Example usage for org.bouncycastle.cert.jcajce JcaX509CertificateHolder getIssuer

List of usage examples for org.bouncycastle.cert.jcajce JcaX509CertificateHolder getIssuer

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.cert.jcajce.*
  5. JcaX509CertificateHolder
  6. getIssuer

Introduction

In this page you can find the example usage for org.bouncycastle.cert.jcajce JcaX509CertificateHolder getIssuer.

Prototype

public X500Name getIssuer()

Source Link

Document

Return the issuer of this certificate.

Usage

From source file:it.trento.comune.j4sign.cms.ExternalSignatureSignerInfoGenerator.java

License:Open Source License

/**
 * Builds the SignerCertificateV2 attribute according to RFC2634(Enhanced
 * Security Services (ESS)) + RFC5035(ESS Update: AddingCertID Algorithm
 * Agility).<br>/*from  www  .  j  a v  a 2s.c o m*/
 * This signed attribute is mandatory for CAdES-BES (ETSI TS 101 733)
 * compliancy.
 * 
 * @param sigProvider
 *            the provider to use for digest calculation.
 * @return the SignerCertificateV2 attribute calculated from to the current
 *         certificate and digest algorithm.
 * @throws NoSuchAlgorithmException
 * @throws NoSuchProviderException
 * @throws CertificateEncodingException
 * @throws IOException
 */
private Attribute buildSigningCertificateV2Attribute(String sigProvider)
        throws NoSuchAlgorithmException, NoSuchProviderException, CertificateEncodingException, IOException {

    X509Certificate cert = this.getCertificate();

    MessageDigest dig = MessageDigest.getInstance(this.getDigestAlgOID(), sigProvider);
    byte[] certHash = dig.digest(cert.getEncoded());

    // ricavo issuerandserialnumber (ID) del certificato
    // byte[] encodedCert = this.cert.getEncoded();
    // ASN1InputStream ais = new ASN1InputStream(encodedCert);
    // DERObject derObj = ais.readObject();
    // ASN1Sequence asn1Seq = (ASN1Sequence) derObj;
    // ais.close();
    // X509CertificateStructure x509CStructure = new
    // X509CertificateStructure(
    // asn1Seq);
    // X509Name x509Name = x509CStructure.getIssuer();
    // DERInteger serialNum = x509CStructure.getSerialNumber();
    // GeneralName generalName = new GeneralName(x509Name);
    // GeneralNames generalNames = new GeneralNames(generalName);

    // ROB: more directly
    JcaX509CertificateHolder holder = new JcaX509CertificateHolder(cert);
    X500Name x500name = holder.getIssuer();

    GeneralName generalName = new GeneralName(x500name);
    GeneralNames generalNames = new GeneralNames(generalName);
    DERInteger serialNum = new DERInteger(holder.getSerialNumber());

    IssuerSerial issuerserial = new IssuerSerial(generalNames, serialNum);
    // ---

    ESSCertIDv2 essCert = new ESSCertIDv2(new AlgorithmIdentifier(getDigestAlgOID()), certHash, issuerserial);
    // ESSCertIDv2 essCert = new ESSCertIDv2(new AlgorithmIdentifier(
    // getDigestAlgOID()), certHash);

    SigningCertificateV2 scv2 = new SigningCertificateV2(new ESSCertIDv2[] { essCert });

    return new Attribute(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new DERSet(scv2));
}

From source file:net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateParser.java

License:BSD License

private void validateIssuerAndSubjectDN() {
    try {//  w w w .  j a v a2 s .c  o m
        JcaX509CertificateHolder cert = new JcaX509CertificateHolder(certificate);
        getValidationResult().warnIfFalse(isValidName(cert.getIssuer()), CERT_ISSUER_CORRECT,
                certificate.getIssuerX500Principal().toString());
        getValidationResult().warnIfFalse(isValidName(cert.getSubject()), CERT_SUBJECT_CORRECT,
                certificate.getSubjectX500Principal().toString());
    } catch (CertificateEncodingException e) {
        throw new AbstractX509CertificateWrapperException(e);
    }
}