List of usage examples for org.bouncycastle.asn1 DERSequence DERSequence
public DERSequence(ASN1Encodable[] elements)
From source file:org.globus.gsi.bc.X509NameHelper.java
License:Apache License
/** * Appends the specified OID and value pair name component to the end of the * current name.//from ww w . j av a 2s . c o m * * @param oid the name component oid, e.g. {@link org.bouncycastle.asn1.x500.style.BCStyle#CN * BCStyle.CN} * @param value the value (e.g. "proxy") */ public void add(ASN1ObjectIdentifier oid, String value) { ASN1EncodableVector v = new ASN1EncodableVector(); v.add(oid); v.add(new DERPrintableString(value)); add(new DERSet(new DERSequence(v))); }
From source file:org.globus.gsi.proxy.ext.ProxyCertInfo.java
License:Apache License
/** * Returns the DER-encoded ASN.1 representation of the extension. * * @return <code>DERObject</code> the encoded representation of the extension. *//* www . ja v a 2 s . c o m*/ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vec = new ASN1EncodableVector(); if (this.pathLenConstraint != null) { vec.add(this.pathLenConstraint); } vec.add(this.proxyPolicy.toASN1Primitive()); return new DERSequence(vec); }
From source file:org.globus.gsi.proxy.ext.ProxyPolicy.java
License:Apache License
/** * Returns the DER-encoded ASN.1 representation of proxy policy. * * @return <code>DERObject</code> the encoded representation of the proxy * policy./*from www. j av a 2 s . c o m*/ */ public ASN1Primitive toASN1Primitive() { ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(this.policyLanguage); if (this.policy != null) { vec.add(this.policy); } return new DERSequence(vec); }
From source file:org.globus.security.proxyExtension.ProxyPolicy.java
License:Apache License
/** * Returns the DER-encoded ASN.1 representation of proxy policy. * * @return <code>DERObject</code> the encoded representation of the proxy * policy./*w w w. ja v a 2 s . c o m*/ */ public DERObject getDERObject() { ASN1EncodableVector vec = new ASN1EncodableVector(); vec.add(this.policyLanguage); if (this.policy != null) { vec.add(this.policy); } return new DERSequence(vec); }
From source file:org.hyperledger.fabric.sdk.security.certgen.TLSCertificateBuilder.java
License:Open Source License
private void addSAN(X509v3CertificateBuilder certBuilder, String san) throws CertIOException { ASN1Encodable[] subjectAlternativeNames = new ASN1Encodable[] { new GeneralName(GeneralName.dNSName, san) }; certBuilder.addExtension(Extension.subjectAlternativeName, false, new DERSequence(subjectAlternativeNames)); }
From source file:org.iotivity.cloud.accountserver.resources.credprov.cert.CertificateResource.java
License:Open Source License
/** * Handles post requests to Certificate Resource. * Request should be with specified format * POST /oic/credprov/cert//from ww w . j a v a 2s. c o m * { * di? : 11-22-xx?, * csr? : { * encoding? : oic.sec.encoding.base64?, * data? : <Base64 encoded CSR Binary>? * } * } * Method checks encoding, and decodes data by specified encoding if needed. * * Method issus a certificate including User UUID in extension field, * stores issuing information (serial number, validity, device uuid, user uuid) for management (e.g. re-issue). * Response should be in next format for example: * 2.04 CHANGED * { * di? : 1111-22-xx?, * cert? : { * encoding? : oic.sec.encoding.base64?, * data? : <Base64 encoded Cert. Binary>? * }, * certchain? : { * encoding? : oic.sec.encoding.base64?, * data? : <Base64 encoded CA Cert. chain>? * } * } * or returns BAD_REQUEST: 4.0.1 if any exceptions occured. * * @param request request with payload information. * @throws ServerException */ private IResponse handlePostRequest(IRequest request) throws ServerException { byte[] requestPayload = request.getPayload(); IResponse response = MessageBuilder.createResponse(request, ResponseStatus.BAD_REQUEST); if (requestPayload != null) { Map<String, Object> payloadData = MAP_CBOR.parsePayloadFromCbor(requestPayload, HashMap.class); if (payloadData != null) { Object csr = payloadData.get(Constants.REQ_CSR); if (csr != null && csr instanceof Map) { Object encoding = ((Map<String, Object>) csr).get(ENCODING); Object data = ((Map<String, Object>) csr).get(DATA); if (encoding != null && encoding instanceof String && data != null && data instanceof byte[]) { byte[] csrData = (byte[]) data; if (encoding.equals(BASE_64)) { csrData = Base64.decode(csrData); } try { CSRParser parser = new CSRParser(csrData); String commonName = parser.getCommonName(); String pattern = "^uuid:(.*)$"; Pattern r = Pattern.compile(pattern); Matcher m = r.matcher(commonName); String deviceId = (String) payloadData.get(RESP_DEVICE_ID); if (m.find() && m.group(1).equals(deviceId) && parser.isSignatureValid()) { CertificateManager certificateManager = new CertificateManager(deviceId); CertificateTable certificateTable = certificateManager.getCertificate(); if (certificateTable != null) { try { CrlManager.CRL_MANAGER.revoke(certificateTable.getSerialNumber()); } catch (CRLException | OperatorCreationException e) { Log.e(e.getMessage() + e.getClass()); } certificateManager.update(certificateTable, true); } PublicKey publicKey = parser.getPublicKey(); if (publicKey != null) { CertificateExtension extension = new CertificateExtension( Extension.subjectAlternativeName, false, new DERSequence(new ASN1Encodable[] { new GeneralName(GeneralName.dNSName, Constants.KEYFIELD_USERID + ":" + Utility.getUserID(deviceId)) })); CertificateBuilder certBuilder = new CertificateBuilder(parser.getSubject(), publicKey, extension); try { X509Certificate personal = certBuilder.build(); byte[] encodedCert = personal.getEncoded(); byte[] encodedCa = CertificateStorage.ROOT_CERTIFICATE.getEncoded(); if (encoding.equals(CertificateConstants.BASE_64)) { encodedCert = Base64.encode(encodedCert); encodedCa = Base64.encode(encodedCa); } certificateManager.put(Constants.RESP_DEVICE_ID, deviceId); certificateManager.put(Constants.CERT, new CSR(encoding.toString(), encodedCert)); certificateManager.put(Constants.CERT_CHAIN, new CSR(encoding.toString(), encodedCa)); certificateManager.save(personal.getSerialNumber(), personal.getNotAfter(), personal.getNotBefore()); response = MessageBuilder.createResponse(request, ResponseStatus.CHANGED, ContentFormat.APPLICATION_CBOR, MAP_CBOR.encodingPayloadToCbor(certificateManager.getPayLoad())); } catch (GeneralSecurityException | OperatorCreationException | CertIOException e) { Log.e(e.getMessage()); } } } } catch (IOException e) { Log.e(e.getMessage()); } } } } } return response; }
From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java
License:Apache License
private ASN1Encodable buildFQANsAttributeContent(List<String> fqans, GeneralName policyAuthorityInfo) { ASN1EncodableVector container = new ASN1EncodableVector(); ASN1EncodableVector encodedFQANs = new ASN1EncodableVector(); // Policy authority info DERTaggedObject pai = new DERTaggedObject(0, policyAuthorityInfo); container.add(pai);//from w w w.j av a 2 s .c om for (String s : fqans) encodedFQANs.add(new DEROctetString(s.getBytes())); container.add(new DERSequence(encodedFQANs)); return new DERSequence(container); }
From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java
License:Apache License
private ASN1Encodable buildGAExtensionContent(EnumSet<ACGenerationProperties> properties, List<VOMSGenericAttribute> gas, GeneralName policyAuthorityInfo) { ASN1EncodableVector tagContainer = new ASN1EncodableVector(); ASN1EncodableVector tagSequences = new ASN1EncodableVector(); for (VOMSGenericAttribute a : gas) tagSequences.add(buildTagSequence(a)); tagContainer.add(new GeneralNames(policyAuthorityInfo)); tagContainer.add(new DERSequence(tagSequences)); DERSequence finalSequence;/*w w w . j av a2s. co m*/ // We wrap this three times as VOMS core does, even if I think this // is a bug finalSequence = new DERSequence(new DERSequence(new DERSequence(tagContainer))); return finalSequence; }
From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java
License:Apache License
private DERSequence buildTagSequence(VOMSGenericAttribute ga) { ASN1EncodableVector tagSequence = new ASN1EncodableVector(); tagSequence.add(getDEROctetString(ga.getName())); tagSequence.add(getDEROctetString(ga.getValue())); tagSequence.add(getDEROctetString(ga.getContext())); return new DERSequence(tagSequence); }
From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java
License:Apache License
private ASN1Encodable buildTargetsExtensionContent(EnumSet<ACGenerationProperties> properties, List<String> targets) { ASN1EncodableVector targetSeq = new ASN1EncodableVector(); for (String s : targets) { DERTaggedObject encodedTarget = new DERTaggedObject(0, new GeneralName(GeneralName.uniformResourceIdentifier, s)); // We wrap the target in another sequence as the old VOMS does targetSeq.add(new DERSequence(encodedTarget)); }/*ww w . j a va 2 s. c o m*/ DERSequence targetExtensionContent = new DERSequence(new DERSequence(targetSeq)); return targetExtensionContent; }