List of usage examples for org.bouncycastle.asn1.x509 GeneralNames getEncoded
public byte[] getEncoded() throws IOException
From source file:gui.ExtensionsPopup.java
private void saveExtensions() { extensions.clearAll();/*from w ww . j ava 2s.c o m*/ if (basicConstraintsCheckBox.isSelected()) { extensions.extensions[0] = true; if (basicConstraintsCriticalCheckBox.isSelected()) { extensions.critical[0] = true; } if (basicConstraintsCACheckBox.isSelected()) { extensions.basicConstrCA = true; try { Integer.parseInt(depthOfCertificateChainTextField.getText()); } catch (NumberFormatException e) { JOptionPane.showMessageDialog(this, Errors.INVALID_NUMBER_FORMAT + " " + Errors.INVALID_DEPTH, "Error", JOptionPane.ERROR_MESSAGE); parentFrame.setStatus(Errors.INVALID_NUMBER_FORMAT + " " + Errors.INVALID_DEPTH, Errors.COLOR); return; } extensions.basicConstrDepthOfCertChain = depthOfCertificateChainTextField.getText(); } } if (keyUsageCheckBox.isSelected()) { extensions.extensions[1] = true; if (keyUsageCriticalCheckBox.isSelected()) { extensions.critical[1] = true; } if (digitalSignatureCheckBox.isSelected()) { extensions.keyUsage[0] = true; } if (nonRepudiationCheckBox.isSelected()) { extensions.keyUsage[1] = true; } if (keyEnciphermentCheckBox.isSelected()) { extensions.keyUsage[2] = true; } if (dataEnciphermentCheckBox.isSelected()) { extensions.keyUsage[3] = true; } if (keyAgreementCheckBox.isSelected()) { extensions.keyUsage[4] = true; } if (keyCertSignCheckBox.isSelected()) { extensions.keyUsage[5] = true; } if (cRLSignCheckBox.isSelected()) { extensions.keyUsage[6] = true; } if (encipherOnlyCheckBox.isSelected()) { extensions.keyUsage[7] = true; } if (decipherOnlyCheckBox.isSelected()) { extensions.keyUsage[8] = true; } } if (issuerAltNameCheckBox.isSelected()) { extensions.extensions[2] = true; if (issuerAltNameCriticalCheckBox.isSelected()) { extensions.critical[2] = true; } if (!"".equals(issuerAltNameTextArea.getText())) { GeneralNames generalNames = generalNamesBuilder.build(); try { extensions.issuerAltNames = new Extension(Extension.issuerAlternativeName, issuerAltNameCriticalCheckBox.isSelected(), generalNames.getEncoded()); } catch (IOException ex) { JOptionPane.showMessageDialog(this, Errors.EXTENSIONS_ERROR, "Error", JOptionPane.ERROR_MESSAGE); parentFrame.setStatus(Errors.EXTENSIONS_ERROR, Errors.COLOR); } } extensions.issuerAltNamesString = issuerAltNameTextArea.getText(); } }
From source file:org.cryptable.pki.communication.PKICMPMessagesTest.java
License:Open Source License
/** * Check the extensions in the certification request * * @throws OperatorCreationException/*from ww w .ja v a 2s . c o m*/ * @throws PKICMPMessageException * @throws CertificateEncodingException * @throws IOException * @throws CRMFException * @throws CMPException * @throws CMSException */ @Test public void testCertificationWithExtensions() throws OperatorCreationException, PKICMPMessageException, CertificateEncodingException, IOException, CRMFException, CMPException, CMSException, NoSuchFieldException, IllegalAccessException { String distinguishedName = pki.getTestUser1Cert().getSubjectX500Principal().getName(); KeyPair keyPair = new KeyPair(pki.getTestUser1Cert().getPublicKey(), pki.getTestUser1CertPrivateKey()); List<Extension> extensionList = new ArrayList<Extension>(); // KeyUsage extensionList.add(new Extension(X509Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.nonRepudiation).getEncoded())); // Extended keyUsage List<KeyPurposeId> keyPurposeIds = new ArrayList<KeyPurposeId>(); keyPurposeIds.add(KeyPurposeId.getInstance(KeyPurposeId.id_kp_clientAuth)); keyPurposeIds.add(KeyPurposeId.getInstance(KeyPurposeId.id_kp_emailProtection)); extensionList.add(new Extension(X509Extension.extendedKeyUsage, false, new ExtendedKeyUsage(keyPurposeIds.toArray(new KeyPurposeId[keyPurposeIds.size()])).getEncoded())); // Subject alternative names List<GeneralName> generalNames = new ArrayList<GeneralName>(); generalNames.add(new GeneralName(GeneralName.dNSName, "www1.cryptable.org")); generalNames.add(new GeneralName(GeneralName.dNSName, "www2.cryptable.org")); GeneralNames subjectAlternativeName = new GeneralNames( generalNames.toArray(new GeneralName[generalNames.size()])); extensionList.add( new Extension(X509Extension.subjectAlternativeName, false, subjectAlternativeName.getEncoded())); PKICMPMessages pkiMessages = new PKICMPMessages(); pkiMessages.setPkiKeyStore(pkiKeyStoreRA); pkiMessages.setExtensions(extensionList.toArray(new Extension[extensionList.size()])); byte[] result = pkiMessages.createCertificateMessageWithLocalKey(distinguishedName, keyPair); ASN1InputStream asn1InputStream = new ASN1InputStream(result); ASN1Primitive asn1Primitive = asn1InputStream.readObject(); PKIMessage pkiMessage = PKIMessage.getInstance(asn1Primitive); CertReqMsg[] certReqMsgs = CertReqMessages.getInstance(pkiMessage.getBody().getContent()) .toCertReqMsgArray(); // KeyUsage KeyUsage verifyKeyUsage = KeyUsage.getInstance(certReqMsgs[0].getCertReq().getCertTemplate().getExtensions() .getExtensionParsedValue(Extension.keyUsage)); Assert.assertEquals(KeyUsage.digitalSignature | KeyUsage.nonRepudiation, verifyKeyUsage.getBytes()[0] & 0xFF); // Extended KeyUsage ExtendedKeyUsage verifyExtendedKeyUsage = ExtendedKeyUsage .fromExtensions(certReqMsgs[0].getCertReq().getCertTemplate().getExtensions()); Assert.assertTrue(verifyExtendedKeyUsage.hasKeyPurposeId(KeyPurposeId.id_kp_clientAuth)); Assert.assertTrue(verifyExtendedKeyUsage.hasKeyPurposeId(KeyPurposeId.id_kp_emailProtection)); // Subject Alternative Name GeneralNames verifyGeneralNames = GeneralNames.fromExtensions( certReqMsgs[0].getCertReq().getCertTemplate().getExtensions(), Extension.subjectAlternativeName); Assert.assertTrue(generalNames.contains(verifyGeneralNames.getNames()[0])); Assert.assertTrue(generalNames.contains(verifyGeneralNames.getNames()[1])); }
From source file:org.opensaml.xml.security.x509.tls.MockX509Certificate.java
License:Open Source License
/** * Constructor.//w w w.jav a 2 s . c o m * * @param subjectX500Principal */ public MockX509Certificate(X500Principal subject, Collection<List<?>> subjAlts) { super(); subjectX500Principal = subject; subjectAltNames = subjAlts; extensions = new HashMap<String, byte[]>(); // Add proper DER-encoded alt names extension based on subjAlts values, so works with code that extracts // subject alt names via extensions parsing. if (subjAlts != null && subjAlts.size() > 0) { GeneralNamesBuilder generalNamesBuilder = new GeneralNamesBuilder(); for (List<?> subjAlt : subjAlts) { Integer type = (Integer) subjAlt.get(0); String value = (String) subjAlt.get(1); GeneralName generalName = new GeneralName(type, value); generalNamesBuilder.addName(generalName); } GeneralNames generalNames = generalNamesBuilder.build(); try { Extension ext = new Extension(Extension.subjectAlternativeName, false, generalNames.getEncoded()); extensions.put(ext.getExtnId().getId(), ext.getExtnValue().getEncoded("DER")); } catch (IOException e) { throw new RuntimeException("Problem building subject alt names extension", e); } } }
From source file:org.xipki.commons.security.util.X509Util.java
License:Open Source License
public static Extension createExtensionSubjectAltName(final List<String> taggedValues, final boolean critical) throws BadInputException { GeneralNames names = createGeneralNames(taggedValues); if (names == null) { return null; }// www . ja va 2 s .c om try { return new Extension(Extension.subjectAlternativeName, critical, names.getEncoded()); } catch (IOException ex) { throw new RuntimeException(ex.getMessage(), ex); } }
From source file:org.xipki.pki.ca.server.impl.X509Ca.java
License:Open Source License
private static Extension createCertificateIssuerExtension(final X500Name certificateIssuer) { try {/*from w ww .ja va2s . c om*/ GeneralNames generalNames = new GeneralNames(new GeneralName(certificateIssuer)); return new Extension(Extension.certificateIssuer, true, generalNames.getEncoded()); } catch (IOException ex) { throw new IllegalArgumentException("error encoding reason: " + ex.getMessage(), ex); } }
From source file:org.xipki.security.P10RequestGenerator.java
License:Open Source License
public static Extension createExtensionSubjectAltName(final List<String> taggedValues, final boolean critical) throws BadInputException { GeneralNames names = createGeneralNames(taggedValues); if (names == null) { return null; }/*www . ja va2 s . co m*/ try { return new Extension(Extension.subjectAlternativeName, critical, names.getEncoded()); } catch (IOException e) { throw new RuntimeException(e.getMessage(), e); } }