Package com.lowagie.text.pdf

Examples of com.lowagie.text.pdf.PdfPKCS7$X509Name

602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
        // Will we use LDAP DN order (CN first) or X500 DN order (CN last) for the subject DN
        boolean ldapdnorder = true;
        if ((getUseLdapDNOrder() == false) || (certProfile.getUseLdapDnOrder() == false)) {
          ldapdnorder = false;
        }
        X509Name subjectDNName = CertTools.stringToBcX509Name(dn, converter, ldapdnorder);
        if (certProfile.getAllowDNOverride() && (requestX509Name != null) ) {
          subjectDNName = requestX509Name;
            if (log.isDebugEnabled()) {
              log.debug("Using X509Name from request instead of user's registered.");
            }
        }
        if (log.isDebugEnabled()) {
          log.debug("Using subjectDN: "+subjectDNName.toString());
        }
        certgen.setSubjectDN(subjectDNName);
        // We must take the issuer DN directly from the CA-certificate otherwise we risk re-ordering the DN
        // which many applications do not like.
        if (isRootCA) {
View Full Code Here
836
837
838
839
840
841
842
843
844
845
846
              converter = new PrintableStringEntryConverter();
            } else {
              converter = new X509DefaultEntryConverter();
            }

            X509Name caname = CertTools.stringToBcX509Name(getSubjectDN(), converter, getUseLdapDNOrder());
            crlgen.setIssuerDN(caname);
        } else {
          crlgen.setIssuerDN(cacert.getSubjectX500Principal());
        }
        if (certs != null) {           
View Full Code Here
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
      }
      // Create a username and password and register the new user in EJBCA
      final UsernameGenerator gen = UsernameGenerator.getInstance(this.usernameGenParams);
      // Don't convert this DN to an ordered EJBCA DN string with CertTools.stringToBCDNString because we don't want double escaping of some characters
      final IRequestMessage req =  this.extendedUserDataHandler!=null ? this.extendedUserDataHandler.processRequestMessage(crmfreq, certProfileName) : crmfreq;
      final X509Name dnname = req.getRequestX509Name();
      if (LOG.isDebugEnabled()) {
        LOG.debug("Creating username from base dn: "+dnname.toString());
      }
      final String username = gen.generateUsername(dnname.toString());
      final String pwd;
      if (StringUtils.equals(this.userPwdParams, "random")) {
        if (LOG.isDebugEnabled()) {
          LOG.debug("Setting 12 char random user password.");
        }
        final IPasswordGenerator pwdgen = PasswordGeneratorFactory.getInstance(PasswordGeneratorFactory.PASSWORDTYPE_ALLPRINTABLE);
        pwd = pwdgen.getNewPassword(12, 12);                                                                   
      } else {
        if (LOG.isDebugEnabled()) {
          LOG.debug("Setting fixed user password from config.");
        }
        pwd = this.userPwdParams;                                                                   
      }
      // AltNames may be in the request template
      final String altNames = req.getRequestAltNames();
      final String email;
      final List<String> emails = CertTools.getEmailFromDN(altNames);
      emails.addAll(CertTools.getEmailFromDN(dnname.toString()));
      if (!emails.isEmpty()) {
        email = emails.get(0); // Use rfc822name or first SubjectDN email address as user email address if available
      } else {
        email = null;
      }
      final ExtendedInformation ei;
      if (this.allowCustomCertSerno) {
        // Don't even try to parse out the field if it is not allowed
        BigInteger customCertSerno = crmfreq.getSubjectCertSerialNo();
        if (customCertSerno != null) {
          // If we have a custom certificate serial number in the request, we will pass it on to the UserData object
          ei = new ExtendedInformation();
          ei.setCertificateSerialNumber(customCertSerno);
          if (LOG.isDebugEnabled()) {
            LOG.debug("Custom certificate serial number: "+customCertSerno.toString(16));         
          }
        } else {
          ei = null;
        }
      } else {
        ei = null;
      }
      final UserDataVO userdata = new UserDataVO(username, dnname.toString(), caId, altNames, email, UserDataConstants.STATUS_NEW, SecConst.USER_ENDUSER, eeProfileId, certProfileId, null, null, SecConst.TOKEN_SOFT_BROWSERGEN, 0, ei);
      userdata.setPassword(pwd);
      // Set so we have the right params in the call to processCertReq.
      // Username and pwd in the UserDataVO and the IRequestMessage must match
      crmfreq.setUsername(username);
      crmfreq.setPassword(pwd);
View Full Code Here
91
92
93
94
95
96
97
98
99
100
101
    }

    public byte[] generateCrlReq(String dn, String transactionId, X509Certificate ca) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException, IOException, CMSException, InvalidAlgorithmParameterException, CertStoreException, CertificateEncodingException, IllegalStateException {
        this.cacert = ca;
        this.reqdn = dn;
        X509Name name = CertTools.stringToBcX509Name(cacert.getIssuerDN().getName());
        IssuerAndSerialNumber ias = new IssuerAndSerialNumber(name, cacert.getSerialNumber());
        // Create self signed cert, validity 1 day
        cert = CertTools.genSelfCert(reqdn,24*60*60*1000,null,keys.getPrivate(),keys.getPublic(),AlgorithmConstants.SIGALG_SHA1_WITH_RSA,false);
       
        // wrap message in pkcs#7
View Full Code Here
298
299
300
301
302
303
304
305
306
307
308
309
310
  }
  @Override
  public String getIssuerDN() {
    String ret = null;
    final CertTemplate templ = getReq().getCertReq().getCertTemplate();
    final X509Name name = templ.getIssuer();
    if (name != null) {
      ret = CertTools.stringToBCDNString(name.toString());
    } else {
      ret = defaultCADN;
    }
    if (log.isDebugEnabled()) {
      log.debug("Issuer DN is: "+ret);
View Full Code Here
345
346
347
348
349
350
351
352
353
354
355
356
357
  }

  @Override
  public String getRequestDN() {
    String ret = null;
    final X509Name name = getRequestX509Name();
    if (name != null) {
      ret = CertTools.stringToBCDNString(name.toString());
    }
    if (log.isDebugEnabled()) {
      log.debug("Request DN is: "+ret);
    }
    return ret;
View Full Code Here
359
360
361
362
363
364
365
366
367
368
369

  @Override
  public X509Name getRequestX509Name() {
    final CertTemplate templ = getReq().getCertReq().getCertTemplate();
    final X509Name name = templ.getSubject();
    if (log.isDebugEnabled()) {
      log.debug("Request X509Name is: "+name);
    }
    return name;
  }
View Full Code Here
460
461
462
463
464
465
466
467
468
469
470
471
472
          if (log.isDebugEnabled()) {
            log.debug("Using POPOSigningKeyInput as POPO input.");
          }
          final CertRequest req = getReq().getCertReq();
          // If subject is present in cert template it must be the same as in POPOSigningKeyInput
          final X509Name subject = req.getCertTemplate().getSubject();
          if (subject != null && !subject.toString().equals(pski.getSender().getName().toString())) {
            log.info("Subject '"+subject.toString()+"̈́', is not equal to '"+pski.getSender().toString()+"'.");
            protObject = null// pski is not a valid protection object
          }
          // If public key is present in cert template it must be the same as in POPOSigningKeyInput
          final SubjectPublicKeyInfo pk = req.getCertTemplate().getPublicKey();
          if (pk != null && !Arrays.areEqual(pk.getEncoded(), pski.getPublicKey().getEncoded())) {
View Full Code Here
561
562
563
564
565
566
567
568
569
570
571
  // Returns the subject DN from the request, used from CrmfMessageHandler
  public String getSubjectDN() {
    String ret = null;
    final CertTemplate templ = getReq().getCertReq().getCertTemplate();
    final X509Name name = templ.getSubject();
    if (name != null) {
      ret = CertTools.stringToBCDNString(name.toString());
    }
    return ret;
  }
View Full Code Here
170
171
172
173
174
175
176
177
178
179
180
181
    } else {
      issuer = "CN=fooIssuer";
      subject = "CN=fooSubject";
    }
   
    X509Name issuerName = new X509Name(issuer);
    X509Name subjectName = new X509Name(subject);
    PKIHeader myPKIHeader = CmpMessageHelper.createPKIHeader(issuerName, subjectName, senderNonce, recipientNonce, transactionId);

    try {
      if (status.equals(ResponseStatus.SUCCESS)) {
        if (cert != null) {
View Full Code Here
TOP

Related Classes of com.lowagie.text.pdf.PdfPKCS7$X509Name

  • com.lowagie.text.ExceptionConverter
  • gov.wijiscommons.ssaf.webservice.interceptors.X509Interceptor
  • jp.go.aist.sot.client.security.CsrVerifierUtil
  • jp.go.aist.sot.client.security.ProxyCertGenerator
  • net.sf.jsignpdf.verify.VerifierLogic
  • org.apache.geronimo.console.ca.ConfirmClientCertHandler
  • org.apache.geronimo.console.ca.ListRequestsIssueHandler
  • org.apache.geronimo.console.ca.ListRequestsVerifyHandler
  • org.apache.geronimo.console.core.keystore.KeyStoreGBean
  • org.apache.geronimo.corba.util.Util
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.