org.spongycastle.asn1.ASN1ObjectIdentifier Java Examples
The following examples show how to use
org.spongycastle.asn1.ASN1ObjectIdentifier.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: X509Utils.java From bcm-android with GNU General Public License v3.0 | 7 votes |
|
/**
* Returns either a string that "sums up" the certificate for humans, in a similar manner to what you might see
* in a web browser, or null if one cannot be extracted. This will typically be the common name (CN) field, but
* can also be the org (O) field, org+location+country if withLocation is set, or the email
* address for S/MIME certificates.
*/
@Nullable
public static String getDisplayNameFromCertificate(@Nonnull X509Certificate certificate, boolean withLocation) throws CertificateParsingException {
X500Name name = new X500Name(certificate.getSubjectX500Principal().getName());
String commonName = null, org = null, location = null, country = null;
for (RDN rdn : name.getRDNs()) {
AttributeTypeAndValue pair = rdn.getFirst();
String val = ((ASN1String) pair.getValue()).getString();
ASN1ObjectIdentifier type = pair.getType();
if (type.equals(RFC4519Style.cn))
commonName = val;
else if (type.equals(RFC4519Style.o))
org = val;
else if (type.equals(RFC4519Style.l))
location = val;
else if (type.equals(RFC4519Style.c))
country = val;
}
final Collection<List<?>> subjectAlternativeNames = certificate.getSubjectAlternativeNames();
String altName = null;
if (subjectAlternativeNames != null)
for (final List<?> subjectAlternativeName : subjectAlternativeNames)
if ((Integer) subjectAlternativeName.get(0) == 1) // rfc822name
altName = (String) subjectAlternativeName.get(1);
if (org != null) {
return withLocation ? Joiner.on(", ").skipNulls().join(org, location, country) : org;
} else if (commonName != null) {
return commonName;
} else {
return altName;
}
}
Example #2
| Source File: DistinguishedNameValues.java From java-n-IDE-for-Android with Apache License 2.0 | 5 votes |
|
public String put(ASN1ObjectIdentifier oid, String value) {
if (value != null && value.equals("")) value = null;
if (containsKey(oid)) super.put(oid,value); // preserve original ordering
else {
super.put(oid,value);
// String cn = remove(BCStyle.CN); // CN will always be last.
// put(BCStyle.CN,cn);
}
return value;
}
Example #3
| Source File: DistinguishedNameValues.java From java-n-IDE-for-Android with Apache License 2.0 | 5 votes |
|
public X509Principal getPrincipal() {
Vector<ASN1ObjectIdentifier> oids = new Vector<ASN1ObjectIdentifier>();
Vector<String> values = new Vector<String>();
for (Entry<ASN1ObjectIdentifier,String> entry : entrySet()) {
if (entry.getValue() != null && !entry.getValue().equals("")) {
oids.add( entry.getKey());
values.add( entry.getValue());
}
}
return new X509Principal(oids,values);
}
Example #4
| Source File: X509Utils.java From green_android with GNU General Public License v3.0 | 5 votes |
|
/**
* Returns either a string that "sums up" the certificate for humans, in a similar manner to what you might see
* in a web browser, or null if one cannot be extracted. This will typically be the common name (CN) field, but
* can also be the org (O) field, org+location+country if withLocation is set, or the email
* address for S/MIME certificates.
*/
@Nullable
public static String getDisplayNameFromCertificate(@Nonnull X509Certificate certificate, boolean withLocation) throws CertificateParsingException {
X500Name name = new X500Name(certificate.getSubjectX500Principal().getName());
String commonName = null, org = null, location = null, country = null;
for (RDN rdn : name.getRDNs()) {
AttributeTypeAndValue pair = rdn.getFirst();
String val = ((ASN1String) pair.getValue()).getString();
ASN1ObjectIdentifier type = pair.getType();
if (type.equals(RFC4519Style.cn))
commonName = val;
else if (type.equals(RFC4519Style.o))
org = val;
else if (type.equals(RFC4519Style.l))
location = val;
else if (type.equals(RFC4519Style.c))
country = val;
}
final Collection<List<?>> subjectAlternativeNames = certificate.getSubjectAlternativeNames();
String altName = null;
if (subjectAlternativeNames != null)
for (final List<?> subjectAlternativeName : subjectAlternativeNames)
if ((Integer) subjectAlternativeName.get(0) == 1) // rfc822name
altName = (String) subjectAlternativeName.get(1);
if (org != null) {
return withLocation ? Joiner.on(", ").skipNulls().join(org, location, country) : org;
} else if (commonName != null) {
return commonName;
} else {
return altName;
}
}
Example #5
| Source File: X509Utils.java From GreenBits with GNU General Public License v3.0 | 5 votes |
|
/**
* Returns either a string that "sums up" the certificate for humans, in a similar manner to what you might see
* in a web browser, or null if one cannot be extracted. This will typically be the common name (CN) field, but
* can also be the org (O) field, org+location+country if withLocation is set, or the email
* address for S/MIME certificates.
*/
@Nullable
public static String getDisplayNameFromCertificate(@Nonnull X509Certificate certificate, boolean withLocation) throws CertificateParsingException {
X500Name name = new X500Name(certificate.getSubjectX500Principal().getName());
String commonName = null, org = null, location = null, country = null;
for (RDN rdn : name.getRDNs()) {
AttributeTypeAndValue pair = rdn.getFirst();
String val = ((ASN1String) pair.getValue()).getString();
ASN1ObjectIdentifier type = pair.getType();
if (type.equals(RFC4519Style.cn))
commonName = val;
else if (type.equals(RFC4519Style.o))
org = val;
else if (type.equals(RFC4519Style.l))
location = val;
else if (type.equals(RFC4519Style.c))
country = val;
}
final Collection<List<?>> subjectAlternativeNames = certificate.getSubjectAlternativeNames();
String altName = null;
if (subjectAlternativeNames != null)
for (final List<?> subjectAlternativeName : subjectAlternativeNames)
if ((Integer) subjectAlternativeName.get(0) == 1) // rfc822name
altName = (String) subjectAlternativeName.get(1);
if (org != null) {
return withLocation ? Joiner.on(", ").skipNulls().join(org, location, country) : org;
} else if (commonName != null) {
return commonName;
} else {
return altName;
}
}
Example #6
| Source File: ModSSL.java From spydroid-ipcamera with GNU General Public License v3.0 | 5 votes |
|
public static X509Certificate generateSignedCertificate(X509Certificate caCertificate, PrivateKey caPrivateKey, PublicKey publicKey, String CN)
throws NoSuchAlgorithmException, OperatorCreationException, CertificateException,
KeyStoreException, UnrecoverableKeyException, IOException,
InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException,
InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
BadPaddingException {
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.CN, CN);
// We want this root certificate to be valid for one year
Calendar calendar = Calendar.getInstance();
calendar.add(Calendar.YEAR, 1);
ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(caPrivateKey);
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
caCertificate,
new BigInteger(80, new Random()),
new Date(System.currentTimeMillis() - 50000),
calendar.getTime(),
new X500Principal(builder.build().getEncoded()),
publicKey);
// Those are the extensions needed for the certificate to be a leaf certificate that authenticates a SSL server
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(X509KeyUsage.keyEncipherment));
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new DERSequence(KeyPurposeId.id_kp_serverAuth));
X509CertificateHolder certificateHolder = certGen.build(sigGen);
X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);
return certificate;
}
Example #7
| Source File: ModSSL.java From spydroid-ipcamera with GNU General Public License v3.0 | 5 votes |
|
public static X509Certificate generateRootCertificate(KeyPair keys, String CN)
throws NoSuchAlgorithmException, OperatorCreationException, CertificateException,
KeyStoreException, UnrecoverableKeyException, IOException,
InvalidKeyException, NoSuchPaddingException, InvalidParameterSpecException,
InvalidKeySpecException, InvalidAlgorithmParameterException, IllegalBlockSizeException,
BadPaddingException {
X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
builder.addRDN(BCStyle.CN, CN);
// We want this root certificate to be valid for one year
Calendar calendar = Calendar.getInstance();
calendar.add( Calendar.YEAR, 1 );
ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(keys.getPrivate());
X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
builder.build(),
new BigInteger(80, new Random()),
new Date(System.currentTimeMillis() - 50000),
calendar.getTime(),
builder.build(),
keys.getPublic());
// Those are the extensions needed for a CA certificate
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.19"), true, new BasicConstraints(true));
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, new X509KeyUsage(X509KeyUsage.digitalSignature));
certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth));
X509CertificateHolder certificateHolder = certGen.build(sigGen);
X509Certificate certificate = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certificateHolder);
return certificate;
}
