Example 61 with ASN1InputStream
use of org.bouncycastle.asn1.ASN1InputStream in project zm-mailbox by Zimbra.
the class CertUtil method printSubjectAlternativeNames.
private void printSubjectAlternativeNames(PrintStream outStream) throws Exception {
final String UPN_DISPLAY = "Principal Name";
final String RFC822NAME_DISPLAY = "RFC822 Name";
final String DNSNAME_DISPLAY = "DNS Name";
outStream.format("X509v3 Subject Alternative Name: \n");
ASN1InputStream decoder = null;
try {
Collection<List<?>> generalNames = cert.getSubjectAlternativeNames();
// Check that the certificate includes the SubjectAltName extension
if (generalNames == null) {
return;
}
for (List<?> generalName : generalNames) {
Integer tag = (Integer) generalName.get(0);
if (GeneralName.otherName == tag.intValue()) {
// Value is encoded using ASN.1
decoder = new ASN1InputStream((byte[]) generalName.toArray()[1]);
DEREncodable encoded = decoder.readObject();
DERSequence derSeq = (DERSequence) encoded;
DERObjectIdentifier typeId = DERObjectIdentifier.getInstance(derSeq.getObjectAt(0));
String oid = typeId.getId();
String value = null;
ASN1TaggedObject otherNameValue = ASN1TaggedObject.getInstance(derSeq.getObjectAt(1));
if (OID_UPN.equals(oid)) {
ASN1TaggedObject upnValue = ASN1TaggedObject.getInstance(otherNameValue.getObject());
DERUTF8String str = DERUTF8String.getInstance(upnValue.getObject());
value = str.getString();
}
outStream.format(" [%d] %s(%s) = %s\n", tag, oid, UPN_DISPLAY, value);
} else if (GeneralName.rfc822Name == tag.intValue()) {
String value = (String) generalName.get(1);
outStream.format(" [%d] %s = %s\n", tag, RFC822NAME_DISPLAY, value);
} else if (GeneralName.dNSName == tag.intValue()) {
String value = (String) generalName.get(1);
outStream.format(" [%d] %s = %s\n", tag, DNSNAME_DISPLAY, value);
} else {
outStream.format(" [%d] - not yet supported\n", tag);
}
}
} catch (CertificateParsingException e) {
e.printStackTrace();
} finally {
ByteUtil.closeStream(decoder);
}
}
Also used :
BigInteger(java.math.BigInteger)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERSequence(org.bouncycastle.asn1.DERSequence)
CertificateParsingException(java.security.cert.CertificateParsingException)
DEREncodable(org.bouncycastle.asn1.DEREncodable)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
List(java.util.List)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
Example 62 with ASN1InputStream
use of org.bouncycastle.asn1.ASN1InputStream in project zm-mailbox by Zimbra.
the class CertUtil method getSubjectAltNameOtherNameUPN.
String getSubjectAltNameOtherNameUPN() {
Collection<List<?>> generalNames = null;
try {
generalNames = cert.getSubjectAlternativeNames();
} catch (CertificateParsingException e) {
ZimbraLog.account.warn(LOG_PREFIX + "unable to get subject alternative names", e);
}
if (generalNames == null) {
return null;
}
ASN1InputStream decoder = null;
try {
// Check that the certificate includes the SubjectAltName extension
for (List<?> generalName : generalNames) {
Integer tag = (Integer) generalName.get(0);
if (GeneralName.otherName == tag.intValue()) {
// Value is encoded using ASN.1
decoder = new ASN1InputStream((byte[]) generalName.toArray()[1]);
DEREncodable encoded = decoder.readObject();
DERSequence derSeq = (DERSequence) encoded;
DERObjectIdentifier typeId = DERObjectIdentifier.getInstance(derSeq.getObjectAt(0));
String oid = typeId.getId();
String value = null;
ASN1TaggedObject otherNameValue = ASN1TaggedObject.getInstance(derSeq.getObjectAt(1));
if (OID_UPN.equals(oid)) {
ASN1TaggedObject upnValue = ASN1TaggedObject.getInstance(otherNameValue.getObject());
DERUTF8String str = DERUTF8String.getInstance(upnValue.getObject());
value = str.getString();
return value;
}
}
}
} catch (IOException e) {
ZimbraLog.account.warn(LOG_PREFIX + "unable to process ASN.1 data", e);
} finally {
ByteUtil.closeStream(decoder);
}
return null;
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
CertificateParsingException(java.security.cert.CertificateParsingException)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
IOException(java.io.IOException)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
BigInteger(java.math.BigInteger)
DERSequence(org.bouncycastle.asn1.DERSequence)
DEREncodable(org.bouncycastle.asn1.DEREncodable)
List(java.util.List)
Aggregations
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)53
IOException (java.io.IOException)44
CertificateParsingException (java.security.cert.CertificateParsingException)18
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)17
CertificateException (java.security.cert.CertificateException)16
Enumeration (java.util.Enumeration)16
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)14
CRLException (java.security.cert.CRLException)13
CertificateEncodingException (java.security.cert.CertificateEncodingException)13
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)13
NoSuchProviderException (java.security.NoSuchProviderException)11
InvalidKeyException (java.security.InvalidKeyException)10
SignatureException (java.security.SignatureException)10
CertificateExpiredException (java.security.cert.CertificateExpiredException)10
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)10
X509Certificate (java.security.cert.X509Certificate)9
List (java.util.List)9
ArrayList (java.util.ArrayList)8
ASN1InputStream (com.android.org.bouncycastle.asn1.ASN1InputStream)7
ByteArrayInputStream (java.io.ByteArrayInputStream)7
