/** * Extract extensions from CSR object */ public static Extensions getExtensionsFromCSR(JcaPKCS10CertificationRequest csr) { Attribute[] attributess = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributess) { ASN1Set attValue = attribute.getAttrValues(); if (attValue != null) { ASN1Encodable extension = attValue.getObjectAt(0); if (extension instanceof Extensions) { return (Extensions) extension; } else if (extension instanceof DERSequence) { return Extensions.getInstance(extension); } } } return null; }
final Extensions extensions = Extensions.getInstance(attribute.getAttrValues().getObjectAt(0)); final GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName); if (gns != null && gns.getNames() != null && gns.getNames().length > 0) {
private ASN1Encodable getChallengePassword(Attribute[] attributes) { for (Attribute attribute : attributes) { if (PKCSObjectIdentifiers.pkcs_9_at_challengePassword.equals(attribute.getAttrType())) { if (attribute.getAttrValues() != null && attribute.getAttrValues().size() > 0) { return attribute.getAttrValues().getObjectAt(0); } } } return null; }
private Optional<Extensions> getExtensions() { return Optional.of(csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest)) .filter(attributes -> attributes.length > 0) .map(attributes -> attributes[0]) .map(attribute -> Extensions.getInstance(attribute.getAttrValues().getObjectAt(0))); }
private static void validateAttributes(ASN1Set attributes) { if (attributes == null) { return; } for (Enumeration en = attributes.getObjects(); en.hasMoreElements();) { Attribute attr = Attribute.getInstance(en.nextElement()); if (attr.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_challengePassword)) { if (attr.getAttrValues().size() != 1) { throw new IllegalArgumentException("challengePassword attribute must have one value"); } } } } }
/** * Extract extensions from CSR object */ public static Extensions getExtensionsFromCSR(JcaPKCS10CertificationRequest csr) { Attribute[] attributess = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributess) { ASN1Set attValue = attribute.getAttrValues(); if (attValue != null) { ASN1Encodable extension = attValue.getObjectAt(0); if (extension instanceof Extensions) { return (Extensions) extension; } else if (extension instanceof DERSequence) { return Extensions.getInstance(extension); } } } return null; }
/** * Extract extensions from CSR object */ public static Extensions getExtensionsFromCSR(JcaPKCS10CertificationRequest csr) { Attribute[] attributess = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attribute : attributess) { ASN1Set attValue = attribute.getAttrValues(); if (attValue != null) { ASN1Encodable extension = attValue.getObjectAt(0); if (extension instanceof Extensions) { return (Extensions) extension; } else if (extension instanceof DERSequence) { return Extensions.getInstance(extension); } } } return null; }
/** * Find the X509 Extensions from CSR object. If no extensions * attribute is found then null is returned. * * @param csr The CSR object to extract the Extensions container from. * @return An extensions container extracted form the CSR. */ static Extensions getExtensionsFromCSR(PKCS10CertificationRequest csr) { Attribute[] attrs = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attr : attrs) { ASN1Set extsAsn1 = attr.getAttrValues(); if (extsAsn1 != null) { ASN1Encodable extObj = extsAsn1.getObjectAt(0); if (extObj instanceof Extensions) { return (Extensions)extObj; } else if (extObj instanceof DERSequence) { return Extensions.getInstance(extObj); } } } return null; }
/** * Find the X509 Extensions from CSR object. If no extensions * attribute is found then null is returned. * * @param csr The CSR object to extract the Extensions container from. * @return An extensions container extracted form the CSR. */ static Extensions getExtensionsFromCSR(PKCS10CertificationRequest csr) { Attribute[] attrs = csr.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest); for (Attribute attr : attrs) { ASN1Set extsAsn1 = attr.getAttrValues(); if (extsAsn1 != null) { ASN1Encodable extObj = extsAsn1.getObjectAt(0); if (extObj instanceof Extensions) { return (Extensions)extObj; } else if (extObj instanceof DERSequence) { return Extensions.getInstance(extObj); } } } return null; }
private void parseRequestedExtensions() throws IOException { Attribute[] attrs = csr.getAttributes(); if (attrs == null) return; for (Attribute attr: attrs) { if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.getId().equals( attr.getAttrType().getId())) { if (attr.getAttrValues().size() == 0) continue; ASN1Encodable req = attr.getAttrValues().getObjectAt(0); CertificateExtension ext = new CertificateExtension(req.toASN1Primitive().getEncoded(ASN1Encoding.DER)); handleRequestedExtension(ext); } } }
/** * Extracts the <tt>Challenge password</tt> from the provided CSR. * <p> * * @param csr * the CSR to extract from. * @return the extracted <tt>Challenge password</tt> */ public static String getChallengePassword(final PKCS10CertificationRequest csr) { Attribute[] attrs = csr.getAttributes(); for (Attribute attr : attrs) { if (attr.getAttrType().equals( PKCSObjectIdentifiers.pkcs_9_at_challengePassword)) { // According to RFC 2985 this may be any of the DirectoryString // types, but we can be more flexible and allow any ASN.1 // string. ASN1String challengePassword = (ASN1String) attr .getAttrValues().getObjectAt(0); return challengePassword.getString(); } } return null; }