List of usage examples for org.bouncycastle.asn1 DERIA5String getString
public String getString()
From source file:com.zimbra.cs.service.authenticator.CertUtil.java
License:Open Source License
private void printCRLDistributionPoints(PrintStream outStream) throws Exception { outStream.format("X509v3 CRL Distribution Points: \n"); String extOid = X509Extension.cRLDistributionPoints.getId(); // 2.5.29.31 byte[] extVal = cert.getExtensionValue(extOid); if (extVal == null) { return;/* w w w.j av a 2s. co m*/ } /* http://download.oracle.com/javase/6/docs/api/java/security/cert/X509Extension.html#getExtensionValue(java.lang.String) * The ASN.1 definition for this is: Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension Extension ::= SEQUENCE { extnId OBJECT IDENTIFIER, critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING -- contains a DER encoding of a value -- of the type registered for use with -- the extnId object identifier value } */ byte[] extnValue = DEROctetString.getInstance(ASN1Object.fromByteArray(extVal)).getOctets(); CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(ASN1Object.fromByteArray(extnValue)); DistributionPoint[] distPoints = crlDistPoint.getDistributionPoints(); for (DistributionPoint distPoint : distPoints) { DistributionPointName distPointName = distPoint.getDistributionPoint(); int type = distPointName.getType(); if (DistributionPointName.FULL_NAME == type) { outStream.format("Full Name: \n"); GeneralNames generalNames = GeneralNames.getInstance(distPointName.getName()); GeneralName[] names = generalNames.getNames(); for (GeneralName generalname : names) { int tag = generalname.getTagNo(); if (GeneralName.uniformResourceIdentifier == tag) { DEREncodable name = generalname.getName(); DERIA5String str = DERIA5String.getInstance(name); String value = str.getString(); outStream.format(" %s\n", value); } else { outStream.format("tag %d not yet implemented", tag); } } } else { outStream.format("type %d not yet implemented", type); } } }
From source file:eu.emi.security.authn.x509.helpers.proxy.ProxyTracingExtension.java
License:Open Source License
/** * Returns the URL inside the proxy tracing data structure. * /* ww w .j a v a 2 s. c o m*/ * @return The URL in String format. */ public String getURL() { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) return null; DERIA5String ia5String = (DERIA5String) name.getName(); return ia5String.getString(); }
From source file:eu.europa.ec.markt.dss.DSSUtils.java
License:Open Source License
private static String getAccessLocation(final X509Certificate certificate, final ASN1ObjectIdentifier accessMethod) { try {// www . j a va 2 s. com final byte[] authInfoAccessExtensionValue = certificate .getExtensionValue(Extension.authorityInfoAccess.getId()); if (null == authInfoAccessExtensionValue) { return null; } /* Parse the extension */ final ASN1InputStream asn1InputStream = new ASN1InputStream( new ByteArrayInputStream(authInfoAccessExtensionValue)); final DEROctetString oct = (DEROctetString) (asn1InputStream.readObject()); asn1InputStream.close(); final ASN1InputStream asn1InputStream2 = new ASN1InputStream(oct.getOctets()); final AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess .getInstance(asn1InputStream2.readObject()); asn1InputStream2.close(); String accessLocation = null; final AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions(); for (final AccessDescription accessDescription : accessDescriptions) { // LOG.debug("access method: " + accessDescription.getAccessMethod()); final boolean correctAccessMethod = accessDescription.getAccessMethod().equals(accessMethod); if (!correctAccessMethod) { continue; } GeneralName gn = accessDescription.getAccessLocation(); if (gn.getTagNo() != GeneralName.uniformResourceIdentifier) { // LOG.debug("not a uniform resource identifier"); continue; } final DERIA5String str = (DERIA5String) ((DERTaggedObject) gn.toASN1Primitive()).getObject(); accessLocation = str.getString(); // The HTTP protocol is preferred. if (Protocol.isHttpUrl(accessLocation)) { // LOG.debug("access location: " + accessLocation); break; } } return accessLocation; } catch (final IOException e) { // we do nothing // LOG.("IO error: " + e.getMessage(), e); } return null; }
From source file:eu.europa.ec.markt.dss.validation.certificate.AIACertificateSource.java
License:Open Source License
@SuppressWarnings("deprecation") private String getAccessLocation(X509Certificate certificate, DERObjectIdentifier accessMethod) { try {//from w w w.j a va 2 s .c om byte[] authInfoAccessExtensionValue = certificate .getExtensionValue(X509Extensions.AuthorityInfoAccess.getId()); /* If the extension is not there, then return null */ if (null == authInfoAccessExtensionValue) { return null; } /* Parse the extension */ AuthorityInformationAccess authorityInformationAccess; DEROctetString oct = (DEROctetString) (new ASN1InputStream( new ByteArrayInputStream(authInfoAccessExtensionValue)).readObject()); authorityInformationAccess = new AuthorityInformationAccess( (ASN1Sequence) new ASN1InputStream(oct.getOctets()).readObject()); AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions(); for (AccessDescription accessDescription : accessDescriptions) { LOG.fine("access method: " + accessDescription.getAccessMethod()); boolean correctAccessMethod = accessDescription.getAccessMethod().equals(accessMethod); if (!correctAccessMethod) { continue; } GeneralName gn = accessDescription.getAccessLocation(); if (gn.getTagNo() != GeneralName.uniformResourceIdentifier) { LOG.fine("not a uniform resource identifier"); continue; } DERIA5String str = (DERIA5String) ((DERTaggedObject) gn.getDERObject()).getObject(); String accessLocation = str.getString(); LOG.fine("access location: " + accessLocation); return accessLocation; } return null; } catch (IOException e) { throw new RuntimeException("IO error: " + e.getMessage(), e); } }
From source file:eu.europa.ec.markt.dss.validation.crl.OnlineCRLSource.java
License:Open Source License
/** * Gives back the CRL URI meta-data found within the given X509 certificate. * /* ww w .j av a 2 s. c o m*/ * @param certificate the X509 certificate. * @return the CRL URI, or <code>null</code> if the extension is not present. * @throws MalformedURLException */ @SuppressWarnings("deprecation") public String getCrlUri(X509Certificate certificate) throws MalformedURLException { byte[] crlDistributionPointsValue = certificate .getExtensionValue(X509Extensions.CRLDistributionPoints.getId()); if (null == crlDistributionPointsValue) { return null; } ASN1Sequence seq; try { DEROctetString oct; oct = (DEROctetString) (new ASN1InputStream(new ByteArrayInputStream(crlDistributionPointsValue)) .readObject()); seq = (ASN1Sequence) new ASN1InputStream(oct.getOctets()).readObject(); } catch (IOException e) { throw new RuntimeException("IO error: " + e.getMessage(), e); } CRLDistPoint distPoint = CRLDistPoint.getInstance(seq); DistributionPoint[] distributionPoints = distPoint.getDistributionPoints(); for (DistributionPoint distributionPoint : distributionPoints) { DistributionPointName distributionPointName = distributionPoint.getDistributionPoint(); if (DistributionPointName.FULL_NAME != distributionPointName.getType()) { continue; } GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); GeneralName[] names = generalNames.getNames(); for (GeneralName name : names) { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { LOG.fine("not a uniform resource identifier"); continue; } String str = null; if (name.getDERObject() instanceof DERTaggedObject) { DERTaggedObject taggedObject = (DERTaggedObject) name.getDERObject(); DERIA5String derStr = DERIA5String.getInstance(taggedObject.getObject()); str = derStr.getString(); } else { DERIA5String derStr = DERIA5String.getInstance(name.getDERObject()); str = derStr.getString(); } if (str != null && (str.startsWith("http://") || str.startsWith("https://"))) { return str; } else { LOG.info("Supports only http:// and https:// protocol for CRL"); } } } return null; }
From source file:eu.europa.ec.markt.dss.validation.ocsp.OnlineOCSPSource.java
License:Open Source License
@SuppressWarnings("deprecation") private String getAccessLocation(X509Certificate certificate, DERObjectIdentifier accessMethod) throws IOException { byte[] authInfoAccessExtensionValue = certificate .getExtensionValue(X509Extensions.AuthorityInfoAccess.getId()); if (null == authInfoAccessExtensionValue) { return null; }/*from ww w .j a v a 2s . c om*/ AuthorityInformationAccess authorityInformationAccess; DEROctetString oct = (DEROctetString) (new ASN1InputStream( new ByteArrayInputStream(authInfoAccessExtensionValue)).readObject()); authorityInformationAccess = new AuthorityInformationAccess( (ASN1Sequence) new ASN1InputStream(oct.getOctets()).readObject()); AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions(); for (AccessDescription accessDescription : accessDescriptions) { LOG.fine("access method: " + accessDescription.getAccessMethod()); boolean correctAccessMethod = accessDescription.getAccessMethod().equals(accessMethod); if (!correctAccessMethod) { continue; } GeneralName gn = accessDescription.getAccessLocation(); if (gn.getTagNo() != GeneralName.uniformResourceIdentifier) { LOG.fine("not a uniform resource identifier"); continue; } DERIA5String str = (DERIA5String) ((DERTaggedObject) gn.getDERObject()).getObject(); String accessLocation = str.getString(); LOG.fine("access location: " + accessLocation); return accessLocation; } return null; }
From source file:eu.europa.ec.markt.dss.validation102853.crl.CommonCRLSource.java
License:Open Source License
/** * Gives back the {@code List} of CRL URI meta-data found within the given X509 certificate. * * @param certificateToken the X509 certificate * @param preferredProtocol// w w w . j a va2s.co m * @param preferredProtocol indicates the preferred protocol to use to retrieve the revocation data * @return the {@code List} of CRL URI, or {@code null} if the extension is not present * @throws DSSException in the case of any {@code Exception} */ public List<String> getCrlUrl(final CertificateToken certificateToken, final Protocol preferredProtocol) throws DSSException { final byte[] crlDistributionPointsBytes = certificateToken.getCRLDistributionPoints(); if (null == crlDistributionPointsBytes) { if (LOG.isTraceEnabled()) { LOG.trace("CRL's URL(s) for {} : there is no distribution point(s) extension!", certificateToken.getAbbreviation()); } return null; } try { final List<String> urls = new ArrayList<String>(); final ASN1Sequence asn1Sequence = DSSASN1Utils .getAsn1SequenceFromDerOctetString(crlDistributionPointsBytes); final CRLDistPoint distPoint = CRLDistPoint.getInstance(asn1Sequence); final DistributionPoint[] distributionPoints = distPoint.getDistributionPoints(); for (final DistributionPoint distributionPoint : distributionPoints) { final DistributionPointName distributionPointName = distributionPoint.getDistributionPoint(); if (FULL_NAME != distributionPointName.getType()) { LOG.warn("'nameRelativeToCRLIssuer': not supported!"); continue; } final GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); final GeneralName[] names = generalNames.getNames(); for (final GeneralName name : names) { if (uniformResourceIdentifier != name.getTagNo()) { LOG.warn("Not a uniform resource identifier!"); continue; } ASN1Primitive asn1Primitive = name.toASN1Primitive(); if (asn1Primitive instanceof DERTaggedObject) { final DERTaggedObject taggedObject = (DERTaggedObject) asn1Primitive; asn1Primitive = taggedObject.getObject(); } final DERIA5String derStr = DERIA5String.getInstance(asn1Primitive); final String urlStr = derStr.getString(); urls.add(urlStr); } } prioritize(urls, preferredProtocol); if (LOG.isTraceEnabled()) { LOG.trace("CRL's URL for {} : {}", certificateToken.getAbbreviation(), urls); } return urls; } catch (Exception e) { if (e instanceof DSSException) { throw (DSSException) e; } throw new DSSException(e); } }
From source file:eu.europa.ec.markt.dss.validation102853.crl.OnlineCRLSource.java
License:Open Source License
/** * Gives back the CRL URI meta-data found within the given X509 certificate. * * @param certificateToken the X509 certificate. * @return the CRL URI, or {@code null} if the extension is not present. * @throws DSSException/* w ww . ja v a 2 s. c o m*/ */ public String getCrlUrl(final CertificateToken certificateToken) throws DSSException { final byte[] crlDistributionPointsValue = certificateToken.getCRLDistributionPoints(); if (null == crlDistributionPointsValue) { return null; } ASN1InputStream ais1 = null; ASN1InputStream ais2 = null; try { List<String> urls = new ArrayList<String>(); final ByteArrayInputStream bais = new ByteArrayInputStream(crlDistributionPointsValue); ais1 = new ASN1InputStream(bais); final DEROctetString oct = (DEROctetString) (ais1.readObject()); ais2 = new ASN1InputStream(oct.getOctets()); final ASN1Sequence seq = (ASN1Sequence) ais2.readObject(); final CRLDistPoint distPoint = CRLDistPoint.getInstance(seq); final DistributionPoint[] distributionPoints = distPoint.getDistributionPoints(); for (final DistributionPoint distributionPoint : distributionPoints) { final DistributionPointName distributionPointName = distributionPoint.getDistributionPoint(); if (DistributionPointName.FULL_NAME != distributionPointName.getType()) { continue; } final GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); final GeneralName[] names = generalNames.getNames(); for (final GeneralName name : names) { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { LOG.debug("Not a uniform resource identifier"); continue; } final String urlStr; if (name.toASN1Primitive() instanceof DERTaggedObject) { final DERTaggedObject taggedObject = (DERTaggedObject) name.toASN1Primitive(); final DERIA5String derStr = DERIA5String.getInstance(taggedObject.getObject()); urlStr = derStr.getString(); } else { final DERIA5String derStr = DERIA5String.getInstance(name.toASN1Primitive()); urlStr = derStr.getString(); } urls.add(urlStr); } } if (preferredProtocol != null) { for (final String url : urls) { if (preferredProtocol.isTheSame(url)) { return url; } } } if (urls.size() > 0) { final String url = urls.get(0); return url; } return null; } catch (IOException e) { throw new DSSException(e); } finally { DSSUtils.closeQuietly(ais1); DSSUtils.closeQuietly(ais2); } }
From source file:eu.europa.ec.markt.dss.validation102853.ocsp.OnlineOCSPSource.java
License:Open Source License
/** * Gives back the OCSP URI meta-data found within the given X509 cert. * * @param certificate the X509 cert.// www.j a v a2s. co m * @return the OCSP URI, or <code>null</code> if the extension is not present. * @throws DSSException */ public String getAccessLocation(final X509Certificate certificate) throws DSSException { final ASN1ObjectIdentifier ocspAccessMethod = X509ObjectIdentifiers.ocspAccessMethod; final byte[] authInfoAccessExtensionValue = certificate .getExtensionValue(X509Extension.authorityInfoAccess.getId()); if (null == authInfoAccessExtensionValue) { return null; } ASN1InputStream ais1 = null; ASN1InputStream ais2 = null; try { final ByteArrayInputStream bais = new ByteArrayInputStream(authInfoAccessExtensionValue); ais1 = new ASN1InputStream(bais); final DEROctetString oct = (DEROctetString) (ais1.readObject()); ais2 = new ASN1InputStream(oct.getOctets()); final AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess .getInstance(ais2.readObject()); final AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions(); for (AccessDescription accessDescription : accessDescriptions) { if (LOG.isDebugEnabled()) { LOG.debug("Access method: " + accessDescription.getAccessMethod()); } final boolean correctAccessMethod = accessDescription.getAccessMethod().equals(ocspAccessMethod); if (!correctAccessMethod) { continue; } final GeneralName gn = accessDescription.getAccessLocation(); if (gn.getTagNo() != GeneralName.uniformResourceIdentifier) { if (LOG.isDebugEnabled()) { LOG.debug("Not a uniform resource identifier"); } continue; } final DERIA5String str = (DERIA5String) ((DERTaggedObject) gn.toASN1Primitive()).getObject(); final String accessLocation = str.getString(); if (LOG.isDebugEnabled()) { LOG.debug("Access location: " + accessLocation); } return accessLocation; } return null; } catch (IOException e) { throw new DSSException(e); } finally { DSSUtils.closeQuietly(ais1); DSSUtils.closeQuietly(ais2); } }
From source file:eu.europa.esig.dss.client.crl.OnlineCRLSource.java
License:Open Source License
/** * Gives back the {@code List} of CRL URI meta-data found within the given X509 certificate. * * @param certificateToken/*from ww w . ja v a 2 s . c o m*/ * the X509 certificate * @return the {@code List} of CRL URI, or {@code null} if the extension is not present * @throws DSSException */ public List<String> getCrlUrl(final CertificateToken certificateToken) throws DSSException { final String id = Extension.cRLDistributionPoints.getId(); final byte[] crlDistributionPointsBytes = certificateToken.getCertificate().getExtensionValue(id); if (null == crlDistributionPointsBytes) { return null; } try { final List<String> urls = new ArrayList<String>(); final ASN1Sequence asn1Sequence = DSSASN1Utils .getAsn1SequenceFromDerOctetString(crlDistributionPointsBytes); final CRLDistPoint distPoint = CRLDistPoint.getInstance(asn1Sequence); final DistributionPoint[] distributionPoints = distPoint.getDistributionPoints(); for (final DistributionPoint distributionPoint : distributionPoints) { final DistributionPointName distributionPointName = distributionPoint.getDistributionPoint(); if (DistributionPointName.FULL_NAME != distributionPointName.getType()) { continue; } final GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); final GeneralName[] names = generalNames.getNames(); for (final GeneralName name : names) { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { LOG.debug("Not a uniform resource identifier"); continue; } ASN1Primitive asn1Primitive = name.toASN1Primitive(); if (asn1Primitive instanceof DERTaggedObject) { final DERTaggedObject taggedObject = (DERTaggedObject) asn1Primitive; asn1Primitive = taggedObject.getObject(); } final DERIA5String derStr = DERIA5String.getInstance(asn1Primitive); final String urlStr = derStr.getString(); urls.add(urlStr); } } prioritize(urls); return urls; } catch (Exception e) { if (e instanceof DSSException) { throw (DSSException) e; } throw new DSSException(e); } }