Examples with DistributionPoint sun.security.x509.DistributionPoint used on opensource projects

Search in sources :

Example 26 with DistributionPoint

use of sun.security.x509.DistributionPoint in project xipki by xipki.

the class CaUtil method createCrlDistributionPoints.

public static CRLDistPoint createCrlDistributionPoints(List<String> crlUris, X500Name caSubject, X500Name crlSignerSubject) {
    ParamUtil.requireNonEmpty("crlUris", crlUris);
    int size = crlUris.size();
    DistributionPoint[] points = new DistributionPoint[1];
    GeneralName[] names = new GeneralName[size];
    for (int i = 0; i < size; i++) {
        names[i] = new GeneralName(GeneralName.uniformResourceIdentifier, crlUris.get(i));
    }
    // Distribution Point
    GeneralNames gns = new GeneralNames(names);
    DistributionPointName pointName = new DistributionPointName(gns);
    GeneralNames crlIssuer = null;
    if (crlSignerSubject != null && !crlSignerSubject.equals(caSubject)) {
        GeneralName crlIssuerName = new GeneralName(crlSignerSubject);
        crlIssuer = new GeneralNames(crlIssuerName);
    }
    points[0] = new DistributionPoint(pointName, null, crlIssuer);
    return new CRLDistPoint(points);
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) GeneralName(org.bouncycastle.asn1.x509.GeneralName) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)

Example 27 with DistributionPoint

use of sun.security.x509.DistributionPoint in project xipki by xipki.

the class ExtensionsChecker method checkExtensionCrlDistributionPoints.

// method checkExtensionIssuerAltNames
private void checkExtensionCrlDistributionPoints(StringBuilder failureMsg, byte[] extensionValue, X509IssuerInfo issuerInfo) {
    CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
    DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
    if (isDistributionPoints == null) {
        addViolation(failureMsg, "size of CRLDistributionPoints", 0, 1);
        return;
    } else {
        int len = isDistributionPoints.length;
        if (len != 1) {
            addViolation(failureMsg, "size of CRLDistributionPoints", len, 1);
            return;
        }
    }
    Set<String> isCrlUrls = new HashSet<>();
    for (DistributionPoint entry : isDistributionPoints) {
        int asn1Type = entry.getDistributionPoint().getType();
        if (asn1Type != DistributionPointName.FULL_NAME) {
            addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints", asn1Type, DistributionPointName.FULL_NAME);
            continue;
        }
        GeneralNames isDistributionPointNames = GeneralNames.getInstance(entry.getDistributionPoint().getName());
        GeneralName[] names = isDistributionPointNames.getNames();
        for (int i = 0; i < names.length; i++) {
            GeneralName name = names[i];
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                addViolation(failureMsg, "tag of CRL URL", name.getTagNo(), GeneralName.uniformResourceIdentifier);
            } else {
                String uri = ((ASN1String) name.getName()).getString();
                isCrlUrls.add(uri);
            }
        }
        Set<String> expCrlUrls = issuerInfo.getCrlUrls();
        Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("CRL URLs ").append(diffs).append(" are present but not expected; ");
        }
        diffs = strInBnotInA(isCrlUrls, expCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("CRL URLs ").append(diffs).append(" are absent but are required; ");
        }
    }
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1String(org.bouncycastle.asn1.ASN1String) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) HashSet(java.util.HashSet)

Example 28 with DistributionPoint

use of sun.security.x509.DistributionPoint in project xipki by xipki.

the class ExtensionsChecker method checkExtensionDeltaCrlDistributionPoints.

// method checkExtensionCrlDistributionPoints
private void checkExtensionDeltaCrlDistributionPoints(StringBuilder failureMsg, byte[] extensionValue, X509IssuerInfo issuerInfo) {
    CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
    DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
    if (isDistributionPoints == null) {
        addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", 0, 1);
        return;
    } else {
        int len = isDistributionPoints.length;
        if (len != 1) {
            addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", len, 1);
            return;
        }
    }
    Set<String> isCrlUrls = new HashSet<>();
    for (DistributionPoint entry : isDistributionPoints) {
        int asn1Type = entry.getDistributionPoint().getType();
        if (asn1Type != DistributionPointName.FULL_NAME) {
            addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints (deltaCRL)", asn1Type, DistributionPointName.FULL_NAME);
            continue;
        }
        GeneralNames isDistributionPointNames = GeneralNames.getInstance(entry.getDistributionPoint().getName());
        GeneralName[] names = isDistributionPointNames.getNames();
        for (int i = 0; i < names.length; i++) {
            GeneralName name = names[i];
            if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
                addViolation(failureMsg, "tag of deltaCRL URL", name.getTagNo(), GeneralName.uniformResourceIdentifier);
            } else {
                String uri = ((ASN1String) name.getName()).getString();
                isCrlUrls.add(uri);
            }
        }
        Set<String> expCrlUrls = issuerInfo.getCrlUrls();
        Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("deltaCRL URLs ").append(diffs).append(" are present but not expected; ");
        }
        diffs = strInBnotInA(isCrlUrls, expCrlUrls);
        if (CollectionUtil.isNonEmpty(diffs)) {
            failureMsg.append("deltaCRL URLs ").append(diffs).append(" are absent but are required; ");
        }
    }
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1String(org.bouncycastle.asn1.ASN1String) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) HashSet(java.util.HashSet)

Example 29 with DistributionPoint

use of sun.security.x509.DistributionPoint in project certmgr by hdecarne.

the class ASN1DataTest method testDistributionPoint.

/**
 * Test encoding & decoding of {@link DistributionPoint} object.
 */
@Test
public void testDistributionPoint() {
    try {
        // DistributionPointName based
        GeneralNames in1FullName = new GeneralNames();
        StringName in1NameA = new StringName(GeneralNameType.UNIFORM_RESOURCE_IDENTIFIER, "https://localhost/test.crl");
        DirectoryName in1NameB = new DirectoryName(new X500Principal("CN=localhost"));
        in1FullName.addName(in1NameA);
        in1FullName.addName(in1NameB);
        DistributionPointName in1Name = new DistributionPointName(in1FullName);
        DistributionPoint in1 = new DistributionPoint(in1Name);
        byte[] in1Encoded = in1.getEncoded();
        DistributionPoint out1 = DistributionPoint.decode(decodeBytes(in1Encoded));
        byte[] out1Encoded = out1.getEncoded();
        Assert.assertArrayEquals(in1Encoded, out1Encoded);
        // GeneralName based
        GeneralNames in2CrlIssuers = new GeneralNames();
        StringName in2NameA = new StringName(GeneralNameType.UNIFORM_RESOURCE_IDENTIFIER, "https://localhost/test.crl");
        DirectoryName in2NameB = new DirectoryName(new X500Principal("CN=localhost"));
        in1FullName.addName(in2NameA);
        in1FullName.addName(in2NameB);
        DistributionPoint in2 = new DistributionPoint(in2CrlIssuers);
        byte[] in2Encoded = in2.encode().toASN1Primitive().getEncoded();
        DistributionPoint out2 = DistributionPoint.decode(decodeBytes(in2Encoded));
        byte[] out2Encoded = out2.encode().toASN1Primitive().getEncoded();
        Assert.assertArrayEquals(in2Encoded, out2Encoded);
    } catch (IOException e) {
        e.printStackTrace();
        Assert.fail(e.getLocalizedMessage());
    }
}
Also used : GeneralNames(de.carne.certmgr.certs.x509.GeneralNames) StringName(de.carne.certmgr.certs.x509.StringName) DistributionPointName(de.carne.certmgr.certs.x509.DistributionPointName) X500Principal(javax.security.auth.x500.X500Principal) DistributionPoint(de.carne.certmgr.certs.x509.DistributionPoint) IOException(java.io.IOException) DirectoryName(de.carne.certmgr.certs.x509.DirectoryName) Test(org.junit.Test)

Example 30 with DistributionPoint

use of sun.security.x509.DistributionPoint in project certmgr by hdecarne.

the class CRLDistributionPointsController method onApply.

private void onApply(ActionEvent evt) {
    try {
        boolean critical = this.ctlCritical.isSelected();
        DistributionPoint distributionPoint = validateAndGetDistributionPoint();
        this.extensionDataResult = new CRLDistributionPointsExtensionData(critical);
        this.extensionDataResult.addDistributionPoint(distributionPoint);
    } catch (ValidationException e) {
        ValidationAlerts.error(e).showAndWait();
        evt.consume();
    }
}
Also used : ValidationException(de.carne.jfx.util.validation.ValidationException) CRLDistributionPointsExtensionData(de.carne.certmgr.certs.x509.CRLDistributionPointsExtensionData) DistributionPoint(de.carne.certmgr.certs.x509.DistributionPoint)

Aggregations

DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)28 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)25 GeneralName (org.bouncycastle.asn1.x509.GeneralName)24 IOException (java.io.IOException)16 DistributionPointName (org.bouncycastle.asn1.x509.DistributionPointName)16 GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)12 DERIA5String (org.bouncycastle.asn1.DERIA5String)11 ArrayList (java.util.ArrayList)8 IssuingDistributionPoint (org.bouncycastle.asn1.x509.IssuingDistributionPoint)8 GeneralSecurityException (java.security.GeneralSecurityException)7 CertPathValidatorException (java.security.cert.CertPathValidatorException)6 List (java.util.List)6 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)6 DEROctetString (org.bouncycastle.asn1.DEROctetString)6 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)5 ExtCertPathValidatorException (org.bouncycastle.jce.exception.ExtCertPathValidatorException)5 DistributionPoint (de.carne.certmgr.certs.x509.DistributionPoint)4 CertPathBuilderException (java.security.cert.CertPathBuilderException)4 CertificateExpiredException (java.security.cert.CertificateExpiredException)4 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial