Java Code Examples for org.bouncycastle.pkcs.PKCS10CertificationRequest#getAttributes()

The following examples show how to use org.bouncycastle.pkcs.PKCS10CertificationRequest#getAttributes() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: Crypto.java    From athenz with Apache License 2.0 6 votes vote down vote up 
public static List<String> extractX509CSRIPAddresses(PKCS10CertificationRequest certReq) {

        List<String> ipAddresses = new ArrayList<>();
        Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
        for (Attribute attribute : attributes) {
            for (ASN1Encodable value : attribute.getAttributeValues()) {
                Extensions extensions = Extensions.getInstance(value);
                GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
                ///CLOVER:OFF
                if (gns == null) {
                    continue;
                }
                ///CLOVER:ON
                for (GeneralName name : gns.getNames()) {
                    if (name.getTagNo() == GeneralName.iPAddress) {
                        try {
                            InetAddress addr = InetAddress.getByAddress(((DEROctetString) name.getName()).getOctets());
                            ipAddresses.add(addr.getHostAddress());
                        } catch (UnknownHostException ignored) {
                        }
                    }
                }
            }
        }
        return ipAddresses;
    }
Example 2
Source File: SecurityUtil.java    From hadoop-ozone with Apache License 2.0 5 votes vote down vote up 
public static ASN1Set getPkcs9ExtRequest(PKCS10CertificationRequest csr)
    throws CertificateException {
  for (Attribute attr : csr.getAttributes()) {
    ASN1ObjectIdentifier oid = attr.getAttrType();
    if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) {
      return attr.getAttrValues();
    }
  }
  throw new CertificateException("No PKCS#9 extension found in CSR");
}
Example 3
Source File: Crypto.java    From athenz with Apache License 2.0 5 votes vote down vote up 
private static List<String> extractX509CSRSANField(PKCS10CertificationRequest certReq, int tagNo) {

        List<String> values = new ArrayList<>();
        Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
        for (Attribute attribute : attributes) {
            for (ASN1Encodable value : attribute.getAttributeValues()) {
                Extensions extensions = Extensions.getInstance(value);
                GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
                ///CLOVER:OFF
                if (gns == null) {
                    continue;
                }
                ///CLOVER:ON
                for (GeneralName name : gns.getNames()) {

                    // GeneralName ::= CHOICE {
                    //     otherName                       [0]     OtherName,
                    //     rfc822Name                      [1]     IA5String,
                    //     dNSName                         [2]     IA5String,
                    //     x400Address                     [3]     ORAddress,
                    //     directoryName                   [4]     Name,
                    //     ediPartyName                    [5]     EDIPartyName,
                    //     uniformResourceIdentifier       [6]     IA5String,
                    //     iPAddress                       [7]     OCTET STRING,
                    //     registeredID                    [8]     OBJECT IDENTIFIER}

                    if (name.getTagNo() == tagNo) {
                        values.add(((DERIA5String) name.getName()).getString());
                    }
                }
            }
        }
        return values;
    }
Example 4
Source File: Pkcs10Util.java    From keystore-explorer with GNU General Public License v3.0 5 votes vote down vote up 
/**
 * Extract sequence with extensions from CSR
 *
 * @param pkcs10Csr The CSR
 * @return Extensions from that CSR (if any)
 */
public static X509ExtensionSet getExtensions(PKCS10CertificationRequest pkcs10Csr) {
	Attribute[] attributes = pkcs10Csr.getAttributes(pkcs_9_at_extensionRequest);
	X509ExtensionSet x509ExtensionSet = new X509ExtensionSet();
	if ((attributes != null) && (attributes.length > 0)) {
		ASN1Encodable[] attributeValues = attributes[0].getAttributeValues();
		if (attributeValues.length > 0) {
			ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(attributeValues[0]);
			x509ExtensionSet = new X509ExtensionSet(asn1Sequence);
		}
	}
	return x509ExtensionSet;
}
Example 5
Source File: BaseApprover.java    From hadoop-ozone with Apache License 2.0 2 votes vote down vote up 
/**
 * Returns the Attribute array that encodes extensions.
 *
 * @param request - Certificate Request
 * @return - An Array of Attributes that encode various extensions requested
 * in this certificate.
 */
Attribute[] getAttributes(PKCS10CertificationRequest request) {
  Objects.requireNonNull(request);
  return
      request.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
}