use of org.bouncycastle.asn1.x509.AccessDescription in project nhin-d by DirectProject.
the class AuthorityInfoAccessOCSPLocExtentionField method injectReferenceValue.
/**
* {@inheritDoc}
*/
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
this.certificate = value;
final DERObject exValue = getExtensionValue(value);
if (exValue == null) {
if (isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
else {
final Collection<String> coll = Collections.emptyList();
this.policyValue = PolicyValueFactory.getInstance(coll);
return;
}
}
final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
final Collection<String> retVal = new ArrayList<String>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
if (accessDescription.getAccessMethod().equals(AccessDescription.id_ad_ocsp))
retVal.add(accessDescription.getAccessLocation().getName().toString());
}
if (retVal.isEmpty() && isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
this.policyValue = PolicyValueFactory.getInstance(retVal);
}
use of org.bouncycastle.asn1.x509.AccessDescription in project jdk8u_jdk by JetBrains.
the class ForwardBuilder method getCerts.
/**
* Download Certificates from the given AIA and add them to the
* specified Collection.
*/
// cs.getCertificates(caSelector) returns a collection of X509Certificate's
// because of the selector, so the cast is safe
@SuppressWarnings("unchecked")
private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) {
if (Builder.USE_AIA == false) {
return false;
}
List<AccessDescription> adList = aiaExt.getAccessDescriptions();
if (adList == null || adList.isEmpty()) {
return false;
}
boolean add = false;
for (AccessDescription ad : adList) {
CertStore cs = URICertStore.getInstance(ad);
if (cs != null) {
try {
if (certs.addAll((Collection<X509Certificate>) cs.getCertificates(caSelector))) {
add = true;
if (!searchAllCertStores) {
return true;
}
}
} catch (CertStoreException cse) {
if (debug != null) {
debug.println("exception getting certs from CertStore:");
cse.printStackTrace();
}
}
}
}
return add;
}
use of org.bouncycastle.asn1.x509.AccessDescription in project oxAuth by GluuFederation.
the class OCSPCertificateVerifier method getOCSPUrl.
@SuppressWarnings({ "deprecation", "resource" })
private String getOCSPUrl(X509Certificate certificate) throws IOException {
ASN1Primitive obj;
try {
obj = getExtensionValue(certificate, Extension.authorityInfoAccess.getId());
} catch (IOException ex) {
log.error("Failed to get OCSP URL", ex);
return null;
}
if (obj == null) {
return null;
}
AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(obj);
AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions();
for (AccessDescription accessDescription : accessDescriptions) {
boolean correctAccessMethod = accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.ocspAccessMethod);
if (!correctAccessMethod) {
continue;
}
GeneralName name = accessDescription.getAccessLocation();
if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
continue;
}
DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
return derStr.getString();
}
return null;
}
use of org.bouncycastle.asn1.x509.AccessDescription in project jdk8u_jdk by JetBrains.
the class OCSP method getResponderURI.
static URI getResponderURI(X509CertImpl certImpl) {
// Examine the certificate's AuthorityInfoAccess extension
AuthorityInfoAccessExtension aia = certImpl.getAuthorityInfoAccessExtension();
if (aia == null) {
return null;
}
List<AccessDescription> descriptions = aia.getAccessDescriptions();
for (AccessDescription description : descriptions) {
if (description.getAccessMethod().equals(AccessDescription.Ad_OCSP_Id)) {
GeneralName generalName = description.getAccessLocation();
if (generalName.getType() == GeneralNameInterface.NAME_URI) {
URIName uri = (URIName) generalName.getName();
return uri.getURI();
}
}
}
return null;
}
use of org.bouncycastle.asn1.x509.AccessDescription in project nhin-d by DirectProject.
the class AuthorityInfoAccessExtentionField method injectReferenceValue.
/**
* {@inheritDoc}
*/
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
this.certificate = value;
final DERObject exValue = getExtensionValue(value);
if (exValue == null) {
if (isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
else {
final Collection<String> coll = Collections.emptyList();
this.policyValue = PolicyValueFactory.getInstance(coll);
return;
}
}
final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
final Collection<String> retVal = new ArrayList<String>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
final String accessMethod = AuthorityInfoAccessMethodIdentifier.fromId(accessDescription.getAccessMethod().toString()).getName();
retVal.add(accessMethod + ":" + accessDescription.getAccessLocation().getName().toString());
}
if (retVal.isEmpty() && isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Aggregations