List of usage examples for org.bouncycastle.asn1.x509 GeneralName uniformResourceIdentifier
int uniformResourceIdentifier
To view the source code for org.bouncycastle.asn1.x509 GeneralName uniformResourceIdentifier.
Click Source Link
From source file:net.maritimecloud.pki.CRLVerifier.java
License:Apache License
/** * Extracts all CRL distribution point URLs from the * "CRL Distribution Point" extension in a X.509 certificate. If CRL * distribution point extension is unavailable, returns an empty list. */// w w w. j av a 2 s. c om public static List<String> getCrlDistributionPoints(X509Certificate cert) throws CertificateParsingException, IOException { byte[] crldpExt = cert.getExtensionValue(Extension.cRLDistributionPoints.getId()); if (crldpExt == null) { return new ArrayList<>(); } ASN1InputStream oAsnInStream = new ASN1InputStream(crldpExt); DEROctetString dosCrlDP = (DEROctetString) oAsnInStream.readObject(); byte[] crldpExtOctets = dosCrlDP.getOctets(); ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(oAsnInStream2.readObject()); oAsnInStream.close(); oAsnInStream2.close(); List<String> crlUrls = new ArrayList<>(); for (DistributionPoint dp : crlDistPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (GeneralName genName : genNames) { if (genName.getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genName.getName()).getString(); crlUrls.add(url); } } } } return crlUrls; }
From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateBuilderHelper.java
License:BSD License
/** * Generate a single distribution point where the names contains each URI. */// ww w . ja v a2 s.c om private CRLDistPoint convertToCrlDistributionPoint(URI[] uris) { GeneralName[] seq = new GeneralName[uris.length]; for (int i = 0; i < uris.length; ++i) { seq[i] = new GeneralName(GeneralName.uniformResourceIdentifier, uris[i].toString()); } GeneralNames names = new GeneralNames(seq); DistributionPointName distributionPoint = new DistributionPointName(names); DistributionPoint[] dps = { new DistributionPoint(distributionPoint, null, null) }; return new CRLDistPoint(dps); }
From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor.java
License:BSD License
public X509CertificateInformationAccessDescriptor(AccessDescription accessDescription) { try {/*from w w w. j av a2s . co m*/ Validate.isTrue( accessDescription.getAccessLocation().getTagNo() == GeneralName.uniformResourceIdentifier, "access location is not an URI"); this.method = accessDescription.getAccessMethod().getId(); this.location = new URI(accessDescription.getAccessLocation().getName().toString()); } catch (URISyntaxException e) { throw new IllegalArgumentException(e); } }
From source file:net.ripe.rpki.commons.crypto.x509cert.X509CertificateInformationAccessDescriptor.java
License:BSD License
private AccessDescription toAccessDescription() { return new AccessDescription(getMethod(), new GeneralName(GeneralName.uniformResourceIdentifier, location.toString())); }
From source file:net.ripe.rpki.commons.crypto.x509cert.X509ResourceCertificateParser.java
License:BSD License
private void testCrlDistributionPointsToUrisConversion(CRLDistPoint crldp) { for (DistributionPoint dp : crldp.getDistributionPoints()) { result.rejectIfNotNull(dp.getCRLIssuer(), CRLDP_ISSUER_OMITTED); result.rejectIfNotNull(dp.getReasons(), CRLDP_REASONS_OMITTED); if (!result.rejectIfNull(dp.getDistributionPoint(), CRLDP_PRESENT)) { return; }/*w w w .j a v a 2s . co m*/ if (!result.rejectIfFalse(dp.getDistributionPoint().getType() == DistributionPointName.FULL_NAME, CRLDP_TYPE_FULL_NAME)) { return; } GeneralNames names = (GeneralNames) dp.getDistributionPoint().getName(); for (GeneralName name : names.getNames()) { if (!result.rejectIfFalse(name.getTagNo() == GeneralName.uniformResourceIdentifier, CRLDP_NAME_IS_A_URI)) { return; } DERIA5String uri = (DERIA5String) name.getName(); try { URI.create(uri.getString()); } catch (IllegalArgumentException e) { result.error(CRLDP_URI_SYNTAX); return; } } } }
From source file:net.sabamiso.android.revocationtest.crl.RevocationTestUsingCRL.java
License:MIT License
private static String getCRLUrl(X509Certificate cert) { byte[] asn1_bytes = cert.getExtensionValue("2.5.29.31"); // CRL Distribution Points OID:"2.5.29.31" if (asn1_bytes == null) { Log.e(TAG, "cannot find 2.5.29.31..."); return null; }//from ww w. ja v a 2 s.c o m CRLDistPoint crldp = getCRLDistPoint(asn1_bytes); if (crldp == null) { Log.e(TAG, "cannot find CRLDistPoint..."); return null; } String url = null; for (DistributionPoint dp : crldp.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); if (DistributionPointName.FULL_NAME != dpn.getType()) continue; GeneralNames gns = (GeneralNames) dpn.getName(); for (GeneralName gn : gns.getNames()) { if (gn.getTagNo() != GeneralName.uniformResourceIdentifier) { continue; } DERIA5String der_str = DERIA5String.getInstance((ASN1TaggedObject) gn.toASN1Primitive(), false); url = der_str.getString(); Log.d(TAG, "url=" + url); } } return url; }
From source file:net.sf.dsig.verify.OCSPHelper.java
License:Apache License
/** * Retrieve the OCSP URI distribution point from an X.509 certificate, using * the 1.3.6.1.5.5.7.1.1 extension value * // w ww.j a v a2s. com * @param certificate the {@link X509Certificate} object * @return a String containing the URI of the OCSP authority info access, * or null if none can be found */ public static String getOCSPAccessLocationUri(X509Certificate certificate) { try { byte[] derAiaBytes = certificate.getExtensionValue(OID_AUTHORITYINFOACCESS); if (derAiaBytes == null) { return null; } ASN1InputStream ais = new ASN1InputStream(derAiaBytes); DEROctetString dos = (DEROctetString) ais.readObject(); ais.close(); ais = new ASN1InputStream(dos.getOctets()); DERSequence seq = (DERSequence) ais.readObject(); ais.close(); AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(seq); for (int i = 0; i < aia.getAccessDescriptions().length; i++) { AccessDescription ad = aia.getAccessDescriptions()[i]; if (!ad.getAccessMethod().equals(AccessDescription.id_ad_ocsp)) { continue; } GeneralName gn = ad.getAccessLocation(); if (gn.getTagNo() == GeneralName.uniformResourceIdentifier) { return ((DERString) gn.getName()).getString(); } } } catch (IOException e) { logger.warn("ASN.1 decoding failed; will fall back to default OCSP AccessLocation, if set"); } return null; }
From source file:net.sf.dsig.verify.X509CRLHelper.java
License:Apache License
/** * Retrieve the CRL URI distribution point from an X.509 certificate, using * the 2.5.29.31 extension value// www. ja v a2 s.c o m * * @param certificate an {@link X509Certificate} object * @return a String containing the URI of the CRL distribution point, or * null if none can be found */ public static String getCRLDistributionPointUri(X509Certificate certificate) { byte[] derCdpBytes = certificate.getExtensionValue(OID_CRLDISTRIBUTIONPOINTS); if (derCdpBytes == null) { return null; } try { ASN1InputStream ais = new ASN1InputStream(derCdpBytes); DEROctetString dos = (DEROctetString) ais.readObject(); ais.close(); ais = new ASN1InputStream(dos.getOctets()); DERSequence seq = (DERSequence) ais.readObject(); ais.close(); CRLDistPoint cdp = new CRLDistPoint(seq); for (int i = 0; i < cdp.getDistributionPoints().length; i++) { DistributionPoint dp = cdp.getDistributionPoints()[i]; DistributionPointName dpn = dp.getDistributionPoint(); GeneralNames gns = (GeneralNames) dpn.getName(); for (int j = 0; j < gns.getNames().length; j++) { GeneralName gn = gns.getNames()[j]; if (gn.getTagNo() == GeneralName.uniformResourceIdentifier) { return ((DERString) gn.getName()).getString(); } } } } catch (IOException e) { logger.warn("ASN.1 decoding failed; will fall back to default CRL DistributionPoint, if set"); } return null; }
From source file:net.sf.jsignpdf.crl.CRLInfo.java
License:Mozilla Public License
/** * Returns (initialized, but maybe empty) set of URLs of CRLs for given * certificate./*from www . jav a 2 s .c o m*/ * * @param aCert * X509 certificate. * @return */ private Set<String> getCrlUrls(final X509Certificate aCert) { final Set<String> tmpResult = new HashSet<String>(); LOGGER.info(RES.get("console.crlinfo.retrieveCrlUrl", aCert.getSubjectX500Principal().getName())); final byte[] crlDPExtension = aCert.getExtensionValue(X509Extension.cRLDistributionPoints.getId()); if (crlDPExtension != null) { CRLDistPoint crlDistPoints = null; try { crlDistPoints = CRLDistPoint.getInstance(X509ExtensionUtil.fromExtensionValue(crlDPExtension)); } catch (IOException e) { LOGGER.warn("", e); } if (crlDistPoints != null) { final DistributionPoint[] distPoints = crlDistPoints.getDistributionPoints(); distPoint: for (DistributionPoint dp : distPoints) { final DistributionPointName dpName = dp.getDistributionPoint(); final GeneralNames generalNames = (GeneralNames) dpName.getName(); if (generalNames != null) { final GeneralName[] generalNameArr = generalNames.getNames(); if (generalNameArr != null) { for (final GeneralName generalName : generalNameArr) { if (generalName.getTagNo() == GeneralName.uniformResourceIdentifier) { final DERString derString = (DERString) generalName.getName(); final String uri = derString.getString(); if (uri != null && uri.startsWith("http")) { // ||uri.startsWith("ftp") LOGGER.info(RES.get("console.crlinfo.foundCrlUri", uri)); tmpResult.add(uri); continue distPoint; } } } } LOGGER.info(RES.get("console.crlinfo.noUrlInDistPoint")); } } } } else { LOGGER.info(RES.get("console.crlinfo.distPointNotSupported")); } return tmpResult; }
From source file:net.sf.keystore_explorer.crypto.x509.GeneralNameUtil.java
License:Open Source License
/** * Get string representation for General names that cannot cause a * IOException to be thrown. Unsupported are ediPartyName, otherName and * x400Address. Returns a blank string for these. * * @param generalName//from www . ja v a 2 s.com * General name * @param addLinkForURI * If true, convert URI to a clickable link * @return String representation of general name */ public static String safeToString(GeneralName generalName, boolean addLinkForURI) { if (generalName == null) { return ""; } switch (generalName.getTagNo()) { case GeneralName.directoryName: { X500Name directoryName = (X500Name) generalName.getName(); return MessageFormat.format(res.getString("GeneralNameUtil.DirectoryGeneralName"), directoryName.toString()); } case GeneralName.dNSName: { DERIA5String dnsName = (DERIA5String) generalName.getName(); return MessageFormat.format(res.getString("GeneralNameUtil.DnsGeneralName"), dnsName.getString()); } case GeneralName.iPAddress: { byte[] ipAddressBytes = ((ASN1OctetString) generalName.getName()).getOctets(); String ipAddressString = ""; try { ipAddressString = InetAddress.getByAddress(ipAddressBytes).getHostAddress(); } catch (UnknownHostException e) { // ignore -> results in empty IP address string } return MessageFormat.format(res.getString("GeneralNameUtil.IpAddressGeneralName"), ipAddressString); } case GeneralName.registeredID: { ASN1ObjectIdentifier registeredId = (ASN1ObjectIdentifier) generalName.getName(); return MessageFormat.format(res.getString("GeneralNameUtil.RegisteredIdGeneralName"), ObjectIdUtil.toString(registeredId)); } case GeneralName.rfc822Name: { DERIA5String rfc822Name = (DERIA5String) generalName.getName(); return MessageFormat.format(res.getString("GeneralNameUtil.Rfc822GeneralName"), rfc822Name.getString()); } case GeneralName.uniformResourceIdentifier: { DERIA5String uri = (DERIA5String) generalName.getName(); String link = addLinkForURI ? "<html><a href=\"" + uri.getString() + "\">" + uri.getString() + "</a></html>" : uri.getString(); return MessageFormat.format(res.getString("GeneralNameUtil.UriGeneralName"), link); } case GeneralName.otherName: { // we currently only support UPN in otherName String upn = parseUPN(generalName); return MessageFormat.format(res.getString("GeneralNameUtil.OtherGeneralName"), "UPN", upn); } default: { return ""; } } }