Example usage for org.bouncycastle.asn1.x509 GeneralName directoryName

List of usage examples for org.bouncycastle.asn1.x509 GeneralName directoryName

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.x509.*
  5. GeneralName
  6. directoryName

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 GeneralName directoryName.

Prototype

int directoryName

To view the source code for org.bouncycastle.asn1.x509 GeneralName directoryName.

Click Source Link

Usage

From source file:mitm.common.security.certificate.X509ExtensionInspectorTest.java

License:Open Source License

@Test
public void testAuthoritykeyIdentifier() throws Exception {
    X509Certificate certificate = TestUtils
            .loadCertificate("test/resources/testdata/certificates/" + "mitm-test-ca.cer");

    AuthorityKeyIdentifier authorityKeyIdentifier = X509CertificateInspector
            .getAuthorityKeyIdentifier(certificate);

    assertNotNull(authorityKeyIdentifier);
    assertEquals(1, authorityKeyIdentifier.getAuthorityCertIssuer().getNames().length);

    GeneralName name = authorityKeyIdentifier.getAuthorityCertIssuer().getNames()[0];
    assertEquals(GeneralName.directoryName, name.getTagNo());
    assertEquals("C=NL,ST=NH,L=Amsterdam,CN=MITM Test Root,E=root@example.com",
            X500Name.getInstance(name.getName()).toString());
    assertEquals("115FCAC409FB2022B7D06920A00FE42",
            BigIntegerUtils.hexEncode(authorityKeyIdentifier.getAuthorityCertSerialNumber()));

    // another cert
    certificate = TestUtils.loadCertificate("test/resources/testdata/certificates/" + "ldap-crl.cer");

    authorityKeyIdentifier = X509CertificateInspector.getAuthorityKeyIdentifier(certificate);

    assertNotNull(authorityKeyIdentifier);
    assertEquals("37509F5DEF72162D12C7D46C408B1F65F550A8F9",
            HexUtils.hexEncode(authorityKeyIdentifier.getKeyIdentifier()));
}

From source file:mitm.common.security.crl.PKIXRevocationChecker.java

License:Open Source License

private boolean hasMatchingName(X500Name name, GeneralName[] generalNames) {
    if (name == null || generalNames == null) {
        return false;
    }//from w  w  w.ja  v  a  2s  .  com

    for (GeneralName generalName : generalNames) {
        /* 
         * we only need to compare directoryNames
         */
        if (generalName.getTagNo() == GeneralName.directoryName) {
            if (name.equals(X500Name.getInstance(generalName.getName()))) {
                return true;
            }
        }
    }

    return false;
}

From source file:net.sf.keystore_explorer.crypto.x509.GeneralNameUtil.java

License:Open Source License

/**
 * Get string representation for General names that cannot cause a
 * IOException to be thrown. Unsupported are ediPartyName, otherName and
 * x400Address. Returns a blank string for these.
 *
 * @param generalName/*from   w w  w .ja  v a2 s . c o  m*/
 *            General name
 * @param addLinkForURI
 *            If true, convert URI to a clickable link
 * @return String representation of general name
 */
public static String safeToString(GeneralName generalName, boolean addLinkForURI) {

    if (generalName == null) {
        return "";
    }

    switch (generalName.getTagNo()) {
    case GeneralName.directoryName: {
        X500Name directoryName = (X500Name) generalName.getName();

        return MessageFormat.format(res.getString("GeneralNameUtil.DirectoryGeneralName"),
                directoryName.toString());
    }
    case GeneralName.dNSName: {
        DERIA5String dnsName = (DERIA5String) generalName.getName();

        return MessageFormat.format(res.getString("GeneralNameUtil.DnsGeneralName"), dnsName.getString());
    }
    case GeneralName.iPAddress: {
        byte[] ipAddressBytes = ((ASN1OctetString) generalName.getName()).getOctets();

        String ipAddressString = "";
        try {
            ipAddressString = InetAddress.getByAddress(ipAddressBytes).getHostAddress();
        } catch (UnknownHostException e) {
            // ignore -> results in empty IP address string
        }

        return MessageFormat.format(res.getString("GeneralNameUtil.IpAddressGeneralName"), ipAddressString);
    }
    case GeneralName.registeredID: {
        ASN1ObjectIdentifier registeredId = (ASN1ObjectIdentifier) generalName.getName();

        return MessageFormat.format(res.getString("GeneralNameUtil.RegisteredIdGeneralName"),
                ObjectIdUtil.toString(registeredId));
    }
    case GeneralName.rfc822Name: {
        DERIA5String rfc822Name = (DERIA5String) generalName.getName();

        return MessageFormat.format(res.getString("GeneralNameUtil.Rfc822GeneralName"), rfc822Name.getString());
    }
    case GeneralName.uniformResourceIdentifier: {
        DERIA5String uri = (DERIA5String) generalName.getName();

        String link = addLinkForURI
                ? "<html><a href=\"" + uri.getString() + "\">" + uri.getString() + "</a></html>"
                : uri.getString();

        return MessageFormat.format(res.getString("GeneralNameUtil.UriGeneralName"), link);
    }
    case GeneralName.otherName: {
        // we currently only support UPN in otherName
        String upn = parseUPN(generalName);
        return MessageFormat.format(res.getString("GeneralNameUtil.OtherGeneralName"), "UPN", upn);
    }
    default: {
        return "";
    }
    }
}

From source file:net.sf.keystore_explorer.gui.crypto.generalname.DGeneralNameChooser.java

License:Open Source License

private void populate(GeneralName generalName) {
    if (generalName == null) {
        jrbDirectoryName.setSelected(true);
    } else {/*from   w w  w .j a  v a2 s  . c o  m*/
        switch (generalName.getTagNo()) {
        case GeneralName.directoryName: {
            jrbDirectoryName.setSelected(true);
            jdnDirectoryName.setDistinguishedName((X500Name) generalName.getName());
            break;
        }
        case GeneralName.dNSName: {
            jrbDnsName.setSelected(true);
            jtfDnsName.setText(((DERIA5String) generalName.getName()).getString());
            break;
        }
        case GeneralName.iPAddress: {
            jrbIpAddress.setSelected(true);
            byte[] ipAddressBytes = ((ASN1OctetString) generalName.getName()).getOctets();
            try {
                jtfIpAddress.setText(InetAddress.getByAddress(ipAddressBytes).getHostAddress());
            } catch (UnknownHostException e) {
                // cannot happen here because user input was checked for validity
            }
            break;
        }
        case GeneralName.registeredID: {
            jrbRegisteredId.setSelected(true);
            joiRegisteredId.setObjectId((ASN1ObjectIdentifier) generalName.getName());
            break;
        }
        case GeneralName.rfc822Name: {
            jrbRfc822Name.setSelected(true);
            jtfRfc822Name.setText(((DERIA5String) generalName.getName()).getString());
            break;
        }
        case GeneralName.uniformResourceIdentifier: {
            jrbUniformResourceIdentifier.setSelected(true);
            jtfUniformResourceIdentifier.setText(((DERIA5String) generalName.getName()).getString());
            break;
        }
        case GeneralName.otherName: {
            jrbPrincipalName.setSelected(true);
            // we currently only support UPN in otherName
            jtfPrincipalName.setText(GeneralNameUtil.parseUPN(generalName));
            break;
        }
        }
    }
}

From source file:net.sf.keystore_explorer.gui.crypto.generalname.DGeneralNameChooser.java

License:Open Source License

private void okPressed() {
    try {// ww w  .j a v a 2 s  .  co  m
        GeneralName newGeneralName = null;

        if (jrbDirectoryName.isSelected()) {
            X500Name directoryName = jdnDirectoryName.getDistinguishedName();

            if (directoryName == null) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.DirectoryNameValueReq.message"), getTitle(),
                        JOptionPane.WARNING_MESSAGE);
                return;
            }

            newGeneralName = new GeneralName(GeneralName.directoryName, directoryName);
        } else if (jrbDnsName.isSelected()) {
            String dnsName = jtfDnsName.getText().trim();

            if (dnsName.length() == 0) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.DnsNameValueReq.message"), getTitle(),
                        JOptionPane.WARNING_MESSAGE);
                return;
            }

            newGeneralName = new GeneralName(GeneralName.dNSName, new DERIA5String(dnsName));
        } else if (jrbIpAddress.isSelected()) {

            String ipAddress = jtfIpAddress.getText().trim();

            if (ipAddress.length() == 0) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.IpAddressValueReq.message"), getTitle(),
                        JOptionPane.WARNING_MESSAGE);
                return;
            }

            if (!IPAddress.isValid(ipAddress)) {
                JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.NotAValidIP.message"),
                        getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }

            newGeneralName = new GeneralName(GeneralName.iPAddress, ipAddress);
        } else if (jrbRegisteredId.isSelected()) {
            ASN1ObjectIdentifier registeredId = joiRegisteredId.getObjectId();

            if (registeredId == null) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.RegisteredIdValueReq.message"), getTitle(),
                        JOptionPane.WARNING_MESSAGE);
                return;
            }

            newGeneralName = new GeneralName(GeneralName.registeredID, registeredId);
        } else if (jrbRfc822Name.isSelected()) {
            String rfc822Name = jtfRfc822Name.getText().trim();

            if (rfc822Name.length() == 0) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.Rfc822NameValueReq.message"), getTitle(),
                        JOptionPane.WARNING_MESSAGE);
                return;
            }

            newGeneralName = new GeneralName(GeneralName.rfc822Name, new DERIA5String(rfc822Name));
        } else if (jrbUniformResourceIdentifier.isSelected()) {
            String uniformResourceIdentifier = jtfUniformResourceIdentifier.getText().trim();

            if (uniformResourceIdentifier.length() == 0) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.UniformResourceIdentifierValueReq.message"),
                        getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }

            newGeneralName = new GeneralName(GeneralName.uniformResourceIdentifier,
                    new DERIA5String(uniformResourceIdentifier));
        } else if (jrbPrincipalName.isSelected()) {
            String upnString = jtfPrincipalName.getText().trim();

            if (upnString.length() == 0) {
                JOptionPane.showMessageDialog(this,
                        res.getString("DGeneralNameChooser.PrincipalNameValueReq.message"), getTitle(),
                        JOptionPane.WARNING_MESSAGE);
                return;
            }

            ASN1EncodableVector asn1Vector = new ASN1EncodableVector();
            asn1Vector.add(new ASN1ObjectIdentifier(GeneralNameUtil.UPN_OID));
            asn1Vector.add(new DERTaggedObject(true, 0, new DERUTF8String(upnString)));

            newGeneralName = new GeneralName(GeneralName.otherName, new DERSequence(asn1Vector));
        }

        generalName = newGeneralName;
    } catch (Exception ex) {
        DError dError = new DError(this, ex);
        dError.setLocationRelativeTo(this);
        dError.setVisible(true);
        return;
    }

    closeDialog();
}

From source file:net.sf.keystore_explorer.gui.dialogs.extensions.DAuthorityKeyIdentifier.java

License:Open Source License

@SuppressWarnings("unchecked")
private void prepopulateWithAuthorityCertDetails(X500Name authorityCertName,
        BigInteger authorityCertSerialNumber) {
    if (authorityCertName != null) {
        try {//  ww  w. j  a  va  2s .  c  o  m
            GeneralName generalName = new GeneralName(GeneralName.directoryName, authorityCertName);
            GeneralNames generalNames = new GeneralNames(generalName);

            jgnAuthorityCertIssuer.setGeneralNames(generalNames);
        } catch (Exception ex) {
            DError dError = new DError(this, ex);
            dError.setLocationRelativeTo(this);
            dError.setVisible(true);
            return;
        }
    }

    if (authorityCertSerialNumber != null) {
        jtfAuthorityCertSerialNumber.setText("" + authorityCertSerialNumber.toString());
        jtfAuthorityCertSerialNumber.setCaretPosition(0);
    }
}

From source file:net.sf.portecle.crypto.X509Ext.java

License:Open Source License

/**
 * Get the supplied general name as a string ([general name type]=[general name]).
 * //ww w .j a  v a2  s  . co  m
 * <pre>
 * GeneralName ::= CHOICE {
 *     otherName                       [0]     OtherName,
 *     rfc822Name                      [1]     IA5String, x
 *     dNSName                         [2]     IA5String, x
 *     x400Address                     [3]     ORAddress,
 *     directoryName                   [4]     Name, x
 *     ediPartyName                    [5]     EDIPartyName,
 *     uniformResourceIdentifier       [6]     IA5String, x
 *     iPAddress                       [7]     OCTET STRING, x
 *     registeredID                    [8]     OBJECT IDENTIFIER x }
 * OtherName ::= SEQUENCE {
 *     type-id    OBJECT IDENTIFIER,
 *     value      [0] EXPLICIT ANY DEFINED BY type-id }
 * EDIPartyName ::= SEQUENCE {
 *     nameAssigner            [0]     DirectoryString OPTIONAL,
 *     partyName               [1]     DirectoryString }
 * DirectoryString ::= CHOICE {
 *     teletexString           TeletexString (SIZE (1..maxSize),
 *     printableString         PrintableString (SIZE (1..maxSize)),
 *     universalString         UniversalString (SIZE (1..maxSize)),
 *     utf8String              UTF8String (SIZE (1.. MAX)),
 *     bmpString               BMPString (SIZE(1..maxSIZE)) }
 * </pre>
 * 
 * @param generalName The general name
 * @return General name string
 * @throws IOException
 */
private String getGeneralNameString(GeneralName generalName, LinkClass linkClass) throws IOException {
    StringBuilder strBuff = new StringBuilder();
    int tagNo = generalName.getTagNo();

    switch (tagNo) {
    case GeneralName.otherName:
        ASN1Sequence other = (ASN1Sequence) generalName.getName();
        String sOid = ((ASN1ObjectIdentifier) other.getObjectAt(0)).getId();
        String sVal = stringify(other.getObjectAt(1));
        try {
            strBuff.append(RB.getString(sOid));
        } catch (MissingResourceException e) {
            strBuff.append(MessageFormat.format(RB.getString("GeneralName." + tagNo), sOid));
        }
        strBuff.append(": ");
        strBuff.append(sVal);
        break;

    case GeneralName.rfc822Name:
        String sRfc822 = generalName.getName().toString();
        String urlEnc = URLEncoder.encode(sRfc822, "UTF-8");
        strBuff.append(RB.getString("GeneralName." + tagNo));
        strBuff.append(": ");
        strBuff.append(getLink("mailto:" + urlEnc, escapeHtml(sRfc822), null));
        break;

    case GeneralName.dNSName:
    case GeneralName.registeredID:
    case GeneralName.x400Address: // TODO: verify formatting
    case GeneralName.ediPartyName: // TODO: verify formatting
        strBuff.append(RB.getString("GeneralName." + tagNo));
        strBuff.append(": ");
        strBuff.append(escapeHtml(generalName.getName()));
        break;

    case GeneralName.directoryName:
        ASN1Encodable name = generalName.getName();
        strBuff.append(RB.getString("GeneralName." + tagNo));
        strBuff.append(": ");
        // TODO: make E=foo@bar.com mail links
        strBuff.append(escapeHtml(name));
        break;

    case GeneralName.uniformResourceIdentifier:
        String sUri = generalName.getName().toString();
        strBuff.append(RB.getString("GeneralName." + tagNo));
        strBuff.append(": ");
        strBuff.append(getLink(sUri, escapeHtml(sUri), linkClass));
        break;

    case GeneralName.iPAddress:
        ASN1OctetString ipAddress = (ASN1OctetString) generalName.getName();

        byte[] bIpAddress = ipAddress.getOctets();

        // Output the IP Address components one at a time separated by dots
        StringBuilder sbIpAddress = new StringBuilder();

        for (int iCnt = 0, bl = bIpAddress.length; iCnt < bl; iCnt++) {
            // Convert from (possibly negative) byte to positive int
            sbIpAddress.append(bIpAddress[iCnt] & 0xFF);
            if ((iCnt + 1) < bIpAddress.length) {
                sbIpAddress.append('.');
            }
        }

        strBuff.append(RB.getString("GeneralName." + tagNo));
        strBuff.append(": ");
        strBuff.append(escapeHtml(sbIpAddress));
        break;

    default: // Unsupported general name type
        strBuff.append(
                MessageFormat.format(RB.getString("UnrecognizedGeneralNameType"), generalName.getTagNo()));
        strBuff.append(": ");
        strBuff.append(escapeHtml(generalName.getName()));
        break;
    }

    return strBuff.toString();
}

From source file:net.solarnetwork.node.setup.test.PKITestUtils.java

License:Open Source License

public static X509Certificate generateNewCACert(PublicKey publicKey, String subject, X509Certificate issuer,
        PrivateKey issuerKey, String caDN) throws Exception {
    final X500Name issuerDn = (issuer == null ? new X500Name(subject) : JcaX500NameUtil.getSubject(issuer));
    final X500Name subjectDn = new X500Name(subject);
    final BigInteger serial = getNextSerialNumber();
    final Date notBefore = new Date();
    final Date notAfter = new Date(System.currentTimeMillis() + 1000L * 60L * 60L);
    JcaX509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerDn, serial, notBefore, notAfter,
            subjectDn, publicKey);//w  ww  . j a va 2  s .  co  m

    // add "CA" extension
    BasicConstraints basicConstraints;
    if (issuer == null) {
        basicConstraints = new BasicConstraints(true);
    } else {
        int issuerPathLength = issuer.getBasicConstraints();
        basicConstraints = new BasicConstraints(issuerPathLength - 1);
    }
    builder.addExtension(X509Extension.basicConstraints, true, basicConstraints);

    // add subjectKeyIdentifier
    JcaX509ExtensionUtils utils = new JcaX509ExtensionUtils();
    SubjectKeyIdentifier ski = utils.createSubjectKeyIdentifier(publicKey);
    builder.addExtension(X509Extension.subjectKeyIdentifier, false, ski);

    // add authorityKeyIdentifier
    GeneralNames issuerName = new GeneralNames(new GeneralName(GeneralName.directoryName, caDN));
    AuthorityKeyIdentifier aki = utils.createAuthorityKeyIdentifier(publicKey);
    aki = new AuthorityKeyIdentifier(aki.getKeyIdentifier(), issuerName, serial);
    builder.addExtension(X509Extension.authorityKeyIdentifier, false, aki);

    // add keyUsage
    X509KeyUsage keyUsage = new X509KeyUsage(X509KeyUsage.cRLSign | X509KeyUsage.digitalSignature
            | X509KeyUsage.keyCertSign | X509KeyUsage.nonRepudiation);
    builder.addExtension(X509Extension.keyUsage, true, keyUsage);

    JcaContentSignerBuilder signerBuilder = new JcaContentSignerBuilder("SHA256WithRSA");
    ContentSigner signer = signerBuilder.build(issuerKey);

    X509CertificateHolder holder = builder.build(signer);
    JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
    return converter.getCertificate(holder);
}

From source file:org.cesecore.certificates.certificate.certextensions.standard.NameConstraint.java

License:Open Source License

/**
 * Converts a list of encoded strings of Name Constraints into ASN1 GeneralSubtree objects.
 * This is needed when creating an BouncyCastle ASN1 NameConstraint object for inclusion
 * in a certificate.//ww  w  . j av a2 s  .c o m
 */
public static GeneralSubtree[] toGeneralSubtrees(List<String> list) {
    if (list == null) {
        return new GeneralSubtree[0];
    }

    GeneralSubtree[] ret = new GeneralSubtree[list.size()];
    int i = 0;
    for (String entry : list) {
        int type = getNameConstraintType(entry);
        Object data = getNameConstraintData(entry);
        GeneralName genname;
        switch (type) {
        case GeneralName.dNSName:
        case GeneralName.rfc822Name:
            genname = new GeneralName(type, (String) data);
            break;
        case GeneralName.directoryName:
            genname = new GeneralName(new X500Name(CeSecoreNameStyle.INSTANCE, (String) data));
            break;
        case GeneralName.iPAddress:
            genname = new GeneralName(type, new DEROctetString((byte[]) data));
            break;
        default:
            throw new UnsupportedOperationException(
                    "Encoding of name constraint type " + type + " is not implemented.");
        }
        ret[i++] = new GeneralSubtree(genname);
    }
    return ret;
}

From source file:org.cesecore.certificates.certificate.certextensions.standard.NameConstraint.java

License:Open Source License

/**
 * Returns the GeneralName type code for an encoded Name Constraint.
 *//*from w ww.ja  v  a2  s  . c o  m*/
private static int getNameConstraintType(String encoded) {
    String typeString = encoded.split(":", 2)[0];
    if ("iPAddress".equals(typeString))
        return GeneralName.iPAddress;
    if ("dNSName".equals(typeString))
        return GeneralName.dNSName;
    if ("directoryName".equals(typeString))
        return GeneralName.directoryName;
    if ("rfc822Name".equals(typeString))
        return GeneralName.rfc822Name;
    throw new UnsupportedOperationException("Unsupported name constraint type " + typeString);
}