Example usage for org.bouncycastle.asn1.x509 GeneralName dNSName

List of usage examples for org.bouncycastle.asn1.x509 GeneralName dNSName

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.x509.*
  5. GeneralName
  6. dNSName

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 GeneralName dNSName.

Prototype

int dNSName

To view the source code for org.bouncycastle.asn1.x509 GeneralName dNSName.

Click Source Link

Usage

From source file:org.xipki.security.P10RequestGenerator.java

License:Open Source License

/**
 *
 * @param taggedValue [tag]value, and the value for tags otherName and ediPartyName is type=value.
 * @param modes//from w  w  w  . j  av  a 2s.  co  m
 * @return
 * @throws BadInputException
 */
public static GeneralName createGeneralName(final String taggedValue) throws BadInputException {
    int tag = -1;
    String value = null;
    if (taggedValue.charAt(0) == '[') {
        int idx = taggedValue.indexOf(']', 1);
        if (idx > 1 && idx < taggedValue.length() - 1) {
            String tagS = taggedValue.substring(1, idx);
            try {
                tag = Integer.parseInt(tagS);
                value = taggedValue.substring(idx + 1);
            } catch (NumberFormatException e) {
            }
        }
    }

    if (tag == -1) {
        throw new BadInputException("invalid taggedValue " + taggedValue);
    }

    switch (tag) {
    case GeneralName.otherName: {
        int idxSep = value.indexOf("=");
        if (idxSep == -1 || idxSep == 0 || idxSep == value.length() - 1) {
            throw new BadInputException("invalid otherName " + value);
        }
        String otherTypeOid = value.substring(0, idxSep);
        ASN1ObjectIdentifier type = new ASN1ObjectIdentifier(otherTypeOid);
        String otherValue = value.substring(idxSep + 1);
        ASN1EncodableVector vector = new ASN1EncodableVector();
        vector.add(type);
        vector.add(new DERTaggedObject(true, 0, new DERUTF8String(otherValue)));
        DERSequence seq = new DERSequence(vector);
        return new GeneralName(GeneralName.otherName, seq);
    }
    case GeneralName.rfc822Name:
        return new GeneralName(tag, value);
    case GeneralName.dNSName:
        return new GeneralName(tag, value);
    case GeneralName.directoryName: {
        X500Name x500Name = X509Util.reverse(new X500Name(value));
        return new GeneralName(GeneralName.directoryName, x500Name);
    }
    case GeneralName.ediPartyName: {
        int idxSep = value.indexOf("=");
        if (idxSep == -1 || idxSep == value.length() - 1) {
            throw new BadInputException("invalid ediPartyName " + value);
        }
        String nameAssigner = idxSep == 0 ? null : value.substring(0, idxSep);
        String partyName = value.substring(idxSep + 1);
        ASN1EncodableVector vector = new ASN1EncodableVector();
        if (nameAssigner != null) {
            vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner)));
        }
        vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName)));
        ASN1Sequence seq = new DERSequence(vector);
        return new GeneralName(GeneralName.ediPartyName, seq);
    }
    case GeneralName.uniformResourceIdentifier:
        return new GeneralName(tag, value);
    case GeneralName.iPAddress:
        return new GeneralName(tag, value);
    case GeneralName.registeredID:
        return new GeneralName(tag, value);
    default:
        throw new RuntimeException("unsupported tag " + tag);
    } // end switch(tag)
}

From source file:org.xwiki.crypto.pkix.internal.extension.BcExtensionUtils.java

License:Open Source License

/**
 * Convert general names from Bouncy Castle general names.
 *
 * @param genNames Bouncy castle general names.
 * @return a list of X.509 general names.
 *//* www .  j a va 2 s .co m*/
public static List<X509GeneralName> getX509GeneralNames(GeneralNames genNames) {
    if (genNames == null) {
        return null;
    }

    GeneralName[] names = genNames.getNames();
    List<X509GeneralName> x509names = new ArrayList<X509GeneralName>(names.length);

    for (GeneralName name : names) {
        switch (name.getTagNo()) {
        case GeneralName.rfc822Name:
            x509names.add(new X509Rfc822Name(name));
            break;
        case GeneralName.dNSName:
            x509names.add(new X509DnsName(name));
            break;
        case GeneralName.directoryName:
            x509names.add(new X509DirectoryName(name));
            break;
        case GeneralName.uniformResourceIdentifier:
            x509names.add(new X509URI(name));
            break;
        case GeneralName.iPAddress:
            x509names.add(new X509IpAddress(name));
            break;
        default:
            x509names.add(new X509GenericName(name));
            break;
        }
    }

    return x509names;
}

From source file:org.xwiki.crypto.pkix.params.x509certificate.extension.X509DnsName.java

License:Open Source License

/**
 * Create a new instance from a Bouncy Castle general name.
 *
 * @param name the Bouncy Castle general name.
 *//* w w w  . j  a  v a 2s .  c o m*/
public X509DnsName(GeneralName name) {
    if (name.getTagNo() != GeneralName.dNSName) {
        throw new IllegalArgumentException("Incompatible general name: " + name.getTagNo());
    }

    this.domain = DERIA5String.getInstance(name.getName()).getString();
}

From source file:org.xwiki.crypto.pkix.params.x509certificate.extension.X509DnsName.java

License:Open Source License

@Override
public GeneralName getGeneralName() {
    return new GeneralName(GeneralName.dNSName, this.domain);
}

From source file:uk.ac.cam.gpe21.droidssl.mitm.crypto.cert.CertificateGenerator.java

License:Apache License

public X509CertificateHolder generate(String cn, String[] sans) {
    try {//from  w w w  . j a v  a  2s  .  c om
        /* basic certificate structure */
        //serial = serial.add(BigInteger.ONE);
        // TODO: temporary workaround as reusing serial numbers makes Firefox complain
        serial = new BigInteger(Long.toString(System.currentTimeMillis()));

        Calendar notBefore = new GregorianCalendar(UTC);
        notBefore.add(Calendar.HOUR, -1);

        Calendar notAfter = new GregorianCalendar(UTC);
        notAfter.add(Calendar.HOUR, 24);

        X500Name subject = new X500NameBuilder().addRDN(BCStyle.CN, cn).build();

        BcX509ExtensionUtils utils = new BcX509ExtensionUtils();
        X509v3CertificateBuilder builder = new BcX509v3CertificateBuilder(ca.getCertificate(), serial,
                notBefore.getTime(), notAfter.getTime(), subject, keyPair.getPublic());

        /* subjectAlernativeName extension */
        if (sans.length > 0) {
            GeneralName[] names = new GeneralName[sans.length];
            for (int i = 0; i < names.length; i++) {
                names[i] = new GeneralName(GeneralName.dNSName, sans[i]);
            }
            builder.addExtension(Extension.subjectAlternativeName, false, new GeneralNames(names));
        }

        /* basicConstraints extension */
        builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(false));

        /* subjectKeyIdentifier extension */
        builder.addExtension(Extension.subjectKeyIdentifier, false,
                utils.createSubjectKeyIdentifier(keyPair.getPublic()));

        /* authorityKeyIdentifier extension */
        builder.addExtension(Extension.authorityKeyIdentifier, false,
                utils.createAuthorityKeyIdentifier(ca.getPublicKey()));

        /* keyUsage extension */
        int usage = KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.keyAgreement;
        builder.addExtension(Extension.keyUsage, true, new KeyUsage(usage));

        /* extendedKeyUsage extension */
        KeyPurposeId[] usages = { KeyPurposeId.id_kp_serverAuth };
        builder.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(usages));

        /* create the signer */
        AlgorithmIdentifier signatureAlgorithm = new DefaultSignatureAlgorithmIdentifierFinder()
                .find("SHA1withRSA");
        AlgorithmIdentifier digestAlgorithm = new DefaultDigestAlgorithmIdentifierFinder()
                .find(signatureAlgorithm);
        ContentSigner signer = new BcRSAContentSignerBuilder(signatureAlgorithm, digestAlgorithm)
                .build(ca.getPrivateKey());

        /* build and sign the certificate */
        return builder.build(signer);
    } catch (IOException | OperatorCreationException ex) {
        throw new CertificateGenerationException(ex);
    }
}