List of usage examples for org.bouncycastle.asn1.x509 GeneralNames getInstance
public static GeneralNames getInstance(Object obj)
From source file:be.fedict.eid.pkira.crypto.csr.CSRInfo.java
License:Open Source License
public List<String> getSubjectAlternativeNames() throws CryptoException { List<String> result = new ArrayList<String>(); ASN1Set attributes = certificationRequest.getCertificationRequestInfo().getAttributes(); for (DERSet extension : getElementsFromASN1Set(attributes, CSR_EXTENSION_ATTRIBUTE_ID, DERSet.class)) { for (DEROctetString extensionValue : getElementsFromASN1Set(extension, X509Extension.subjectAlternativeName, DEROctetString.class)) { try { ASN1Object bytes = ASN1Object.fromByteArray(extensionValue.getOctets()); GeneralNames names = GeneralNames.getInstance(bytes); for (GeneralName name : names.getNames()) { if (name.getTagNo() == GeneralName.dNSName) { String theName = name.getName().toString(); if (theName.indexOf('*') != -1) { throw new CryptoException( "Subject Alternative Names are not allowed to contain wildcards."); }//from w w w . j a v a2s .co m result.add(theName); } else { throw new CryptoException( "Only Subject Alternative Name of type DNS is allowed in the CSR."); } } } catch (IOException e) { throw new CryptoException("Could not extract SAN value.", e); } } } return result; }
From source file:bluecrystal.bcdeps.helper.DerEncoder.java
License:Open Source License
public static List<String> getCrlDistributionPoints(byte[] crldpExt) throws CertificateParsingException, IOException { if (crldpExt == null) { return new ArrayList<String>(); }/*from w ww. j a va 2s. c o m*/ ASN1InputStream oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt)); ASN1Primitive derObjCrlDP = oAsnInStream.readObject(); DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.getOctets(); ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); ASN1Primitive derObj2 = oAsnInStream2.readObject(); CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2); List<String> crlUrls = new ArrayList<String>(); for (DistributionPoint dp : distPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (int j = 0; j < genNames.length; j++) { if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genNames[j].getName()).getString(); crlUrls.add(url); } } } } return crlUrls; }
From source file:com.infinities.keystone4j.ssl.CRLVerifier.java
License:Apache License
/** * Extracts all CRL distribution point URLs from the * "CRL Distribution Point" extension in a X.509 certificate. If CRL * distribution point extension is unavailable, returns an empty list. *///from w ww. j a v a 2 s . c o m public static List<String> getCrlDistributionPoints(X509Certificate cert) throws CertificateParsingException, IOException { byte[] crldpExt = cert.getExtensionValue(X509Extension.cRLDistributionPoints.getId()); if (crldpExt == null) { return new ArrayList<String>(); } ASN1InputStream oAsnInStream = null; ASN1InputStream oAsnInStream2 = null; try { oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt)); DERObject derObjCrlDP = oAsnInStream.readObject(); DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.getOctets(); oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); DERObject derObj2 = oAsnInStream2.readObject(); CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2); List<String> crlUrls = new ArrayList<String>(); for (DistributionPoint dp : distPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (int j = 0; j < genNames.length; j++) { if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genNames[j].getName()).getString(); crlUrls.add(url); } } } } return crlUrls; } finally { if (oAsnInStream != null) { oAsnInStream.close(); } if (oAsnInStream2 != null) { oAsnInStream2.close(); } } }
From source file:com.yacme.ext.oxsit.cust_it.security.crl.X509CertRL.java
License:Open Source License
public static String[] getCrlDistributionPoint(X509Certificate certificate) throws CertificateParsingException { try {/*from w ww . j a va2 s . co m*/ //trova i DP (OID="2.5.29.31") nel certificato DERObject obj = getExtensionValue(certificate, "2.5.29.31"); if (obj == null) { //nessun DP presente return null; } CRLDistPoint crldp = CRLDistPoint.getInstance(obj); DistributionPoint[] dp = crldp.getDistributionPoints(); String[] urls = new String[5]; int p = 0; for (int i = 0; i < dp.length; i++) { DistributionPointName dpn = dp[i].getDistributionPoint(); //custom toString if (dpn.getType() == DistributionPointName.FULL_NAME) { //stx = stx+"fullName:" + term; } else { //stx = stx+"nameRelativeToCRLIssuer:" + term; } GeneralNames gnx = GeneralNames.getInstance(dpn.getName()); GeneralName[] gn = gnx.getNames(); for (int y = 0; y < gn.length; y++) { String aNm = decodeAGeneralName(gn[y]); if (aNm != null) { urls[p++] = aNm; } } } return urls; } catch (Throwable e) { e.printStackTrace(); throw new CertificateParsingException(e.toString()); } }
From source file:com.zimbra.cs.service.authenticator.CertUtil.java
License:Open Source License
private void printCRLDistributionPoints(PrintStream outStream) throws Exception { outStream.format("X509v3 CRL Distribution Points: \n"); String extOid = X509Extension.cRLDistributionPoints.getId(); // 2.5.29.31 byte[] extVal = cert.getExtensionValue(extOid); if (extVal == null) { return;/* ww w . j a v a 2 s . c om*/ } /* http://download.oracle.com/javase/6/docs/api/java/security/cert/X509Extension.html#getExtensionValue(java.lang.String) * The ASN.1 definition for this is: Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension Extension ::= SEQUENCE { extnId OBJECT IDENTIFIER, critical BOOLEAN DEFAULT FALSE, extnValue OCTET STRING -- contains a DER encoding of a value -- of the type registered for use with -- the extnId object identifier value } */ byte[] extnValue = DEROctetString.getInstance(ASN1Object.fromByteArray(extVal)).getOctets(); CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(ASN1Object.fromByteArray(extnValue)); DistributionPoint[] distPoints = crlDistPoint.getDistributionPoints(); for (DistributionPoint distPoint : distPoints) { DistributionPointName distPointName = distPoint.getDistributionPoint(); int type = distPointName.getType(); if (DistributionPointName.FULL_NAME == type) { outStream.format("Full Name: \n"); GeneralNames generalNames = GeneralNames.getInstance(distPointName.getName()); GeneralName[] names = generalNames.getNames(); for (GeneralName generalname : names) { int tag = generalname.getTagNo(); if (GeneralName.uniformResourceIdentifier == tag) { DEREncodable name = generalname.getName(); DERIA5String str = DERIA5String.getInstance(name); String value = str.getString(); outStream.format(" %s\n", value); } else { outStream.format("tag %d not yet implemented", tag); } } } else { outStream.format("type %d not yet implemented", type); } } }
From source file:de.mendelson.util.security.cert.KeystoreCertificate.java
/** * Returns the subject alternative name of this cert, OID 2.5.29.17 */// w w w . j a va2 s .c om public List<String> getSubjectAlternativeNames() { List<String> alternativeNames = new ArrayList<String>(); byte[] extensionValue = this.certificate.getExtensionValue("2.5.29.17"); if (extensionValue == null) { return (alternativeNames); } try { byte[] octedBytes = ((ASN1OctetString) ASN1Primitive.fromByteArray(extensionValue)).getOctets(); GeneralName[] names = (GeneralNames.getInstance(ASN1Primitive.fromByteArray(octedBytes))).getNames(); for (GeneralName name : names) { alternativeNames.add(((ASN1String) name.getName()).getString() + " (" + this.generalNameTagNoToString(name) + ")"); } } catch (Exception e) { e.printStackTrace(); } return (alternativeNames); }
From source file:demo.sts.provider.cert.CRLVerifier.java
License:Apache License
/** * Extracts all CRL distribution point URLs from the * "CRL Distribution Point" extension in a X.509 certificate. If CRL * distribution point extension is unavailable, returns an empty list. */// w w w. jav a 2s . c o m public static List<String> getCrlDistributionPoints(X509Certificate cert) throws CertificateParsingException, IOException { byte[] crldpExt = cert.getExtensionValue(X509Extensions.CRLDistributionPoints.getId()); if (crldpExt == null) { return new ArrayList<String>(); } ASN1InputStream oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt)); DERObject derObjCrlDP = oAsnInStream.readObject(); DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP; byte[] crldpExtOctets = dosCrlDP.getOctets(); ASN1InputStream oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets)); DERObject derObj2 = oAsnInStream2.readObject(); CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2); List<String> crlUrls = new ArrayList<String>(); for (DistributionPoint dp : distPoint.getDistributionPoints()) { DistributionPointName dpn = dp.getDistributionPoint(); // Look for URIs in fullName if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) { GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames(); // Look for an URI for (int j = 0; j < genNames.length; j++) { if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = DERIA5String.getInstance(genNames[j].getName()).getString(); crlUrls.add(url); } } } } return crlUrls; }
From source file:eu.emi.security.authn.x509.helpers.pkipath.bc.FixedBCPKIXCertPathReviewer.java
License:Open Source License
protected Vector getCRLDistUrls(CRLDistPoint crlDistPoints) { Vector urls = new Vector(); if (crlDistPoints != null) { DistributionPoint[] distPoints = crlDistPoints.getDistributionPoints(); if (distPoints == null) return urls; for (int i = 0; i < distPoints.length; i++) { DistributionPointName dp_name = distPoints[i].getDistributionPoint(); if (dp_name != null && dp_name.getType() == DistributionPointName.FULL_NAME) { GeneralName[] generalNames = GeneralNames.getInstance(dp_name.getName()).getNames(); for (int j = 0; j < generalNames.length; j++) { if (generalNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) { String url = ((DERIA5String) generalNames[j].getName()).getString(); urls.add(url);/* w ww . j a v a 2 s. com*/ } } } } } return urls; }
From source file:eu.emi.security.authn.x509.helpers.proxy.ProxyTracingExtension.java
License:Open Source License
/** * Parses the information in the byte array (GeneralNames ASN1 sequence * of GeneralName) into a proxy tracing extension object. * /* w w w . j ava 2 s . c om*/ * @param bytes * The bytes of ASN1 encoded proxy tracing extension. * @throws IOException * In case the byte array does not contain a valid ASN1 * encoded proxy tracing extension. */ public ProxyTracingExtension(byte[] bytes) throws IOException { names = GeneralNames.getInstance(ASN1Primitive.fromByteArray(bytes)); name = names.getNames()[0]; }
From source file:mitm.common.security.certificate.AltNamesBuilder.java
License:Open Source License
/** * Builds a GeneralNames instance with the provided altNames * @return//from w w w. j a v a 2 s. c o m */ public GeneralNames buildAltNames() { ASN1EncodableVector listOfNames = new ASN1EncodableVector(); addGeneralNames(rfc822Names, AltNameType.RFC822NAME, listOfNames); addGeneralNames(dnsNames, AltNameType.DNSNAME, listOfNames); DERSequence derEncodedNames = new DERSequence(listOfNames); GeneralNames altNames = GeneralNames.getInstance(derEncodedNames); return altNames; }