Examples with Extension org.mozilla.jss.netscape.security.x509.Extension used on opensource projects

Search in sources :

Example 96 with Extension

use of org.mozilla.jss.netscape.security.x509.Extension in project robovm by robovm.

the class X509CertificateObject method hasUnsupportedCriticalExtension.

public boolean hasUnsupportedCriticalExtension() {
    if (this.getVersion() == 3) {
        Extensions extensions = c.getTBSCertificate().getExtensions();
        if (extensions != null) {
            Enumeration e = extensions.oids();
            while (e.hasMoreElements()) {
                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
                String oidId = oid.getId();
                if (oidId.equals(RFC3280CertPathUtilities.KEY_USAGE) || oidId.equals(RFC3280CertPathUtilities.CERTIFICATE_POLICIES) || oidId.equals(RFC3280CertPathUtilities.POLICY_MAPPINGS) || oidId.equals(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY) || oidId.equals(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS) || oidId.equals(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT) || oidId.equals(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR) || oidId.equals(RFC3280CertPathUtilities.POLICY_CONSTRAINTS) || oidId.equals(RFC3280CertPathUtilities.BASIC_CONSTRAINTS) || oidId.equals(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME) || oidId.equals(RFC3280CertPathUtilities.NAME_CONSTRAINTS)) {
                    continue;
                }
                Extension ext = extensions.getExtension(oid);
                if (ext.isCritical()) {
                    return true;
                }
            }
        }
    }
    return false;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) VerisignCzagExtension(org.bouncycastle.asn1.misc.VerisignCzagExtension) Enumeration(java.util.Enumeration) DERBitString(org.bouncycastle.asn1.DERBitString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1String(org.bouncycastle.asn1.ASN1String) Extensions(org.bouncycastle.asn1.x509.Extensions) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 97 with Extension

use of org.mozilla.jss.netscape.security.x509.Extension in project robovm by robovm.

the class X509CertificateObject method getCriticalExtensionOIDs.

public Set getCriticalExtensionOIDs() {
    if (this.getVersion() == 3) {
        Set set = new HashSet();
        Extensions extensions = c.getTBSCertificate().getExtensions();
        if (extensions != null) {
            Enumeration e = extensions.oids();
            while (e.hasMoreElements()) {
                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
                Extension ext = extensions.getExtension(oid);
                if (ext.isCritical()) {
                    set.add(oid.getId());
                }
            }
            return set;
        }
    }
    return null;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) VerisignCzagExtension(org.bouncycastle.asn1.misc.VerisignCzagExtension) Set(java.util.Set) HashSet(java.util.HashSet) Enumeration(java.util.Enumeration) Extensions(org.bouncycastle.asn1.x509.Extensions) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) HashSet(java.util.HashSet)

Example 98 with Extension

use of org.mozilla.jss.netscape.security.x509.Extension in project robovm by robovm.

the class X509CertificateObject method getNonCriticalExtensionOIDs.

public Set getNonCriticalExtensionOIDs() {
    if (this.getVersion() == 3) {
        Set set = new HashSet();
        Extensions extensions = c.getTBSCertificate().getExtensions();
        if (extensions != null) {
            Enumeration e = extensions.oids();
            while (e.hasMoreElements()) {
                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
                Extension ext = extensions.getExtension(oid);
                if (!ext.isCritical()) {
                    set.add(oid.getId());
                }
            }
            return set;
        }
    }
    return null;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) VerisignCzagExtension(org.bouncycastle.asn1.misc.VerisignCzagExtension) Set(java.util.Set) HashSet(java.util.HashSet) Enumeration(java.util.Enumeration) Extensions(org.bouncycastle.asn1.x509.Extensions) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) HashSet(java.util.HashSet)

Example 99 with Extension

use of org.mozilla.jss.netscape.security.x509.Extension in project robovm by robovm.

the class X509CRLObject method toString.

/**
     * Returns a string representation of this CRL.
     *
     * @return a string representation of this CRL.
     */
public String toString() {
    StringBuffer buf = new StringBuffer();
    String nl = System.getProperty("line.separator");
    buf.append("              Version: ").append(this.getVersion()).append(nl);
    buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
    buf.append("          This update: ").append(this.getThisUpdate()).append(nl);
    buf.append("          Next update: ").append(this.getNextUpdate()).append(nl);
    buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
    byte[] sig = this.getSignature();
    buf.append("            Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
    for (int i = 20; i < sig.length; i += 20) {
        if (i < sig.length - 20) {
            buf.append("                       ").append(new String(Hex.encode(sig, i, 20))).append(nl);
        } else {
            buf.append("                       ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
        }
    }
    Extensions extensions = c.getTBSCertList().getExtensions();
    if (extensions != null) {
        Enumeration e = extensions.oids();
        if (e.hasMoreElements()) {
            buf.append("           Extensions: ").append(nl);
        }
        while (e.hasMoreElements()) {
            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
            Extension ext = extensions.getExtension(oid);
            if (ext.getExtnValue() != null) {
                byte[] octs = ext.getExtnValue().getOctets();
                ASN1InputStream dIn = new ASN1InputStream(octs);
                buf.append("                       critical(").append(ext.isCritical()).append(") ");
                try {
                    if (oid.equals(Extension.cRLNumber)) {
                        buf.append(new CRLNumber(ASN1Integer.getInstance(dIn.readObject()).getPositiveValue())).append(nl);
                    } else if (oid.equals(Extension.deltaCRLIndicator)) {
                        buf.append("Base CRL: " + new CRLNumber(ASN1Integer.getInstance(dIn.readObject()).getPositiveValue())).append(nl);
                    } else if (oid.equals(Extension.issuingDistributionPoint)) {
                        buf.append(IssuingDistributionPoint.getInstance(dIn.readObject())).append(nl);
                    } else if (oid.equals(Extension.cRLDistributionPoints)) {
                        buf.append(CRLDistPoint.getInstance(dIn.readObject())).append(nl);
                    } else if (oid.equals(Extension.freshestCRL)) {
                        buf.append(CRLDistPoint.getInstance(dIn.readObject())).append(nl);
                    } else {
                        buf.append(oid.getId());
                        buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
                    }
                } catch (Exception ex) {
                    buf.append(oid.getId());
                    buf.append(" value = ").append("*****").append(nl);
                }
            } else {
                buf.append(nl);
            }
        }
    }
    Set set = getRevokedCertificates();
    if (set != null) {
        Iterator it = set.iterator();
        while (it.hasNext()) {
            buf.append(it.next());
            buf.append(nl);
        }
    }
    return buf.toString();
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) Enumeration(java.util.Enumeration) HashSet(java.util.HashSet) Set(java.util.Set) CRLNumber(org.bouncycastle.asn1.x509.CRLNumber) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) Extensions(org.bouncycastle.asn1.x509.Extensions) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) SignatureException(java.security.SignatureException) IOException(java.io.IOException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CRLException(java.security.cert.CRLException) NoSuchProviderException(java.security.NoSuchProviderException) CertificateEncodingException(java.security.cert.CertificateEncodingException) Extension(org.bouncycastle.asn1.x509.Extension) Iterator(java.util.Iterator) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 100 with Extension

use of org.mozilla.jss.netscape.security.x509.Extension in project robovm by robovm.

the class X509CRLObject method loadCRLEntries.

private Set loadCRLEntries() {
    Set entrySet = new HashSet();
    Enumeration certs = c.getRevokedCertificateEnumeration();
    // the issuer
    X500Name previousCertificateIssuer = null;
    while (certs.hasMoreElements()) {
        TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry) certs.nextElement();
        X509CRLEntryObject crlEntry = new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
        entrySet.add(crlEntry);
        if (isIndirect && entry.hasExtensions()) {
            Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
            if (currentCaName != null) {
                previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
            }
        }
    }
    return entrySet;
}
Also used : Extension(org.bouncycastle.asn1.x509.Extension) HashSet(java.util.HashSet) Set(java.util.Set) Enumeration(java.util.Enumeration) TBSCertList(org.bouncycastle.asn1.x509.TBSCertList) X500Name(org.bouncycastle.asn1.x500.X500Name) X509CRLEntry(java.security.cert.X509CRLEntry) HashSet(java.util.HashSet)

Aggregations

Extension (org.bouncycastle.asn1.x509.Extension)131 Extensions (org.bouncycastle.asn1.x509.Extensions)66 IOException (java.io.IOException)61 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)46 Enumeration (java.util.Enumeration)45 DEROctetString (org.bouncycastle.asn1.DEROctetString)44 BigInteger (java.math.BigInteger)37 HashSet (java.util.HashSet)35 Extension (com.github.zhenwei.core.asn1.x509.Extension)27 Date (java.util.Date)27 Set (java.util.Set)27 X509CertificateHolder (org.bouncycastle.cert.X509CertificateHolder)26 X500Name (org.bouncycastle.asn1.x500.X500Name)25 ArrayList (java.util.ArrayList)23 CertificateEncodingException (java.security.cert.CertificateEncodingException)22 CertificateID (org.bouncycastle.cert.ocsp.CertificateID)22 X509Certificate (java.security.cert.X509Certificate)21 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)18 CertificateException (java.security.cert.CertificateException)18 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)17
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial