue()) { id = ObjectIdentifiers.DN_DATE_OF_BIRTH; RDN[] rdns = name.getRDNs(id); if (rdns == null || rdns.length == 0) { ASN1Encodable atvValue = new DERGeneralizedTime("19950102120000Z"); RDN rdn = new RDN(id, atvValue); list.add(rdn); } } // postalAddress if (complexSubject.booleanValue()) { id = ObjectIdentifiers.DN_POSTAL_ADDRESS; RDN[] rdns = name.getRDNs(id); if (rdns == null || rdns.length == 0) { ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(new DERUTF8String("my street 1")); vec.add(new DERUTF8String("12345 Germany")); ASN1Sequence atvValue = new DERSequence(vec); RDN rdn = new RDN(id, atvValue); list.add(rdn); } } // DN_UNIQUE_IDENTIFIER id = ObjectIdentifiers.DN_UNIQUE_IDENTIFIER; RDN[] rdns = name.getRDNs(id); if (rdns == null || rdns.length == 0) { DERUTF8String atvValue = new DERUTF8String("abc-def-ghi"); RDN rdn = new RDN(id, atvValue); list.add(rdn); } return new X500Name(list.toArray(new RDN[0])); }
From source file:org.xipki.commons.security.shell.p12.P12ComplexCertRequestGenCmd.java
License:Open Source License
private static GeneralNames createComplexGeneralNames(String prefix) { List<GeneralName> list = new LinkedList<>(); // otherName/*w ww .ja v a2s .co m*/ ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(new ASN1ObjectIdentifier("1.2.3.1")); vec.add(new DERTaggedObject(true, 0, new DERUTF8String(prefix + "I am otherName 1.2.3.1"))); list.add(new GeneralName(GeneralName.otherName, new DERSequence(vec))); vec = new ASN1EncodableVector(); vec.add(new ASN1ObjectIdentifier("1.2.3.2")); vec.add(new DERTaggedObject(true, 0, new DERUTF8String(prefix + "I am otherName 1.2.3.2"))); list.add(new GeneralName(GeneralName.otherName, new DERSequence(vec))); // rfc822Name list.add(new GeneralName(GeneralName.rfc822Name, prefix + "info@example.org")); // dNSName list.add(new GeneralName(GeneralName.dNSName, prefix + "dns.example.org")); // directoryName list.add(new GeneralName(GeneralName.directoryName, new X500Name("CN=demo,C=DE"))); // ediPartyName vec = new ASN1EncodableVector(); vec.add(new DERTaggedObject(false, 0, new DirectoryString(prefix + "assigner1"))); vec.add(new DERTaggedObject(false, 1, new DirectoryString(prefix + "party1"))); list.add(new GeneralName(GeneralName.ediPartyName, new DERSequence(vec))); // uniformResourceIdentifier list.add(new GeneralName(GeneralName.uniformResourceIdentifier, prefix + "uri.example.org")); // iPAddress list.add(new GeneralName(GeneralName.iPAddress, "69.1.2.190")); // registeredID list.add(new GeneralName(GeneralName.registeredID, "2.3.4.5")); return new GeneralNames(list.toArray(new GeneralName[0])); }
From source file:org.xipki.commons.security.util.X509Util.java
License:Open Source License
public static X500Name reverse(final X500Name name) { ParamUtil.requireNonNull("name", name); RDN[] orig = name.getRDNs();/*from w ww . j av a2s . c o m*/ final int n = orig.length; RDN[] newRdn = new RDN[n]; for (int i = 0; i < n; i++) { newRdn[i] = orig[n - 1 - i]; } return new X500Name(newRdn); }
From source file:org.xipki.commons.security.util.X509Util.java
License:Open Source License
/** * * @param taggedValue [tag]value, and the value for tags otherName and ediPartyName is * type=value.// ww w .j a v a 2 s. co m */ public static GeneralName createGeneralName(final String taggedValue) throws BadInputException { ParamUtil.requireNonBlank("taggedValue", taggedValue); int tag = -1; String value = null; if (taggedValue.charAt(0) == '[') { int idx = taggedValue.indexOf(']', 1); if (idx > 1 && idx < taggedValue.length() - 1) { String tagS = taggedValue.substring(1, idx); try { tag = Integer.parseInt(tagS); value = taggedValue.substring(idx + 1); } catch (NumberFormatException ex) { throw new BadInputException("invalid tag '" + tagS + "'"); } } } if (tag == -1) { throw new BadInputException("invalid taggedValue " + taggedValue); } switch (tag) { case GeneralName.otherName: if (value == null) { throw new BadInputException("invalid otherName: no value specified"); } int idxSep = value.indexOf("="); if (idxSep == -1 || idxSep == 0 || idxSep == value.length() - 1) { throw new BadInputException("invalid otherName " + value); } String otherTypeOid = value.substring(0, idxSep); ASN1ObjectIdentifier type = new ASN1ObjectIdentifier(otherTypeOid); String otherValue = value.substring(idxSep + 1); ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(type); vector.add(new DERTaggedObject(true, 0, new DERUTF8String(otherValue))); DERSequence seq = new DERSequence(vector); return new GeneralName(GeneralName.otherName, seq); case GeneralName.rfc822Name: return new GeneralName(tag, value); case GeneralName.dNSName: return new GeneralName(tag, value); case GeneralName.directoryName: X500Name x500Name = reverse(new X500Name(value)); return new GeneralName(GeneralName.directoryName, x500Name); case GeneralName.ediPartyName: if (value == null) { throw new BadInputException("invalid ediPartyName: no value specified"); } idxSep = value.indexOf("="); if (idxSep == -1 || idxSep == value.length() - 1) { throw new BadInputException("invalid ediPartyName " + value); } String nameAssigner = (idxSep == 0) ? null : value.substring(0, idxSep); String partyName = value.substring(idxSep + 1); vector = new ASN1EncodableVector(); if (nameAssigner != null) { vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner))); } vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName))); seq = new DERSequence(vector); return new GeneralName(GeneralName.ediPartyName, seq); case GeneralName.uniformResourceIdentifier: return new GeneralName(tag, value); case GeneralName.iPAddress: return new GeneralName(tag, value); case GeneralName.registeredID: return new GeneralName(tag, value); default: throw new RuntimeException("unsupported tag " + tag); } // end switch (tag) }