Example 26 with AccessDescription
use of com.github.zhenwei.core.asn1.x509.AccessDescription in project xipki by xipki.
the class BaseOcspStatusAction method extractOcspUrls.
public static List<String> extractOcspUrls(AuthorityInformationAccess aia) throws CertificateEncodingException {
AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
List<AccessDescription> ocspAccessDescriptions = new LinkedList<>();
for (AccessDescription accessDescription : accessDescriptions) {
if (accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.id_ad_ocsp)) {
ocspAccessDescriptions.add(accessDescription);
}
}
final int n = ocspAccessDescriptions.size();
List<String> ocspUris = new ArrayList<>(n);
for (int i = 0; i < n; i++) {
GeneralName accessLocation = ocspAccessDescriptions.get(i).getAccessLocation();
if (accessLocation.getTagNo() == GeneralName.uniformResourceIdentifier) {
String ocspUri = ((ASN1String) accessLocation.getName()).getString();
ocspUris.add(ocspUri);
}
}
return ocspUris;
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ArrayList(java.util.ArrayList)
ASN1String(org.bouncycastle.asn1.ASN1String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1String(org.bouncycastle.asn1.ASN1String)
LinkedList(java.util.LinkedList)
Example 27 with AccessDescription
use of com.github.zhenwei.core.asn1.x509.AccessDescription in project xipki by xipki.
the class ExtensionsChecker method checkAia.
private static void checkAia(StringBuilder failureMsg, AuthorityInformationAccess aia, ASN1ObjectIdentifier accessMethod, Set<String> expectedUris) {
String typeDesc;
if (X509ObjectIdentifiers.id_ad_ocsp.equals(accessMethod)) {
typeDesc = "OCSP";
} else if (X509ObjectIdentifiers.id_ad_caIssuers.equals(accessMethod)) {
typeDesc = "caIssuer";
} else {
typeDesc = accessMethod.getId();
}
List<AccessDescription> isAccessDescriptions = new LinkedList<>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
if (accessMethod.equals(accessDescription.getAccessMethod())) {
isAccessDescriptions.add(accessDescription);
}
}
int size = isAccessDescriptions.size();
if (size != expectedUris.size()) {
addViolation(failureMsg, "number of AIA " + typeDesc + " URIs", size, expectedUris.size());
return;
}
Set<String> isUris = new HashSet<>();
for (int i = 0; i < size; i++) {
GeneralName isAccessLocation = isAccessDescriptions.get(i).getAccessLocation();
if (isAccessLocation.getTagNo() != GeneralName.uniformResourceIdentifier) {
addViolation(failureMsg, "tag of accessLocation of AIA ", isAccessLocation.getTagNo(), GeneralName.uniformResourceIdentifier);
} else {
String isOcspUri = ((ASN1String) isAccessLocation.getName()).getString();
isUris.add(isOcspUri);
}
}
Set<String> diffs = strInBnotInA(expectedUris, isUris);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
failureMsg.append(" are present but not expected; ");
}
diffs = strInBnotInA(isUris, expectedUris);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
failureMsg.append(" are absent but are required; ");
}
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
ASN1String(org.bouncycastle.asn1.ASN1String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERT61String(org.bouncycastle.asn1.DERT61String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1String(org.bouncycastle.asn1.ASN1String)
LinkedList(java.util.LinkedList)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
HashSet(java.util.HashSet)
Example 28 with AccessDescription
use of com.github.zhenwei.core.asn1.x509.AccessDescription in project Bytecoder by mirkosertic.
the class OCSP method getResponderURI.
static URI getResponderURI(X509CertImpl certImpl) {
// Examine the certificate's AuthorityInfoAccess extension
AuthorityInfoAccessExtension aia = certImpl.getAuthorityInfoAccessExtension();
if (aia == null) {
return null;
}
List<AccessDescription> descriptions = aia.getAccessDescriptions();
for (AccessDescription description : descriptions) {
if (description.getAccessMethod().equals(AccessDescription.Ad_OCSP_Id)) {
GeneralName generalName = description.getAccessLocation();
if (generalName.getType() == GeneralNameInterface.NAME_URI) {
URIName uri = (URIName) generalName.getName();
return uri.getURI();
}
}
}
return null;
}
Also used :
AuthorityInfoAccessExtension(sun.security.x509.AuthorityInfoAccessExtension)
AccessDescription(sun.security.x509.AccessDescription)
GeneralName(sun.security.x509.GeneralName)
URIName(sun.security.x509.URIName)
Example 29 with AccessDescription
use of com.github.zhenwei.core.asn1.x509.AccessDescription in project keystore-explorer by kaikramer.
the class X509Ext method getAuthorityInformationAccessStringValue.
private static String getAuthorityInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* AuthorityInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
AuthorityInformationAccess authorityInfoAccess = AuthorityInformationAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : authorityInfoAccess.getAccessDescriptions()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else {
// Unrecognised Access Method OID
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("AuthorityInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT.toString(2));
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
ASN1IA5String(org.bouncycastle.asn1.ASN1IA5String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
ASN1BitString(org.bouncycastle.asn1.ASN1BitString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ASN1BMPString(org.bouncycastle.asn1.ASN1BMPString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
ASN1PrintableString(org.bouncycastle.asn1.ASN1PrintableString)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 30 with AccessDescription
use of com.github.zhenwei.core.asn1.x509.AccessDescription in project keystore-explorer by kaikramer.
the class DSubjectInformationAccess method okPressed.
private void okPressed() {
List<AccessDescription> accessDescriptions = jadAccessDescriptions.getAccessDescriptions();
if (accessDescriptions.size() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DSubjectInformationAccess.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
SubjectInfoAccess subjectInformationAccess = new SubjectInfoAccess(accessDescriptions);
try {
value = subjectInformationAccess.getEncoded(ASN1Encoding.DER);
} catch (IOException e) {
DError.displayError(this, e);
return;
}
closeDialog();
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
SubjectInfoAccess(org.kse.crypto.x509.SubjectInfoAccess)
IOException(java.io.IOException)
Aggregations
AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)30
AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)16
GeneralName (org.bouncycastle.asn1.x509.GeneralName)15
IOException (java.io.IOException)8
DERIA5String (org.bouncycastle.asn1.DERIA5String)8
ArrayList (java.util.ArrayList)7
DEROctetString (org.bouncycastle.asn1.DEROctetString)6
AccessDescription (sun.security.x509.AccessDescription)6
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)5
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)5
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)5
X509Certificate (java.security.cert.X509Certificate)4
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)4
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)4
CertStore (java.security.cert.CertStore)3
CertStoreException (java.security.cert.CertStoreException)3
ASN1String (org.bouncycastle.asn1.ASN1String)3
DERSequence (org.bouncycastle.asn1.DERSequence)3
AccessDescription (com.github.zhenwei.core.asn1.x509.AccessDescription)2
GeneralName (com.github.zhenwei.core.asn1.x509.GeneralName)2
