Example 1 with AccessDescription
use of org.bouncycastle.asn1.x509.AccessDescription in project nhin-d by DirectProject.
the class AuthorityInfoAccessOCSPLocExtentionField method injectReferenceValue.
/**
* {@inheritDoc}
*/
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
this.certificate = value;
final DERObject exValue = getExtensionValue(value);
if (exValue == null) {
if (isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
else {
final Collection<String> coll = Collections.emptyList();
this.policyValue = PolicyValueFactory.getInstance(coll);
return;
}
}
final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
final Collection<String> retVal = new ArrayList<String>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
if (accessDescription.getAccessMethod().equals(AccessDescription.id_ad_ocsp))
retVal.add(accessDescription.getAccessLocation().getName().toString());
}
if (retVal.isEmpty() && isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
DERObject(org.bouncycastle.asn1.DERObject)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ArrayList(java.util.ArrayList)
Example 2 with AccessDescription
use of org.bouncycastle.asn1.x509.AccessDescription in project jdk8u_jdk by JetBrains.
the class ForwardBuilder method getCerts.
/**
* Download Certificates from the given AIA and add them to the
* specified Collection.
*/
// cs.getCertificates(caSelector) returns a collection of X509Certificate's
// because of the selector, so the cast is safe
@SuppressWarnings("unchecked")
private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) {
if (Builder.USE_AIA == false) {
return false;
}
List<AccessDescription> adList = aiaExt.getAccessDescriptions();
if (adList == null || adList.isEmpty()) {
return false;
}
boolean add = false;
for (AccessDescription ad : adList) {
CertStore cs = URICertStore.getInstance(ad);
if (cs != null) {
try {
if (certs.addAll((Collection<X509Certificate>) cs.getCertificates(caSelector))) {
add = true;
if (!searchAllCertStores) {
return true;
}
}
} catch (CertStoreException cse) {
if (debug != null) {
debug.println("exception getting certs from CertStore:");
cse.printStackTrace();
}
}
}
}
return add;
}
Also used :
AccessDescription(sun.security.x509.AccessDescription)
CertStoreException(java.security.cert.CertStoreException)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
Example 3 with AccessDescription
use of org.bouncycastle.asn1.x509.AccessDescription in project oxAuth by GluuFederation.
the class OCSPCertificateVerifier method getOCSPUrl.
@SuppressWarnings({ "deprecation", "resource" })
private String getOCSPUrl(X509Certificate certificate) throws IOException {
ASN1Primitive obj;
try {
obj = getExtensionValue(certificate, Extension.authorityInfoAccess.getId());
} catch (IOException ex) {
log.error("Failed to get OCSP URL", ex);
return null;
}
if (obj == null) {
return null;
}
AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(obj);
AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions();
for (AccessDescription accessDescription : accessDescriptions) {
boolean correctAccessMethod = accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.ocspAccessMethod);
if (!correctAccessMethod) {
continue;
}
GeneralName name = accessDescription.getAccessLocation();
if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
continue;
}
DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
return derStr.getString();
}
return null;
}
Also used :
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
IOException(java.io.IOException)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
Example 4 with AccessDescription
use of org.bouncycastle.asn1.x509.AccessDescription in project jdk8u_jdk by JetBrains.
the class OCSP method getResponderURI.
static URI getResponderURI(X509CertImpl certImpl) {
// Examine the certificate's AuthorityInfoAccess extension
AuthorityInfoAccessExtension aia = certImpl.getAuthorityInfoAccessExtension();
if (aia == null) {
return null;
}
List<AccessDescription> descriptions = aia.getAccessDescriptions();
for (AccessDescription description : descriptions) {
if (description.getAccessMethod().equals(AccessDescription.Ad_OCSP_Id)) {
GeneralName generalName = description.getAccessLocation();
if (generalName.getType() == GeneralNameInterface.NAME_URI) {
URIName uri = (URIName) generalName.getName();
return uri.getURI();
}
}
}
return null;
}
Also used :
AuthorityInfoAccessExtension(sun.security.x509.AuthorityInfoAccessExtension)
AccessDescription(sun.security.x509.AccessDescription)
GeneralName(sun.security.x509.GeneralName)
URIName(sun.security.x509.URIName)
Example 5 with AccessDescription
use of org.bouncycastle.asn1.x509.AccessDescription in project nhin-d by DirectProject.
the class AuthorityInfoAccessExtentionField method injectReferenceValue.
/**
* {@inheritDoc}
*/
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
this.certificate = value;
final DERObject exValue = getExtensionValue(value);
if (exValue == null) {
if (isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
else {
final Collection<String> coll = Collections.emptyList();
this.policyValue = PolicyValueFactory.getInstance(coll);
return;
}
}
final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
final Collection<String> retVal = new ArrayList<String>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
final String accessMethod = AuthorityInfoAccessMethodIdentifier.fromId(accessDescription.getAccessMethod().toString()).getName();
retVal.add(accessMethod + ":" + accessDescription.getAccessLocation().getName().toString());
}
if (retVal.isEmpty() && isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
DERObject(org.bouncycastle.asn1.DERObject)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ArrayList(java.util.ArrayList)
Aggregations
AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)3
AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)3
ArrayList (java.util.ArrayList)2
DERObject (org.bouncycastle.asn1.DERObject)2
PolicyRequiredException (org.nhindirect.policy.PolicyRequiredException)2
AccessDescription (sun.security.x509.AccessDescription)2
IOException (java.io.IOException)1
CertStore (java.security.cert.CertStore)1
CertStoreException (java.security.cert.CertStoreException)1
X509Certificate (java.security.cert.X509Certificate)1
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)1
DERIA5String (org.bouncycastle.asn1.DERIA5String)1
GeneralName (org.bouncycastle.asn1.x509.GeneralName)1
AuthorityInfoAccessExtension (sun.security.x509.AuthorityInfoAccessExtension)1
GeneralName (sun.security.x509.GeneralName)1
URIName (sun.security.x509.URIName)1
