List of usage examples for org.bouncycastle.asn1.x509 SubjectKeyIdentifier getInstance
public static SubjectKeyIdentifier getInstance(Object obj)
From source file:support.revocation.RevocationInfo.java
License:Apache License
/** * Creates a new <code>RevocationInfo</code> instance based on the given * certificate/*from w w w . j a va 2 s . c om*/ * @param certificate */ public RevocationInfo(Certificate certificate) { if (certificate instanceof X509Certificate) try { X509Certificate x509cert = (X509Certificate) certificate; // process Authority Information Access extension // to determine OCSP services AuthorityInformationAccess info = AuthorityInformationAccess .getInstance(certificateExtension(x509cert, Extension.authorityInfoAccess.getId())); if (info != null) for (AccessDescription desc : info.getAccessDescriptions()) if (desc.getAccessMethod().equals(AccessDescription.id_ad_ocsp)) { String url = urlFromGeneralName(desc.getAccessLocation()); if (url != null) ocsp.add(url); } ocsp = Collections.unmodifiableList(ocsp); // process CRL Distribution Points extension // to determine CRL services CRLDistPoint points = CRLDistPoint .getInstance(certificateExtension(x509cert, Extension.cRLDistributionPoints.getId())); if (points != null) for (DistributionPoint point : points.getDistributionPoints()) { // no support for CRLs issued from another CA GeneralNames crlIssuer = point.getCRLIssuer(); if (crlIssuer != null && !crlIssuer.equals(DERNull.INSTANCE)) continue; // no support for partial CRLs ReasonFlags reasons = point.getReasons(); if (reasons != null && !reasons.equals(DERNull.INSTANCE)) continue; // use all distribution points ASN1Encodable names = point.getDistributionPoint().getName(); if (names instanceof GeneralNames) for (GeneralName name : ((GeneralNames) names).getNames()) { String url = urlFromGeneralName(name); if (url != null) crl.add(url); } } crl = Collections.unmodifiableList(crl); // Authority Key Identifier AuthorityKeyIdentifier authorityKeyId = AuthorityKeyIdentifier .getInstance(certificateExtension(x509cert, Extension.authorityKeyIdentifier.getId())); if (authorityKeyId != null) { byte[] keyidentifier = authorityKeyId.getKeyIdentifier(); if (keyidentifier != null) { authorityKeyIdentifier = new ArrayList<>(keyidentifier.length); for (byte value : keyidentifier) authorityKeyIdentifier.add(value); authorityKeyIdentifier = Collections.unmodifiableList(authorityKeyIdentifier); } BigInteger serial = authorityKeyId.getAuthorityCertSerialNumber(); if (serial != null) authoritySerial = serial.toString(); } // Subject Key Identifier SubjectKeyIdentifier subjectKeyId = SubjectKeyIdentifier .getInstance(certificateExtension(x509cert, Extension.subjectKeyIdentifier.getId())); if (subjectKeyId != null) { byte[] keyidentifier = subjectKeyId.getKeyIdentifier(); if (keyidentifier != null) { subjectKeyIdentifier = new ArrayList<>(keyidentifier.length); for (byte value : keyidentifier) subjectKeyIdentifier.add(value); subjectKeyIdentifier = Collections.unmodifiableList(subjectKeyIdentifier); } } } catch (ClassCastException | IllegalArgumentException e) { e.printStackTrace(); } }