List of usage examples for org.bouncycastle.asn1.x509 DistributionPointName FULL_NAME
int FULL_NAME
To view the source code for org.bouncycastle.asn1.x509 DistributionPointName FULL_NAME.
Click Source Link
From source file:be.fedict.trust.crl.CrlTrustLinker.java
License:Open Source License
/** * Gives back the CRL URI meta-data found within the given X509 certificate. * /*from w w w. ja va 2s . co m*/ * @param certificate * the X509 certificate. * @return the CRL URI, or <code>null</code> if the extension is not * present. */ public static URI getCrlUri(X509Certificate certificate) { byte[] crlDistributionPointsValue = certificate.getExtensionValue(Extension.cRLDistributionPoints.getId()); if (null == crlDistributionPointsValue) { return null; } ASN1Sequence seq; try { DEROctetString oct; oct = (DEROctetString) (new ASN1InputStream(new ByteArrayInputStream(crlDistributionPointsValue)) .readObject()); seq = (ASN1Sequence) new ASN1InputStream(oct.getOctets()).readObject(); } catch (IOException e) { throw new RuntimeException("IO error: " + e.getMessage(), e); } CRLDistPoint distPoint = CRLDistPoint.getInstance(seq); DistributionPoint[] distributionPoints = distPoint.getDistributionPoints(); for (DistributionPoint distributionPoint : distributionPoints) { DistributionPointName distributionPointName = distributionPoint.getDistributionPoint(); if (DistributionPointName.FULL_NAME != distributionPointName.getType()) { continue; } GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); GeneralName[] names = generalNames.getNames(); for (GeneralName name : names) { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { LOG.debug("not a uniform resource identifier"); continue; } DERIA5String derStr = DERIA5String.getInstance(name.getName()); String str = derStr.getString(); if (false == str.startsWith("http")) { /* * skip ldap:// protocols */ LOG.debug("not HTTP/HTTPS: " + str); continue; } URI uri = toURI(str); return uri; } } return null; }
From source file:bluecrystal.bcdeps.helper.DerEncoder.java
License:Open Source License
public static List<String> getCrlDistributionPoints(byte[] crldpExt) throws CertificateParsingException, IOException { if (crldpExt == null) { return new ArrayList<String>(); }//w w w . j a va 2s . c o m ASN1InputStream oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt)); ASN1Primitive derObjCrlDP = oAsnInStream.readObject(); DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.getOctets(); ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); ASN1Primitive derObj2 = oAsnInStream2.readObject(); CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2); List<String> crlUrls = new ArrayList<String>(); for (DistributionPoint dp : distPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (int j = 0; j < genNames.length; j++) { if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genNames[j].getName()).getString(); crlUrls.add(url); } } } } return crlUrls; }
From source file:com.infinities.keystone4j.ssl.CRLVerifier.java
License:Apache License
/** * Extracts all CRL distribution point URLs from the * "CRL Distribution Point" extension in a X.509 certificate. If CRL * distribution point extension is unavailable, returns an empty list. *///from w w w . j a v a 2s .com public static List<String> getCrlDistributionPoints(X509Certificate cert) throws CertificateParsingException, IOException { byte[] crldpExt = cert.getExtensionValue(X509Extension.cRLDistributionPoints.getId()); if (crldpExt == null) { return new ArrayList<String>(); } ASN1InputStream oAsnInStream = null; ASN1InputStream oAsnInStream2 = null; try { oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt)); DERObject derObjCrlDP = oAsnInStream.readObject(); DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.getOctets(); oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); DERObject derObj2 = oAsnInStream2.readObject(); CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2); List<String> crlUrls = new ArrayList<String>(); for (DistributionPoint dp : distPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (int j = 0; j < genNames.length; j++) { if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genNames[j].getName()).getString(); crlUrls.add(url); } } } } return crlUrls; } finally { if (oAsnInStream != null) { oAsnInStream.close(); } if (oAsnInStream2 != null) { oAsnInStream2.close(); } } }
From source file:com.itextpdf.signatures.CertificateUtil.java
License:Open Source License
/** * Gets the URL of the Certificate Revocation List for a Certificate * @param certificate the Certificate//from w w w. j a v a 2s .c o m * @return the String where you can check if the certificate was revoked * @throws CertificateParsingException * @throws IOException */ public static String getCRLURL(X509Certificate certificate) throws CertificateParsingException { ASN1Primitive obj; try { obj = getExtensionValue(certificate, Extension.cRLDistributionPoints.getId()); } catch (IOException e) { obj = (ASN1Primitive) null; } if (obj == null) { return null; } CRLDistPoint dist = CRLDistPoint.getInstance(obj); DistributionPoint[] dists = dist.getDistributionPoints(); for (DistributionPoint p : dists) { DistributionPointName distributionPointName = p.getDistributionPoint(); if (DistributionPointName.FULL_NAME != distributionPointName.getType()) { continue; } GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); GeneralName[] names = generalNames.getNames(); for (GeneralName name : names) { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { continue; } DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false); return derStr.getString(); } } return null; }
From source file:com.itextpdf.text.pdf.security.CertificateUtil.java
License:Open Source License
/** * Gets the URL of the Certificate Revocation List for a Certificate * @param certificate the Certificate/* w ww. j a va 2s. co m*/ * @return the String where you can check if the certificate was revoked * @throws CertificateParsingException * @throws IOException */ public static String getCRLURL(X509Certificate certificate) throws CertificateParsingException { ASN1Primitive obj; try { obj = getExtensionValue(certificate, Extension.cRLDistributionPoints.getId()); } catch (IOException e) { obj = null; } if (obj == null) { return null; } CRLDistPoint dist = CRLDistPoint.getInstance(obj); DistributionPoint[] dists = dist.getDistributionPoints(); for (DistributionPoint p : dists) { DistributionPointName distributionPointName = p.getDistributionPoint(); if (DistributionPointName.FULL_NAME != distributionPointName.getType()) { continue; } GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); GeneralName[] names = generalNames.getNames(); for (GeneralName name : names) { if (name.getTagNo() != GeneralName.uniformResourceIdentifier) { continue; } DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false); return derStr.getString(); } } return null; }
From source file:com.jlocksmith.util.ExtensionUtil.java
License:Open Source License
/** * Get Crl Distribution Points String Value * /*from www . j a v a2 s. c o m*/ * @param bytes * @return * @throws IOException */ private String getCrlDistributionPointsStringValue(byte[] bytes) throws IOException { CRLDistPoint dps = CRLDistPoint.getInstance(toDERObject(bytes)); DistributionPoint[] points = dps.getDistributionPoints(); StringBuffer sb = new StringBuffer(); for (int i = 0, len = points.length; i < len; i++) { DistributionPoint point = points[i]; DistributionPointName dpn; if ((dpn = point.getDistributionPoint()) != null) { ASN1TaggedObject tagObj = (ASN1TaggedObject) dpn.toASN1Object(); switch (tagObj.getTagNo()) { case DistributionPointName.FULL_NAME: sb.append(localeUtil.getString("CrlDistributionPoint.0.0")); sb.append('\n'); ASN1Sequence seq = (ASN1Sequence) tagObj.getObject(); for (int j = 0, nLen = seq.size(); j < nLen; j++) { sb.append('\t'); sb.append(getGeneralNameString((DERTaggedObject) seq.getObjectAt(j))); sb.append('\n'); } break; case DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER: sb.append(localeUtil.getString("CrlDistributionPoint.0.1")); sb.append('\t'); sb.append(tagObj.getObject()); sb.append('\n'); break; default: break; } } ReasonFlags flags; if ((flags = point.getReasons()) != null) { sb.append(localeUtil.getString("CrlDistributionPoint.1")); sb.append('\t'); sb.append(flags); sb.append('\n'); } GeneralNames issuer; if ((issuer = point.getCRLIssuer()) != null) { sb.append(localeUtil.getString("CrlDistributionPoint.2")); sb.append('\n'); ASN1Sequence seq = (ASN1Sequence) issuer.getDERObject(); for (int j = 0, iLen = seq.size(); j < iLen; j++) { sb.append('\t'); sb.append(getGeneralNameString((DERTaggedObject) seq.getObjectAt(j))); sb.append('\n'); } } } return sb.toString(); }
From source file:com.yacme.ext.oxsit.cust_it.security.crl.X509CertRL.java
License:Open Source License
public static String[] getCrlDistributionPoint(X509Certificate certificate) throws CertificateParsingException { try {/*from w w w .j av a2 s . com*/ //trova i DP (OID="2.5.29.31") nel certificato DERObject obj = getExtensionValue(certificate, "2.5.29.31"); if (obj == null) { //nessun DP presente return null; } CRLDistPoint crldp = CRLDistPoint.getInstance(obj); DistributionPoint[] dp = crldp.getDistributionPoints(); String[] urls = new String[5]; int p = 0; for (int i = 0; i < dp.length; i++) { DistributionPointName dpn = dp[i].getDistributionPoint(); //custom toString if (dpn.getType() == DistributionPointName.FULL_NAME) { //stx = stx+"fullName:" + term; } else { //stx = stx+"nameRelativeToCRLIssuer:" + term; } GeneralNames gnx = GeneralNames.getInstance(dpn.getName()); GeneralName[] gn = gnx.getNames(); for (int y = 0; y < gn.length; y++) { String aNm = decodeAGeneralName(gn[y]); if (aNm != null) { urls[p++] = aNm; } } } return urls; } catch (Throwable e) { e.printStackTrace(); throw new CertificateParsingException(e.toString()); } }
From source file:com.zimbra.cs.service.authenticator.CertUtil.java
License:Open Source License
private void printCRLDistributionPoints(PrintStream outStream) throws Exception { outStream.format("X509v3 CRL Distribution Points: \n"); String extOid = X509Extension.cRLDistributionPoints.getId(); // 2.5.29.31 byte[] extVal = cert.getExtensionValue(extOid); if (extVal == null) { return;//from w w w .ja v a 2s. com } /* http://download.oracle.com/javase/6/docs/api/java/security/cert/X509Extension.html#getExtensionValue(java.lang.String) * The ASN.1 definition for this is: Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension Extension ::= SEQUENCE { extnId OBJECT IDENTIFIER, critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING -- contains a DER encoding of a value -- of the type registered for use with -- the extnId object identifier value } */ byte[] extnValue = DEROctetString.getInstance(ASN1Object.fromByteArray(extVal)).getOctets(); CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(ASN1Object.fromByteArray(extnValue)); DistributionPoint[] distPoints = crlDistPoint.getDistributionPoints(); for (DistributionPoint distPoint : distPoints) { DistributionPointName distPointName = distPoint.getDistributionPoint(); int type = distPointName.getType(); if (DistributionPointName.FULL_NAME == type) { outStream.format("Full Name: \n"); GeneralNames generalNames = GeneralNames.getInstance(distPointName.getName()); GeneralName[] names = generalNames.getNames(); for (GeneralName generalname : names) { int tag = generalname.getTagNo(); if (GeneralName.uniformResourceIdentifier == tag) { DEREncodable name = generalname.getName(); DERIA5String str = DERIA5String.getInstance(name); String value = str.getString(); outStream.format(" %s\n", value); } else { outStream.format("tag %d not yet implemented", tag); } } } else { outStream.format("type %d not yet implemented", type); } } }
From source file:de.mendelson.util.security.cert.KeystoreCertificate.java
/** * Get extension values for CRL Distribution Points as a string list or an * empty list if an exception occured or the extension doesnt exist OID * 2.5.29.31//from w w w . j a v a2s . c om */ public List<String> getCrlDistributionURLs() { List<String> ulrList = new ArrayList<String>(); //CRL destribution points has OID 2.5.29.31 byte[] extensionValue = this.certificate.getExtensionValue("2.5.29.31"); if (extensionValue == null) { return (ulrList); } try { byte[] octedBytes = ((ASN1OctetString) ASN1Primitive.fromByteArray(extensionValue)).getOctets(); CRLDistPoint distPoint = CRLDistPoint.getInstance(ASN1Primitive.fromByteArray(octedBytes)); DistributionPoint[] points = distPoint.getDistributionPoints(); for (DistributionPoint point : points) { DistributionPointName distributionPointName = point.getDistributionPoint(); if (distributionPointName != null) { if (distributionPointName.getType() == DistributionPointName.FULL_NAME) { GeneralNames generalNames = (GeneralNames) distributionPointName.getName(); for (GeneralName generalName : generalNames.getNames()) { //generalName.getTagNo() is GeneralName.uniformResourceIdentifier in this case ulrList.add(((ASN1String) generalName.getName()).getString()); } } } } } catch (Exception e) { //nop } return (ulrList); }
From source file:demo.sts.provider.cert.CRLVerifier.java
License:Apache License
/** * Extracts all CRL distribution point URLs from the * "CRL Distribution Point" extension in a X.509 certificate. If CRL * distribution point extension is unavailable, returns an empty list. *//*from w w w.j a v a 2s. c o m*/ public static List<String> getCrlDistributionPoints(X509Certificate cert) throws CertificateParsingException, IOException { byte[] crldpExt = cert.getExtensionValue(X509Extensions.CRLDistributionPoints.getId()); if (crldpExt == null) { return new ArrayList<String>(); } ASN1InputStream oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt)); DERObject derObjCrlDP = oAsnInStream.readObject(); DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.getOctets(); ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); DERObject derObj2 = oAsnInStream2.readObject(); CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2); List<String> crlUrls = new ArrayList<String>(); for (DistributionPoint dp : distPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (int j = 0; j < genNames.length; j++) { if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genNames[j].getName()).getString(); crlUrls.add(url); } } } } return crlUrls; }