Package org.bouncycastle.asn1.x500

Examples of org.bouncycastle.asn1.x500.DirectoryString

63
64
65
66
67
68
69
70
71
72
73
74
  LOGGER.debug("INIT");
    }

    @Override
    public void init() throws ServletException {
  name = new X500Name("CN=Certification Authority");
  pollName = new X500Name("CN=Poll");
  caSerial = BigInteger.TEN;
  try {
      KeyPair keyPair = KeyPairGenerator.getInstance("RSA").genKeyPair();
      priKey = keyPair.getPrivate();
      pubKey = keyPair.getPublic();
View Full Code Here
109
110
111
112
113
114
115
116
117
118
119
120
121
    @Override
    protected List<X509Certificate> doEnrol(PKCS10CertificationRequest csr,
      TransactionId transId) throws OperationFailureException {
  try {
      X500Name subject = X500Name.getInstance(csr.getSubject());
      LOGGER.debug(subject.toString());
      if (subject.equals(pollName)) {
    return Collections.emptyList();
      }
      String password = getPassword(csr);
      if (!password.equals("password")) {
    LOGGER.debug("Invalid password");
View Full Code Here
59
60
61
62
63
64
65
66
67
68
69
  PkiMessageEncoder enc = new PkiMessageEncoder(keyPair.getPrivate(),
    getCertificate(keyPair), envEnc);

  TransactionId transId = TransactionId.createTransactionId();
  Nonce senderNonce = Nonce.nextNonce();
  X500Name name = new X500Name("CN=jscep.org");
  BigInteger serialNumber = BigInteger.ONE;
  IssuerAndSerialNumber iasn = new IssuerAndSerialNumber(name,
    serialNumber);
  GetCert getCert = new GetCert(transId, senderNonce, iasn);
  PkiOperationRequest req = new PkiOperationRequest(enc.encode(getCert));
View Full Code Here
74
75
76
77
78
79
80
81
82
83
84
85
  private String goodIdentifier;
  private String badIdentifier;

  @Before
  public void configureFixtures() throws Exception {
    name = new X500Name("CN=Example");
    pollName = new X500Name("CN=Poll");
    goodSerial = BigInteger.ONE;
    badSerial = BigInteger.ZERO;
    goodIdentifier = null;
    badIdentifier = "bad";
    KeyPair keyPair = KeyPairGenerator.getInstance("RSA").genKeyPair();
View Full Code Here
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
        signerBuilder = new JcaContentSignerBuilder("MD5withRSA");
      }
 
      // The following variables are used to represent the SCEP client
      KeyPair idPair = KeyPairGenerator.getInstance("RSA").genKeyPair();
      X500Name issuer = new X500Name("CN=entity");
      BigInteger serial = new BigInteger(16, new SecureRandom());
      Calendar cal = Calendar.getInstance();
      cal.add(Calendar.DATE, -1);
      Date notBefore = cal.getTime();
      cal.add(Calendar.DATE, 2);
      Date notAfter = cal.getTime();
      X500Name subject = issuer;
      PublicKey publicKey = idPair.getPublic();
      JcaX509v3CertificateBuilder certBuilder = new JcaX509v3CertificateBuilder(
          issuer, serial, notBefore, notAfter, subject, publicKey);
      X509CertificateHolder idHolder = certBuilder.build(signerBuilder
          .build(idPair.getPrivate()));
      // Convert Bouncy Castle representation of X509Certificate into
      // something usable
      X509Certificate id = (X509Certificate) CertificateFactory.getInstance(
          "X509").generateCertificate(
          new ByteArrayInputStream(idHolder.getEncoded()));
 
      // The following variables are used to represent the entity being
      // enrolled
      X500Name entityName = new X500Name("CN=entity");
      KeyPair entityPair = KeyPairGenerator.getInstance("RSA").genKeyPair();
      SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfo
          .getInstance(entityPair.getPublic().getEncoded());
      // Generate the certificate signing request
      PKCS10CertificationRequestBuilder csrBuilder = new PKCS10CertificationRequestBuilder(
          entityName, publicKeyInfo);
      // SCEP servers usually require a challenge password
      csrBuilder.addAttribute(
          PKCSObjectIdentifiers.pkcs_9_at_challengePassword,
          new DERPrintableString(new String("password".toCharArray())));
      ContentSigner signer = signerBuilder.build(entityPair.getPrivate());
      PKCS10CertificationRequest csr = csrBuilder.build(signer);
 
      // Send the enrollment request
      EnrollmentResponse response = client
          .enrol(id, idPair.getPrivate(), csr);
      if (response.isFailure()) {
        // Our request was rejected!
        System.out.println("Failed!");
      } else if (response.isPending()) {
        // The server hasn't enrolled us, but we should try again.
        System.out.println("Pending!");
 
        X500Principal entityPrincipal = new X500Principal(
            entityName.getEncoded());
        // We should deal with the response to the poll too. Since this a
        // short-lived
        // test, we conveniently stop processing here. Usually you'd
        // schedule the poll
        // to run at some point in the future.
View Full Code Here
418
419
420
421
422
423
424
425
426
427
428
    LOGGER.debug("Retriving CRL from CA");
    // TRANSACTIONAL
    // CRL query
    checkDistributionPoints(profile);

    X500Name name = new X500Name(issuer.getName());
    IssuerAndSerialNumber iasn = new IssuerAndSerialNumber(name, serial);
    Transport transport = createTransport(profile);
    final Transaction t = new NonEnrollmentTransaction(transport,
        getEncoder(identity, key, profile), getDecoder(identity, key,
            profile), iasn, MessageType.GET_CRL);
View Full Code Here
517
518
519
520
521
522
523
524
525
526
527
    // Certificate query
    final CertStore store = getCaCertificate(profile);
    CertStoreInspector certs = CertStoreInspector.getInstance(store);
    final X509Certificate ca = certs.getIssuer();

    X500Name name = new X500Name(ca.getIssuerX500Principal().toString());
    IssuerAndSerialNumber iasn = new IssuerAndSerialNumber(name, serial);
    Transport transport = createTransport(profile);
    final Transaction t = new NonEnrollmentTransaction(transport,
        getEncoder(identity, key, profile), getDecoder(identity, key,
            profile), iasn, MessageType.GET_CERT);
View Full Code Here
601
602
603
604
605
606
607
608
609
610
611
612
      throws ClientException, TransactionException {
    LOGGER.debug("Enrolling certificate with CA");

    if (isSelfSigned(identity)) {
      LOGGER.debug("Certificate is self-signed");
      X500Name csrSubject = csr.getSubject();
      X500Name idSubject = X500Utils.toX500Name(identity
          .getSubjectX500Principal());

      if (!csrSubject.equals(idSubject)) {
        LOGGER.error("The self-signed certificate MUST use the same subject name as in the PKCS#10 request.");
      }
View Full Code Here
11
12
13
14
15
16
17
18
19
    private X500Name issuer;
    private X500Name subject;

    @Before
    public void setUp() {
  issuer = new X500Name("CN=issuer");
  subject = new X500Name("CN=subject");
  fixture = new IssuerAndSubject(issuer, subject);
    }
View Full Code Here
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
      Nonce recipientNonce = msg.getSenderNonce();
      CertRep certRep;

      if (msgType == MessageType.GET_CERT) {
    final IssuerAndSerialNumber iasn = (IssuerAndSerialNumber) msgData;
    final X500Name principal = iasn.getName();
    final BigInteger serial = iasn.getSerialNumber().getValue();

    try {
        List<X509Certificate> issued = doGetCert(principal, serial);
        if (issued.size() == 0) {
      certRep = new CertRep(transId, senderNonce,
        recipientNonce, FailInfo.badCertId);
        } else {
      CMSSignedData messageData = getMessageData(issued);

      certRep = new CertRep(transId, senderNonce,
        recipientNonce, messageData);
        }
    } catch (OperationFailureException e) {
        certRep = new CertRep(transId, senderNonce, recipientNonce,
          e.getFailInfo());
    } catch (Exception e) {
        throw new ServletException(e);
    }
      } else if (msgType == MessageType.GET_CERT_INITIAL) {
    final IssuerAndSubject ias = (IssuerAndSubject) msgData;
    final X500Name issuer = X500Name.getInstance(ias.getIssuer());
    final X500Name subject = X500Name.getInstance(ias.getSubject());

    try {
        List<X509Certificate> issued = doGetCertInitial(issuer,
          subject, transId);

        if (issued.size() == 0) {
      certRep = new CertRep(transId, senderNonce,
        recipientNonce);
        } else {
      CMSSignedData messageData = getMessageData(issued);

      certRep = new CertRep(transId, senderNonce,
        recipientNonce, messageData);
        }
    } catch (OperationFailureException e) {
        certRep = new CertRep(transId, senderNonce, recipientNonce,
          e.getFailInfo());
    } catch (Exception e) {
        throw new ServletException(e);
    }
      } else if (msgType == MessageType.GET_CRL) {
    final IssuerAndSerialNumber iasn = (IssuerAndSerialNumber) msgData;
    final X500Name issuer = iasn.getName();
    final BigInteger serialNumber = iasn.getSerialNumber()
      .getValue();

    try {
        LOGGER.debug("Invoking doGetCrl");
View Full Code Here
TOP

Related Classes of org.bouncycastle.asn1.x500.DirectoryString

  • br.net.woodstock.rockframework.security.cert.impl.BouncyCastleCertificateBuilder
  • br.net.woodstock.rockframework.security.sign.impl.PDFSigner
  • br.net.woodstock.rockframework.security.util.BouncyCastleProviderHelper
  • com.gitblit.utils.X509Utils
  • com.limelight.binding.crypto.PcCryptoProvider
  • org.apache.accumulo.test.util.CertUtils
  • org.bouncycastle.asn1.ASN1Encodable
  • org.bouncycastle.asn1.ASN1EncodableVector
  • org.bouncycastle.asn1.ASN1Integer
  • org.bouncycastle.asn1.ASN1ObjectIdentifier
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.