Search in sources :

Example 1 with AccessDescription

use of org.bouncycastle.asn1.x509.AccessDescription in project nhin-d by DirectProject.

the class AuthorityInfoAccessOCSPLocExtentionField method injectReferenceValue.

/**
	 * {@inheritDoc}
	 */
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
    this.certificate = value;
    final DERObject exValue = getExtensionValue(value);
    if (exValue == null) {
        if (isRequired())
            throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
        else {
            final Collection<String> coll = Collections.emptyList();
            this.policyValue = PolicyValueFactory.getInstance(coll);
            return;
        }
    }
    final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
    final Collection<String> retVal = new ArrayList<String>();
    for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
        if (accessDescription.getAccessMethod().equals(AccessDescription.id_ad_ocsp))
            retVal.add(accessDescription.getAccessLocation().getName().toString());
    }
    if (retVal.isEmpty() && isRequired())
        throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
    this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used : PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException) AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess) DERObject(org.bouncycastle.asn1.DERObject) AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) ArrayList(java.util.ArrayList)

Example 2 with AccessDescription

use of org.bouncycastle.asn1.x509.AccessDescription in project jdk8u_jdk by JetBrains.

the class ForwardBuilder method getCerts.

/**
     * Download Certificates from the given AIA and add them to the
     * specified Collection.
     */
// cs.getCertificates(caSelector) returns a collection of X509Certificate's
// because of the selector, so the cast is safe
@SuppressWarnings("unchecked")
private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) {
    if (Builder.USE_AIA == false) {
        return false;
    }
    List<AccessDescription> adList = aiaExt.getAccessDescriptions();
    if (adList == null || adList.isEmpty()) {
        return false;
    }
    boolean add = false;
    for (AccessDescription ad : adList) {
        CertStore cs = URICertStore.getInstance(ad);
        if (cs != null) {
            try {
                if (certs.addAll((Collection<X509Certificate>) cs.getCertificates(caSelector))) {
                    add = true;
                    if (!searchAllCertStores) {
                        return true;
                    }
                }
            } catch (CertStoreException cse) {
                if (debug != null) {
                    debug.println("exception getting certs from CertStore:");
                    cse.printStackTrace();
                }
            }
        }
    }
    return add;
}
Also used : AccessDescription(sun.security.x509.AccessDescription) CertStoreException(java.security.cert.CertStoreException) CertStore(java.security.cert.CertStore) X509Certificate(java.security.cert.X509Certificate)

Example 3 with AccessDescription

use of org.bouncycastle.asn1.x509.AccessDescription in project oxAuth by GluuFederation.

the class OCSPCertificateVerifier method getOCSPUrl.

@SuppressWarnings({ "deprecation", "resource" })
private String getOCSPUrl(X509Certificate certificate) throws IOException {
    ASN1Primitive obj;
    try {
        obj = getExtensionValue(certificate, Extension.authorityInfoAccess.getId());
    } catch (IOException ex) {
        log.error("Failed to get OCSP URL", ex);
        return null;
    }
    if (obj == null) {
        return null;
    }
    AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(obj);
    AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions();
    for (AccessDescription accessDescription : accessDescriptions) {
        boolean correctAccessMethod = accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.ocspAccessMethod);
        if (!correctAccessMethod) {
            continue;
        }
        GeneralName name = accessDescription.getAccessLocation();
        if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
            continue;
        }
        DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
        return derStr.getString();
    }
    return null;
}
Also used : AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess) DERIA5String(org.bouncycastle.asn1.DERIA5String) AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) IOException(java.io.IOException) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 4 with AccessDescription

use of org.bouncycastle.asn1.x509.AccessDescription in project jdk8u_jdk by JetBrains.

the class OCSP method getResponderURI.

static URI getResponderURI(X509CertImpl certImpl) {
    // Examine the certificate's AuthorityInfoAccess extension
    AuthorityInfoAccessExtension aia = certImpl.getAuthorityInfoAccessExtension();
    if (aia == null) {
        return null;
    }
    List<AccessDescription> descriptions = aia.getAccessDescriptions();
    for (AccessDescription description : descriptions) {
        if (description.getAccessMethod().equals(AccessDescription.Ad_OCSP_Id)) {
            GeneralName generalName = description.getAccessLocation();
            if (generalName.getType() == GeneralNameInterface.NAME_URI) {
                URIName uri = (URIName) generalName.getName();
                return uri.getURI();
            }
        }
    }
    return null;
}
Also used : AuthorityInfoAccessExtension(sun.security.x509.AuthorityInfoAccessExtension) AccessDescription(sun.security.x509.AccessDescription) GeneralName(sun.security.x509.GeneralName) URIName(sun.security.x509.URIName)

Example 5 with AccessDescription

use of org.bouncycastle.asn1.x509.AccessDescription in project nhin-d by DirectProject.

the class AuthorityInfoAccessExtentionField method injectReferenceValue.

/**
	 * {@inheritDoc}
	 */
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
    this.certificate = value;
    final DERObject exValue = getExtensionValue(value);
    if (exValue == null) {
        if (isRequired())
            throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
        else {
            final Collection<String> coll = Collections.emptyList();
            this.policyValue = PolicyValueFactory.getInstance(coll);
            return;
        }
    }
    final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
    final Collection<String> retVal = new ArrayList<String>();
    for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
        final String accessMethod = AuthorityInfoAccessMethodIdentifier.fromId(accessDescription.getAccessMethod().toString()).getName();
        retVal.add(accessMethod + ":" + accessDescription.getAccessLocation().getName().toString());
    }
    if (retVal.isEmpty() && isRequired())
        throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
    this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used : PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException) AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess) DERObject(org.bouncycastle.asn1.DERObject) AccessDescription(org.bouncycastle.asn1.x509.AccessDescription) ArrayList(java.util.ArrayList)

Aggregations

AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)3 AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)3 ArrayList (java.util.ArrayList)2 DERObject (org.bouncycastle.asn1.DERObject)2 PolicyRequiredException (org.nhindirect.policy.PolicyRequiredException)2 AccessDescription (sun.security.x509.AccessDescription)2 IOException (java.io.IOException)1 CertStore (java.security.cert.CertStore)1 CertStoreException (java.security.cert.CertStoreException)1 X509Certificate (java.security.cert.X509Certificate)1 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)1 DERIA5String (org.bouncycastle.asn1.DERIA5String)1 GeneralName (org.bouncycastle.asn1.x509.GeneralName)1 AuthorityInfoAccessExtension (sun.security.x509.AuthorityInfoAccessExtension)1 GeneralName (sun.security.x509.GeneralName)1 URIName (sun.security.x509.URIName)1