List of usage examples for org.bouncycastle.asn1.x509 X509Name E
ASN1ObjectIdentifier E
To view the source code for org.bouncycastle.asn1.x509 X509Name E.
Click Source Link
From source file:de.mendelson.util.security.keygeneration.KeyGenerator.java
/** * Generates a self-signed X509 Version 3 certificate * *///from www . jav a 2 s . c o m private X509Certificate generateCertificate(PublicKey publicKey, PrivateKey privateKey, KeyGenerationValues generationValues) throws Exception { //Stores certificate attributes Hashtable<ASN1ObjectIdentifier, String> attributes = new Hashtable<ASN1ObjectIdentifier, String>(); Vector<ASN1ObjectIdentifier> order = new Vector<ASN1ObjectIdentifier>(); attributes.put(X509Name.CN, generationValues.getCommonName()); order.add(0, X509Name.CN); attributes.put(X509Name.OU, generationValues.getOrganisationUnit()); order.add(0, X509Name.OU); attributes.put(X509Name.O, generationValues.getOrganisationName()); order.add(0, X509Name.O); attributes.put(X509Name.L, generationValues.getLocalityName()); order.add(0, X509Name.L); attributes.put(X509Name.ST, generationValues.getStateName()); order.add(0, X509Name.ST); attributes.put(X509Name.C, generationValues.getCountryCode()); order.add(0, X509Name.C); attributes.put(X509Name.E, generationValues.getEmailAddress()); order.add(0, X509Name.E); X509V3CertificateGenerator certificateGenerator = new X509V3CertificateGenerator(); // Set the issuer distinguished name certificateGenerator.setIssuerDN(new X509Principal(order, attributes)); //add a key extension if this is requested if (generationValues.getKeyExtension() != null) { certificateGenerator.addExtension(X509Extensions.KeyUsage, true, generationValues.getKeyExtension()); } //add a extended key extension if this is requested if (generationValues.getExtendedKeyExtension() != null) { certificateGenerator.addExtension(X509Extensions.ExtendedKeyUsage, false, generationValues.getExtendedKeyExtension()); } // Valid before and after dates now to iValidity days in the future Date startDate = new Date(System.currentTimeMillis()); long duration = TimeUnit.DAYS.toMillis(generationValues.getKeyValidInDays()); Date endDate = new Date(startDate.getTime() + duration); certificateGenerator.setNotBefore(startDate); certificateGenerator.setNotAfter(endDate); certificateGenerator.setSubjectDN(new X509Principal(order, attributes)); certificateGenerator.setPublicKey(publicKey); certificateGenerator.setSignatureAlgorithm(generationValues.getSignatureAlgorithm()); BigInteger serialNumber = new BigInteger(Long.toString(System.currentTimeMillis() / 1000)); certificateGenerator.setSerialNumber(serialNumber); // Generate an X.509 certificate, based on the current issuer and subject X509Certificate cert = certificateGenerator.generate(privateKey, "BC"); // Return the certificate return cert; }
From source file:org.glite.security.util.DNImplRFC2253.java
License:Apache License
/** * Creates a new DNImpl object./* w w w.ja v a 2s . c om*/ * * @param principal The Principal holding the information to generate the DN from. */ @SuppressWarnings("unchecked") public DNImplRFC2253(Principal principal) { X509Principal x509Principal; // LOGGER.debug("input is: " + principal.getClass().getName() + " from classloader: " + principal.getClass().getClassLoader() + " current one is: " + getClass().getClassLoader()); if (principal instanceof X509Principal) { // for X509Principal use it directly. // LOGGER.debug("input is X509Principal"); x509Principal = (X509Principal) principal; } else { if (principal instanceof X500Principal) { // for X500Principal, get the encoded and reparse as bouncycastle X509Principal. // LOGGER.debug("input is java Principal"); try { x509Principal = new X509Principal((((X500Principal) principal).getEncoded())); } catch (Exception e) { LOGGER.error("Invalid X500Principal DN name: " + principal); throw new IllegalArgumentException("Invalid X500Principal DN name: " + principal); } } else { // for other principals, get the name and try to parse it. LOGGER.debug("input is some other principal: " + principal.getClass().getName()); String name = principal.getName(); String testName = name.toLowerCase().trim(); // UGLY HACK, shouldn't do this, but there seems to be no way around it, input can be many classes that give the DN in different orders. And from different classloaders preventing casts etc. // if DN starts with email or CN, it's in reversed order // LOGGER.debug("test name: " + testName); if (testName.startsWith("email") || testName.startsWith("e=") || testName.startsWith("cn=") || testName.startsWith("uid=") || testName.startsWith("sn=")) { x509Principal = new X509Principal(true, principal.getName()); // LOGGER.debug("name first " + x509Principal); } else { // if it starts with country or state, it's in direct order if (testName.startsWith("c=") || testName.startsWith("st=") || testName.startsWith("ou=") || testName.startsWith("dc=") || testName.startsWith("o=")) { x509Principal = new X509Principal(false, principal.getName()); // LOGGER.debug("country first, reverse " + x509Principal); } else { // check if it end with CN, email, UID or SN, and then not flip it. x509Principal = new X509Principal(false, principal.getName()); Vector oids = x509Principal.getOIDs(); String rdn = ((DERObjectIdentifier) oids.lastElement()).getId(); if (rdn.equals(X509Name.CN.getId()) || rdn.equals(X509Name.E.getId()) || rdn.equals(X509Name.UID.getId()) || rdn.equals(X509Name.SN.getId())) { x509Principal = new X509Principal(false, principal.getName()); } else { // other cases assume it's in reverse order x509Principal = new X509Principal(true, principal.getName()); // LOGGER.debug("unknown first " + x509Principal); } } } } } m_oids = (DERObjectIdentifier[]) x509Principal.getOIDs().toArray(new DERObjectIdentifier[] {}); m_rdns = (String[]) x509Principal.getValues().toArray(new String[] {}); m_count = m_oids.length; }
From source file:org.glite.voms.PKIUtils.java
License:Open Source License
/** * Gets an OpenSSL-style representation of a principal. * * @param principal the principal/*from w w w . j ava 2s .c o m*/ * * @return a String representing the principal. */ public static String getOpenSSLFormatPrincipal(Principal principal) { X509Name name = new X509Name(principal.getName()); Vector oids = name.getOIDs(); Vector values = name.getValues(); ListIterator oids_iter = oids.listIterator(); ListIterator values_iter = values.listIterator(); String result = new String(); while (oids_iter.hasNext()) { DERObjectIdentifier oid = (DERObjectIdentifier) oids_iter.next(); String value = (String) values_iter.next(); if (oid.equals(X509Name.C)) result += "/C=" + value; else if (oid.equals(X509Name.CN)) result += "/CN=" + value; else if (oid.equals(X509Name.DC)) result += "/DC=" + value; else if (oid.equals(X509Name.E)) result += "/E=" + value; else if (oid.equals(X509Name.EmailAddress)) result += "/Email=" + value; else if (oid.equals(X509Name.L)) result += "/L=" + value; else if (oid.equals(X509Name.O)) result += "/O=" + value; else if (oid.equals(X509Name.OU)) result += "/OU=" + value; else if (oid.equals(X509Name.ST)) result += "/ST=" + value; else if (oid.equals(X509Name.UID)) result += "/UID=" + value; else result += "/" + oid.toString() + "=" + value; } logger.debug("SSLFormat: " + result); return result; }