public Certificate generateCert(CertificationRequest csr) throws Exception { if (!verifyPopo(csr)) { throw new Exception("CSR invalid"); } CertificationRequestInfo reqInfo = csr.getCertificationRequestInfo(); return generateCert(reqInfo.getSubjectPublicKeyInfo(), reqInfo.getSubject()); }
DistinguishedName subjectDN = new DistinguishedName( pkcs10.getCertificationRequestInfo().getSubject() ); X509Certificate certificate = x509Generator.generateX509Certificate( privateKey(), issuerDN,
public static X509Certificate generateSelfsignedCert(CertificationRequest csr, PrivateKey identityKey) throws CertificateException { requireNonNull("csr", csr); return generateSelfsignedCert(csr.getCertificationRequestInfo().getSubject(), csr.getCertificationRequestInfo().getSubjectPublicKeyInfo(), identityKey); }
X500Name name = X500Name.getInstance( req.getSignatureCert().getSubjectX500Principal().getEncoded()); if (!name.equals(csr.getCertificationRequestInfo().getSubject())) { LOG.warn("tid={}: self-signed cert.subject != CSR.subject", tid); return buildPkiMessage(rep, PkiStatus.FAILURE, FailInfo.badRequest);
public EnrolmentResponse scepCertPoll(PrivateKey identityKey, X509Certificate identityCert, CertificationRequest csr, X500Name issuer) throws ScepClientException { ScepUtil.requireNonNull("csr", csr); TransactionId tid; try { tid = TransactionId.sha1TransactionId( csr.getCertificationRequestInfo().getSubjectPublicKeyInfo()); } catch (InvalidKeySpecException ex) { throw new ScepClientException(ex.getMessage(), ex); } return scepCertPoll(identityKey, identityCert, tid, issuer, csr.getCertificationRequestInfo().getSubject()); }
X500Name requestedSubject = csr.getCertificationRequestInfo().getSubject();
public static CertificateRequest loadCertificateRequest(Reader reader) throws IOException { try (PEMReader pr = new PEMReader(reader)) { CertificationRequest req = (CertificationRequest) pr.readObject(); // get the CN String cn = (String) ((X509Name) req.getCertificationRequestInfo().getSubject()).getValues(new DERObjectIdentifier("2.5.4.3")).get(0); // build the key KeyFactory kf = KeyFactory.getInstance("RSA"); PublicKey key = kf.generatePublic(new RSAPublicKeySpec( ((ASN1Integer)((DERSequence) req.getCertificationRequestInfo().getSubjectPublicKeyInfo().getPublicKey()).getObjectAt(0)).getValue(), ((ASN1Integer)((DERSequence) req.getCertificationRequestInfo().getSubjectPublicKeyInfo().getPublicKey()).getObjectAt(1)).getValue() )); return new CertificateRequest(cn, key); } catch (NoSuchAlgorithmException | InvalidKeySpecException e) { throw new IOException("Failed to parse certificate request", e); } }
Extensions extensions = CaUtil.getExtensions(certTemp); X500Name subject = certTemp.getSubject(); SubjectPublicKeyInfo publicKeyInfo = certTemp.getSubjectPublicKeyInfo();
X500Name subject = certTemp.getSubject(); SubjectPublicKeyInfo publicKeyInfo = certTemp.getSubjectPublicKeyInfo();
X500Name subject = certTemp.getSubject(); SubjectPublicKeyInfo publicKeyInfo = certTemp.getSubjectPublicKeyInfo();
case UpdateReq: CertificationRequest csr = CertificationRequest.getInstance(req.getMessageData()); X500Name reqSubject = csr.getCertificationRequestInfo().getSubject(); if (LOG.isInfoEnabled()) { LOG.info("tid={}, subject={}", tid, X509Util.getRfc4519Name(reqSubject)); if (selfSigned) { X500Name tmp = X500Name.getInstance(reqSigCertSubject.getEncoded()); if (!tmp.equals(csrReqInfo.getSubject())) { LOG.warn("tid={}, self-signed identityCert.subject != csr.subject"); throw FailInfoException.BAD_REQUEST; if (X509Util.getCommonName(csrReqInfo.getSubject()) == null) { throw new OperationException(ErrorCode.BAD_CERT_TEMPLATE, "tid=" + tid + ": no CommonName in requested subject"); CertTemplateData certTemplateData = new CertTemplateData(csrReqInfo.getSubject(), csrReqInfo.getSubjectPublicKeyInfo(), (Date) null, (Date) null, extensions, certprofileName);