Example 26 with AccessDescription
use of sun.security.x509.AccessDescription in project xipki by xipki.
the class ExtensionsChecker method checkAia.
private static void checkAia(StringBuilder failureMsg, AuthorityInformationAccess aia, ASN1ObjectIdentifier accessMethod, Set<String> expectedUris) {
String typeDesc;
if (X509ObjectIdentifiers.id_ad_ocsp.equals(accessMethod)) {
typeDesc = "OCSP";
} else if (X509ObjectIdentifiers.id_ad_caIssuers.equals(accessMethod)) {
typeDesc = "caIssuer";
} else {
typeDesc = accessMethod.getId();
}
List<AccessDescription> isAccessDescriptions = new LinkedList<>();
for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
if (accessMethod.equals(accessDescription.getAccessMethod())) {
isAccessDescriptions.add(accessDescription);
}
}
int size = isAccessDescriptions.size();
if (size != expectedUris.size()) {
addViolation(failureMsg, "number of AIA " + typeDesc + " URIs", size, expectedUris.size());
return;
}
Set<String> isUris = new HashSet<>();
for (int i = 0; i < size; i++) {
GeneralName isAccessLocation = isAccessDescriptions.get(i).getAccessLocation();
if (isAccessLocation.getTagNo() != GeneralName.uniformResourceIdentifier) {
addViolation(failureMsg, "tag of accessLocation of AIA ", isAccessLocation.getTagNo(), GeneralName.uniformResourceIdentifier);
} else {
String isOcspUri = ((ASN1String) isAccessLocation.getName()).getString();
isUris.add(isOcspUri);
}
}
Set<String> diffs = strInBnotInA(expectedUris, isUris);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
failureMsg.append(" are present but not expected; ");
}
diffs = strInBnotInA(isUris, expectedUris);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
failureMsg.append(" are absent but are required; ");
}
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
ASN1String(org.bouncycastle.asn1.ASN1String)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString)
DEROctetString(org.bouncycastle.asn1.DEROctetString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERT61String(org.bouncycastle.asn1.DERT61String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1String(org.bouncycastle.asn1.ASN1String)
LinkedList(java.util.LinkedList)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
HashSet(java.util.HashSet)
Example 27 with AccessDescription
use of sun.security.x509.AccessDescription in project Bytecoder by mirkosertic.
the class OCSP method getResponderURI.
static URI getResponderURI(X509CertImpl certImpl) {
// Examine the certificate's AuthorityInfoAccess extension
AuthorityInfoAccessExtension aia = certImpl.getAuthorityInfoAccessExtension();
if (aia == null) {
return null;
}
List<AccessDescription> descriptions = aia.getAccessDescriptions();
for (AccessDescription description : descriptions) {
if (description.getAccessMethod().equals(AccessDescription.Ad_OCSP_Id)) {
GeneralName generalName = description.getAccessLocation();
if (generalName.getType() == GeneralNameInterface.NAME_URI) {
URIName uri = (URIName) generalName.getName();
return uri.getURI();
}
}
}
return null;
}
Also used :
AuthorityInfoAccessExtension(sun.security.x509.AuthorityInfoAccessExtension)
AccessDescription(sun.security.x509.AccessDescription)
GeneralName(sun.security.x509.GeneralName)
URIName(sun.security.x509.URIName)
Example 28 with AccessDescription
use of sun.security.x509.AccessDescription in project keystore-explorer by kaikramer.
the class X509Ext method getAuthorityInformationAccessStringValue.
private String getAuthorityInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* AuthorityInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
AuthorityInformationAccess authorityInfoAccess = AuthorityInformationAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : authorityInfoAccess.getAccessDescriptions()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else {
// Unrecognised Access Method OID
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("AuthorityInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT.toString(2));
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Also used :
AuthorityInformationAccess(org.bouncycastle.asn1.x509.AuthorityInformationAccess)
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
DERBitString(org.bouncycastle.asn1.DERBitString)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERGeneralString(org.bouncycastle.asn1.DERGeneralString)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 29 with AccessDescription
use of sun.security.x509.AccessDescription in project keystore-explorer by kaikramer.
the class DAccessDescriptionChooser method okPressed.
private void okPressed() {
ASN1ObjectIdentifier accessMethod = joiAccessMethod.getObjectId();
if (accessMethod == null) {
JOptionPane.showMessageDialog(this, res.getString("DAccessDescriptionChooser.AccessMethodValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
GeneralName accessLocation = jgnAccessLocation.getGeneralName();
if (accessLocation == null) {
JOptionPane.showMessageDialog(this, res.getString("DAccessDescriptionChooser.AccessLocationValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
return;
}
accessDescription = new AccessDescription(accessMethod, accessLocation);
closeDialog();
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
JGeneralName(org.kse.gui.crypto.generalname.JGeneralName)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 30 with AccessDescription
use of sun.security.x509.AccessDescription in project keystore-explorer by kaikramer.
the class JAccessDescriptions method removeSelectedAccessDescription.
private void removeSelectedAccessDescription() {
int selectedRow = jtAccessDescriptions.getSelectedRow();
if (selectedRow != -1) {
AccessDescription accessDescription = (AccessDescription) jtAccessDescriptions.getValueAt(selectedRow, 0);
accessDescriptions.remove(accessDescription);
reloadAccessDescriptionsTable();
selectFirstAccessDescriptionInTable();
updateButtonControls();
}
}
Also used :
AccessDescription(org.bouncycastle.asn1.x509.AccessDescription)
Point(java.awt.Point)
Aggregations
AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)24
GeneralName (org.bouncycastle.asn1.x509.GeneralName)13
AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)9
IOException (java.io.IOException)8
CertStoreException (java.security.cert.CertStoreException)7
ArrayList (java.util.ArrayList)6
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)6
AccessDescription (sun.security.x509.AccessDescription)6
URIName (sun.security.x509.URIName)6
DERIA5String (org.bouncycastle.asn1.DERIA5String)5
CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)5
URI (java.net.URI)4
CertificateException (java.security.cert.CertificateException)4
X509Certificate (java.security.cert.X509Certificate)4
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)4
DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)4
DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)4
InvalidAlgorithmParameterException (java.security.InvalidAlgorithmParameterException)3
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3
CRLException (java.security.cert.CRLException)3
