Example 91 with Extension
use of org.gluu.oxtrust.model.scim2.Extension in project xipki by xipki.
the class ExtensionsChecker method getExensionTypes.
// getExpectedExtValue
private Set<ASN1ObjectIdentifier> getExensionTypes(Certificate cert, X509IssuerInfo issuerInfo, Extensions requestedExtensions) {
Set<ASN1ObjectIdentifier> types = new HashSet<>();
// profile required extension types
Map<ASN1ObjectIdentifier, ExtensionControl> extensionControls = certProfile.getExtensionControls();
for (ASN1ObjectIdentifier oid : extensionControls.keySet()) {
if (extensionControls.get(oid).isRequired()) {
types.add(oid);
}
}
Set<ASN1ObjectIdentifier> wantedExtensionTypes = new HashSet<>();
if (requestedExtensions != null) {
Extension reqExtension = requestedExtensions.getExtension(ObjectIdentifiers.id_xipki_ext_cmpRequestExtensions);
if (reqExtension != null) {
ExtensionExistence ee = ExtensionExistence.getInstance(reqExtension.getParsedValue());
types.addAll(ee.getNeedExtensions());
wantedExtensionTypes.addAll(ee.getWantExtensions());
}
}
if (CollectionUtil.isEmpty(wantedExtensionTypes)) {
return types;
}
// wanted extension types
// Authority key identifier
ASN1ObjectIdentifier type = Extension.authorityKeyIdentifier;
if (wantedExtensionTypes.contains(type)) {
types.add(type);
}
// Subject key identifier
type = Extension.subjectKeyIdentifier;
if (wantedExtensionTypes.contains(type)) {
types.add(type);
}
// KeyUsage
type = Extension.keyUsage;
if (wantedExtensionTypes.contains(type)) {
boolean required = false;
if (requestedExtensions != null && requestedExtensions.getExtension(type) != null) {
required = true;
}
if (!required) {
Set<KeyUsageControl> requiredKeyusage = getKeyusage(true);
if (CollectionUtil.isNonEmpty(requiredKeyusage)) {
required = true;
}
}
if (required) {
types.add(type);
}
}
// CertificatePolicies
type = Extension.certificatePolicies;
if (wantedExtensionTypes.contains(type)) {
if (certificatePolicies != null) {
types.add(type);
}
}
// Policy Mappings
type = Extension.policyMappings;
if (wantedExtensionTypes.contains(type)) {
if (policyMappings != null) {
types.add(type);
}
}
// SubjectAltNames
type = Extension.subjectAlternativeName;
if (wantedExtensionTypes.contains(type)) {
if (requestedExtensions != null && requestedExtensions.getExtension(type) != null) {
types.add(type);
}
}
// IssuerAltName
type = Extension.issuerAlternativeName;
if (wantedExtensionTypes.contains(type)) {
if (cert.getTBSCertificate().getExtensions().getExtension(Extension.subjectAlternativeName) != null) {
types.add(type);
}
}
// BasicConstraints
type = Extension.basicConstraints;
if (wantedExtensionTypes.contains(type)) {
types.add(type);
}
// Name Constraints
type = Extension.nameConstraints;
if (wantedExtensionTypes.contains(type)) {
if (nameConstraints != null) {
types.add(type);
}
}
// PolicyConstrains
type = Extension.policyConstraints;
if (wantedExtensionTypes.contains(type)) {
if (policyConstraints != null) {
types.add(type);
}
}
// ExtendedKeyUsage
type = Extension.extendedKeyUsage;
if (wantedExtensionTypes.contains(type)) {
boolean required = false;
if (requestedExtensions != null && requestedExtensions.getExtension(type) != null) {
required = true;
}
if (!required) {
Set<ExtKeyUsageControl> requiredExtKeyusage = getExtKeyusage(true);
if (CollectionUtil.isNonEmpty(requiredExtKeyusage)) {
required = true;
}
}
if (required) {
types.add(type);
}
}
// CRLDistributionPoints
type = Extension.cRLDistributionPoints;
if (wantedExtensionTypes.contains(type)) {
if (issuerInfo.getCrlUrls() != null) {
types.add(type);
}
}
// Inhibit anyPolicy
type = Extension.inhibitAnyPolicy;
if (wantedExtensionTypes.contains(type)) {
if (inhibitAnyPolicy != null) {
types.add(type);
}
}
// FreshestCRL
type = Extension.freshestCRL;
if (wantedExtensionTypes.contains(type)) {
if (issuerInfo.getDeltaCrlUrls() != null) {
types.add(type);
}
}
// AuthorityInfoAccess
type = Extension.authorityInfoAccess;
if (wantedExtensionTypes.contains(type)) {
if (issuerInfo.getOcspUrls() != null) {
types.add(type);
}
}
// SubjectInfoAccess
type = Extension.subjectInfoAccess;
if (wantedExtensionTypes.contains(type)) {
if (requestedExtensions != null && requestedExtensions.getExtension(type) != null) {
types.add(type);
}
}
// Admission
type = ObjectIdentifiers.id_extension_admission;
if (wantedExtensionTypes.contains(type)) {
if (certProfile.getAdmission() != null) {
types.add(type);
}
}
// ocsp-nocheck
type = ObjectIdentifiers.id_extension_pkix_ocsp_nocheck;
if (wantedExtensionTypes.contains(type)) {
types.add(type);
}
wantedExtensionTypes.removeAll(types);
for (ASN1ObjectIdentifier oid : wantedExtensionTypes) {
if (requestedExtensions != null && requestedExtensions.getExtension(oid) != null) {
if (constantExtensions.containsKey(oid)) {
types.add(oid);
}
}
}
return types;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
ExtensionExistence(org.xipki.security.ExtensionExistence)
ExtKeyUsageControl(org.xipki.ca.api.profile.x509.ExtKeyUsageControl)
ExtensionControl(org.xipki.ca.api.profile.ExtensionControl)
KeyUsageControl(org.xipki.ca.api.profile.x509.KeyUsageControl)
ExtKeyUsageControl(org.xipki.ca.api.profile.x509.ExtKeyUsageControl)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
HashSet(java.util.HashSet)
Example 92 with Extension
use of org.gluu.oxtrust.model.scim2.Extension in project xipki by xipki.
the class ExtensionsChecker method checkExtensionQcStatements.
// method checkExtensionPrivateKeyUsagePeriod
private void checkExtensionQcStatements(StringBuilder failureMsg, byte[] extensionValue, Extensions requestedExtensions, ExtensionControl extControl) {
QcStatements conf = qcStatements;
if (conf == null) {
byte[] expected = getExpectedExtValue(Extension.qCStatements, requestedExtensions, extControl);
if (!Arrays.equals(expected, extensionValue)) {
addViolation(failureMsg, "extension values", extensionValue, (expected == null) ? "not present" : hex(expected));
}
return;
}
final int expSize = conf.getQcStatement().size();
ASN1Sequence extValue = ASN1Sequence.getInstance(extensionValue);
final int isSize = extValue.size();
if (isSize != expSize) {
addViolation(failureMsg, "number of statements", isSize, expSize);
return;
}
// extract the euLimit and pdsLocations data from request
Map<String, int[]> reqQcEuLimits = new HashMap<>();
Extension reqExtension = (requestedExtensions == null) ? null : requestedExtensions.getExtension(Extension.qCStatements);
if (reqExtension != null) {
ASN1Sequence seq = ASN1Sequence.getInstance(reqExtension.getParsedValue());
final int n = seq.size();
for (int j = 0; j < n; j++) {
QCStatement stmt = QCStatement.getInstance(seq.getObjectAt(j));
if (ObjectIdentifiers.id_etsi_qcs_QcLimitValue.equals(stmt.getStatementId())) {
MonetaryValue monetaryValue = MonetaryValue.getInstance(stmt.getStatementInfo());
int amount = monetaryValue.getAmount().intValue();
int exponent = monetaryValue.getExponent().intValue();
Iso4217CurrencyCode currency = monetaryValue.getCurrency();
String currencyS = currency.isAlphabetic() ? currency.getAlphabetic().toUpperCase() : Integer.toString(currency.getNumeric());
reqQcEuLimits.put(currencyS, new int[] { amount, exponent });
}
}
}
for (int i = 0; i < expSize; i++) {
QCStatement is = QCStatement.getInstance(extValue.getObjectAt(i));
QcStatementType exp = conf.getQcStatement().get(i);
if (!is.getStatementId().getId().equals(exp.getStatementId().getValue())) {
addViolation(failureMsg, "statmentId[" + i + "]", is.getStatementId().getId(), exp.getStatementId().getValue());
continue;
}
if (exp.getStatementValue() == null) {
if (is.getStatementInfo() != null) {
addViolation(failureMsg, "statmentInfo[" + i + "]", "present", "absent");
}
continue;
}
if (is.getStatementInfo() == null) {
addViolation(failureMsg, "statmentInfo[" + i + "]", "absent", "present");
continue;
}
QcStatementValueType expStatementValue = exp.getStatementValue();
try {
if (expStatementValue.getConstant() != null) {
byte[] expValue = expStatementValue.getConstant().getValue();
byte[] isValue = is.getStatementInfo().toASN1Primitive().getEncoded();
if (!Arrays.equals(isValue, expValue)) {
addViolation(failureMsg, "statementInfo[" + i + "]", hex(isValue), hex(expValue));
}
} else if (expStatementValue.getQcRetentionPeriod() != null) {
String isValue = ASN1Integer.getInstance(is.getStatementInfo()).toString();
String expValue = expStatementValue.getQcRetentionPeriod().toString();
if (!isValue.equals(expValue)) {
addViolation(failureMsg, "statementInfo[" + i + "]", isValue, expValue);
}
} else if (expStatementValue.getPdsLocations() != null) {
Set<String> pdsLocations = new HashSet<>();
ASN1Sequence pdsLocsSeq = ASN1Sequence.getInstance(is.getStatementInfo());
int size = pdsLocsSeq.size();
for (int k = 0; k < size; k++) {
ASN1Sequence pdsLocSeq = ASN1Sequence.getInstance(pdsLocsSeq.getObjectAt(k));
int size2 = pdsLocSeq.size();
if (size2 != 2) {
throw new IllegalArgumentException("sequence size is " + size2 + " but expected 2");
}
String url = DERIA5String.getInstance(pdsLocSeq.getObjectAt(0)).getString();
String lang = DERPrintableString.getInstance(pdsLocSeq.getObjectAt(1)).getString();
pdsLocations.add("url=" + url + ",lang=" + lang);
}
PdsLocationsType pdsLocationsConf = expStatementValue.getPdsLocations();
Set<String> expectedPdsLocations = new HashSet<>();
for (PdsLocationType m : pdsLocationsConf.getPdsLocation()) {
expectedPdsLocations.add("url=" + m.getUrl() + ",lang=" + m.getLanguage());
}
Set<String> diffs = strInBnotInA(expectedPdsLocations, pdsLocations);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append("statementInfo[").append(i).append("]: ").append(diffs).append(" are present but not expected; ");
}
diffs = strInBnotInA(pdsLocations, expectedPdsLocations);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append("statementInfo[").append(i).append("]: ").append(diffs).append(" are absent but are required; ");
}
} else if (expStatementValue.getQcEuLimitValue() != null) {
QcEuLimitValueType euLimitConf = expStatementValue.getQcEuLimitValue();
String expCurrency = euLimitConf.getCurrency().toUpperCase();
int[] expAmountExp = reqQcEuLimits.get(expCurrency);
Range2Type range = euLimitConf.getAmount();
int value;
if (range.getMin() == range.getMax()) {
value = range.getMin();
} else if (expAmountExp != null) {
value = expAmountExp[0];
} else {
failureMsg.append("found no QcEuLimit for currency '").append(expCurrency).append("'; ");
return;
}
// CHECKSTYLE:SKIP
String expAmount = Integer.toString(value);
range = euLimitConf.getExponent();
if (range.getMin() == range.getMax()) {
value = range.getMin();
} else if (expAmountExp != null) {
value = expAmountExp[1];
} else {
failureMsg.append("found no QcEuLimit for currency '").append(expCurrency).append("'; ");
return;
}
String expExponent = Integer.toString(value);
MonetaryValue monterayValue = MonetaryValue.getInstance(is.getStatementInfo());
Iso4217CurrencyCode currency = monterayValue.getCurrency();
String isCurrency = currency.isAlphabetic() ? currency.getAlphabetic() : Integer.toString(currency.getNumeric());
String isAmount = monterayValue.getAmount().toString();
String isExponent = monterayValue.getExponent().toString();
if (!isCurrency.equals(expCurrency)) {
addViolation(failureMsg, "statementInfo[" + i + "].qcEuLimit.currency", isCurrency, expCurrency);
}
if (!isAmount.equals(expAmount)) {
addViolation(failureMsg, "statementInfo[" + i + "].qcEuLimit.amount", isAmount, expAmount);
}
if (!isExponent.equals(expExponent)) {
addViolation(failureMsg, "statementInfo[" + i + "].qcEuLimit.exponent", isExponent, expExponent);
}
} else {
throw new RuntimeException("statementInfo[" + i + "]should not reach here");
}
} catch (IOException ex) {
failureMsg.append("statementInfo[").append(i).append("] has incorrect syntax; ");
}
}
}
Also used :
QCStatement(org.bouncycastle.asn1.x509.qualified.QCStatement)
HashMap(java.util.HashMap)
QcStatementValueType(org.xipki.ca.certprofile.x509.jaxb.QcStatementValueType)
MonetaryValue(org.bouncycastle.asn1.x509.qualified.MonetaryValue)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
ASN1String(org.bouncycastle.asn1.ASN1String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERT61String(org.bouncycastle.asn1.DERT61String)
IOException(java.io.IOException)
Iso4217CurrencyCode(org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
PdsLocationType(org.xipki.ca.certprofile.x509.jaxb.PdsLocationType)
QcStatements(org.xipki.ca.certprofile.x509.jaxb.QcStatements)
Extension(org.bouncycastle.asn1.x509.Extension)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Range2Type(org.xipki.ca.certprofile.x509.jaxb.Range2Type)
QcStatementType(org.xipki.ca.certprofile.x509.jaxb.QcStatementType)
PdsLocationsType(org.xipki.ca.certprofile.x509.jaxb.PdsLocationsType)
HashSet(java.util.HashSet)
QcEuLimitValueType(org.xipki.ca.certprofile.x509.jaxb.QcEuLimitValueType)
Example 93 with Extension
use of org.gluu.oxtrust.model.scim2.Extension in project photon-model by vmware.
the class CertificateUtil method getServerExtensions.
private static List<ExtensionHolder> getServerExtensions(X509Certificate issuerCertificate) throws CertificateEncodingException, NoSuchAlgorithmException, IOException {
List<ExtensionHolder> extensions = new ArrayList<>();
// SSO forces us to allow data encipherment
extensions.add(new ExtensionHolder(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment)));
extensions.add(new ExtensionHolder(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_serverAuth)));
Extension authorityKeyExtension = new Extension(Extension.authorityKeyIdentifier, false, new DEROctetString(new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(issuerCertificate)));
extensions.add(new ExtensionHolder(authorityKeyExtension.getExtnId(), authorityKeyExtension.isCritical(), authorityKeyExtension.getParsedValue()));
return extensions;
}
Also used :
Extension(org.bouncycastle.asn1.x509.Extension)
JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils)
ArrayList(java.util.ArrayList)
KeyUsage(org.bouncycastle.asn1.x509.KeyUsage)
ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage)
ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Example 94 with Extension
use of org.gluu.oxtrust.model.scim2.Extension in project candlepin by candlepin.
the class X509CRLStreamWriter method writeToEmptyCrl.
protected void writeToEmptyCrl(OutputStream out) throws IOException {
ASN1InputStream asn1in = null;
try {
asn1in = new ASN1InputStream(crlIn);
ASN1Sequence certListSeq = (ASN1Sequence) asn1in.readObject();
CertificateList certList = CertificateList.getInstance(certListSeq);
X509CRLHolder oldCrl = new X509CRLHolder(certList);
X509v2CRLBuilder crlBuilder = new X509v2CRLBuilder(oldCrl.getIssuer(), new Date());
crlBuilder.addCRL(oldCrl);
Date now = new Date();
Date oldNextUpdate = certList.getNextUpdate().getDate();
Date oldThisUpdate = certList.getThisUpdate().getDate();
Date nextUpdate = new Date(now.getTime() + (oldNextUpdate.getTime() - oldThisUpdate.getTime()));
crlBuilder.setNextUpdate(nextUpdate);
for (Object o : oldCrl.getExtensionOIDs()) {
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) o;
Extension ext = oldCrl.getExtension(oid);
if (oid.equals(Extension.cRLNumber)) {
ASN1OctetString octet = ext.getExtnValue();
ASN1Integer currentNumber = (ASN1Integer) new ASN1InputStream(octet.getOctets()).readObject();
ASN1Integer nextNumber = new ASN1Integer(currentNumber.getValue().add(BigInteger.ONE));
crlBuilder.addExtension(oid, ext.isCritical(), nextNumber);
} else if (oid.equals(Extension.authorityKeyIdentifier)) {
crlBuilder.addExtension(oid, ext.isCritical(), ext.getParsedValue());
}
}
for (DERSequence entry : newEntries) {
// XXX: This is all a bit messy considering the user already passed in the serial, date
// and reason.
BigInteger serial = ((ASN1Integer) entry.getObjectAt(0)).getValue();
Date revokeDate = ((Time) entry.getObjectAt(1)).getDate();
int reason = CRLReason.unspecified;
if (entry.size() == 3) {
Extensions extensions = (Extensions) entry.getObjectAt(2);
Extension reasonExt = extensions.getExtension(Extension.reasonCode);
if (reasonExt != null) {
reason = ((ASN1Enumerated) reasonExt.getParsedValue()).getValue().intValue();
}
}
crlBuilder.addCRLEntry(serial, revokeDate, reason);
}
if (signingAlg == null) {
signingAlg = oldCrl.toASN1Structure().getSignatureAlgorithm();
}
ContentSigner s;
try {
s = createContentSigner(signingAlg, key);
X509CRLHolder newCrl = crlBuilder.build(s);
out.write(newCrl.getEncoded());
} catch (OperatorCreationException e) {
throw new IOException("Could not sign CRL", e);
}
} finally {
IOUtils.closeQuietly(asn1in);
}
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
CertificateList(org.bouncycastle.asn1.x509.CertificateList)
ContentSigner(org.bouncycastle.operator.ContentSigner)
DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
DERUTCTime(org.bouncycastle.asn1.DERUTCTime)
Time(org.bouncycastle.asn1.x509.Time)
ASN1UTCTime(org.bouncycastle.asn1.ASN1UTCTime)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
IOException(java.io.IOException)
Extensions(org.bouncycastle.asn1.x509.Extensions)
Date(java.util.Date)
Extension(org.bouncycastle.asn1.x509.Extension)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1Enumerated(org.bouncycastle.asn1.ASN1Enumerated)
X509CRLHolder(org.bouncycastle.cert.X509CRLHolder)
BigInteger(java.math.BigInteger)
X509v2CRLBuilder(org.bouncycastle.cert.X509v2CRLBuilder)
ASN1Object(org.bouncycastle.asn1.ASN1Object)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
OperatorCreationException(org.bouncycastle.operator.OperatorCreationException)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 95 with Extension
use of org.gluu.oxtrust.model.scim2.Extension in project candlepin by candlepin.
the class X509CRLStreamWriter method updateExtensions.
/**
* This method updates the crlNumber and authorityKeyIdentifier extensions. Any
* other extensions are copied over unchanged.
* @param obj
* @return
* @throws IOException
*/
@SuppressWarnings("rawtypes")
protected byte[] updateExtensions(byte[] obj) throws IOException {
ASN1TaggedObject taggedExts = (ASN1TaggedObject) new ASN1InputStream(obj).readObject();
ASN1Sequence seq = (ASN1Sequence) taggedExts.getObject();
ASN1EncodableVector modifiedExts = new ASN1EncodableVector();
// Now we need to read the extensions and find the CRL number and increment it,
// and determine if its length changed.
Enumeration objs = seq.getObjects();
while (objs.hasMoreElements()) {
ASN1Sequence ext = (ASN1Sequence) objs.nextElement();
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) ext.getObjectAt(0);
if (Extension.cRLNumber.equals(oid)) {
ASN1OctetString s = (ASN1OctetString) ext.getObjectAt(1);
ASN1Integer i = (ASN1Integer) new ASN1InputStream(s.getOctets()).readObject();
ASN1Integer newCrlNumber = new ASN1Integer(i.getValue().add(BigInteger.ONE));
Extension newNumberExt = new Extension(Extension.cRLNumber, false, new DEROctetString(newCrlNumber.getEncoded()));
ASN1EncodableVector crlNumber = new ASN1EncodableVector();
crlNumber.add(Extension.cRLNumber);
crlNumber.add(newNumberExt.getExtnValue());
modifiedExts.add(new DERSequence(crlNumber));
} else if (Extension.authorityKeyIdentifier.equals(oid)) {
Extension newAuthorityKeyExt = new Extension(Extension.authorityKeyIdentifier, false, aki.getEncoded());
ASN1EncodableVector aki = new ASN1EncodableVector();
aki.add(Extension.authorityKeyIdentifier);
aki.add(newAuthorityKeyExt.getExtnValue());
modifiedExts.add(new DERSequence(aki));
} else {
modifiedExts.add(ext);
}
}
ASN1Sequence seqOut = new DERSequence(modifiedExts);
ASN1TaggedObject out = new DERTaggedObject(true, 0, seqOut);
return out.getEncoded();
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
Extension(org.bouncycastle.asn1.x509.Extension)
ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Enumeration(java.util.Enumeration)
DERSequence(org.bouncycastle.asn1.DERSequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Aggregations
Extension (org.bouncycastle.asn1.x509.Extension)83
Extensions (org.bouncycastle.asn1.x509.Extensions)42
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)35
IOException (java.io.IOException)30
DEROctetString (org.bouncycastle.asn1.DEROctetString)30
Enumeration (java.util.Enumeration)22
Date (java.util.Date)21
HashSet (java.util.HashSet)21
X500Name (org.bouncycastle.asn1.x500.X500Name)19
BigInteger (java.math.BigInteger)18
ArrayList (java.util.ArrayList)15
X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)14
Extension (org.gluu.oxtrust.model.scim2.extensions.Extension)14
X509Certificate (java.security.cert.X509Certificate)13
Set (java.util.Set)13
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)13
LinkedList (java.util.LinkedList)12
DERIA5String (org.bouncycastle.asn1.DERIA5String)12
DERSequence (org.bouncycastle.asn1.DERSequence)11
CertificateEncodingException (java.security.cert.CertificateEncodingException)10
