Example usage for org.bouncycastle.asn1.x509 Extension cRLDistributionPoints

List of usage examples for org.bouncycastle.asn1.x509 Extension cRLDistributionPoints

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.x509.*
  5. Extension
  6. cRLDistributionPoints

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 Extension cRLDistributionPoints.

Prototype

ASN1ObjectIdentifier cRLDistributionPoints

To view the source code for org.bouncycastle.asn1.x509 Extension cRLDistributionPoints.

Click Source Link

Document

CRL Distribution Points

Usage

From source file:tools.pki.gbay.crypto.keys.validation.CertificateRevocationList.java

License:Apache License

/**
 * Extracts all CRL distribution point URLs from the
 * "CRL Distribution Point" extension in a X.509 certificate. If CRL
 * distribution point extension is unavailable, returns an empty list.
 * @param cert //from   w  ww  .  j  a  v  a 2  s .  c  o m
 * @return List of all CRL DPs
 * @throws CertificateParsingException 
 * @throws IOException 
 */
public static List<String> getCrlDistributionPoints(X509Certificate cert)
        throws CertificateParsingException, IOException {
    byte[] crldpExt = cert.getExtensionValue(Extension.cRLDistributionPoints.getId());
    if (crldpExt == null) {
        return new ArrayList<String>();
    }
    ASN1InputStream oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt));
    ASN1Primitive derObjCrlDP = oAsnInStream.readObject();
    DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP;
    byte[] crldpExtOctets = dosCrlDP.getOctets();
    ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets));
    ASN1Primitive derObj2 = oAsnInStream2.readObject();
    CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
    List<String> crlUrls = new ArrayList<String>();
    for (DistributionPoint dp : distPoint.getDistributionPoints()) {
        DistributionPointName dpn = dp.getDistributionPoint();
        // Look for URIs in fullName
        if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) {
            GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames();
            // Look for an URI
            for (int j = 0; j < genNames.length; j++) {
                if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
                    String url = DERIA5String.getInstance(genNames[j].getName()).getString();
                    log.debug("URL : " + url);
                    crlUrls.add(url);
                }
            }
        }
    }
    oAsnInStream.close();
    oAsnInStream2.close();
    return crlUrls;
}