Example 1 with AccessDescription
use of sun.security.x509.AccessDescription in project nhin-d by DirectProject.
the class AuthorityInfoAccessOCSPLocExtentionField method injectReferenceValue.
/**
* {@inheritDoc}
*/
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
this.certificate = value;
final DERObject exValue = getExtensionValue(value);
if (exValue == null) {
if (isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
else {
final Collection<String> coll = Collections.emptyList();
this.policyValue = PolicyValueFactory.getInstance(coll);
return;
}
}
final AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(exValue);
final Collection<String> retVal = new ArrayList<String>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
if (accessDescription.getAccessMethod().equals(AccessDescription.id_ad_ocsp))
retVal.add(accessDescription.getAccessLocation().getName().toString());
}
if (retVal.isEmpty() && isRequired())
throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
DERObject(org.bouncycastle.asn1.DERObject)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ArrayList(java.util.ArrayList)
Example 2 with AccessDescription
use of sun.security.x509.AccessDescription in project jdk8u_jdk by JetBrains.
the class ForwardBuilder method getCerts.
/**
* Download Certificates from the given AIA and add them to the
* specified Collection.
*/
// cs.getCertificates(caSelector) returns a collection of X509Certificate's
// because of the selector, so the cast is safe
@SuppressWarnings("unchecked")
private boolean getCerts(AuthorityInfoAccessExtension aiaExt, Collection<X509Certificate> certs) {
if (Builder.USE_AIA == false) {
return false;
}
List<AccessDescription> adList = aiaExt.getAccessDescriptions();
if (adList == null || adList.isEmpty()) {
return false;
}
boolean add = false;
for (AccessDescription ad : adList) {
CertStore cs = URICertStore.getInstance(ad);
if (cs != null) {
try {
if (certs.addAll((Collection<X509Certificate>) cs.getCertificates(caSelector))) {
add = true;
if (!searchAllCertStores) {
return true;
}
}
} catch (CertStoreException cse) {
if (debug != null) {
debug.println("exception getting certs from CertStore:");
cse.printStackTrace();
}
}
}
}
return add;
}
Also used :
AccessDescription(sun.security.x509.AccessDescription)
CertStoreException(java.security.cert.CertStoreException)
CertStore(java.security.cert.CertStore)
X509Certificate(java.security.cert.X509Certificate)
Example 3 with AccessDescription
use of sun.security.x509.AccessDescription in project jdk8u_jdk by JetBrains.
the class URICertStore method getInstance.
/**
* Creates a CertStore from information included in the AccessDescription
* object of a certificate's Authority Information Access Extension.
*/
static CertStore getInstance(AccessDescription ad) {
if (!ad.getAccessMethod().equals((Object) AccessDescription.Ad_CAISSUERS_Id)) {
return null;
}
GeneralNameInterface gn = ad.getAccessLocation().getName();
if (!(gn instanceof URIName)) {
return null;
}
URI uri = ((URIName) gn).getURI();
try {
return URICertStore.getInstance(new URICertStore.URICertStoreParameters(uri));
} catch (Exception ex) {
if (debug != null) {
debug.println("exception creating CertStore: " + ex);
ex.printStackTrace();
}
return null;
}
}
Also used :
GeneralNameInterface(sun.security.x509.GeneralNameInterface)
URI(java.net.URI)
InvalidAlgorithmParameterException(java.security.InvalidAlgorithmParameterException)
IOException(java.io.IOException)
CertificateException(java.security.cert.CertificateException)
CertStoreException(java.security.cert.CertStoreException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
CRLException(java.security.cert.CRLException)
URIName(sun.security.x509.URIName)
Example 4 with AccessDescription
use of sun.security.x509.AccessDescription in project keystore-explorer by kaikramer.
the class X509Ext method getSubjectInformationAccessStringValue.
private String getSubjectInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
SubjectInfoAccess subjectInfoAccess = SubjectInfoAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : subjectInfoAccess.getAccessDescriptionList()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else // Unrecognised Access Method OID
{
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("SubjectInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(INDENT);
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 5 with AccessDescription
use of sun.security.x509.AccessDescription in project keystore-explorer by kaikramer.
the class SubjectInfoAccess method toASN1Primitive.
@Override
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector vec = new ASN1EncodableVector();
Iterator<AccessDescription> it = accessDescriptions.iterator();
while (it.hasNext()) {
vec.add(it.next().toASN1Primitive());
}
return new DERSequence(vec);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
Aggregations
AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)24
GeneralName (org.bouncycastle.asn1.x509.GeneralName)13
AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)9
IOException (java.io.IOException)8
CertStoreException (java.security.cert.CertStoreException)7
ArrayList (java.util.ArrayList)6
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)6
AccessDescription (sun.security.x509.AccessDescription)6
URIName (sun.security.x509.URIName)6
DERIA5String (org.bouncycastle.asn1.DERIA5String)5
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)5
URI (java.net.URI)4
CertificateException (java.security.cert.CertificateException)4
X509Certificate (java.security.cert.X509Certificate)4
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)4
DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)4
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)4
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
CRLException (java.security.cert.CRLException)3
