Example 1 with ExtensionReader
use of org.cryptacular.x509.ExtensionReader in project cas by apereo.
the class CRLDistributionPointRevocationChecker method getDistributionPoints.
/**
* Gets the distribution points.
*
* @param cert the cert
* @return the url distribution points
*/
private static URI[] getDistributionPoints(final X509Certificate cert) {
final List<DistributionPoint> points;
try {
points = new ExtensionReader(cert).readCRLDistributionPoints();
} catch (final Exception e) {
LOGGER.error("Error reading CRLDistributionPoints extension field on [{}]", CertUtils.toString(cert), e);
return new URI[0];
}
final List<URI> urls = new ArrayList<>();
if (points != null) {
points.stream().map(DistributionPoint::getDistributionPoint).filter(Objects::nonNull).forEach(pointName -> {
final ASN1Sequence nameSequence = ASN1Sequence.getInstance(pointName.getName());
IntStream.range(0, nameSequence.size()).mapToObj(i -> GeneralName.getInstance(nameSequence.getObjectAt(i))).forEach(name -> {
LOGGER.debug("Found CRL distribution point [{}].", name);
try {
addURL(urls, DERIA5String.getInstance(name.getName()).getString());
} catch (final Exception e) {
LOGGER.warn("[{}] not supported. String or GeneralNameList expected.", pointName);
}
});
});
}
return urls.toArray(new URI[urls.size()]);
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
IntStream(java.util.stream.IntStream)
RevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.RevocationPolicy)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
URLDecoder(java.net.URLDecoder)
SneakyThrows(lombok.SneakyThrows)
URL(java.net.URL)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
X509CRL(java.security.cert.X509CRL)
ByteArrayResource(org.springframework.core.io.ByteArrayResource)
ArrayList(java.util.ArrayList)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
URI(java.net.URI)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
CRLFetcher(org.apereo.cas.adaptors.x509.authentication.CRLFetcher)
MalformedURLException(java.net.MalformedURLException)
Element(net.sf.ehcache.Element)
StandardCharsets(java.nio.charset.StandardCharsets)
CertUtils(org.apereo.cas.util.crypto.CertUtils)
ExtensionReader(org.cryptacular.x509.ExtensionReader)
Objects(java.util.Objects)
Slf4j(lombok.extern.slf4j.Slf4j)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
List(java.util.List)
ResourceCRLFetcher(org.apereo.cas.adaptors.x509.authentication.ResourceCRLFetcher)
Cache(net.sf.ehcache.Cache)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ArrayList(java.util.ArrayList)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
URI(java.net.URI)
MalformedURLException(java.net.MalformedURLException)
ExtensionReader(org.cryptacular.x509.ExtensionReader)
Aggregations
MalformedURLException (java.net.MalformedURLException)1
URI (java.net.URI)1
URL (java.net.URL)1
URLDecoder (java.net.URLDecoder)1
StandardCharsets (java.nio.charset.StandardCharsets)1
X509CRL (java.security.cert.X509CRL)1
X509Certificate (java.security.cert.X509Certificate)1
ArrayList (java.util.ArrayList)1
List (java.util.List)1
Objects (java.util.Objects)1
IntStream (java.util.stream.IntStream)1
SneakyThrows (lombok.SneakyThrows)1
Slf4j (lombok.extern.slf4j.Slf4j)1
Cache (net.sf.ehcache.Cache)1
Element (net.sf.ehcache.Element)1
CRLFetcher (org.apereo.cas.adaptors.x509.authentication.CRLFetcher)1
ResourceCRLFetcher (org.apereo.cas.adaptors.x509.authentication.ResourceCRLFetcher)1
RevocationPolicy (org.apereo.cas.adaptors.x509.authentication.revocation.policy.RevocationPolicy)1
CollectionUtils (org.apereo.cas.util.CollectionUtils)1
CertUtils (org.apereo.cas.util.crypto.CertUtils)1
