Examples with ASN1Primitive - com.github.zhenwei.core.asn1.ASN1Primitive

Example 26 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project oxAuth by GluuFederation.

the class CRLCertificateVerifier method getCrlUri.

public String getCrlUri(X509Certificate certificate) throws IOException {
    ASN1Primitive obj;
    try {
        obj = getExtensionValue(certificate, Extension.cRLDistributionPoints.getId());
    } catch (IOException ex) {
        log.error("Failed to get CRL URL", ex);
        return null;
    }
    if (obj == null) {
        return null;
    }
    CRLDistPoint distPoint = CRLDistPoint.getInstance(obj);
    DistributionPoint[] distributionPoints = distPoint.getDistributionPoints();
    for (DistributionPoint distributionPoint : distributionPoints) {
        DistributionPointName distributionPointName = distributionPoint.getDistributionPoint();
        if (DistributionPointName.FULL_NAME != distributionPointName.getType()) {
            continue;
        }
        GeneralNames generalNames = (GeneralNames) distributionPointName.getName();
        GeneralName[] names = generalNames.getNames();
        for (GeneralName name : names) {
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                continue;
            }
            DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
            return derStr.getString();
        }
    }
    return null;
}

Also used : DERIA5String(org.bouncycastle.asn1.DERIA5String) GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName) IOException(java.io.IOException) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)

Example 27 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project oxAuth by GluuFederation.

the class OCSPCertificateVerifier method getOCSPUrl.

@SuppressWarnings({ "deprecation", "resource" })
private String getOCSPUrl(X509Certificate certificate) throws IOException {
    ASN1Primitive obj;
    try {
        obj = getExtensionValue(certificate, Extension.authorityInfoAccess.getId());
    } catch (IOException ex) {
        log.error("Failed to get OCSP URL", ex);
        return null;
    }
    if (obj == null) {
        return null;
    }
    AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(obj);
    AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions();
    for (AccessDescription accessDescription : accessDescriptions) {
        boolean correctAccessMethod = accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.ocspAccessMethod);
        if (!correctAccessMethod) {
            continue;
        }
        GeneralName name = accessDescription.getAccessLocation();
        if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
            continue;
        }
        DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
        return derStr.getString();
    }
    return null;
}

Also used : AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess) DERIA5String(org.bouncycastle.asn1.DERIA5String) AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) IOException(java.io.IOException) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 28 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project netty by netty.

the class OcspUtils method ocspUri.

/**
 * Returns the OCSP responder {@link URI} or {@code null} if it doesn't have one.
 */
public static URI ocspUri(X509Certificate certificate) throws IOException {
    byte[] value = certificate.getExtensionValue(Extension.authorityInfoAccess.getId());
    if (value == null) {
        return null;
    }
    ASN1Primitive authorityInfoAccess = X509ExtensionUtil.fromExtensionValue(value);
    if (!(authorityInfoAccess instanceof DLSequence)) {
        return null;
    }
    DLSequence aiaSequence = (DLSequence) authorityInfoAccess;
    DERTaggedObject taggedObject = findObject(aiaSequence, OCSP_RESPONDER_OID, DERTaggedObject.class);
    if (taggedObject == null) {
        return null;
    }
    if (taggedObject.getTagNo() != BERTags.OBJECT_IDENTIFIER) {
        return null;
    }
    byte[] encoded = taggedObject.getEncoded();
    int length = (int) encoded[1] & 0xFF;
    String uri = new String(encoded, 2, length, CharsetUtil.UTF_8);
    return URI.create(uri);
}

Also used : DLSequence(org.bouncycastle.asn1.DLSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 29 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project Conversations by siacs.

the class XmppDomainVerifier method parseOtherName.

private static Pair<String, String> parseOtherName(byte[] otherName) {
    try {
        ASN1Primitive asn1Primitive = ASN1Primitive.fromByteArray(otherName);
        if (asn1Primitive instanceof DERTaggedObject) {
            ASN1Primitive inner = ((DERTaggedObject) asn1Primitive).getObject();
            if (inner instanceof DLSequence) {
                DLSequence sequence = (DLSequence) inner;
                if (sequence.size() >= 2 && sequence.getObjectAt(1) instanceof DERTaggedObject) {
                    String oid = sequence.getObjectAt(0).toString();
                    ASN1Primitive value = ((DERTaggedObject) sequence.getObjectAt(1)).getObject();
                    if (value instanceof DERUTF8String) {
                        return new Pair<>(oid, ((DERUTF8String) value).getString());
                    } else if (value instanceof DERIA5String) {
                        return new Pair<>(oid, ((DERIA5String) value).getString());
                    }
                }
            }
        }
        return null;
    } catch (IOException e) {
        return null;
    }
}

Also used : DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERIA5String(org.bouncycastle.asn1.DERIA5String) DLSequence(org.bouncycastle.asn1.DLSequence) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) Pair(android.util.Pair)

Example 30 with ASN1Primitive

use of com.github.zhenwei.core.asn1.ASN1Primitive in project cas by apereo.

the class ExtensionMatcher method matchHex.

private boolean matchHex(String matchKey, JsonNode matchValue, ASN1Primitive value) {
    final String matchValueString = matchValue.get(EXTENSION_VALUE_VALUE).textValue();
    final ByteArray matchBytes;
    try {
        matchBytes = ByteArray.fromHex(matchValueString);
    } catch (HexException e) {
        throw new IllegalArgumentException(String.format("Bad hex value in extension %s: %s", matchKey, matchValueString));
    }
    final ASN1Primitive innerValue;
    if (value instanceof DEROctetString) {
        try {
            innerValue = ASN1Primitive.fromByteArray(((DEROctetString) value).getOctets());
        } catch (IOException e) {
            LOGGER.debug("Failed to parse {} extension value as ASN1: {}", matchKey, value);
            return false;
        }
    } else {
        LOGGER.debug("Expected nested bit string value for extension {}, was: {}", matchKey, value);
        return false;
    }
    if (innerValue instanceof DEROctetString) {
        final ByteArray readBytes = new ByteArray(((DEROctetString) innerValue).getOctets());
        return matchBytes.equals(readBytes);
    } else {
        LOGGER.debug("Expected nested bit string value for extension {}, was: {}", matchKey, value);
        return false;
    }
}

Also used : ByteArray(com.yubico.webauthn.data.ByteArray) DEROctetString(org.bouncycastle.asn1.DEROctetString) HexException(com.yubico.webauthn.data.exception.HexException) IOException(java.io.IOException) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive) DEROctetString(org.bouncycastle.asn1.DEROctetString)

Aggregations

ASN1EncodableVector (com.github.zhenwei.core.asn1.ASN1EncodableVector)253 DERSequence (com.github.zhenwei.core.asn1.DERSequence)231 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)177 IOException (java.io.IOException)107 ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)62 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57 DERTaggedObject (com.github.zhenwei.core.asn1.DERTaggedObject)55 ASN1Integer (com.github.zhenwei.core.asn1.ASN1Integer)42 DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)38 ByteArrayInputStream (java.io.ByteArrayInputStream)38 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)32 ASN1Primitive (com.github.zhenwei.core.asn1.ASN1Primitive)31 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)31 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)30 DEROctetString (org.bouncycastle.asn1.DEROctetString)28 BigInteger (java.math.BigInteger)24 GeneralSecurityException (java.security.GeneralSecurityException)24 X509Certificate (java.security.cert.X509Certificate)24 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)23 DERIA5String (org.bouncycastle.asn1.DERIA5String)22