Examples with ASN1String org.openecard.bouncycastle.asn1.ASN1String used on opensource projects

Example 11 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project cas by apereo.

the class X509SubjectAlternativeNameUPNPrincipalResolver method getUPNStringFromSequence.

/**
 * Get UPN String.
 *
 * @param seq ASN1Sequence abstraction representing subject alternative name.
 *            First element is the object identifier, second is the object itself.
 * @return UPN string or null
 */
private static String getUPNStringFromSequence(final ASN1Sequence seq) {
    if (seq != null) {
        // First in sequence is the object identifier, that we must check
        final ASN1ObjectIdentifier id = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
        if (id != null && UPN_OBJECTID.equals(id.getId())) {
            final ASN1TaggedObject obj = (ASN1TaggedObject) seq.getObjectAt(1);
            ASN1Primitive prim = obj.getObject();
            // Due to bug in java cert.getSubjectAltName, it can be tagged an extra time
            if (prim instanceof ASN1TaggedObject) {
                prim = ASN1TaggedObject.getInstance(prim).getObject();
            }
            if (prim instanceof ASN1OctetString) {
                return new String(((ASN1OctetString) prim).getOctets(), StandardCharsets.UTF_8);
            }
            if (prim instanceof ASN1String) {
                return ((ASN1String) prim).getString();
            }
            return null;
        }
    }
    return null;
}

Example 12 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class CaUtil method getChallengePassword.

public static String getChallengePassword(CertificationRequestInfo csr) {
    ParamUtil.requireNonNull("csr", csr);
    ASN1Set attrs = csr.getAttributes();
    for (int i = 0; i < attrs.size(); i++) {
        Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
        if (PKCSObjectIdentifiers.pkcs_9_at_challengePassword.equals(attr.getAttrType())) {
            ASN1String str = (ASN1String) attr.getAttributeValues()[0];
            return str.getString();
        }
    }
    return null;
}

Example 13 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class BaseOcspStatusAction method extractOcspUrls.

public static List<String> extractOcspUrls(AuthorityInformationAccess aia) throws CertificateEncodingException {
    AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
    List<AccessDescription> ocspAccessDescriptions = new LinkedList<>();
    for (AccessDescription accessDescription : accessDescriptions) {
        if (accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.id_ad_ocsp)) {
            ocspAccessDescriptions.add(accessDescription);
        }
    }
    final int n = ocspAccessDescriptions.size();
    List<String> ocspUris = new ArrayList<>(n);
    for (int i = 0; i < n; i++) {
        GeneralName accessLocation = ocspAccessDescriptions.get(i).getAccessLocation();
        if (accessLocation.getTagNo() == GeneralName.uniformResourceIdentifier) {
            String ocspUri = ((ASN1String) accessLocation.getName()).getString();
            ocspUris.add(ocspUri);
        }
    }
    return ocspUris;
}

Example 14 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method checkExtensionCrlDistributionPoints.

// method checkExtensionIssuerAltNames
private void checkExtensionCrlDistributionPoints(StringBuilder failureMsg, byte[] extensionValue, X509IssuerInfo issuerInfo) {
    CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
    DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
    if (isDistributionPoints == null) {
        addViolation(failureMsg, "size of CRLDistributionPoints", 0, 1);
        return;
    } else {
        int len = isDistributionPoints.length;
        if (len != 1) {
            addViolation(failureMsg, "size of CRLDistributionPoints", len, 1);
            return;
        }
    }
    Set<String> isCrlUrls = new HashSet<>();
    for (DistributionPoint entry : isDistributionPoints) {
        int asn1Type = entry.getDistributionPoint().getType();
        if (asn1Type != DistributionPointName.FULL_NAME) {
            addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints", asn1Type, DistributionPointName.FULL_NAME);
            continue;
        }
        GeneralNames isDistributionPointNames = GeneralNames.getInstance(entry.getDistributionPoint().getName());
        GeneralName[] names = isDistributionPointNames.getNames();
        for (int i = 0; i < names.length; i++) {
            GeneralName name = names[i];
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                addViolation(failureMsg, "tag of CRL URL", name.getTagNo(), GeneralName.uniformResourceIdentifier);
            } else {
                String uri = ((ASN1String) name.getName()).getString();
                isCrlUrls.add(uri);
            }
        }
        Set<String> expCrlUrls = issuerInfo.getCrlUrls();
        Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("CRL URLs ").append(diffs).append(" are present but not expected; ");
        }
        diffs = strInBnotInA(isCrlUrls, expCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("CRL URLs ").append(diffs).append(" are absent but are required; ");
        }
    }
}

Example 15 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method checkExtensionDeltaCrlDistributionPoints.

// method checkExtensionCrlDistributionPoints
private void checkExtensionDeltaCrlDistributionPoints(StringBuilder failureMsg, byte[] extensionValue, X509IssuerInfo issuerInfo) {
    CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
    DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
    if (isDistributionPoints == null) {
        addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", 0, 1);
        return;
    } else {
        int len = isDistributionPoints.length;
        if (len != 1) {
            addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", len, 1);
            return;
        }
    }
    Set<String> isCrlUrls = new HashSet<>();
    for (DistributionPoint entry : isDistributionPoints) {
        int asn1Type = entry.getDistributionPoint().getType();
        if (asn1Type != DistributionPointName.FULL_NAME) {
            addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints (deltaCRL)", asn1Type, DistributionPointName.FULL_NAME);
            continue;
        }
        GeneralNames isDistributionPointNames = GeneralNames.getInstance(entry.getDistributionPoint().getName());
        GeneralName[] names = isDistributionPointNames.getNames();
        for (int i = 0; i < names.length; i++) {
            GeneralName name = names[i];
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                addViolation(failureMsg, "tag of deltaCRL URL", name.getTagNo(), GeneralName.uniformResourceIdentifier);
            } else {
                String uri = ((ASN1String) name.getName()).getString();
                isCrlUrls.add(uri);
            }
        }
        Set<String> expCrlUrls = issuerInfo.getCrlUrls();
        Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("deltaCRL URLs ").append(diffs).append(" are present but not expected; ");
        }
        diffs = strInBnotInA(isCrlUrls, expCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("deltaCRL URLs ").append(diffs).append(" are absent but are required; ");
        }
    }
}