Ejemplo n.º 1
0
 /** Encode this extension */
 private void encodeThis() throws IOException {
   if (names == null || names.isEmpty()) {
     this.extensionValue = null;
     return;
   }
   DerOutputStream os = new DerOutputStream();
   names.encode(os);
   this.extensionValue = os.toByteArray();
 }
Ejemplo n.º 2
0
  private X500Principal getCertIssuer(X509CRLEntryImpl entry, X500Principal prevCertIssuer)
      throws IOException {

    CertificateIssuerExtension ciExt = entry.getCertificateIssuerExtension();
    if (ciExt != null) {
      GeneralNames names = ciExt.get(CertificateIssuerExtension.ISSUER);
      X500Name issuerDN = (X500Name) names.get(0).getName();
      return issuerDN.asX500Principal();
    } else {
      return prevCertIssuer;
    }
  }
Ejemplo n.º 3
0
 // Encode this extension
 private void encodeThis() throws IOException {
   DerOutputStream os = new DerOutputStream();
   try {
     names.encode(os);
   } catch (GeneralNamesException e) {
     throw new IOException("SubjectAlternativeName: " + e);
   }
   extensionValue = os.toByteArray();
 }
Ejemplo n.º 4
0
 public String toString() {
   StringBuffer buff = new StringBuffer("Name: " + this.getRoleNameAsString() + " - Auth: ");
   if (this.roleAuthority == null || roleAuthority.getNames().length == 0) {
     buff.append("N/A");
   } else {
     String[] names = this.getRoleAuthorityAsString();
     buff.append('[').append(names[0]);
     for (int i = 1; i < names.length; i++) {
       buff.append(", ").append(names[i]);
     }
     buff.append(']');
   }
   return buff.toString();
 }
Ejemplo n.º 5
0
  public static AttCertIssuer getInstance(Object obj) {
    if (obj instanceof AttCertIssuer) {
      return (AttCertIssuer) obj;
    } else if (obj instanceof V2Form) {
      return new AttCertIssuer(V2Form.getInstance(obj));
    } else if (obj instanceof GeneralNames) {
      return new AttCertIssuer((GeneralNames) obj);
    } else if (obj instanceof ASN1TaggedObject) {
      return new AttCertIssuer(V2Form.getInstance((ASN1TaggedObject) obj, false));
    } else if (obj instanceof ASN1Sequence) {
      return new AttCertIssuer(GeneralNames.getInstance(obj));
    }

    throw new IllegalArgumentException("unknown object in factory: " + obj.getClass());
  }
Ejemplo n.º 6
0
  /**
   * Gets the role authority as a <code>String[]</code> object.
   *
   * @return the role authority of this RoleSyntax represented as a <code>String[]</code> array.
   */
  public String[] getRoleAuthorityAsString() {
    if (roleAuthority == null) {
      return new String[0];
    }

    GeneralName[] names = roleAuthority.getNames();
    String[] namesString = new String[names.length];
    for (int i = 0; i < names.length; i++) {
      DEREncodable value = names[i].getName();
      if (value instanceof ASN1String) {
        namesString[i] = ((ASN1String) value).getString();
      } else {
        namesString[i] = value.toString();
      }
    }
    return namesString;
  }
Ejemplo n.º 7
0
  @DSGenerator(
      tool_name = "Doppelganger",
      tool_version = "2.0",
      generated_on = "2013-12-30 13:00:22.496 -0500",
      hash_original_method = "6A7E42DF8EF9B09B844C872DFCA023C7",
      hash_generated_method = "21B5E94B1503EB3B81CAD22E6A3D29F8")
  public IssuerSerial(ASN1Sequence seq) {
    if (seq.size() != 2 && seq.size() != 3) {
      throw new IllegalArgumentException("Bad sequence size: " + seq.size());
    }

    issuer = GeneralNames.getInstance(seq.getObjectAt(0));
    serial = DERInteger.getInstance(seq.getObjectAt(1));

    if (seq.size() == 3) {
      issuerUID = DERBitString.getInstance(seq.getObjectAt(2));
    }
  }
Ejemplo n.º 8
0
  /**
   * Constructor that builds an instance of <code>RoleSyntax</code> by extracting the encoded
   * elements from the <code>ASN1Sequence</code> object supplied.
   *
   * @param seq an instance of <code>ASN1Sequence</code> that holds the encoded elements used to
   *     build this <code>RoleSyntax</code>.
   */
  private RoleSyntax(ASN1Sequence seq) {
    if (seq.size() < 1 || seq.size() > 2) {
      throw new IllegalArgumentException("Bad sequence size: " + seq.size());
    }

    for (int i = 0; i != seq.size(); i++) {
      ASN1TaggedObject taggedObject = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
      switch (taggedObject.getTagNo()) {
        case 0:
          roleAuthority = GeneralNames.getInstance(taggedObject, false);
          break;
        case 1:
          roleName = GeneralName.getInstance(taggedObject, true);
          break;
        default:
          throw new IllegalArgumentException("Unknown tag in RoleSyntax");
      }
    }
  }
Ejemplo n.º 9
0
 /** Returns a printable representation of the SubjectAlternativeName. */
 public String toString() {
   if (names == null) return "";
   String s = super.toString() + "SubjectAlternativeName [\n" + names.toString() + "]\n";
   return (s);
 }
Ejemplo n.º 10
0
  /**
   * Create KeyStore and add a self-signed X.509 Certificate
   *
   * @param dname the X.509 Distinguished Name, eg "CN=www.google.co.uk, O=\"Google Inc\",
   *     L=\"Mountain View\", S=California, C=US"
   * @param keyAlgorithmName the key algorithm, eg "RSA"
   */
  private static KeyStore generateCertificate(
      String alias,
      char[] keyStorePassword,
      KeyAlgorithmName keyAlgorithmName,
      String dname,
      String... sanDomains)
      throws GeneralSecurityException, IOException {

    CertAndKeyGen certAndKeyGen =
        new CertAndKeyGen(
            keyAlgorithmName.name(), keyAlgorithmName.signatureAlgorithmName, "SunCertificates");
    certAndKeyGen.generate(keyAlgorithmName.keySize);

    PrivateKey privateKey = certAndKeyGen.getPrivateKey();
    X509CertInfo info = new X509CertInfo();
    Date from = new Date();
    Date to = new Date(from.getTime() + TimeUnit.DAYS.toMillis(360));
    CertificateValidity interval = new CertificateValidity(from, to);
    BigInteger sn = new BigInteger(64, new SecureRandom());
    X500Name owner = new X500Name(dname);

    info.set(X509CertInfo.VALIDITY, interval);
    info.set(X509CertInfo.SERIAL_NUMBER, new CertificateSerialNumber(sn));
    info.set(X509CertInfo.SUBJECT, new CertificateSubjectName(owner));
    info.set(X509CertInfo.ISSUER, new CertificateIssuerName(owner));
    info.set(X509CertInfo.KEY, new CertificateX509Key(certAndKeyGen.getPublicKey()));
    info.set(X509CertInfo.VERSION, new CertificateVersion(CertificateVersion.V3));
    info.set(
        X509CertInfo.ALGORITHM_ID,
        new CertificateAlgorithmId(new AlgorithmId(AlgorithmId.md5WithRSAEncryption_oid)));

    // add subject alternative names
    GeneralNames generalNames = new GeneralNames();
    for (String sanDomain : sanDomains) {
      generalNames.add(new GeneralName(new DNSName(sanDomain)));
    }
    if (generalNames.size() > 0) {
      CertificateExtensions certificateExtensions =
          (CertificateExtensions) info.get(X509CertInfo.EXTENSIONS);
      if (certificateExtensions == null) certificateExtensions = new CertificateExtensions();
      certificateExtensions.set(
          SubjectAlternativeNameExtension.NAME, new SubjectAlternativeNameExtension(generalNames));
      info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
    }

    // Sign the certificate to identify the algorithm that's used.
    X509CertImpl x509Certificate = new X509CertImpl(info);
    x509Certificate.sign(privateKey, keyAlgorithmName.signatureAlgorithmName);

    // update the algorithm, and resign.
    info.set(
        CertificateAlgorithmId.NAME + "." + CertificateAlgorithmId.ALGORITHM,
        x509Certificate.get(X509CertImpl.SIG_ALG));
    x509Certificate = new X509CertImpl(info);
    x509Certificate.sign(privateKey, keyAlgorithmName.signatureAlgorithmName);

    // add to new key store
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null, keyStorePassword);
    keyStore.setKeyEntry(
        alias, privateKey, keyStorePassword, new X509Certificate[] {x509Certificate});

    return keyStore;
  }