Examples with CRLDistPoint com.github.zhenwei.core.asn1.x509.CRLDistPoint used on opensource projects

Example 46 with CRLDistPoint

use of com.github.zhenwei.core.asn1.x509.CRLDistPoint in project peppol-commons by phax.

the class CRLHelper method getAllDistributionPoints.

/**
 * Extracts all CRL distribution point URLs from the "CRL Distribution Point"
 * extension in a X.509 certificate. If CRL distribution point extension is
 * unavailable, returns an empty list.
 *
 * @param aCert
 *        The certificate to extract the CRLs from
 * @return Never <code>null</code> but maybe empty list of distribution
 *         points.
 */
@Nonnull
public static ICommonsList<String> getAllDistributionPoints(@Nonnull final X509Certificate aCert) {
    ValueEnforcer.notNull(aCert, "Certificate");
    final ICommonsList<String> ret = new CommonsArrayList<>();
    // Gets the DER-encoded OCTET string for the extension value for
    // CRLDistributionPoints
    final byte[] aExtensionValue = aCert.getExtensionValue(Extension.cRLDistributionPoints.getId());
    if (aExtensionValue != null) {
        // crlDPExtensionValue is encoded in ASN.1 format.
        try (final ASN1InputStream asn1In = new ASN1InputStream(aExtensionValue)) {
            // DER (Distinguished Encoding Rules) is one of ASN.1 encoding rules
            // defined in ITU-T X.690, 2002, specification.
            // ASN.1 encoding rules can be used to encode any data object into a
            // binary file. Read the object in octets.
            final CRLDistPoint aDistPoint;
            try {
                final DEROctetString crlDEROctetString = (DEROctetString) asn1In.readObject();
                // Get Input stream in octets
                try (final ASN1InputStream asn1InOctets = new ASN1InputStream(crlDEROctetString.getOctets())) {
                    final ASN1Primitive crlDERObject = asn1InOctets.readObject();
                    aDistPoint = CRLDistPoint.getInstance(crlDERObject);
                }
            } catch (final IOException e) {
                throw new UncheckedIOException(e);
            }
            // Loop through ASN1Encodable DistributionPoints
            for (final DistributionPoint dp : aDistPoint.getDistributionPoints()) {
                // get ASN1Encodable DistributionPointName
                final DistributionPointName dpn = dp.getDistributionPoint();
                if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) {
                    // Create ASN1Encodable General Names
                    final GeneralName[] aGenNames = GeneralNames.getInstance(dpn.getName()).getNames();
                    // Look for a URI
                    for (final GeneralName aGenName : aGenNames) {
                        if (aGenName.getTagNo() == GeneralName.uniformResourceIdentifier) {
                            // DERIA5String contains an ascii string.
                            // A IA5String is a restricted character string type in the
                            // ASN.1 notation
                            final String sURL = ASN1IA5String.getInstance(aGenName.getName()).getString().trim();
                            ret.add(sURL);
                        }
                    }
                }
            }
        } catch (final IOException ex) {
            throw new UncheckedIOException(ex);
        }
    }
    return ret;
}