Examples of codec.x501.Name

• org.apache.harmony.security.x501.Name
  sa.com/pub/pkcs/ascii/layman.asc"> Layman's Guide to ASN.1 is build.

  The Principal interface method {@link #getName getName} returns the encodedname in little-endian format in accordance with RFC2253 and the IANA assigned numbers document for Directory System Names.

  If the Name is initalised with a RFC2253 conformant syntax then the attributes are encoded in the opposite order they appear in the name(in little-endian order).

  If the Name is initialized by decoding a DER stream then the internal representation remains identical to the decoded data. In other words, decoding and subsequent encoding of a Name object retains the order of attributes and returns identical encodings.

  Note: this class works properly only if the {@link #decode decode}method is called in order to decode Names. Do not use constructions such as:

  DERDecoder dec; Name rdn; dec = new DERDecoder(in); rdn = new Name(); dec.readCollectionOf(rdn); dec.close();

  This would work in theory but this implementation makes some assumptions in order to optimise the decoding. Better use the "proper" construction:

  DERDecoder dec; Name rdn; dec = new DERDecoder(in); rdn = new Name(); rdn.decode(dec); dec.close();

  This should always be safe and is the preferred way of decoding ASN.1 types anyway.

  Since there is only one choice at present for the Name which is RDNSequence this type does not bother to implement CHOICE as its outer type. The definition of Name according to X.501 as given in RSA Laboratories' Laymans Guide is:

  Name ::= CHOICE { RDNSequence } RDNSequence ::= SEQUENCE OF RelativeDistinguishedName RelativeDistinguishedName :: = SET OF AttributeValueAssertion AttributeValueAssertion ::= SEQUENCE { AttributeType, AttributeValue } AttributeType ::= OBJECT IDENTIFIER AttributeValue ::= ANY Since the ANY type is deprecated in the '97 specification of X.680 we represent the ANY type by a generic Open Type which is the new ASN.1 way of handling this.

  This class supports the full range of RFC2253 features including

  • Quoting and escaping.
  • RDNs with multiple AVAs separated by a plus sign ('+').
  • OIDs as attribute keys.
  • Hexadecimal attribute values introduced by a '#'. Such values must constitute a valid BER encoding.
  • Commas and semicolons as separators.

  The string output is canonicalized. Everything that can be resolved by this class (e.g., keywords for attribute types) is resolved. The following attribute types are supported per default (cf. RFC3383:

  • ALIASEDOBJECTNAME (aliasedObjectName, 2.5.4.1, RFC2256)
  • C (countryName, 2.5.4.6, RFC2256)
  • CN (commonName, 2.5.4.3, RFC2256)
  • DC (domainComponent, 0.9.2342.19200300.100.1.25, RFC2247)
  • DATEOFBIRTH (dateOfBirth, 1.3.6.1.5.5.7.9.1, RFC2985)
  • DNQUALIFIER (dnQualifier, 2.5.4.46, RFC2256)
  • DESCRIPTION (description, 2.5.4.13, RFC2256)
  • EMAILADDRESS (emailAddress, 1.2.840.113549.1.9.1, RFC2985)
  • GENDER (gender, 1.3.6.1.5.5.7.9.3, RFC2985)
  • GENERATION (generationQualifier, 2.5.4.44, RFC2256)
  • GN (givenName, 2.5.4.42, RFC2256)
  • INITIALS (initials, 2.5.4.43, RFC2256)
  • IP (ip, 1.3.6.1.4.1.42.2.11.2.1, ?)
  • L (localityName, 2.5.4.7, RFC2256)
  • O (organizationName, 2.5.4.10, RFC2256)
  • OU (organizationalUnitName, 2.5.4.11, RFC2256)
  • PLACEOFBIRTH (placeOfBirth, 1.3.6.1.5.5.7.9.2, RFC2985)
  • POSTALADDRESS (postalAddress, 2.5.4.16, RFC2256)
  • POSTALCODE (postalCode, 2.5.4.17, RFC2256
  • PSEUDONYM (pseudonym, 2.5.4.65, RFC2985)
  • SERIALNUMBER (serialNumber, 2.5.4.5, RFC2256)
  • SN (surName, 2.5.4.4, RFC2256)
  • ST (stateOrProvinceName, 2.5.4.8, RFC2256)
  • STREET (street, 2.5.4.9, RFC2256)
  • UID (uid, 0.9.2342.19200300.100.1.1, RFC2253)
  • TITLE (title, 2.5.4.12, RFC2256)

  @author Volker Roth @author Jan Peters @version "$Id: Name.java,v 1.9 2007/08/30 08:45:05 pebinger Exp $"

        junit.textui.TestRunner.run(NameTest.class);
    }

    public void testGetName1779() throws Exception {

        Name principal = (Name) Name.ASN1.decode(mess);

        String s = principal.getName("RFC1779");

        assertEquals(
                "CN=A + ST=CA, O=B, L=C, C=D, OU=E, CN=A + ST=CA, O=B, L=C, C=D, OU=E, CN=Z",
                s);
    }

    }

    public void testStreamGetName1779() throws Exception {
        ByteArrayInputStream is = new ByteArrayInputStream(mess);

        Name principal = (Name) Name.ASN1.decode(is);

        String s = principal.getName("RFC1779");

        assertEquals(
                "CN=A + ST=CA, O=B, L=C, C=D, OU=E, CN=A + ST=CA, O=B, L=C, C=D, OU=E, CN=Z",
                s);
    }

                sha1), new byte[20]);
        Date genTime = new Date();
        BigInteger nonce = BigInteger.valueOf(1234567890L);
        // accuracy is 1 second
        int[] accuracy = new int[] { 1, 0, 0 };
        GeneralName tsa = new GeneralName(new Name("CN=AnAuthority"));
        Extensions exts = new Extensions();
        // Time-Stamping extension OID: as defined in RFC 3161
        int[] timeStampingExtOID = new int[] { 1, 3, 6, 1, 5, 5, 7, 3, 8 };
        byte[] timeStampingExtValue = new byte[] { (byte) 1, (byte) 2, (byte) 3 };
        Extension ext = new Extension(timeStampingExtOID, true,
                timeStampingExtValue);
        exts.addExtension(ext);

        TSTInfo tSTInfo = new TSTInfo(1, policy, msgImprint, BigInteger.TEN,
                genTime, accuracy, Boolean.FALSE, nonce, tsa, exts);

        Object[] issuerAndSerialNumber = new Object[] { new Name("CN=issuer"),
                ASN1Integer.fromIntValue(12345) };
        // SHA1withDSA OID
        String sha1dsa = "1.2.840.10040.4.3";
        SignerInfo sigInfo = new SignerInfo(1, issuerAndSerialNumber,
                new AlgorithmIdentifier(sha1), null, new AlgorithmIdentifier(

        MessageImprint msgImprint = new MessageImprint(new AlgorithmIdentifier(
                sha1), new byte[20]);
        Date genTime = new Date();
        BigInteger nonce = BigInteger.valueOf(1234567890L);
        int[] accuracy = new int[] { 1, 0, 0 };
        GeneralName tsa = new GeneralName(new Name("CN=AnAuthority"));
        Extensions exts = new Extensions();
        // Time-Stamping extension OID: as defined in RFC 3161
        int[] timeStampingExtOID = new int[] { 1, 3, 6, 1, 5, 5, 7, 3, 8 };
        byte[] timeStampingExtValue = new byte[] { (byte) 1, (byte) 2, (byte) 3 };
        Extension ext = new Extension(timeStampingExtOID, true,

            GeneralName san0 =
                new GeneralName(new OtherName("1.2.3.4.5", new byte[] {1, 2, 0, 1}));
            GeneralName san1 = new GeneralName(1, "rfc@822.Name");
            GeneralName san2 = new GeneralName(2, "dNSName");
            GeneralName san3 = new GeneralName(new ORAddress());
            GeneralName san4 = new GeneralName(new Name("O=Organization"));
            GeneralName san5 =
                new GeneralName(new EDIPartyName("assigner", "party"));
            GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
            GeneralName san7 = new GeneralName(7, "1.1.1.1");
            GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555");

    private TBSCertList tbscertlist;
    private byte[] encoding;

    protected void setUp() throws java.lang.Exception {
        try {
            Name issuer = new Name(issuerName);

            tbscertlist =
                new TBSCertList(2, signature, issuer, thisUpdate,
                    nextUpdate, revokedCertificates, crlExtensions);

     */
    public void testCertificateList() {
        try {
            AlgorithmIdentifier signature =
                new AlgorithmIdentifier(algOID, algParams);
            Name issuer = new Name(issuerName);
            TBSCertList tbscl =
                new TBSCertList(signature, issuer, thisUpdate);
            CertificateList cl =
                new CertificateList(tbscl, signature, new byte[] {0});

    public void testGetRevokedCertificate1() {
        try {
            X509CertImpl cert1 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber1, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert2 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber2, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert3 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber3, signature,
                        new Name("O=Another Cert Issuer"),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            assertNull("Certificate should not be presented in CRL "
                    + "because issuer is not the same as CRL issuer",

    public void testIsRevoked() {
        try {
            X509CertImpl cert1 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber1, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert2 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber2, signature,
                        new Name(certIssuerName),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            X509CertImpl cert3 = new X509CertImpl(
                new Certificate(
                    new TBSCertificate(2, certSerialNumber3, signature,
                        new Name("O=Another Cert Issuer"),
                        new Validity(new Date(), new Date()),
                    new Name(certIssuerName),
                    new SubjectPublicKeyInfo(signature, new byte[10]),
                    null, null, null),
                signature, new byte[10]));
            assertFalse("Certificate should not be presented in CRL "
                    + "because issuer is not the same as CRL issuer",

public class SignerInfoTest extends TestCase {

    public void testEncode() throws Exception {

        Object[] issuerAndSerialNumber = new Object[] { new Name("CN=test"),
                BigInteger.TEN.toByteArray() };

        SignerInfo signerInfo = new SignerInfo(1, issuerAndSerialNumber,
                new AlgorithmIdentifier("1.3.14.3.2.26"),// SHA1 OID
                null, new AlgorithmIdentifier("1.2.840.10040.4.1"),// DSA OID