本文整理汇总了Java中org.bouncycastle.asn1.x500.style.IETFUtils类的典型用法代码示例。如果您正苦于以下问题:Java IETFUtils类的具体用法?Java IETFUtils怎么用?Java IETFUtils使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
IETFUtils类属于org.bouncycastle.asn1.x500.style包,在下文中一共展示了IETFUtils类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: rolesFromDN
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
private Set<String> rolesFromDN(String userDN) throws LDAPException, GeneralSecurityException {
SearchRequest searchRequest = new SearchRequest(config.getRoleBaseDN(),
SearchScope.SUB, Filter.createEqualityFilter("uniqueMember", userDN));
Set<String> roles = Sets.newLinkedHashSet();
LDAPConnection connection = connectionFactory.getLDAPConnection();
try {
SearchResult sr = connection.search(searchRequest);
for (SearchResultEntry sre : sr.getSearchEntries()) {
X500Name x500Name = new X500Name(sre.getDN());
RDN[] rdns = x500Name.getRDNs(BCStyle.CN);
if (rdns.length == 0) {
logger.error("Could not create X500 Name for role:" + sre.getDN());
} else {
String commonName = IETFUtils.valueToString(rdns[0].getFirst().getValue());
roles.add(commonName);
}
}
} finally {
connection.close();
}
return roles;
}
示例2: extractJidAndName
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
List<String> emails = new ArrayList<>();
if (alternativeNames != null) {
for(List<?> san : alternativeNames) {
Integer type = (Integer) san.get(0);
if (type == 1) {
emails.add((String) san.get(1));
}
}
}
X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
if (emails.size() == 0) {
emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
}
String name = IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue());
if (emails.size() >= 1) {
return new Pair<>(Jid.fromString(emails.get(0)), name);
} else {
return null;
}
}
示例3: testGenerateInstanceRefreshRequestSubDomain
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
@Test
public void testGenerateInstanceRefreshRequestSubDomain() {
File privkey = new File("./src/test/resources/test_private_k0.pem");
PrivateKey privateKey = Crypto.loadPrivateKey(privkey);
InstanceRefreshRequest req = ZTSClient.generateInstanceRefreshRequest("coretech.system",
"test", privateKey, "aws", 3600);
assertNotNull(req);
PKCS10CertificationRequest certReq = Crypto.getPKCS10CertRequest(req.getCsr());
assertEquals("coretech.system.test", Crypto.extractX509CSRCommonName(certReq));
X500Name x500name = certReq.getSubject();
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
assertEquals("coretech.system.test", IETFUtils.valueToString(cnRdn.getFirst().getValue()));
assertEquals("test.coretech-system.aws.athenz.cloud", Crypto.extractX509CSRDnsNames(certReq).get(0));
}
示例4: checkRdn
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
private boolean checkRdn(RDN certRDN, AttributeTypeAndValue expectedTypeAndValue) {
String expectedValue = IETFUtils.valueToString(expectedTypeAndValue.getValue());
boolean constraintFound = false;
AttributeTypeAndValue[] typesAndValues = certRDN.getTypesAndValues();
for (AttributeTypeAndValue typesAndValue : typesAndValues) {
if (typesAndValue.getType().equals(expectedTypeAndValue.getType())) {
String actualValue = IETFUtils.valueToString(typesAndValue.getValue());
if (actualValue.equals(expectedValue)) {
constraintFound = true;
} else {
constraintFound = false;
break;
}
}
}
return constraintFound;
}
示例5: getSubjectCNFromCertificate
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
public static String getSubjectCNFromCertificate(X509Certificate certificate) {
try {
X500Name x500name = new JcaX509CertificateHolder(certificate).getIssuer();
RDN cn = x500name.getRDNs(BCStyle.CN)[0];
return IETFUtils.valueToString(cn.getFirst().getValue());
} catch (CertificateEncodingException e) {
log.error("Unable to get issuer CN", e);
return null;
}
}
示例6: generateCert
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
private X509CertificateObject generateCert(String keyName, KeyPair kp, boolean isCertAuthority,
PublicKey signerPublicKey, PrivateKey signerPrivateKey) throws IOException,
CertIOException, OperatorCreationException, CertificateException,
NoSuchAlgorithmException {
Calendar startDate = DateTimeUtils.calendar();
Calendar endDate = DateTimeUtils.calendar();
endDate.add(Calendar.YEAR, 100);
BigInteger serialNumber = BigInteger.valueOf(startDate.getTimeInMillis());
X500Name issuer = new X500Name(
IETFUtils.rDNsFromString("cn=localhost", RFC4519Style.INSTANCE));
JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(issuer,
serialNumber, startDate.getTime(), endDate.getTime(), issuer, kp.getPublic());
JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
certGen.addExtension(Extension.subjectKeyIdentifier, false,
extensionUtils.createSubjectKeyIdentifier(kp.getPublic()));
certGen.addExtension(Extension.basicConstraints, false,
new BasicConstraints(isCertAuthority));
certGen.addExtension(Extension.authorityKeyIdentifier, false,
extensionUtils.createAuthorityKeyIdentifier(signerPublicKey));
if (isCertAuthority) {
certGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign));
}
X509CertificateHolder cert = certGen.build(
new JcaContentSignerBuilder(SIGNING_ALGORITHM).build(signerPrivateKey));
return new X509CertificateObject(cert.toASN1Structure());
}
示例7: handle
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
@Override
public HttpResponse handle(HttpRequest request, MiddlewareChain chain) {
request = MixinUtils.mixin(request, new Class[]{PrincipalAvailable.class});
String clientDN = request.getHeaders().get("X-Client-DN");
if (!isAuthenticated((PrincipalAvailable) request) && clientDN != null) {
RDN cn = new X500Name(clientDN).getRDNs(BCStyle.CN)[0];
String account = IETFUtils.valueToString(cn.getFirst().getValue());
}
return castToHttpResponse(chain.next(request));
}
示例8: extractJidAndName
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
public static Pair<Jid,String> extractJidAndName(X509Certificate certificate) throws CertificateEncodingException, InvalidJidException, CertificateParsingException {
Collection<List<?>> alternativeNames = certificate.getSubjectAlternativeNames();
List<String> emails = new ArrayList<>();
if (alternativeNames != null) {
for(List<?> san : alternativeNames) {
Integer type = (Integer) san.get(0);
if (type == 1) {
emails.add((String) san.get(1));
}
}
}
X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
if (emails.size() == 0 && x500name.getRDNs(BCStyle.EmailAddress).length > 0) {
emails.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.EmailAddress)[0].getFirst().getValue()));
}
String name = x500name.getRDNs(BCStyle.CN).length > 0 ? IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[0].getFirst().getValue()) : null;
if (emails.size() >= 1) {
return new Pair<>(Jid.fromString(emails.get(0)), name);
} else if (name != null){
try {
Jid jid = Jid.fromString(name);
if (jid.isBareJid() && !jid.isDomainJid()) {
return new Pair<>(jid,null);
}
} catch (InvalidJidException e) {
return null;
}
}
return null;
}
示例9: getCommonNames
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
private static List<String> getCommonNames(X509Certificate certificate) {
List<String> domains = new ArrayList<>();
try {
X500Name x500name = new JcaX509CertificateHolder(certificate).getSubject();
RDN[] rdns = x500name.getRDNs(BCStyle.CN);
for (int i = 0; i < rdns.length; ++i) {
domains.add(IETFUtils.valueToString(x500name.getRDNs(BCStyle.CN)[i].getFirst().getValue()));
}
return domains;
} catch (CertificateEncodingException e) {
return domains;
}
}
示例10: getEmailFromCert
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
/**
* Extract email addresses from a certificate
*
* @param cert the X509 certificate holder
* @return a List of all email addresses found
* @throws CertificateException
*/
private static List<String> getEmailFromCert(X509CertificateHolder cert)
throws CertificateException {
List<String> res = new ArrayList<>();
X500Name subject = cert.getSubject();
for (RDN emails : subject.getRDNs(BCStyle.EmailAddress)) {
for (AttributeTypeAndValue emailAttr: emails.getTypesAndValues()) {
log.debug("Add email from RDN: " + IETFUtils.valueToString(emailAttr.getValue()));
res.add(IETFUtils.valueToString(emailAttr.getValue()));
}
}
Extension subjectAlternativeNames = cert
.getExtension(Extension.subjectAlternativeName);
if (subjectAlternativeNames != null) {
for (GeneralName name : GeneralNames.getInstance(
subjectAlternativeNames.getParsedValue()).getNames()) {
if (name.getTagNo() == GeneralName.rfc822Name) {
String email = IETFUtils.valueToString(name.getName());
log.debug("Add email from subjectAlternativeName: " + email);
res.add(email);
}
}
}
return res;
}
示例11: extractX509CSRCommonName
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
public static String extractX509CSRCommonName(PKCS10CertificationRequest certReq) {
String cn = null;
X500Name x500name = certReq.getSubject();
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
if (cnRdn != null) {
cn = IETFUtils.valueToString(cnRdn.getFirst().getValue());
}
return cn;
}
示例12: extractX509CertCommonName
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
public static String extractX509CertCommonName(X509Certificate x509Cert) {
// in case there are multiple CNs, we're only looking at the first one
String cn = null;
String principalName = x509Cert.getSubjectX500Principal().getName();
if (principalName != null && !principalName.isEmpty()) {
X500Name x500name = new X500Name(principalName);
RDN cnRdn = x500name.getRDNs(BCStyle.CN)[0];
if (cnRdn != null) {
cn = IETFUtils.valueToString(cnRdn.getFirst().getValue());
}
}
return cn;
}
示例13: fromString
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
@Override
public RDN[] fromString(String name) {
// Parse backwards
RDN[] tmp = IETFUtils.rDNsFromString(name, this);
RDN[] res = new RDN[tmp.length];
for (int i = 0; i != tmp.length; i++) {
res[res.length - i - 1] = tmp[i];
}
return res;
}
示例14: toString
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
@Override
public String toString(X500Name name) {
// Convert in reverse
StringBuffer buf = new StringBuffer();
boolean first = true;
RDN[] rdns = name.getRDNs();
for (int i = rdns.length - 1; i >= 0; i--) {
if (first) {
first = false;
} else {
buf.append(',');
}
if (rdns[i].isMultiValued()) {
AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues();
boolean firstAtv = true;
for (int j = 0; j != atv.length; j++) {
if (firstAtv) {
firstAtv = false;
} else {
buf.append('+');
}
IETFUtils.appendTypeAndValue(buf, atv[j], DefaultSymbols);
}
} else {
IETFUtils.appendTypeAndValue(buf, rdns[i].getFirst(), DefaultSymbols);
}
}
return buf.toString();
}
示例15: getClientName
import org.bouncycastle.asn1.x500.style.IETFUtils; //导入依赖的package包/类
static Optional<String> getClientName(ContainerRequest request) {
Principal principal = request.getSecurityContext().getUserPrincipal();
if (principal == null) {
return Optional.empty();
}
X500Name name = new X500Name(principal.getName());
RDN[] rdns = name.getRDNs(BCStyle.CN);
if (rdns.length == 0) {
logger.warn("Certificate does not contain CN=xxx,...: {}", principal.getName());
return Optional.empty();
}
return Optional.of(IETFUtils.valueToString(rdns[0].getFirst().getValue()));
}