Search in sources :

Example 91 with Extension

use of com.github.zhenwei.core.asn1.x509.Extension in project pri-fidoiot by secure-device-onboard.

the class OnDieCertSignatureFunction method getIssuingCertificate.

private String getIssuingCertificate(Certificate cert) throws IllegalArgumentException, IOException, CertificateEncodingException {
    X509CertificateHolder certholder = new X509CertificateHolder(cert.getEncoded());
    AuthorityInformationAccess aia = AuthorityInformationAccess.fromExtensions(certholder.getExtensions());
    if (aia == null) {
        throw new IllegalArgumentException("AuthorityInformationAccess Extension missing from device certificate.");
    }
    AccessDescription[] descs = aia.getAccessDescriptions();
    if (descs.length != 1) {
        throw new IllegalArgumentException("Too many descriptions in AIA certificate extension: " + descs.length);
    }
    return descs[0].getAccessLocation().getName().toString();
}
Also used : AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess) AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder)

Example 92 with Extension

use of com.github.zhenwei.core.asn1.x509.Extension in project strimzi by strimzi.

the class SystemTestCertAndKeyBuilder method withSanDnsName.

public SystemTestCertAndKeyBuilder withSanDnsName(String hostName) {
    GeneralName dnsName = new GeneralName(dNSName, hostName);
    byte[] subjectAltName = encode(GeneralNames.getInstance(new DERSequence(dnsName)));
    extensions.add(new Extension(subjectAlternativeName, false, subjectAltName));
    return this;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) DERSequence(org.bouncycastle.asn1.DERSequence) GeneralName(org.bouncycastle.asn1.x509.GeneralName)

Example 93 with Extension

use of com.github.zhenwei.core.asn1.x509.Extension in project jruby-openssl by jruby.

the class OCSPSingleResponse method extensions.

@JRubyMethod(name = "extensions")
public IRubyObject extensions() {
    Ruby runtime = getRuntime();
    Extensions exts = bcSingleResponse.getSingleExtensions();
    if (exts == null)
        return RubyArray.newEmptyArray(runtime);
    ASN1ObjectIdentifier[] extOIDs = exts.getExtensionOIDs();
    RubyArray retExts = runtime.newArray(extOIDs.length);
    for (ASN1ObjectIdentifier extOID : extOIDs) {
        Extension ext = exts.getExtension(extOID);
        ASN1Encodable extAsn1 = ext.getParsedValue();
        X509Extension retExt = X509Extension.newExtension(runtime, extOID, extAsn1, ext.isCritical());
        retExts.append(retExt);
    }
    return retExts;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) RubyArray(org.jruby.RubyArray) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) Extensions(org.bouncycastle.asn1.x509.Extensions) Ruby(org.jruby.Ruby) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) JRubyMethod(org.jruby.anno.JRubyMethod)

Example 94 with Extension

use of com.github.zhenwei.core.asn1.x509.Extension in project jruby-openssl by jruby.

the class OCSPBasicResponse method convertRubyExtensions.

private Extensions convertRubyExtensions(IRubyObject extensions) {
    if (extensions.isNil())
        return null;
    List<Extension> retExtensions = new ArrayList<Extension>();
    Iterator<IRubyObject> rubyExtensions = ((RubyArray) extensions).iterator();
    while (rubyExtensions.hasNext()) {
        X509Extension rubyExt = (X509Extension) rubyExtensions.next();
        Extension ext = Extension.getInstance(((RubyString) rubyExt.to_der()).getBytes());
        retExtensions.add(ext);
    }
    Extension[] exts = new Extension[retExtensions.size()];
    retExtensions.toArray(exts);
    return new Extensions(exts);
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) RubyArray(org.jruby.RubyArray) ArrayList(java.util.ArrayList) IRubyObject(org.jruby.runtime.builtin.IRubyObject) Extensions(org.bouncycastle.asn1.x509.Extensions)

Example 95 with Extension

use of com.github.zhenwei.core.asn1.x509.Extension in project jruby-openssl by jruby.

the class OCSPBasicResponse method add_nonce.

@JRubyMethod(name = "add_nonce", rest = true)
public OCSPBasicResponse add_nonce(IRubyObject[] args) {
    Ruby runtime = getRuntime();
    byte[] tmpNonce;
    if (Arity.checkArgumentCount(runtime, args, 0, 1) == 0) {
        tmpNonce = generateNonce(runtime);
    } else {
        RubyString input = (RubyString) args[0];
        tmpNonce = input.getBytes();
    }
    extensions.add(new Extension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, tmpNonce));
    nonce = tmpNonce;
    return this;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) RubyString(org.jruby.RubyString) Ruby(org.jruby.Ruby) JRubyMethod(org.jruby.anno.JRubyMethod)

Aggregations

IOException (java.io.IOException)133 Extension (org.bouncycastle.asn1.x509.Extension)131 X509Certificate (java.security.cert.X509Certificate)80 ArrayList (java.util.ArrayList)78 Enumeration (java.util.Enumeration)75 Extensions (org.bouncycastle.asn1.x509.Extensions)70 BigInteger (java.math.BigInteger)62 CertPathValidatorException (java.security.cert.CertPathValidatorException)60 DEROctetString (org.bouncycastle.asn1.DEROctetString)59 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)58 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)57 GeneralSecurityException (java.security.GeneralSecurityException)55 List (java.util.List)55 HashSet (java.util.HashSet)54 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)51 CertificateExpiredException (java.security.cert.CertificateExpiredException)47 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)47 CertPathBuilderException (java.security.cert.CertPathBuilderException)45 Set (java.util.Set)45 GeneralName (org.bouncycastle.asn1.x509.GeneralName)44