Examples of org.bouncycastle.asn1.x509.GeneralName

• org.bouncycastle.asn1.x509.GeneralName
  The GeneralName object.

   GeneralName ::= CHOICE { otherName                       [0]     OtherName, rfc822Name                      [1]     IA5String, dNSName                         [2]     IA5String, x400Address                     [3]     ORAddress, directoryName                   [4]     Name, ediPartyName                    [5]     EDIPartyName, uniformResourceIdentifier       [6]     IA5String, iPAddress                       [7]     OCTET STRING, registeredID                    [8]     OBJECT IDENTIFIER} OtherName ::= SEQUENCE { type-id    OBJECT IDENTIFIER, value      [0] EXPLICIT ANY DEFINED BY type-id } EDIPartyName ::= SEQUENCE { nameAssigner            [0]     DirectoryString OPTIONAL, partyName               [1]     DirectoryString } Name ::= CHOICE { RDNSequence } 

            AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
            for (int i = 0; i < ads.length; i++)
            {
                if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
                {
                    GeneralName name = ads[i].getAccessLocation();
                    if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
                    {
                        String url = ((DERIA5String) name.getName()).getString();
                        urls.add(url);
                    }
                }
            }
        }

    public void setRequestorName(
        X500Principal        requestorName)
    {
        try
        {
            this.requestorName = new GeneralName(GeneralName.directoryName, new X509Principal(requestorName.getEncoded()));
        }
        catch (IOException e)
        {
            throw new IllegalArgumentException("cannot encode principal: " + e);
        }

    {
        try
        {
            if (certificate.getVersion() != 3)
            {
                GeneralName          genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));
                SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(
                        (ASN1Sequence)new ASN1InputStream(certificate.getPublicKey().getEncoded()).readObject());

                return (ASN1Sequence)new AuthorityKeyIdentifier(
                               info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Object();
            }
            else
            {
                GeneralName             genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));

                byte[]                  ext = certificate.getExtensionValue(X509Extensions.SubjectKeyIdentifier.getId());

                if (ext != null)
                {

        {
            byte[] extnValue = DEROctetString.getInstance(ASN1Object.fromByteArray(extVal)).getOctets();
            Enumeration it = DERSequence.getInstance(ASN1Object.fromByteArray(extnValue)).getObjects();
            while (it.hasMoreElements())
            {
                GeneralName genName = GeneralName.getInstance(it.nextElement());
                List list = new ArrayList();
                list.add(new Integer(genName.getTagNo()));
                switch (genName.getTagNo())
                {
                case GeneralName.ediPartyName:
                case GeneralName.x400Address:
                case GeneralName.otherName:
                    list.add(genName.getName().getDERObject());
                    break;
                case GeneralName.directoryName:
                    list.add(X509Name.getInstance(genName.getName()).toString());
                    break;
                case GeneralName.dNSName:
                case GeneralName.rfc822Name:
                case GeneralName.uniformResourceIdentifier:
                    list.add(((DERString)genName.getName()).getString());
                    break;
                case GeneralName.registeredID:
                    list.add(DERObjectIdentifier.getInstance(genName.getName()).getId());
                    break;
                case GeneralName.iPAddress:
                    list.add(DEROctetString.getInstance(genName.getName()).getOctets());
                    break;
                    default:
                        throw new IOException("Bad tag number: " + genName.getTagNo());
                }

                temp.add(list);
            }
        }

        String          signDN = "O=Bouncy Castle, C=AU";
        KeyPair         signKP = OCSPTestUtil.makeECKeyPair();
        X509Certificate testCert = OCSPTestUtil.makeECDSACertificate(signKP, signDN, signKP, signDN);

        String          origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
        GeneralName     origName = new GeneralName(new X509Name(origDN));

        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID   id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));

        //
        // basic request generation
        //
        OCSPReqGenerator    gen = new OCSPReqGenerator();

        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        OCSPReq         req = gen.generate();

        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }

        X509Certificate[] certs = req.getCerts("BC");

        if (certs != null)
        {
            fail("null certs expected, but not found");
        }

        Req[]           requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        //
        // request generation with signing
        //
        X509Certificate[]   chain = new X509Certificate[1];

        gen = new OCSPReqGenerator();

        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));

        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        chain[0] = testCert;

        req = gen.generate("SHA1withECDSA", signKP.getPrivate(), chain, "BC");

        if (!req.isSigned())
        {
            fail("not signed but should be");
        }

        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }

        requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        certs = req.getCerts("BC");

        if (certs == null)
        {
            fail("null certs found");
        }

        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }

        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();

        OCSPReq newReq = new OCSPReq(reqEnc);

        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }

        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];

        gen = new OCSPReqGenerator();

        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();

        rand.nextBytes(sampleNonce);

        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));

        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));

        gen.setRequestExtensions(new X509Extensions(oids, values));

        String          signDN = "O=Bouncy Castle, C=AU";
        KeyPair         signKP = OCSPTestUtil.makeKeyPair();
        X509Certificate testCert = OCSPTestUtil.makeCertificate(signKP, signDN, signKP, signDN);

        String          origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
        GeneralName     origName = new GeneralName(new X509Name(origDN));

        //
        // general id value for our test issuer cert and a serial number.
        //
        CertificateID   id = new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1));

        //
        // basic request generation
        //
        OCSPReqGenerator    gen = new OCSPReqGenerator();

        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        OCSPReq         req = gen.generate();

        if (req.isSigned())
        {
            fail("signed but shouldn't be");
        }

        X509Certificate[] certs = req.getCerts("BC");

        if (certs != null)
        {
            fail("null certs expected, but not found");
        }

        Req[]           requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        //
        // request generation with signing
        //
        X509Certificate[]   chain = new X509Certificate[1];

        gen = new OCSPReqGenerator();

        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));

        gen.addRequest(
                new CertificateID(CertificateID.HASH_SHA1, testCert, BigInteger.valueOf(1)));

        chain[0] = testCert;

        req = gen.generate("SHA1withRSA", signKP.getPrivate(), chain, "BC");

        if (!req.isSigned())
        {
            fail("not signed but should be");
        }

        if (!req.verify(signKP.getPublic(), "BC"))
        {
            fail("signature failed to verify");
        }

        requests = req.getRequestList();

        if (!requests[0].getCertID().equals(id))
        {
            fail("Failed isFor test");
        }

        certs = req.getCerts("BC");

        if (certs == null)
        {
            fail("null certs found");
        }

        if (certs.length != 1 || !certs[0].equals(testCert))
        {
            fail("incorrect certs found in request");
        }

        //
        // encoding test
        //
        byte[] reqEnc = req.getEncoded();

        OCSPReq newReq = new OCSPReq(reqEnc);

        if (!newReq.verify(signKP.getPublic(), "BC"))
        {
            fail("newReq signature failed to verify");
        }

        //
        // request generation with signing and nonce
        //
        chain = new X509Certificate[1];

        gen = new OCSPReqGenerator();

        Vector oids = new Vector();
        Vector values = new Vector();
        byte[] sampleNonce = new byte[16];
        Random rand = new Random();

        rand.nextBytes(sampleNonce);

        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X509Principal("CN=fred")));

        oids.addElement(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
        values.addElement(new X509Extension(false, new DEROctetString(new DEROctetString(sampleNonce))));

        gen.setRequestExtensions(new X509Extensions(oids, values));

        this(new X509Principal(principal.getEncoded()));
    }

    public AttributeCertificateIssuer(X509Principal principal)
    {
        form = new V2Form(new GeneralNames(new DERSequence(new GeneralName(principal))));
    }

    {
        GeneralName[] names = targets.getNames();

        for (int i = 0; i != names.length; i++)
        {
            GeneralName gn = names[i];

            if (gn.getTagNo() == GeneralName.directoryName)
            {
                try
                {
                    if (new X500Principal(((ASN1Encodable)gn.getName()).getEncoded()).equals(subject))
                    {
                        return true;
                    }
                }
                catch (IOException e)

                    catch (IOException e)
                    {
                        throw new AnnotatedException("Could not read CRL issuer.", e);
                    }
                    vec.add(dpName.getName());
                    names.add(new GeneralName(X509Name.getInstance(new DERSequence(vec))));
                }
                boolean matches = false;
                // verify that one of the names in the IDP matches one
                // of the names in the DP.
                if (dp.getDistributionPoint() != null)
                {
                    dpName = dp.getDistributionPoint();
                    GeneralName[] genNames = null;
                    if (dpName.getType() == DistributionPointName.FULL_NAME)
                    {
                        genNames = GeneralNames.getInstance(dpName.getName()).getNames();
                    }
                    if (dpName.getType() == DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER)
                    {
                        if (dp.getCRLIssuer() != null)
                        {
                            genNames = dp.getCRLIssuer().getNames();
                        }
                        else
                        {
                            genNames = new GeneralName[1];
                            try
                            {
                                genNames[0] = new GeneralName(new X509Name(
                                    (ASN1Sequence)ASN1Sequence.fromByteArray(CertPathValidatorUtilities
                                        .getEncodedIssuerPrincipal(cert).getEncoded())));
                            }
                            catch (IOException e)
                            {
                                throw new AnnotatedException("Could not read certificate issuer.", e);
                            }
                        }
                        for (int j = 0; j < genNames.length; j++)
                        {
                            Enumeration e = ASN1Sequence.getInstance(genNames[j].getName().getDERObject()).getObjects();
                            ASN1EncodableVector vec = new ASN1EncodableVector();
                            while (e.hasMoreElements())
                            {
                                vec.add((DEREncodable)e.nextElement());
                            }
                            vec.add(dpName.getName());
                            genNames[j] = new GeneralName(new X509Name(new DERSequence(vec)));
                        }
                    }
                    if (genNames != null)
                    {
                        for (int j = 0; j < genNames.length; j++)

        byte[] issuerBytes = CertPathValidatorUtilities.getIssuerPrincipal(crl).getEncoded();

        boolean matchIssuer = false;
        if (dp.getCRLIssuer() != null)
        {
            GeneralName genNames[] = dp.getCRLIssuer().getNames();
            for (int j = 0; j < genNames.length; j++)
            {
                if (genNames[j].getTagNo() == GeneralName.directoryName)
                {
                    try