Package org.apache.geronimo.crypto.asn1.x509

Examples of org.apache.geronimo.crypto.asn1.x509.GeneralNames


                    unused += x;
                }
                value = new DERBitString(new byte[] { v }, unused);
            } else if(r_oid.equals(new DERObjectIdentifier("2.5.29.17"))) { //subjectAltName
                if(valuex.startsWith("DNS:")) {
                    value = new String(ByteList.plain(new GeneralNames(new GeneralName(GeneralName.dNSName,new DERIA5String(valuex.substring(4)))).getDEREncoded()));
                } else if(valuex.startsWith("IP:")) {
                    String[] numbers = valuex.substring(3).split("\\.");
                    byte[] bs = new byte[4];
                    bs[0] = (byte) (Integer.parseInt(numbers[0]) & 0xff);
                    bs[1] = (byte) (Integer.parseInt(numbers[1]) & 0xff);
                    bs[2] = (byte) (Integer.parseInt(numbers[2]) & 0xff);
                    bs[3] = (byte) (Integer.parseInt(numbers[3]) & 0xff);
                    value = new String(ByteList.plain(new GeneralNames(new GeneralName(GeneralName.iPAddress,new DEROctetString(bs))).getDEREncoded()));
                } else if(valuex.startsWith("IP Address:")) {
                    String[] numbers = valuex.substring(11).split("\\.");
                    byte[] bs = new byte[4];
                    bs[0] = (byte) (Integer.parseInt(numbers[0]) & 0xff);
                    bs[1] = (byte) (Integer.parseInt(numbers[1]) & 0xff);
                    bs[2] = (byte) (Integer.parseInt(numbers[2]) & 0xff);
                    bs[3] = (byte) (Integer.parseInt(numbers[3]) & 0xff);
                    value = new String(ByteList.plain(new GeneralNames(new GeneralName(GeneralName.iPAddress,new DEROctetString(bs))).getDEREncoded()));
                }
            } else if(r_oid.equals(new DERObjectIdentifier("2.5.29.37"))) { //extendedKeyUsage
                String[] spl = valuex.split(", ?");
                ASN1EncodableVector vector = new ASN1EncodableVector();
                for(String name : spl) {
View Full Code Here


                        }
                    } catch (IOException ex) {
                        throw getRuntime().newIOErrorFromException(ex);
                    }

                    ag.setRealValue(new String(ByteList.plain(new GeneralNames(new DERSequence(v1)).getDEREncoded())));
                    one = false;
                    break;
                }
            }
            if(one) {
View Full Code Here

      List<GeneralName> altNames = new ArrayList<GeneralName>();
      if (HttpUtils.isIpAddress(sslMetadata.commonName)) {
        altNames.add(new GeneralName(GeneralName.iPAddress, sslMetadata.commonName));
      }
      if (altNames.size() > 0) {
        GeneralNames subjectAltName = new GeneralNames(altNames.toArray(new GeneralName [altNames.size()]));
        certBuilder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
      }

      ContentSigner caSigner = new JcaContentSignerBuilder(SIGNING_ALGORITHM)
          .setProvider(BC).build(caPrivateKey);
View Full Code Here

      certBuilder.addExtension(X509Extension.subjectKeyIdentifier, false, extUtils.createSubjectKeyIdentifier(pair.getPublic()));
      certBuilder.addExtension(X509Extension.basicConstraints, false, new BasicConstraints(false));
      certBuilder.addExtension(X509Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(caCert.getPublicKey()));
      certBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(KeyUsage.keyEncipherment | KeyUsage.digitalSignature));
      if (!StringUtils.isEmpty(clientMetadata.emailAddress)) {
        GeneralNames subjectAltName = new GeneralNames(
                    new GeneralName(GeneralName.rfc822Name, clientMetadata.emailAddress));
        certBuilder.addExtension(X509Extension.subjectAlternativeName, false, subjectAltName);
      }

      ContentSigner signer = new JcaContentSignerBuilder(SIGNING_ALGORITHM).setProvider(BC).build(caPrivateKey);
View Full Code Here

                        (ASN1Sequence)new DERInputStream(in).readObject());
        final SubjectKeyIdentifier ski = new SubjectKeyIdentifier(spki);

        final ByteArrayInputStream in2 =
                new ByteArrayInputStream(newprincipal.getEncoded());
        final GeneralNames generalNames = new GeneralNames(
                (ASN1Sequence)new DERInputStream(in2).readObject());
        final AuthorityKeyIdentifier aki =
                new AuthorityKeyIdentifier(spki, generalNames, BigInteger.ZERO);

View Full Code Here

                        (ASN1Sequence)new DERInputStream(in).readObject());
        final SubjectKeyIdentifier ski = new SubjectKeyIdentifier(spki);

        final ByteArrayInputStream in2 =
                new ByteArrayInputStream(newprincipal.getEncoded());
        final GeneralNames generalNames = new GeneralNames(
                (ASN1Sequence)new DERInputStream(in2).readObject());
        final AuthorityKeyIdentifier aki =
                new AuthorityKeyIdentifier(spki, generalNames, BigInteger.ZERO);

View Full Code Here

            int uri = GeneralName.uniformResourceIdentifier;
            DERIA5String crlUriDer = new DERIA5String(crlUri);
            GeneralName gn = new GeneralName(uri, crlUriDer);

            DERSequence gnDer = new DERSequence(gn);
            GeneralNames gns = GeneralNames.getInstance(gnDer);
           
            DistributionPointName dpn = new DistributionPointName(0, gns);
            DistributionPoint distp = new DistributionPoint(dpn, null, null);
            DERSequence distpDer = new DERSequence(distp);
            certificateGenerator.addExtension(Extension.cRLDistributionPoints, false, distpDer);
View Full Code Here

            {
                throw new CertPathValidatorException("Subtree check for certificate subject failed.", e, certPath,
                    index);
            }

            GeneralNames altName = null;
            try
            {
                altName = GeneralNames.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
                    RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME));
            }
            catch (Exception e)
            {
                throw new CertPathValidatorException("Subject alternative name extension could not be decoded.", e,
                    certPath, index);
            }
            Vector emails = new X509Name(dns).getValues(X509Name.EmailAddress);
            for (Enumeration e = emails.elements(); e.hasMoreElements();)
            {
                String email = (String)e.nextElement();
                GeneralName emailAsGeneralName = new GeneralName(GeneralName.rfc822Name, email);
                try
                {
                    nameConstraintValidator.checkPermitted(emailAsGeneralName);
                    nameConstraintValidator.checkExcluded(emailAsGeneralName);
                }
                catch (PKIXNameConstraintValidatorException ex)
                {
                    throw new CertPathValidatorException(
                        "Subtree check for certificate subject alternative email failed.", ex, certPath, index);
                }
            }
            if (altName != null)
            {
                GeneralName[] genNames = null;
                try
                {
                    genNames = altName.getNames();
                }
                catch (Exception e)
                {
                    throw new CertPathValidatorException("Subject alternative name contents could not be decoded.", e,
                        certPath, index);
View Full Code Here

                }
                catch (Exception e)
                {
                    throw new AnnotatedException("Issuer from certificate for CRL could not be reencoded.", e);
                }
                DistributionPoint dp = new DistributionPoint(new DistributionPointName(0, new GeneralNames(
                    new GeneralName(GeneralName.directoryName, issuer))), null, null);
                ExtendedPKIXParameters paramsPKIXClone = (ExtendedPKIXParameters)paramsPKIX.clone();
                checkCRL(dp, paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask,
                    certPathCerts);
                validCrlFound = true;
View Full Code Here

                {
                    try
                    {
                        AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(
                            X509ExtensionUtil.fromExtensionValue(akiBytes));
                        GeneralNames issuerNames = aki.getAuthorityCertIssuer();
                        if (issuerNames != null)
                        {
                            GeneralName name = issuerNames.getNames()[0];
                            BigInteger serial = aki.getAuthorityCertSerialNumber();
                            if (serial != null)
                            {
                                Object[] extraArgs = {new LocaleString(RESOURCE_NAME, "missingIssuer"), " \"", name ,
                                        "\" ", new LocaleString(RESOURCE_NAME, "missingSerial") , " ", serial};
View Full Code Here

TOP

Related Classes of org.apache.geronimo.crypto.asn1.x509.GeneralNames

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.