use of org.openecard.bouncycastle.asn1.ASN1Sequence in project robovm by robovm.
the class PKIXNameConstraintValidator method unionDN.
private Set unionDN(Set excluded, ASN1Sequence dn) {
if (excluded.isEmpty()) {
if (dn == null) {
return excluded;
}
excluded.add(dn);
return excluded;
} else {
Set intersect = new HashSet();
Iterator it = excluded.iterator();
while (it.hasNext()) {
ASN1Sequence subtree = (ASN1Sequence) it.next();
if (withinDNSubtree(dn, subtree)) {
intersect.add(subtree);
} else if (withinDNSubtree(subtree, dn)) {
intersect.add(dn);
} else {
intersect.add(subtree);
intersect.add(dn);
}
}
return intersect;
}
}
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project cas by apereo.
the class CRLDistributionPointRevocationChecker method getDistributionPoints.
/**
* Gets the distribution points.
*
* @param cert the cert
* @return the url distribution points
*/
private static URI[] getDistributionPoints(final X509Certificate cert) {
final List<DistributionPoint> points;
try {
points = new ExtensionReader(cert).readCRLDistributionPoints();
} catch (final Exception e) {
LOGGER.error("Error reading CRLDistributionPoints extension field on [{}]", CertUtils.toString(cert), e);
return new URI[0];
}
final List<URI> urls = new ArrayList<>();
if (points != null) {
points.stream().map(DistributionPoint::getDistributionPoint).filter(Objects::nonNull).forEach(pointName -> {
final ASN1Sequence nameSequence = ASN1Sequence.getInstance(pointName.getName());
IntStream.range(0, nameSequence.size()).mapToObj(i -> GeneralName.getInstance(nameSequence.getObjectAt(i))).forEach(name -> {
LOGGER.debug("Found CRL distribution point [{}].", name);
try {
addURL(urls, DERIA5String.getInstance(name.getName()).getString());
} catch (final Exception e) {
LOGGER.warn("[{}] not supported. String or GeneralNameList expected.", pointName);
}
});
});
}
return urls.toArray(new URI[urls.size()]);
}
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project android_packages_apps_Settings by LineageOS.
the class CertInstallerHelper method isCa.
private boolean isCa(X509Certificate cert) {
try {
byte[] asn1EncodedBytes = cert.getExtensionValue("2.5.29.19");
if (asn1EncodedBytes == null) {
return false;
}
DEROctetString derOctetString = (DEROctetString) new ASN1InputStream(asn1EncodedBytes).readObject();
byte[] octets = derOctetString.getOctets();
ASN1Sequence sequence = (ASN1Sequence) new ASN1InputStream(octets).readObject();
return BasicConstraints.getInstance(sequence).isCA();
} catch (IOException e) {
return false;
}
}
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project pdfbox by apache.
the class CertInformationHelper method getAuthorityInfoExtensionValue.
/**
* Extracts authority information access extension values from the given data. The Data
* structure has to be implemented as described in RFC 2459, 4.2.2.1.
*
* @param extensionValue byte[] of the extension value.
* @param certInfo where to put the found values
* @throws IOException when there is a problem with the extensionValue
*/
protected static void getAuthorityInfoExtensionValue(byte[] extensionValue, CertSignatureInformation certInfo) throws IOException {
ASN1Sequence asn1Seq = (ASN1Sequence) X509ExtensionUtil.fromExtensionValue(extensionValue);
Enumeration<?> objects = asn1Seq.getObjects();
while (objects.hasMoreElements()) {
// AccessDescription
ASN1Sequence obj = (ASN1Sequence) objects.nextElement();
ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) obj.getObjectAt(0);
// accessLocation
DERTaggedObject location = (DERTaggedObject) obj.getObjectAt(1);
if (oid.equals(X509ObjectIdentifiers.id_ad_ocsp) && location.getTagNo() == GeneralName.uniformResourceIdentifier) {
DEROctetString url = (DEROctetString) location.getObject();
certInfo.setOcspUrl(new String(url.getOctets()));
} else if (oid.equals(X509ObjectIdentifiers.id_ad_caIssuers)) {
DEROctetString uri = (DEROctetString) location.getObject();
certInfo.setIssuerUrl(new String(uri.getOctets()));
}
}
}
use of org.openecard.bouncycastle.asn1.ASN1Sequence in project keystore-explorer by kaikramer.
the class X509Ext method getMsCertificateTemplateStringValue.
private String getMsCertificateTemplateStringValue(byte[] octets) {
// @formatter:off
/*
CertificateTemplate ::= SEQUENCE
{
templateID EncodedObjectID,
templateMajorVersion TemplateVersion,
templateMinorVersion TemplateVersion OPTIONAL
}
TemplateVersion ::= INTEGER (0..4294967295)
*/
// @formatter:on
ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(octets);
ASN1ObjectIdentifier templateID = (ASN1ObjectIdentifier) asn1Sequence.getObjectAt(0);
ASN1Integer majorVersion = (ASN1Integer) asn1Sequence.getObjectAt(1);
ASN1Integer minorVersion = (ASN1Integer) asn1Sequence.getObjectAt(2);
StringBuilder sb = new StringBuilder();
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.ID"), templateID.getId()));
sb.append(NEWLINE);
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.MajorVersion"), majorVersion));
sb.append(NEWLINE);
if (minorVersion != null) {
sb.append(MessageFormat.format(res.getString("MSCertificateTemplate.MinorVersion"), minorVersion));
sb.append(NEWLINE);
}
return sb.toString();
}
Aggregations