Example 16 with AuthorityInformationAccess
use of org.bouncycastle.asn1.x509.AuthorityInformationAccess in project xipki by xipki.
the class ExtensionsChecker method checkAia.
private static void checkAia(StringBuilder failureMsg, AuthorityInformationAccess aia, ASN1ObjectIdentifier accessMethod, Set<String> expectedUris) {
String typeDesc;
if (X509ObjectIdentifiers.id_ad_ocsp.equals(accessMethod)) {
typeDesc = "OCSP";
} else if (X509ObjectIdentifiers.id_ad_caIssuers.equals(accessMethod)) {
typeDesc = "caIssuer";
} else {
typeDesc = accessMethod.getId();
}
List<AccessDescription> isAccessDescriptions = new LinkedList<>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
if (accessMethod.equals(accessDescription.getAccessMethod())) {
isAccessDescriptions.add(accessDescription);
}
}
int size = isAccessDescriptions.size();
if (size != expectedUris.size()) {
addViolation(failureMsg, "number of AIA " + typeDesc + " URIs", size, expectedUris.size());
return;
}
Set<String> isUris = new HashSet<>();
for (int i = 0; i < size; i++) {
GeneralName isAccessLocation = isAccessDescriptions.get(i).getAccessLocation();
if (isAccessLocation.getTagNo() != GeneralName.uniformResourceIdentifier) {
addViolation(failureMsg, "tag of accessLocation of AIA ", isAccessLocation.getTagNo(), GeneralName.uniformResourceIdentifier);
} else {
String isOcspUri = ((ASN1String) isAccessLocation.getName()).getString();
isUris.add(isOcspUri);
}
}
Set<String> diffs = strInBnotInA(expectedUris, isUris);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
failureMsg.append(" are present but not expected; ");
}
diffs = strInBnotInA(isUris, expectedUris);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
failureMsg.append(" are absent but are required; ");
}
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
ASN1String(org.bouncycastle.asn1.ASN1String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERT61String(org.bouncycastle.asn1.DERT61String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1String(org.bouncycastle.asn1.ASN1String)
LinkedList(java.util.LinkedList)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
HashSet(java.util.HashSet)
Example 17 with AuthorityInformationAccess
use of org.bouncycastle.asn1.x509.AuthorityInformationAccess in project keystore-explorer by kaikramer.
the class X509Ext method getAuthorityInformationAccessStringValue.
private String getAuthorityInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* AuthorityInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
AuthorityInformationAccess authorityInfoAccess = AuthorityInformationAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : authorityInfoAccess.getAccessDescriptions()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else {
// Unrecognised Access Method OID
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("AuthorityInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT.toString(2));
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 18 with AuthorityInformationAccess
use of org.bouncycastle.asn1.x509.AuthorityInformationAccess in project keystore-explorer by kaikramer.
the class DAuthorityInformationAccess method okPressed.
private void okPressed() {
List<AccessDescription> accessDescriptions = jadAccessDescriptions.getAccessDescriptions();
if (accessDescriptions.size() == 0) {
JOptionPane.showMessageDialog(this, res.getString("DAuthorityInformationAccess.ValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
ASN1EncodableVector vec = new ASN1EncodableVector();
for (AccessDescription accessDescription : accessDescriptions) {
vec.add(accessDescription);
}
AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(new DERSequence(vec));
try {
value = authorityInformationAccess.getEncoded(ASN1Encoding.DER);
} catch (IOException ex) {
DError dError = new DError(this, ex);
dError.setLocationRelativeTo(this);
dError.setVisible(true);
return;
}
closeDialog();
}
Also used :
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
DERSequence(org.bouncycastle.asn1.DERSequence)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
IOException(java.io.IOException)
DError(org.kse.gui.error.DError)
Aggregations
AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)15
AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)12
GeneralName (org.bouncycastle.asn1.x509.GeneralName)11
ArrayList (java.util.ArrayList)7
DERIA5String (org.bouncycastle.asn1.DERIA5String)6
IOException (java.io.IOException)4
ASN1String (org.bouncycastle.asn1.ASN1String)4
X500Name (org.bouncycastle.asn1.x500.X500Name)4
BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)4
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)4
LinkedList (java.util.LinkedList)3
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3
DERBMPString (org.bouncycastle.asn1.DERBMPString)3
DEROctetString (org.bouncycastle.asn1.DEROctetString)3
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)3
DERSequence (org.bouncycastle.asn1.DERSequence)3
DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)3
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)3
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)3
X509v3CertificateBuilder (org.bouncycastle.cert.X509v3CertificateBuilder)3
