List of usage examples for org.bouncycastle.asn1.x509 Certificate getSubject
public X500Name getSubject()
From source file:com.bitbreeds.webrtc.dtls.WebrtcDtlsServer.java
License:Open Source License
public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) throws IOException { Certificate[] chain = clientCertificate.getCertificateList(); logger.info("DTLS server received client certificate chain of length " + chain.length); for (int i = 0; i != chain.length; i++) { Certificate entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest logger.info("fingerprint:SHA-256 {} ( {} )", entry.getSignature().toString(), entry.getSubject()); }// w w w .j a v a2 s.c om }
From source file:jazmin.server.relay.udp.webrtc.DtlsSrtpServer.java
License:Open Source License
public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) throws IOException { Certificate[] chain = clientCertificate.getCertificateList(); LOGGER.info(String.format("Received client certificate chain of length %d", chain.length)); for (int i = 0; i != chain.length; i++) { Certificate entry = chain[i]; String clientFingerPrint = TlsUtils.fingerprint(false, this.hashFunction, entry); dtlsHandler.setRemoteFingerprint("sha256", clientFingerPrint); LOGGER.info(String.format("WebRTC Client certificate fingerprint:%s (%s)", clientFingerPrint, entry.getSubject())); }/* www.jav a 2 s .c o m*/ }
From source file:net.wstech2.me.httpsclient.CertificateValidatorUtils.java
License:Apache License
/** * //ww w . ja v a 2 s .co m * Prints common certificate informations like signature, signature * algorithm, subject and issuer details, etc. * * @param cert * The X509CertificateStructure containing the information that * will be printed. * */ public static void printCertificateDetails(org.bouncycastle.asn1.x509.Certificate cert) { HttpsConnectionUtils.logDebug( "BEGIN CERTIFICATE DUMP FOR:[[" + CertificateValidatorUtils.extractCommonName(cert, true) + "]]"); HttpsConnectionUtils.logDebug("Certificate Signature:[[" + cert.getSignature().toString() + "]]"); HttpsConnectionUtils.logDebug( "Certificate Signature Algorithm OID:[[" + cert.getSignatureAlgorithm().getAlgorithm() + "]]"); HttpsConnectionUtils.logDebug("Certificate Subject Info:[[" + cert.getSubject().toString() + "]]"); HttpsConnectionUtils .logDebug("Certificate Subject common name (CN):[[" + extractCommonName(cert, false) + "]]"); HttpsConnectionUtils .logDebug("Certificate Subject short common name (CN):[[" + extractCommonName(cert, true) + "]]"); HttpsConnectionUtils.logDebug("Certificate Issuer Info:[[" + cert.getIssuer() + "]]"); HttpsConnectionUtils.logDebug("Certificate Start Date:[[" + cert.getStartDate().getTime() + "]]"); HttpsConnectionUtils.logDebug("Certificate End Date:[[" + cert.getEndDate().getTime() + "]]"); HttpsConnectionUtils.logDebug("Certificate ASN.1 Dump:[[" + ASN1Dump.dumpAsString(cert, true) + "]]"); HttpsConnectionUtils.logDebug( "END CERTIFICATE DUMP FOR:[[" + CertificateValidatorUtils.extractCommonName(cert, true) + "]]"); }
From source file:net.wstech2.me.httpsclient.CertificateValidatorUtils.java
License:Apache License
/** * Extracts and returns a java.lang.String corresponding to the common name * of the subject from the certificate cert. * /*from w w w . j a v a 2 s . co m*/ * @param cert * The certificate from which the subject's common name is to be * extracted. * * @return A string corresponding to the certificate subject's common name. */ public static String extractCommonName(org.bouncycastle.asn1.x509.Certificate cert, boolean shortCN) { if (shortCN) { RDN[] values = cert.getSubject().getRDNs(BCStyle.CN); if (values == null || values.length == 0) return null; return HttpsConnectionUtils.replace(values[0].getFirst().getValue().toString(), "\\,", ","); } else { return HttpsConnectionUtils.replace(cert.getSubject().toString(), "\\,", ","); } }
From source file:org.codice.ddf.security.ocsp.checker.OcspCheckerTest.java
License:Open Source License
@Test public void testConvertingX509CertificatesToBcCertificates() throws Exception { OcspChecker ocspChecker = new OcspChecker(factory, eventAdmin); Certificate certificate = ocspChecker.convertToBouncyCastleCert(trustedCertX509); assertThat(certificate, is(notNullValue())); assertThat(trustedCertX509.getSerialNumber(), equalTo(certificate.getSerialNumber().getValue())); assertThat(trustedCertX509.getNotAfter(), equalTo(certificate.getEndDate().getDate())); assertThat(trustedCertX509.getNotBefore(), equalTo(certificate.getStartDate().getDate())); X500Principal subjectX500Principal = trustedCertX509.getSubjectX500Principal(); X500Name x500name = new X500Name(subjectX500Principal.getName(X500Principal.RFC1779)); assertThat(x500name, equalTo(certificate.getSubject())); }
From source file:org.jruby.ext.openssl.OCSPRequest.java
License:Common Public License
private java.security.cert.Certificate findCertByName(ASN1Encodable genX500Name, IRubyObject certificates, int flags) throws CertificateException, IOException { Ruby runtime = getRuntime();// w w w . j ava 2s . c o m if ((flags & RubyFixnum.fix2int(_OCSP(runtime).getConstant(OCSP_NOINTERN))) == 0) { ASN1Sequence certs = asn1bcReq.getOptionalSignature().getCerts(); if (certs != null) { Iterator<ASN1Encodable> it = certs.iterator(); while (it.hasNext()) { Certificate cert = Certificate.getInstance(it.next()); if (genX500Name.equals(cert.getSubject())) return new X509AuxCertificate(cert); } } } @SuppressWarnings("unchecked") List<X509Certificate> certList = (RubyArray) certificates; for (X509Certificate cert : certList) { if (genX500Name.equals(X500Name.getInstance(cert.getSubjectX500Principal().getEncoded()))) return new X509AuxCertificate(cert); } return null; }
From source file:org.mobicents.media.server.impl.rtp.crypto.DtlsSrtpServer.java
License:Open Source License
public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) throws IOException { Certificate[] chain = clientCertificate.getCertificateList(); LOGGER.info(String.format("Received client certificate chain of length %d", chain.length)); for (int i = 0; i != chain.length; i++) { Certificate entry = chain[i]; LOGGER.info(String.format("WebRTC Client certificate fingerprint:%s (%s)", TlsUtils.fingerprint(this.hashFunction, entry), entry.getSubject())); }//w w w. j av a 2 s . co m }
From source file:org.opendaylight.capwap.dtls.DtlsClient.java
License:Open Source License
public TlsAuthentication getAuthentication() throws IOException { return new TlsAuthentication() { public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate) throws IOException { Certificate[] chain = serverCertificate.getCertificateList(); log.trace("Received server certificate chain of length " + chain.length); for (int i = 0; i != chain.length; i++) { Certificate entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest //log.trace(" fingerprint:SHA-256 " + org.opendaylight.capwap.dtls.DtlsUtils.fingerprint(entry) + " (" + entry.getSubject() log.trace(" fingerprint:SHA-256 " + DtlsUtils.fingerprint(entry) + " (" + entry.getSubject() + ")"); }//from w w w.j a v a 2 s . c om } public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException { short[] certificateTypes = certificateRequest.getCertificateTypes(); if (certificateTypes == null || !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign)) { return null; } SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; Vector<?> sigAlgs = certificateRequest.getSupportedSignatureAlgorithms(); if (sigAlgs != null) { for (int i = 0; i < sigAlgs.size(); ++i) { SignatureAndHashAlgorithm sigAlg = (SignatureAndHashAlgorithm) sigAlgs.elementAt(i); if (sigAlg.getSignature() == SignatureAlgorithm.rsa) { signatureAndHashAlgorithm = sigAlg; break; } } if (signatureAndHashAlgorithm == null) { return null; } } return DtlsUtils.loadSignerCredentials(context, new String[] { cert.getAbsolutePath(), root.getAbsolutePath() }, key.getAbsolutePath(), signatureAndHashAlgorithm); } }; }
From source file:org.opendaylight.capwap.dtls.DtlsServer.java
License:Open Source License
public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate) throws IOException { Certificate[] chain = clientCertificate.getCertificateList(); log.trace("Received client certificate chain of length " + chain.length); for (int i = 0; i != chain.length; i++) { Certificate entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest //log.trace(" fingerprint:SHA-256 " + org.opendaylight.capwap.dtls.DtlsUtils.fingerprint(entry) + " (" + entry.getSubject() + ")"); log.trace(" fingerprint:SHA-256 " + DtlsUtils.fingerprint(entry) + " (" + entry.getSubject() + ")"); }//from w w w. j a v a2 s . c o m }
From source file:org.opendaylight.usc.crypto.dtls.DtlsClient.java
License:Open Source License
public TlsAuthentication getAuthentication() throws IOException { return new TlsAuthentication() { public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate) throws IOException { Certificate[] chain = serverCertificate.getCertificateList(); log.trace("Received server certificate chain of length " + chain.length); for (int i = 0; i != chain.length; i++) { Certificate entry = chain[i]; // TODO Create fingerprint based on certificate signature algorithm digest log.trace(" fingerprint:SHA-256 " + DtlsUtils.fingerprint(entry) + " (" + entry.getSubject() + ")"); }// w w w. j av a 2 s. co m } public TlsCredentials getClientCredentials(CertificateRequest certificateRequest) throws IOException { short[] certificateTypes = certificateRequest.getCertificateTypes(); if (certificateTypes == null || !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign)) { return null; } SignatureAndHashAlgorithm signatureAndHashAlgorithm = null; Vector<?> sigAlgs = certificateRequest.getSupportedSignatureAlgorithms(); if (sigAlgs != null) { for (int i = 0; i < sigAlgs.size(); ++i) { SignatureAndHashAlgorithm sigAlg = (SignatureAndHashAlgorithm) sigAlgs.elementAt(i); if (sigAlg.getSignature() == SignatureAlgorithm.rsa) { signatureAndHashAlgorithm = sigAlg; break; } } if (signatureAndHashAlgorithm == null) { return null; } } return DtlsUtils.loadSignerCredentials(context, new String[] { cert.getAbsolutePath(), root.getAbsolutePath() }, key.getAbsolutePath(), signatureAndHashAlgorithm); } }; }