List of usage examples for org.bouncycastle.asn1.x509 GeneralName getInstance
public static GeneralName getInstance(Object obj)
From source file:org.glite.voms.ac.Holder.java
License:eu-egee.org license
protected static boolean matchesDN(X500Principal subject, GeneralNames targets) { Enumeration e = ((ASN1Sequence) targets.toASN1Primitive()).getObjects(); while (e.hasMoreElements()) { GeneralName gn = GeneralName.getInstance(e.nextElement()); if (gn.getTagNo() == 4) { try { ByteArrayOutputStream b = new ByteArrayOutputStream(); new DEROutputStream(b).writeObject(gn.getName()); X500Principal principal = new X500Principal(b.toByteArray()); if (principal.equals(subject)) { return true; }// w w w . j a v a2s . c om } catch (IOException i) { } } } return false; }
From source file:org.glite.voms.PKIUtils.java
License:Open Source License
static private GeneralName[] getNames(GeneralNames gns) { ASN1Primitive obj = gns.toASN1Primitive(); Vector v = new Vector(); ASN1Sequence seq = (ASN1Sequence) obj; int size = seq.size(); // System.out.println("Size = " + size); for (int i = 0; i < size; i++) { // System.out.println("Adding element:"); // System.out.println("Class is: " + ((DERTaggedObject)seq.getObjectAt(i)).getObject().getClass()); // ASN1Sequence dseq = (ASN1Sequence)((DERTaggedObject)seq.getObjectAt(i)).getObject(); // int size2 = dseq.size(); // for (int j = 0; j < size; j++) { // System.out.println("2Adding element:"); // System.out.println("2Class is: " + dseq.getObjectAt(j)); // System.out.println("Class is: " + ((DERTaggedObject)dseq.getObjectAt(j)).getObject().getClass()); // // ASN1Sequence dseq = (ASN1Sequence)((DERTaggedObject)seq.getObjectAt(i)).getObject(); // // int size2 = dseq.size(); v.add(GeneralName.getInstance(seq.getObjectAt(i))); // } }// w w w. ja va 2 s.c o m return (GeneralName[]) v.toArray(new GeneralName[0]); }
From source file:org.glite.voms.VOMSAttribute.java
License:eu-egee.org license
/** * Returns an String representation of the AC holder. * @return the AC holder./* w w w . j a va2 s . co m*/ * * @throws IllegalArgumentException if no Attribute Certificate has been * loaded. */ public String getHolder() { if (myAC == null) throw new IllegalArgumentException("No Attribute Certificate loaded."); GeneralNames names = myAC.getHolder().getIssuer(); Enumeration e = ((ASN1Sequence) names.toASN1Primitive()).getObjects(); if (e.hasMoreElements()) { GeneralName gn = GeneralName.getInstance(e.nextElement()); if (gn.getTagNo() == 4) { try { ByteArrayOutputStream b = new ByteArrayOutputStream(); new DEROutputStream(b).writeObject(gn.getName()); X500Principal principal = new X500Principal(b.toByteArray()); return principal.getName(); } catch (IOException ex) { return null; } } } return null; }
From source file:org.jasig.cas.adaptors.x509.authentication.handler.support.CRLDistributionPointRevocationChecker.java
License:Apache License
/** * Gets the distribution points./*from w w w . jav a2 s.c o m*/ * * @param cert the cert * @return the url distribution points */ private URI[] getDistributionPoints(final X509Certificate cert) { final List<DistributionPoint> points; try { points = new ExtensionReader(cert).readCRLDistributionPoints(); } catch (final RuntimeException e) { logger.error("Error reading CRLDistributionPoints extension field on {}", CertUtils.toString(cert), e); return new URI[0]; } final List<URI> urls = new ArrayList<>(); if (points != null) { for (final DistributionPoint point : points) { final DistributionPointName pointName = point.getDistributionPoint(); if (pointName != null) { final ASN1Sequence nameSequence = ASN1Sequence.getInstance(pointName.getName()); for (int i = 0; i < nameSequence.size(); i++) { final GeneralName name = GeneralName.getInstance(nameSequence.getObjectAt(i)); logger.debug("Found CRL distribution point {}.", name); try { addURL(urls, DERIA5String.getInstance(name.getName()).getString()); } catch (final RuntimeException e) { logger.warn("{} not supported. String or GeneralNameList expected.", pointName); } } } } } return urls.toArray(new URI[urls.size()]); }
From source file:org.jnotary.dvcs.DVCSErrorNotice.java
License:Open Source License
@SuppressWarnings("rawtypes") private DVCSErrorNotice(ASN1Sequence seq) { Enumeration e = seq.getObjects(); transactionStatus = PKIStatusInfo.getInstance(e.nextElement()); if (e.hasMoreElements()) transactionIdentifier = GeneralName.getInstance(e.nextElement()); }
From source file:org.jnotary.dvcs.DVCSRequest.java
License:Open Source License
@SuppressWarnings("rawtypes") private DVCSRequest(ASN1Sequence seq) { Enumeration e = seq.getObjects(); requestInformation = DVCSRequestInformation.getInstance(e.nextElement()); data = Data.getInstance(requestInformation.getService(), e.nextElement()); if (e.hasMoreElements()) { transactionIdentifier = GeneralName.getInstance(e.nextElement()); }//from ww w .j ava2s .c o m }
From source file:org.jruby.ext.openssl.X509Extension.java
License:LGPL
@JRubyMethod public RubyString value(final ThreadContext context) { if (this.value instanceof RubyString) { // return the same as set return (RubyString) this.value; }/*from w w w .j a va2 s . c o m*/ final Ruby runtime = context.runtime; final String oid = getRealObjectID().getId(); try { if (oid.equals("2.5.29.19")) { // basicConstraints ASN1Sequence seq2 = (ASN1Sequence) ASN1.readObject(getRealValueEncoded()); final ByteList val = new ByteList(32); if (seq2.size() > 0) { val.append(CA_); ASN1Encodable obj0 = seq2.getObjectAt(0); final boolean bool; if (obj0 instanceof ASN1Boolean) { bool = ((ASN1Boolean) obj0).isTrue(); } else { // NOTE: keep it due BC <= 1.50 bool = ((DERBoolean) obj0).isTrue(); } val.append(bool ? TRUE : FALSE); } if (seq2.size() > 1) { val.append(", pathlen:".getBytes()); val.append(seq2.getObjectAt(1).toString().getBytes()); } return runtime.newString(val); } if (oid.equals("2.5.29.15")) { // keyUsage final byte[] enc = getRealValueEncoded(); byte b3 = 0; byte b2 = enc[2]; if (enc.length > 3) b3 = enc[3]; final ByteList val = new ByteList(64); byte[] sep = _; if ((b2 & (byte) 128) != 0) { val.append(sep); val.append(Decipher_Only); sep = SEP; } if ((b3 & (byte) 128) != 0) { val.append(sep); val.append(Digital_Signature); sep = SEP; } if ((b3 & (byte) 64) != 0) { val.append(sep); val.append(Non_Repudiation); sep = SEP; } if ((b3 & (byte) 32) != 0) { val.append(sep); val.append(Key_Encipherment); sep = SEP; } if ((b3 & (byte) 16) != 0) { val.append(sep); val.append(Data_Encipherment); sep = SEP; } if ((b3 & (byte) 8) != 0) { val.append(sep); val.append(Key_Agreement); sep = SEP; } if ((b3 & (byte) 4) != 0) { val.append(sep); val.append(Certificate_Sign); sep = SEP; } if ((b3 & (byte) 2) != 0) { val.append(sep); val.append(CRL_Sign); sep = SEP; } if ((b3 & (byte) 1) != 0) { val.append(sep); val.append(Encipher_Only); // sep = SEP; } return runtime.newString(val); } if (oid.equals("2.16.840.1.113730.1.1")) { // nsCertType final byte b0 = getRealValueEncoded()[0]; final ByteList val = new ByteList(64); byte[] sep = _; if ((b0 & (byte) 128) != 0) { val.append(sep); val.append(SSL_Client); sep = SEP; } if ((b0 & (byte) 64) != 0) { val.append(sep); val.append(SSL_Server); sep = SEP; } if ((b0 & (byte) 32) != 0) { val.append(sep); val.append(SMIME); sep = SEP; } if ((b0 & (byte) 16) != 0) { val.append(sep); val.append(Object_Signing); sep = SEP; } if ((b0 & (byte) 8) != 0) { val.append(sep); val.append(Unused); sep = SEP; } if ((b0 & (byte) 4) != 0) { val.append(sep); val.append(SSL_CA); sep = SEP; } if ((b0 & (byte) 2) != 0) { val.append(sep); val.append(SMIME_CA); sep = SEP; } if ((b0 & (byte) 1) != 0) { val.append(sep); val.append(Object_Signing_CA); } return runtime.newString(val); } if (oid.equals("2.5.29.14")) { // subjectKeyIdentifier ASN1Encodable value = getRealValue(); if (value instanceof ASN1OctetString) { byte[] octets = ((ASN1OctetString) value).getOctets(); if (octets.length > 0 && octets[0] == BERTags.OCTET_STRING) { value = ASN1.readObject(octets); // read nested octets } } return runtime.newString(hexBytes(keyidBytes(value.toASN1Primitive()), 0)); } if (oid.equals("2.5.29.35")) { // authorityKeyIdentifier ASN1Encodable value = getRealValue(); if (value instanceof ASN1OctetString) { value = ASN1.readObject(((ASN1OctetString) value).getOctets()); } final ByteList val = new ByteList(72); val.append(keyid_); if (value instanceof ASN1Sequence) { final ASN1Sequence seq = (ASN1Sequence) value; final int size = seq.size(); if (size == 0) return RubyString.newEmptyString(runtime); ASN1Primitive keyid = seq.getObjectAt(0).toASN1Primitive(); hexBytes(keyidBytes(keyid), val).append('\n'); for (int i = 1; i < size; i++) { final ASN1Encodable issuer = seq.getObjectAt(i); // NOTE: blindly got OpenSSL tests passing (likely in-complete) : if (issuer instanceof ASN1TaggedObject) { ASN1Primitive obj = ((ASN1TaggedObject) issuer).getObject(); switch (((ASN1TaggedObject) issuer).getTagNo()) { case 1: if (obj instanceof ASN1TaggedObject) { formatGeneralName(GeneralName.getInstance(obj), val, true); } break; case 2: // serial val.append(new byte[] { 's', 'e', 'r', 'i', 'a', 'l', ':' }); hexBytes(((ASN1OctetString) obj).getOctets(), val); break; } } val.append('\n'); } return runtime.newString(val); } hexBytes(keyidBytes(value.toASN1Primitive()), val).append('\n'); return runtime.newString(val); } if (oid.equals("2.5.29.21")) { // CRLReason final IRubyObject value = getValue(runtime); switch (RubyNumeric.fix2int(value)) { case 0: return runtime.newString(new ByteList(Unspecified)); case 1: return RubyString.newString(runtime, "Key Compromise"); case 2: return RubyString.newString(runtime, "CA Compromise"); case 3: return RubyString.newString(runtime, "Affiliation Changed"); case 4: return RubyString.newString(runtime, "Superseded"); case 5: return RubyString.newString(runtime, "Cessation Of Operation"); case 6: return RubyString.newString(runtime, "Certificate Hold"); case 8: return RubyString.newString(runtime, "Remove From CRL"); case 9: return RubyString.newString(runtime, "Privilege Withdrawn"); default: return runtime.newString(new ByteList(Unspecified)); } } if (oid.equals("2.5.29.17") || oid.equals("2.5.29.18")) { // subjectAltName || issuerAltName try { ASN1Encodable value = getRealValue(); final ByteList val = new ByteList(64); if (value instanceof ASN1TaggedObject) { formatGeneralName(GeneralName.getInstance(value), val, false); return runtime.newString(val); } if (value instanceof GeneralName) { formatGeneralName((GeneralName) value, val, false); return runtime.newString(val); } if (value instanceof ASN1OctetString) { // decoded octets will end up as an ASN1Sequence instance : value = ASN1.readObject(((ASN1OctetString) value).getOctets()); } if (value instanceof ASN1TaggedObject) { // DERTaggedObject (issuerAltName wrapping) formatGeneralName(GeneralName.getInstance(value), val, false); return runtime.newString(val); } final GeneralName[] names = GeneralNames.getInstance(value).getNames(); for (int i = 0; i < names.length; i++) { boolean other = formatGeneralName(names[i], val, false); if (i < names.length - 1) { if (other) val.append(';'); else val.append(','); } } return runtime.newString(val); } catch (IllegalArgumentException e) { debugStackTrace(runtime, e); return rawValueAsString(context); } } if (oid.equals("2.5.29.37")) { // extendedKeyUsage final ByteList val = new ByteList(64); if (this.value instanceof ASN1Sequence) { // opt "short" path final ASN1Sequence seq = (ASN1Sequence) this.value; final int size = seq.size(); for (int i = 0; i < size; i++) { ASN1Encodable o = seq.getObjectAt(i); String name = o.toString(); Integer nid = ASN1.oid2nid(runtime, new ASN1ObjectIdentifier(name)); if (nid != null) name = ASN1.nid2ln(runtime, nid); if (name == null) name = o.toString(); val.append(ByteList.plain(name)); if (i < size - 1) val.append(',').append(' '); } return runtime.newString(val); } final IRubyObject value = getValue(runtime); if (value instanceof RubyArray) { final RubyArray arr = (RubyArray) value; final int size = arr.size(); for (int i = 0; i < size; i++) { IRubyObject entry = arr.eltInternal(i); if ("ObjectId".equals(entry.getMetaClass().getBaseName())) { entry = entry.callMethod(context, "ln"); } else if (entry.respondsTo("value")) { entry = entry.callMethod(context, "value"); } val.append(entry.asString().getByteList()); if (i < size - 1) val.append(',').append(' '); } } return runtime.newString(val); } return rawValueAsString(context); } catch (IOException e) { debugStackTrace(runtime, e); throw newExtensionError(runtime, e); } }
From source file:org.xipki.pki.ca.certprofile.XmlX509CertprofileUtil.java
License:Open Source License
public static AdmissionSyntaxOption buildAdmissionSyntax(final boolean critical, final AdmissionSyntax type) throws CertprofileException { List<AdmissionsOption> admissionsList = new LinkedList<>(); for (AdmissionsType at : type.getContentsOfAdmissions()) { List<ProfessionInfoOption> professionInfos = new LinkedList<>(); for (ProfessionInfoType pi : at.getProfessionInfo()) { NamingAuthority namingAuthorityL3 = null; if (pi.getNamingAuthority() != null) { namingAuthorityL3 = buildNamingAuthority(pi.getNamingAuthority()); }// ww w . j a v a 2s. c om List<OidWithDescType> oidTypes = pi.getProfessionOid(); List<ASN1ObjectIdentifier> oids = null; if (CollectionUtil.isNonEmpty(oidTypes)) { oids = new LinkedList<>(); for (OidWithDescType k : oidTypes) { oids.add(new ASN1ObjectIdentifier(k.getValue())); } } RegistrationNumber rnType = pi.getRegistrationNumber(); RegistrationNumberOption rno = (rnType == null) ? null : new RegistrationNumberOption(rnType.getRegex(), rnType.getConstant()); ProfessionInfoOption pio = new ProfessionInfoOption(namingAuthorityL3, pi.getProfessionItem(), oids, rno, pi.getAddProfessionInfo()); professionInfos.add(pio); } GeneralName admissionAuthority = null; if (at.getNamingAuthority() != null) { admissionAuthority = GeneralName .getInstance(asn1PrimitivefromByteArray(at.getAdmissionAuthority())); } NamingAuthority namingAuthority = null; if (at.getNamingAuthority() != null) { namingAuthority = buildNamingAuthority(at.getNamingAuthority()); } AdmissionsOption admissionsOption = new AdmissionsOption(admissionAuthority, namingAuthority, professionInfos); admissionsList.add(admissionsOption); } GeneralName admissionAuthority = null; if (type.getAdmissionAuthority() != null) { admissionAuthority = GeneralName.getInstance(type.getAdmissionAuthority()); } return new AdmissionSyntaxOption(critical, admissionAuthority, admissionsList); }
From source file:org.xwiki.crypto.pkix.params.x509certificate.extension.X509GenericName.java
License:Open Source License
/** * Create a new instance from a encoded ASN.1 name. * * @param encoded the encoded ASN.1 value. * @throws IOException on encoding error. *///from w w w. j a va 2 s.c o m public X509GenericName(byte[] encoded) throws IOException { this.name = GeneralName.getInstance(encoded); }
From source file:se.tillvaxtverket.ttsigvalws.ttwssigvalidation.pdf.PdfBoxSigUtil.java
License:Open Source License
/** * Parse a Time-Stamp TsInfo byte array//from w w w .j a v a 2s .c o m * * @param tsToken The bytes of a tsInfo object * @return A data object holding essential time stamp information */ public static TimeStampData getTimeStampData(byte[] tsToken) { TimeStampData tsData = new TimeStampData(); tsData.setTimeStampToken(tsToken); try { ASN1InputStream din = new ASN1InputStream(new ByteArrayInputStream(tsToken)); ASN1Sequence tsTokenSeq = ASN1Sequence.getInstance(din.readObject()); // Get version int seqIdx = 0; int version = ASN1Integer.getInstance(tsTokenSeq.getObjectAt(seqIdx++)).getPositiveValue().intValue(); tsData.setVersion(version); //Get Policy String policy = ASN1ObjectIdentifier.getInstance(tsTokenSeq.getObjectAt(seqIdx++)).getId(); tsData.setPolicy(policy); //Get Message Imprint data (hash algo and hash value ASN1Sequence messageImprintSeq = ASN1Sequence.getInstance(tsTokenSeq.getObjectAt(seqIdx++)); AlgorithmIdentifier miAi = AlgorithmIdentifier.getInstance(messageImprintSeq.getObjectAt(0)); byte[] miOctets = DEROctetString.getInstance(messageImprintSeq.getObjectAt(1)).getOctets(); tsData.setImprintHashAlgo(DigestAlgorithm.getDigestAlgoFromOid(miAi.getAlgorithm().getId())); tsData.setImprintDigest(miOctets); //Serial number tsData.setSerialNumber(ASN1Integer.getInstance(tsTokenSeq.getObjectAt(seqIdx++)).getValue()); // Time Date tsTime = ASN1GeneralizedTime.getInstance(tsTokenSeq.getObjectAt(seqIdx++)).getDate(); tsData.setTime(tsTime); // Skip until next tagged token while (tsTokenSeq.size() > seqIdx && !(tsTokenSeq.getObjectAt(seqIdx) instanceof ASN1TaggedObject)) { seqIdx++; } // Get TSA name GeneralName tsaName = GeneralName.getInstance(tsTokenSeq.getObjectAt(seqIdx)); try { ASN1Sequence genNameSeq = ASN1Sequence.getInstance(tsaName.getName()); ASN1TaggedObject taggedGenNameOjb = ASN1TaggedObject.getInstance(genNameSeq.getObjectAt(0)); if (taggedGenNameOjb.getTagNo() == 4) { ASN1Sequence nameSeq = ASN1Sequence.getInstance(taggedGenNameOjb.getObject()); Map<SubjectDnAttribute, String> subjectAttributes = getSubjectAttributes(nameSeq); tsData.setIssuerDnMap(subjectAttributes); } } catch (Exception e) { } } catch (IOException | ParseException ex) { Logger.getLogger(PdfBoxSigUtil.class.getName()).warning(ex.getMessage()); } return tsData; }