List of usage examples for org.bouncycastle.util IPAddress isValid
public static boolean isValid(String address)
From source file:net.sf.keystore_explorer.gui.crypto.generalname.DGeneralNameChooser.java
License:Open Source License
private void okPressed() { try {//www . j a v a2 s .c o m GeneralName newGeneralName = null; if (jrbDirectoryName.isSelected()) { X500Name directoryName = jdnDirectoryName.getDistinguishedName(); if (directoryName == null) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.DirectoryNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } newGeneralName = new GeneralName(GeneralName.directoryName, directoryName); } else if (jrbDnsName.isSelected()) { String dnsName = jtfDnsName.getText().trim(); if (dnsName.length() == 0) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.DnsNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } newGeneralName = new GeneralName(GeneralName.dNSName, new DERIA5String(dnsName)); } else if (jrbIpAddress.isSelected()) { String ipAddress = jtfIpAddress.getText().trim(); if (ipAddress.length() == 0) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.IpAddressValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } if (!IPAddress.isValid(ipAddress)) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.NotAValidIP.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } newGeneralName = new GeneralName(GeneralName.iPAddress, ipAddress); } else if (jrbRegisteredId.isSelected()) { ASN1ObjectIdentifier registeredId = joiRegisteredId.getObjectId(); if (registeredId == null) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.RegisteredIdValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } newGeneralName = new GeneralName(GeneralName.registeredID, registeredId); } else if (jrbRfc822Name.isSelected()) { String rfc822Name = jtfRfc822Name.getText().trim(); if (rfc822Name.length() == 0) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.Rfc822NameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } newGeneralName = new GeneralName(GeneralName.rfc822Name, new DERIA5String(rfc822Name)); } else if (jrbUniformResourceIdentifier.isSelected()) { String uniformResourceIdentifier = jtfUniformResourceIdentifier.getText().trim(); if (uniformResourceIdentifier.length() == 0) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.UniformResourceIdentifierValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } newGeneralName = new GeneralName(GeneralName.uniformResourceIdentifier, new DERIA5String(uniformResourceIdentifier)); } else if (jrbPrincipalName.isSelected()) { String upnString = jtfPrincipalName.getText().trim(); if (upnString.length() == 0) { JOptionPane.showMessageDialog(this, res.getString("DGeneralNameChooser.PrincipalNameValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE); return; } ASN1EncodableVector asn1Vector = new ASN1EncodableVector(); asn1Vector.add(new ASN1ObjectIdentifier(GeneralNameUtil.UPN_OID)); asn1Vector.add(new DERTaggedObject(true, 0, new DERUTF8String(upnString))); newGeneralName = new GeneralName(GeneralName.otherName, new DERSequence(asn1Vector)); } generalName = newGeneralName; } catch (Exception ex) { DError dError = new DError(this, ex); dError.setLocationRelativeTo(this); dError.setVisible(true); return; } closeDialog(); }
From source file:org.xwiki.crypto.pkix.internal.BcX509CertificateGeneratorFactoryTest.java
License:Open Source License
@Test public void testGenerateEndEntitySignedCertificateVersion3() throws Exception { X509ExtensionBuilder builder = builderMocker.getComponentUnderTest(); CertifiedPublicKey caCertificate = factory .getInstance(signerFactory.getInstance(true, rsaPrivateKey), new X509CertificateGenerationParameters(builder.addBasicConstraints(true) .addKeyUsage(true, EnumSet.of(KeyUsage.keyCertSign, KeyUsage.cRLSign)).build())) .generate(new DistinguishedName("CN=Test CA"), rsaPublicKey, new X509CertificateParameters()); builder = builderMocker.getComponentUnderTest(); CertificateGenerator generator = factory.getInstance( CertifyingSigner.getInstance(true, new CertifiedKeyPair(rsaPrivateKey, caCertificate), signerFactory),// www .j av a 2 s .co m new X509CertificateGenerationParameters( builder.addKeyUsage(EnumSet.of(KeyUsage.digitalSignature, KeyUsage.dataEncipherment)) .addExtendedKeyUsage(false, new ExtendedKeyUsages(new String[] { ExtendedKeyUsages.EMAIL_PROTECTION })) .build())); builder = builderMocker.getComponentUnderTest(); CertifiedPublicKey certificate = generator.generate(new DistinguishedName("CN=Test End Entity"), dsaPublicKey, new X509CertificateParameters(builder.addSubjectAltName(false, new X509GeneralName[] { new X509Rfc822Name("test@example.com"), new X509Rfc822Name(new InternetAddress("test@test.com")), new X509DnsName("example.com"), new X509DirectoryName("CN=Test"), new X509IpAddress("192.168.1.1"), new X509IpAddress("192.168.2.0/24"), new X509IpAddress("192.168.3.0/255.255.255.0"), new X509IpAddress(InetAddress.getByName("192.168.4.1")), new X509IpAddress(InetAddress.getByName("192.168.5.0"), InetAddress.getByName("255.255.255.0")), new X509IpAddress("2001:db8:0:85a3::ac1f:8001"), new X509IpAddress("2001:db8:1f89::/48"), new X509IpAddress(InetAddress.getByName("2001:db8:0:85a3::ac1f:8001")), new X509IpAddress(InetAddress.getByName("2001:db8:1f89::"), InetAddress.getByName("ffff:ffff:ffff::")), new X509URI("http://xwiki.org"), new X509URI(new URL("http://myxwiki.org")) }).build())); X509CertifiedPublicKey cert = checkRootSigned(certificate, 3); assertThat(cert.getExtensions().getExtensionOID(), equalTo(new String[] { "2.5.29.35", "2.5.29.14", "2.5.29.15", "2.5.29.37", "2.5.29.17" })); assertThat(cert.getExtensions().getCriticalExtensionOID(), equalTo(new String[] { "2.5.29.15" })); assertThat(cert.getExtensions().getNonCriticalExtensionOID(), equalTo(new String[] { "2.5.29.35", "2.5.29.14", "2.5.29.37", "2.5.29.17" })); assertTrue("KeyUsage extension should be critical.", cert.getExtensions().isCritical(KeyUsage.OID)); assertThat(cert.getExtensions().getKeyUsage(), equalTo(EnumSet.of(KeyUsage.digitalSignature, KeyUsage.dataEncipherment))); assertFalse("ExtendedKeyUsage extension should be non critical.", cert.getExtensions().isCritical(ExtendedKeyUsages.OID)); assertThat(cert.getExtensions().getExtendedKeyUsage().getAll().toArray(new String[0]), equalTo(new String[] { ExtendedKeyUsages.EMAIL_PROTECTION })); assertTrue("Email data protection extended usage should be set.", cert.getExtensions().getExtendedKeyUsage().hasUsage(ExtendedKeyUsages.EMAIL_PROTECTION)); List<X509GeneralName> names = cert.getExtensions().getSubjectAltName(); assertThat(names.size(), equalTo(15)); for (X509GeneralName name : names) { if (name instanceof X509Rfc822Name) { assertThat(((X509StringGeneralName) name).getName(), anyOf(equalTo("test@example.com"), equalTo("test@test.com"))); assertThat(((X509Rfc822Name) name).getAddress(), anyOf(equalTo(new InternetAddress("test@example.com")), equalTo(new InternetAddress("test@test.com")))); } else if (name instanceof X509DnsName) { assertThat(((X509StringGeneralName) name).getName(), equalTo("example.com")); assertThat(((X509DnsName) name).getDomain(), equalTo("example.com")); } else if (name instanceof X509DirectoryName) { assertThat(((X509StringGeneralName) name).getName(), equalTo("CN=Test")); } else if (name instanceof X509URI) { assertThat(((X509StringGeneralName) name).getName(), anyOf(equalTo("http://xwiki.org"), equalTo("http://myxwiki.org"))); assertThat(((X509URI) name).getURI(), anyOf(equalTo(new URI("http://xwiki.org")), equalTo(new URI("http://myxwiki.org")))); assertThat(((X509URI) name).getURL(), anyOf(equalTo(new URL("http://xwiki.org")), equalTo(new URL("http://myxwiki.org")))); } else if (name instanceof X509IpAddress) { assertTrue("Invalid IP address: " + ((X509StringGeneralName) name).getName(), IPAddress.isValid(((X509StringGeneralName) name).getName()) || IPAddress.isValidWithNetMask(((X509StringGeneralName) name).getName())); } else { fail("Unexpected SubjectAltName type."); } } }