Examples with ASN1String org.bouncycastle.asn1.ASN1String used on opensource projects

Search in sources :

Example 16 with ASN1String

use of org.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class BaseOcspStatusAction method extractOcspUrls.

public static List<String> extractOcspUrls(AuthorityInformationAccess aia) throws CertificateEncodingException {
    AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
    List<AccessDescription> ocspAccessDescriptions = new LinkedList<>();
    for (AccessDescription accessDescription : accessDescriptions) {
        if (accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.id_ad_ocsp)) {
            ocspAccessDescriptions.add(accessDescription);
        }
    }
    final int n = ocspAccessDescriptions.size();
    List<String> ocspUris = new ArrayList<>(n);
    for (int i = 0; i < n; i++) {
        GeneralName accessLocation = ocspAccessDescriptions.get(i).getAccessLocation();
        if (accessLocation.getTagNo() == GeneralName.uniformResourceIdentifier) {
            String ocspUri = ((ASN1String) accessLocation.getName()).getString();
            ocspUris.add(ocspUri);
        }
    }
    return ocspUris;
}
Also used : AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) ArrayList(java.util.ArrayList) ASN1String(org.bouncycastle.asn1.ASN1String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1String(org.bouncycastle.asn1.ASN1String) LinkedList(java.util.LinkedList)

Example 17 with ASN1String

use of org.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method checkExtensionCrlDistributionPoints.

// method checkExtensionIssuerAltNames
private void checkExtensionCrlDistributionPoints(StringBuilder failureMsg, byte[] extensionValue, X509IssuerInfo issuerInfo) {
    CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
    DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
    if (isDistributionPoints == null) {
        addViolation(failureMsg, "size of CRLDistributionPoints", 0, 1);
        return;
    } else {
        int len = isDistributionPoints.length;
        if (len != 1) {
            addViolation(failureMsg, "size of CRLDistributionPoints", len, 1);
            return;
        }
    }
    Set<String> isCrlUrls = new HashSet<>();
    for (DistributionPoint entry : isDistributionPoints) {
        int asn1Type = entry.getDistributionPoint().getType();
        if (asn1Type != DistributionPointName.FULL_NAME) {
            addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints", asn1Type, DistributionPointName.FULL_NAME);
            continue;
        }
        GeneralNames isDistributionPointNames = GeneralNames.getInstance(entry.getDistributionPoint().getName());
        GeneralName[] names = isDistributionPointNames.getNames();
        for (int i = 0; i < names.length; i++) {
            GeneralName name = names[i];
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                addViolation(failureMsg, "tag of CRL URL", name.getTagNo(), GeneralName.uniformResourceIdentifier);
            } else {
                String uri = ((ASN1String) name.getName()).getString();
                isCrlUrls.add(uri);
            }
        }
        Set<String> expCrlUrls = issuerInfo.getCrlUrls();
        Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("CRL URLs ").append(diffs).append(" are present but not expected; ");
        }
        diffs = strInBnotInA(isCrlUrls, expCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("CRL URLs ").append(diffs).append(" are absent but are required; ");
        }
    }
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1String(org.bouncycastle.asn1.ASN1String) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) HashSet(java.util.HashSet)

Example 18 with ASN1String

use of org.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method checkExtensionDeltaCrlDistributionPoints.

// method checkExtensionCrlDistributionPoints
private void checkExtensionDeltaCrlDistributionPoints(StringBuilder failureMsg, byte[] extensionValue, X509IssuerInfo issuerInfo) {
    CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
    DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
    if (isDistributionPoints == null) {
        addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", 0, 1);
        return;
    } else {
        int len = isDistributionPoints.length;
        if (len != 1) {
            addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", len, 1);
            return;
        }
    }
    Set<String> isCrlUrls = new HashSet<>();
    for (DistributionPoint entry : isDistributionPoints) {
        int asn1Type = entry.getDistributionPoint().getType();
        if (asn1Type != DistributionPointName.FULL_NAME) {
            addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints (deltaCRL)", asn1Type, DistributionPointName.FULL_NAME);
            continue;
        }
        GeneralNames isDistributionPointNames = GeneralNames.getInstance(entry.getDistributionPoint().getName());
        GeneralName[] names = isDistributionPointNames.getNames();
        for (int i = 0; i < names.length; i++) {
            GeneralName name = names[i];
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                addViolation(failureMsg, "tag of deltaCRL URL", name.getTagNo(), GeneralName.uniformResourceIdentifier);
            } else {
                String uri = ((ASN1String) name.getName()).getString();
                isCrlUrls.add(uri);
            }
        }
        Set<String> expCrlUrls = issuerInfo.getCrlUrls();
        Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("deltaCRL URLs ").append(diffs).append(" are present but not expected; ");
        }
        diffs = strInBnotInA(isCrlUrls, expCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("deltaCRL URLs ").append(diffs).append(" are absent but are required; ");
        }
    }
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1String(org.bouncycastle.asn1.ASN1String) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) HashSet(java.util.HashSet)

Example 19 with ASN1String

use of org.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method checkAia.

private static void checkAia(StringBuilder failureMsg, AuthorityInformationAccess aia, ASN1ObjectIdentifier accessMethod, Set<String> expectedUris) {
    String typeDesc;
    if (X509ObjectIdentifiers.id_ad_ocsp.equals(accessMethod)) {
        typeDesc = "OCSP";
    } else if (X509ObjectIdentifiers.id_ad_caIssuers.equals(accessMethod)) {
        typeDesc = "caIssuer";
    } else {
        typeDesc = accessMethod.getId();
    }
    List<AccessDescription> isAccessDescriptions = new LinkedList<>();
    for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
        if (accessMethod.equals(accessDescription.getAccessMethod())) {
            isAccessDescriptions.add(accessDescription);
        }
    }
    int size = isAccessDescriptions.size();
    if (size != expectedUris.size()) {
        addViolation(failureMsg, "number of AIA " + typeDesc + " URIs", size, expectedUris.size());
        return;
    }
    Set<String> isUris = new HashSet<>();
    for (int i = 0; i < size; i++) {
        GeneralName isAccessLocation = isAccessDescriptions.get(i).getAccessLocation();
        if (isAccessLocation.getTagNo() != GeneralName.uniformResourceIdentifier) {
            addViolation(failureMsg, "tag of accessLocation of AIA ", isAccessLocation.getTagNo(), GeneralName.uniformResourceIdentifier);
        } else {
            String isOcspUri = ((ASN1String) isAccessLocation.getName()).getString();
            isUris.add(isOcspUri);
        }
    }
    Set<String> diffs = strInBnotInA(expectedUris, isUris);
    if (CollectionUtil.isNonEmpty(diffs)) {
        failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
        failureMsg.append(" are present but not expected; ");
    }
    diffs = strInBnotInA(isUris, expectedUris);
    if (CollectionUtil.isNonEmpty(diffs)) {
        failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
        failureMsg.append(" are absent but are required; ");
    }
}
Also used : AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1String(org.bouncycastle.asn1.ASN1String) LinkedList(java.util.LinkedList) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) HashSet(java.util.HashSet)

Example 20 with ASN1String

use of org.bouncycastle.asn1.ASN1String in project open-ecard by ecsec.

the class ListCertificates method matchesRdn.

private boolean matchesRdn(Pattern searchPattern, X500Name name, ASN1ObjectIdentifier rdnIdentifier) {
    RDN[] rdns = name.getRDNs(rdnIdentifier);
    if (rdns.length >= 1) {
        // only compare first as everything else would be non standard in X509 certs
        AttributeTypeAndValue rdnAttr = rdns[0].getFirst();
        ASN1String attrStr = (ASN1String) rdnAttr.getValue().toASN1Primitive();
        String rdnStr = attrStr.getString();
        return searchPattern.matcher(rdnStr).matches();
    } else {
        return false;
    }
}
Also used : ASN1String(org.openecard.bouncycastle.asn1.ASN1String) ASN1String(org.openecard.bouncycastle.asn1.ASN1String) ASN1OctetString(org.openecard.bouncycastle.asn1.ASN1OctetString) RDN(org.openecard.bouncycastle.asn1.x500.RDN) AttributeTypeAndValue(org.openecard.bouncycastle.asn1.x500.AttributeTypeAndValue)

Aggregations

ASN1String (org.bouncycastle.asn1.ASN1String)19 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)9 DERIA5String (org.bouncycastle.asn1.DERIA5String)9 DEROctetString (org.bouncycastle.asn1.DEROctetString)9 GeneralName (org.bouncycastle.asn1.x509.GeneralName)9 IOException (java.io.IOException)8 DERUniversalString (org.bouncycastle.asn1.DERUniversalString)8 DERBMPString (org.bouncycastle.asn1.DERBMPString)6 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)6 DERT61String (org.bouncycastle.asn1.DERT61String)6 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)6 ArrayList (java.util.ArrayList)5 DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)5 QaDirectoryString (org.xipki.ca.qa.internal.QaDirectoryString)5 CertificateParsingException (java.security.cert.CertificateParsingException)4 Collection (java.util.Collection)4 Enumeration (java.util.Enumeration)4 List (java.util.List)4 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)4 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial