Package com.itextpdf.text.pdf

Examples of com.itextpdf.text.pdf.PdfPKCS7$X509Name


    }

    protected PKIMessage genRevReq(String issuerDN, String userDN, BigInteger serNo, Certificate cacert, byte[] nonce, byte[] transid,
            boolean crlEntryExtension) throws NoSuchAlgorithmException, NoSuchProviderException, IOException, InvalidKeyException, SignatureException {
        CertTemplate myCertTemplate = new CertTemplate();
        myCertTemplate.setIssuer(new X509Name(issuerDN));
        myCertTemplate.setSubject(new X509Name(userDN));
        myCertTemplate.setSerialNumber(new DERInteger(serNo));

        RevDetails myRevDetails = new RevDetails(myCertTemplate);
        ReasonFlags reasonbits = new ReasonFlags(ReasonFlags.keyCompromise);
        myRevDetails.setRevocationReason(reasonbits);
        if (crlEntryExtension) {
            CRLReason crlReason = new CRLReason(CRLReason.cessationOfOperation);
            X509Extension ext = new X509Extension(false, new DEROctetString(crlReason.getEncoded()));
            Hashtable<DERObjectIdentifier, X509Extension> ht = new Hashtable<DERObjectIdentifier, X509Extension>();
            ht.put(X509Extensions.ReasonCode, ext);
            myRevDetails.setCrlEntryDetails(new X509Extensions(ht));
        }

        RevReqContent myRevReqContent = new RevReqContent(myRevDetails);

        PKIHeader myPKIHeader = new PKIHeader(new DERInteger(2), new GeneralName(new X509Name(userDN)), new GeneralName(new X509Name(((X509Certificate)cacert).getSubjectDN()
                .getName())));
        myPKIHeader.setMessageTime(new DERGeneralizedTime(new Date()));
        // senderNonce
        myPKIHeader.setSenderNonce(new DEROctetString(nonce));
        // TransactionId
View Full Code Here


    }

    protected PKIMessage genCertConfirm(String userDN, Certificate cacert, byte[] nonce, byte[] transid, String hash, int certReqId)
            throws NoSuchAlgorithmException, NoSuchProviderException, IOException {

        PKIHeader myPKIHeader = new PKIHeader(new DERInteger(2), new GeneralName(new X509Name(userDN)), new GeneralName(new X509Name(((X509Certificate)cacert).getSubjectDN()
                .getName())));
        myPKIHeader.setMessageTime(new DERGeneralizedTime(new Date()));
        // senderNonce
        myPKIHeader.setSenderNonce(new DEROctetString(nonce));
        // TransactionId
View Full Code Here

            assertEquals("Protection algorithm id: " + algId.getObjectId().getId(), CMPObjectIdentifiers.passwordBasedMac.getId(), algId.getObjectId().getId())//1.2.840.113549.1.1.5 - SHA-1 with RSA Encryption
        }

        // Check that the signer is the expected CA
        assertEquals(header.getSender().getTagNo(), 4);
        X509Name name = X509Name.getInstance(header.getSender().getName());
        assertEquals(name.toString(), issuerDN);

        if (signed) {
            // Verify the signature
            byte[] protBytes = respObject.getProtectedBytes();
            DERBitString bs = respObject.getProtection();
View Full Code Here

        //
        PKIMessage respObject = PKIMessage.getInstance(new ASN1InputStream(new ByteArrayInputStream(retMsg)).readObject());
        assertNotNull(respObject);
        PKIHeader header = respObject.getHeader();
        assertEquals(header.getSender().getTagNo(), 4);
        X509Name name = X509Name.getInstance(header.getSender().getName());
        assertEquals(name.toString(), ((X509Certificate)cacert).getSubjectDN().getName());
        name = X509Name.getInstance(header.getRecipient().getName());
        assertEquals(name.toString(), userDN);

        PKIBody body = respObject.getBody();
        int tag = body.getTagNo();
        assertEquals(tag, 19);
        DERNull n = body.getConf();
View Full Code Here

        //
        PKIMessage respObject = PKIMessage.getInstance(new ASN1InputStream(new ByteArrayInputStream(retMsg)).readObject());
        assertNotNull(respObject);
        PKIHeader header = respObject.getHeader();
        assertEquals(header.getSender().getTagNo(), 4);
        X509Name name = X509Name.getInstance(header.getSender().getName());
        assertEquals(name.toString(), ((X509Certificate)cacert).getSubjectDN().getName());
        name = X509Name.getInstance(header.getRecipient().getName());
        assertEquals(name.toString(), userDN);

        PKIBody body = respObject.getBody();
        int tag = body.getTagNo();
        assertEquals(tag, 12);
        RevRepContent n = body.getRp();
View Full Code Here

        //
        PKIMessage respObject = PKIMessage.getInstance(new ASN1InputStream(new ByteArrayInputStream(retMsg)).readObject());
        assertNotNull(respObject);
        PKIHeader header = respObject.getHeader();
        assertEquals(header.getSender().getTagNo(), 4);
        X509Name name = X509Name.getInstance(header.getSender().getName());
        assertEquals(name.toString(), sender);
        name = X509Name.getInstance(header.getRecipient().getName());
        assertEquals(name.toString(), recipient);

        PKIBody body = respObject.getBody();
        int tag = body.getTagNo();
        assertEquals(tag, 23);
        ErrorMsgContent n = body.getError();
View Full Code Here

    String dn3 = "cn=toto,cn=titi,dc=domain,dc=tld";
    String revdn3 = CertTools.reverseDN(dn3);
    assertEquals("dc=tld,dc=domain,cn=titi,cn=toto", revdn3);
   
        X509Name dn4 = CertTools.stringToBcX509Name(dn3, new X509DefaultEntryConverter(), true);
    assertEquals("CN=toto,CN=titi,DC=domain,DC=tld", dn4.toString());
        X509Name dn5 = CertTools.stringToBcX509Name(dn3, new X509DefaultEntryConverter(), false);
    assertEquals("DC=tld,DC=domain,CN=titi,CN=toto", dn5.toString());
    assertEquals("CN=toto,CN=titi,DC=domain,DC=tld", CertTools.stringToBCDNString(dn3));

    String dn6 = "dc=tld,dc=domain,cn=titi,cn=toto";
    String revdn6 = CertTools.reverseDN(dn6);
    assertEquals("cn=toto,cn=titi,dc=domain,dc=tld", revdn6);
    assertEquals("CN=toto,CN=titi,DC=domain,DC=tld", CertTools.stringToBCDNString(dn3));

        X509Name dn7 = CertTools.stringToBcX509Name(dn6, new X509DefaultEntryConverter(), true);
    assertEquals("CN=toto,CN=titi,DC=domain,DC=tld", dn7.toString());
        X509Name revdn7 = CertTools.stringToBcX509Name(dn6, new X509DefaultEntryConverter(), false);
    assertEquals("DC=tld,DC=domain,CN=titi,CN=toto", revdn7.toString());

    // Test the test strings from ECA-1699, to prove that we fixed this issue
        String dn8 = "dc=org,dc=foo,o=FOO,cn=FOO Root CA";
        String dn9 = "cn=FOO Root CA,o=FOO,dc=foo,dc=org";
    String revdn8 = CertTools.reverseDN(dn8);
    assertEquals("cn=FOO Root CA,o=FOO,dc=foo,dc=org", revdn8);
    String revdn9 = CertTools.reverseDN(dn9);
    assertEquals("dc=org,dc=foo,o=FOO,cn=FOO Root CA", revdn9);
        X509Name xdn8ldap = CertTools.stringToBcX509Name(dn8, new X509DefaultEntryConverter(), true);
        X509Name xdn8x500 = CertTools.stringToBcX509Name(dn8, new X509DefaultEntryConverter(), false);
    assertEquals("CN=FOO Root CA,O=FOO,DC=foo,DC=org", xdn8ldap.toString());
    assertEquals("DC=org,DC=foo,O=FOO,CN=FOO Root CA", xdn8x500.toString());
        X509Name xdn9ldap = CertTools.stringToBcX509Name(dn9, new X509DefaultEntryConverter(), true);
        X509Name xdn9x500 = CertTools.stringToBcX509Name(dn9, new X509DefaultEntryConverter(), false);
    assertEquals("CN=FOO Root CA,O=FOO,DC=foo,DC=org", xdn9ldap.toString());
    assertEquals("DC=org,DC=foo,O=FOO,CN=FOO Root CA", xdn9x500.toString());
    assertEquals("CN=FOO Root CA,O=FOO,DC=foo,DC=org", CertTools.stringToBCDNString(dn8));
    assertEquals("CN=FOO Root CA,O=FOO,DC=foo,DC=org", CertTools.stringToBCDNString(dn9));

    // Test reversing DNs with multiple OU
    String dn10 = "CN=something,OU=A,OU=B,O=someO,C=SE";
        X509Name x509dn10 = CertTools.stringToBcX509Name(dn10, new X509DefaultEntryConverter(), true);
        assertEquals("CN=something,OU=A,OU=B,O=someO,C=SE", x509dn10.toString());
    assertEquals("CN=something,OU=A,OU=B,O=someO,C=SE", CertTools.stringToBCDNString(dn10));

        // When we order forwards (LdapOrder) from the beginning, and request !LdapOrder, everything should be reversed
        X509Name ldapdn11 = CertTools.stringToBcX509Name(dn10, new X509DefaultEntryConverter(), false);
        assertEquals("C=SE,O=someO,OU=B,OU=A,CN=something", ldapdn11.toString());

        // When we order backwards (X.509, !LdapOrder) from the beginning, we should not reorder anything
    String dn11 = "C=SE,O=someO,OU=B,OU=A,CN=something";
    X509Name x509dn11 = CertTools.stringToBcX509Name(dn11, new X509DefaultEntryConverter(), false);
        assertEquals("C=SE,O=someO,OU=B,OU=A,CN=something", x509dn11.toString());
    assertEquals("CN=something,OU=A,OU=B,O=someO,C=SE", CertTools.stringToBCDNString(dn11));

    log.trace("<test09TestReverse()");
  }
View Full Code Here

    assertEquals("testDirName@jamador.pki.gva.es", CertTools
        .getUPNAltName(cer));

    name = CertTools.getPartFromDN(altNames, CertTools.DIRECTORYNAME);
    assertEquals("CN=testDirName|dir|name", name);
    assertEquals(name.substring("CN=".length()), new X509Name(
        "CN=testDirName|dir|name").getValues().get(0));

    String altName = "rfc822name=foo@bar.se, uri=http://foo.bar.se, directoryName="
        + LDAPDN.escapeRDN("CN=testDirName, O=Foo, OU=Bar, C=SE")
        + ", dnsName=foo.bar.se";
    GeneralNames san = CertTools.getGeneralNamesFromAltName(altName);
    GeneralName[] gns = san.getNames();
    boolean found = false;
    for (int i = 0; i < gns.length; i++) {
      int tag = gns[i].getTagNo();
      if (tag == 4) {
        found = true;
        DEREncodable enc = gns[i].getName();
        X509Name dir = (X509Name) enc;
        String str = dir.toString();
        log.debug("DirectoryName: " + str);
        assertEquals("CN=testDirName,O=Foo,OU=Bar,C=SE", str);
      }

    }
    assertTrue(found);

    altName = "rfc822name=foo@bar.se, rfc822name=foo@bar.com, uri=http://foo.bar.se, directoryName="
        + LDAPDN.escapeRDN("CN=testDirName, O=Foo, OU=Bar, C=SE")
        + ", dnsName=foo.bar.se, dnsName=foo.bar.com";
    san = CertTools.getGeneralNamesFromAltName(altName);
    gns = san.getNames();
    int dnscount = 0;
    int rfc822count = 0;
    for (int i = 0; i < gns.length; i++) {
      int tag = gns[i].getTagNo();
      if (tag == 2) {
        dnscount++;
        DEREncodable enc = gns[i].getName();
        DERIA5String dir = (DERIA5String) enc;
        String str = dir.getString();
        log.info("DnsName: " + str);
      }
      if (tag == 1) {
        rfc822count++;
        DEREncodable enc = gns[i].getName();
        DERIA5String dir = (DERIA5String) enc;
        String str = dir.getString();
        log.info("Rfc822Name: " + str);
      }

    }
    assertEquals(2, dnscount);
View Full Code Here

        user.setStatus(UserDataConstants.STATUS_NEW);
        // Change a user that we know...
        userAdminSession.changeUser(admin, user, false);

        // Create a P10 with strange order DN
        PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA1WithRSA", new X509Name("CN=foo,C=SE, Name=AnaTom, O=My org"), rsakeys.getPublic(),
                new DERSet(), rsakeys.getPrivate());
        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
        DEROutputStream dOut = new DEROutputStream(bOut);
        dOut.writeObject(req);
        dOut.close();
View Full Code Here

        // contains one sequence (Attribute)
        ASN1EncodableVector v = new ASN1EncodableVector();
        v.add(new DERSequence(extensionattr));
        DERSet attributes = new DERSet(v);
        // Create PKCS#10 certificate request
        PKCS10CertificationRequest req = new PKCS10CertificationRequest("SHA1WithRSA", new X509Name("C=SE,CN=extoverride"), rsakeys.getPublic(), attributes,
                rsakeys.getPrivate());
        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
        DEROutputStream dOut = new DEROutputStream(bOut);
        dOut.writeObject(req);
        dOut.close();
View Full Code Here

TOP

Related Classes of com.itextpdf.text.pdf.PdfPKCS7$X509Name

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.