Example 31 with ASN1Sequence
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project robovm by robovm.
the class PKIXNameConstraintValidator method unionDN.
private Set unionDN(Set excluded, ASN1Sequence dn) {
if (excluded.isEmpty()) {
if (dn == null) {
return excluded;
}
excluded.add(dn);
return excluded;
} else {
Set intersect = new HashSet();
Iterator it = excluded.iterator();
while (it.hasNext()) {
ASN1Sequence subtree = (ASN1Sequence) it.next();
if (withinDNSubtree(dn, subtree)) {
intersect.add(subtree);
} else if (withinDNSubtree(subtree, dn)) {
intersect.add(dn);
} else {
intersect.add(subtree);
intersect.add(dn);
}
}
return intersect;
}
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
Iterator(java.util.Iterator)
HashSet(java.util.HashSet)
Example 32 with ASN1Sequence
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project cas by apereo.
the class CRLDistributionPointRevocationChecker method getDistributionPoints.
/**
* Gets the distribution points.
*
* @param cert the cert
* @return the url distribution points
*/
private static URI[] getDistributionPoints(final X509Certificate cert) {
final List<DistributionPoint> points;
try {
points = new ExtensionReader(cert).readCRLDistributionPoints();
} catch (final Exception e) {
LOGGER.error("Error reading CRLDistributionPoints extension field on [{}]", CertUtils.toString(cert), e);
return new URI[0];
}
final List<URI> urls = new ArrayList<>();
if (points != null) {
points.stream().map(DistributionPoint::getDistributionPoint).filter(Objects::nonNull).forEach(pointName -> {
final ASN1Sequence nameSequence = ASN1Sequence.getInstance(pointName.getName());
IntStream.range(0, nameSequence.size()).mapToObj(i -> GeneralName.getInstance(nameSequence.getObjectAt(i))).forEach(name -> {
LOGGER.debug("Found CRL distribution point [{}].", name);
try {
addURL(urls, DERIA5String.getInstance(name.getName()).getString());
} catch (final Exception e) {
LOGGER.warn("[{}] not supported. String or GeneralNameList expected.", pointName);
}
});
});
}
return urls.toArray(new URI[urls.size()]);
}
Also used :
X509Certificate(java.security.cert.X509Certificate)
IntStream(java.util.stream.IntStream)
RevocationPolicy(org.apereo.cas.adaptors.x509.authentication.revocation.policy.RevocationPolicy)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
URLDecoder(java.net.URLDecoder)
SneakyThrows(lombok.SneakyThrows)
URL(java.net.URL)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
X509CRL(java.security.cert.X509CRL)
ByteArrayResource(org.springframework.core.io.ByteArrayResource)
ArrayList(java.util.ArrayList)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
URI(java.net.URI)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
CRLFetcher(org.apereo.cas.adaptors.x509.authentication.CRLFetcher)
MalformedURLException(java.net.MalformedURLException)
Element(net.sf.ehcache.Element)
StandardCharsets(java.nio.charset.StandardCharsets)
CertUtils(org.apereo.cas.util.crypto.CertUtils)
ExtensionReader(org.cryptacular.x509.ExtensionReader)
Objects(java.util.Objects)
Slf4j(lombok.extern.slf4j.Slf4j)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
List(java.util.List)
ResourceCRLFetcher(org.apereo.cas.adaptors.x509.authentication.ResourceCRLFetcher)
Cache(net.sf.ehcache.Cache)
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ArrayList(java.util.ArrayList)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
URI(java.net.URI)
MalformedURLException(java.net.MalformedURLException)
ExtensionReader(org.cryptacular.x509.ExtensionReader)
Example 33 with ASN1Sequence
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project android_packages_apps_Settings by LineageOS.
the class CertInstallerHelper method isCa.
private boolean isCa(X509Certificate cert) {
try {
byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
if (asn1EncodedBytes == null) {
return false;
}
DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
byte[] octets = derOctetString.getOctets();
ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
return BasicConstraints.getInstance(sequence).isCA();
} catch (IOException e) {
return false;
}
}
Also used :
ASN1InputStream(com.android.org.bouncycastle.asn1.ASN1InputStream)
ASN1Sequence(com.android.org.bouncycastle.asn1.ASN1Sequence)
IOException(java.io.IOException)
DEROctetString(com.android.org.bouncycastle.asn1.DEROctetString)
Example 34 with ASN1Sequence
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project pdfbox by apache.
the class CertInformationHelper method getAuthorityInfoExtensionValue.
/**
* Extracts authority information access extension values from the given data. The Data
* structure has to be implemented as described in RFC 2459, 4.2.2.1.
*
* @param extensionValue byte[] of the extension value.
* @param certInfo where to put the found values
* @throws IOException when there is a problem with the extensionValue
*/
protected static void getAuthorityInfoExtensionValue(byte[] extensionValue, CertSignatureInformation certInfo) throws IOException {
ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);
Enumeration<?> objects = asn1Seq.getObjects();
while (objects.hasMoreElements()) {
// AccessDescription
ASN1Sequence obj = (ASN1Sequence) objects.nextElement();
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) obj.getObjectAt(0);
// accessLocation
DERTaggedObject location = (DERTaggedObject) obj.getObjectAt(1);
if (oid.equals(X509ObjectIdentifiers.id_ad_ocsp) && location.getTagNo() == GeneralName.uniformResourceIdentifier) {
DEROctetString url = (DEROctetString) location.getObject();
certInfo.setOcspUrl(new String(url.getOctets()));
} else if (oid.equals(X509ObjectIdentifiers.id_ad_caIssuers)) {
DEROctetString uri = (DEROctetString) location.getObject();
certInfo.setIssuerUrl(new String(uri.getOctets()));
}
}
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
Example 35 with ASN1Sequence
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project keystore-explorer by kaikramer.
the class X509Ext method getMsCertificateTemplateStringValue.
private String getMsCertificateTemplateStringValue(byte[] octets) {
// @formatter:off
/*
CertificateTemplate ::= SEQUENCE
{
templateID EncodedObjectID,
templateMajorVersion TemplateVersion,
templateMinorVersion TemplateVersion OPTIONAL
}
TemplateVersion ::= INTEGER (0..4294967295)
*/
// @formatter:on
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(octets);
ASN1ObjectIdentifier templateID = (ASN1ObjectIdentifier) asn1Sequence.getObjectAt(0);
ASN1Integer majorVersion = (ASN1Integer) asn1Sequence.getObjectAt(1);
ASN1Integer minorVersion = (ASN1Integer) asn1Sequence.getObjectAt(2);
StringBuilder sb = new StringBuilder();
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.ID"), templateID.getId()));
sb.append(NEWLINE);
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.MajorVersion"), majorVersion));
sb.append(NEWLINE);
if (minorVersion != null) {
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.MinorVersion"), minorVersion));
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)198
IOException (java.io.IOException)68
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)56
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)49
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)39
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)37
ArrayList (java.util.ArrayList)36
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)34
DEROctetString (org.bouncycastle.asn1.DEROctetString)34
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)32
X509Certificate (java.security.cert.X509Certificate)31
ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)30
DERSequence (org.bouncycastle.asn1.DERSequence)30
Enumeration (java.util.Enumeration)29
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)29
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)28
DERIA5String (org.bouncycastle.asn1.DERIA5String)28
List (java.util.List)27
BigInteger (java.math.BigInteger)26
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)26
