Example 16 with Extension
use of org.bouncycastle.asn1.x509.Extension in project robovm by robovm.
the class X509V2AttributeCertificate method getExtensionOIDs.
private Set getExtensionOIDs(boolean critical) {
Extensions extensions = cert.getAcinfo().getExtensions();
if (extensions != null) {
Set set = new HashSet();
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
Extension ext = extensions.getExtension(oid);
if (ext.isCritical() == critical) {
set.add(oid.getId());
}
}
return set;
}
return null;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
HashSet(java.util.HashSet)
Set(java.util.Set)
Enumeration(java.util.Enumeration)
Extensions(org.bouncycastle.asn1.x509.Extensions)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
HashSet(java.util.HashSet)
Example 17 with Extension
use of org.bouncycastle.asn1.x509.Extension in project robovm by robovm.
the class X509CRLObject method isRevoked.
/**
* Checks whether the given certificate is on this CRL.
*
* @param cert the certificate to check for.
* @return true if the given certificate is on this CRL,
* false otherwise.
*/
public boolean isRevoked(Certificate cert) {
if (!cert.getType().equals("X.509")) {
throw new RuntimeException("X.509 CRL used with non X.509 Cert");
}
TBSCertList.CRLEntry[] certs = c.getRevokedCertificates();
X500Name caName = c.getIssuer();
if (certs != null) {
BigInteger serial = ((X509Certificate) cert).getSerialNumber();
for (int i = 0; i < certs.length; i++) {
if (isIndirect && certs[i].hasExtensions()) {
Extension currentCaName = certs[i].getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null) {
caName = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
if (certs[i].getUserCertificate().getValue().equals(serial)) {
X500Name issuer;
if (cert instanceof X509Certificate) {
issuer = X500Name.getInstance(((X509Certificate) cert).getIssuerX500Principal().getEncoded());
} else {
try {
issuer = org.bouncycastle.asn1.x509.Certificate.getInstance(cert.getEncoded()).getIssuer();
} catch (CertificateEncodingException e) {
throw new RuntimeException("Cannot process certificate");
}
}
if (!caName.equals(issuer)) {
return false;
}
return true;
}
}
}
return false;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
BigInteger(java.math.BigInteger)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
X509CRLEntry(java.security.cert.X509CRLEntry)
X500Name(org.bouncycastle.asn1.x500.X500Name)
X509Certificate(java.security.cert.X509Certificate)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
Example 18 with Extension
use of org.bouncycastle.asn1.x509.Extension in project robovm by robovm.
the class X509CRLObject method getRevokedCertificate.
public X509CRLEntry getRevokedCertificate(BigInteger serialNumber) {
Enumeration certs = c.getRevokedCertificateEnumeration();
// the issuer
X500Name previousCertificateIssuer = null;
while (certs.hasMoreElements()) {
TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry) certs.nextElement();
if (serialNumber.equals(entry.getUserCertificate().getValue())) {
return new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
}
if (isIndirect && entry.hasExtensions()) {
Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
if (currentCaName != null) {
previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
}
}
}
return null;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
Enumeration(java.util.Enumeration)
TBSCertList(org.bouncycastle.asn1.x509.TBSCertList)
X500Name(org.bouncycastle.asn1.x500.X500Name)
X509CRLEntry(java.security.cert.X509CRLEntry)
Example 19 with Extension
use of org.bouncycastle.asn1.x509.Extension in project robovm by robovm.
the class X509CertificateObject method getExtendedKeyUsage.
public List getExtendedKeyUsage() throws CertificateParsingException {
byte[] bytes = this.getExtensionBytes("2.5.29.37");
if (bytes != null) {
try {
ASN1InputStream dIn = new ASN1InputStream(bytes);
ASN1Sequence seq = (ASN1Sequence) dIn.readObject();
List list = new ArrayList();
for (int i = 0; i != seq.size(); i++) {
list.add(((ASN1ObjectIdentifier) seq.getObjectAt(i)).getId());
}
return Collections.unmodifiableList(list);
} catch (Exception e) {
throw new CertificateParsingException("error processing extended key usage extension");
}
}
return null;
}
Also used :
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
CertificateParsingException(java.security.cert.CertificateParsingException)
ArrayList(java.util.ArrayList)
List(java.util.List)
ArrayList(java.util.ArrayList)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
SignatureException(java.security.SignatureException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
InvalidKeyException(java.security.InvalidKeyException)
CertificateEncodingException(java.security.cert.CertificateEncodingException)
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
CertificateParsingException(java.security.cert.CertificateParsingException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
UnknownHostException(java.net.UnknownHostException)
NoSuchProviderException(java.security.NoSuchProviderException)
Example 20 with Extension
use of org.bouncycastle.asn1.x509.Extension in project robovm by robovm.
the class X509CertificateObject method getNonCriticalExtensionOIDs.
public Set getNonCriticalExtensionOIDs() {
if (this.getVersion() == 3) {
Set set = new HashSet();
Extensions extensions = c.getTBSCertificate().getExtensions();
if (extensions != null) {
Enumeration e = extensions.oids();
while (e.hasMoreElements()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
Extension ext = extensions.getExtension(oid);
if (!ext.isCritical()) {
set.add(oid.getId());
}
}
return set;
}
}
return null;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
VerisignCzagExtension(org.bouncycastle.asn1.misc.VerisignCzagExtension)
Set(java.util.Set)
HashSet(java.util.HashSet)
Enumeration(java.util.Enumeration)
Extensions(org.bouncycastle.asn1.x509.Extensions)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
HashSet(java.util.HashSet)
Aggregations
IOException (java.io.IOException)52
Enumeration (java.util.Enumeration)37
ArrayList (java.util.ArrayList)36
ExtCertPathValidatorException (org.bouncycastle.jce.exception.ExtCertPathValidatorException)36
List (java.util.List)35
CertPathValidatorException (java.security.cert.CertPathValidatorException)34
X509Certificate (java.security.cert.X509Certificate)34
GeneralSecurityException (java.security.GeneralSecurityException)33
CertificateExpiredException (java.security.cert.CertificateExpiredException)31
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)31
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)31
IssuingDistributionPoint (org.bouncycastle.asn1.x509.IssuingDistributionPoint)31
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)28
CertPathBuilderException (java.security.cert.CertPathBuilderException)26
Extension (org.bouncycastle.asn1.x509.Extension)25
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)22
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)22
HashSet (java.util.HashSet)21
Set (java.util.Set)21
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)20
