Example usage for org.bouncycastle.asn1.x509 X509Extension targetInformation

List of usage examples for org.bouncycastle.asn1.x509 X509Extension targetInformation

  1. HOME
  2. Java
  3. org.bouncycastle
  4. org.bouncycastle.asn1.x509.*
  5. X509Extension
  6. targetInformation

Introduction

In this page you can find the example usage for org.bouncycastle.asn1.x509 X509Extension targetInformation.

Prototype

ASN1ObjectIdentifier targetInformation

To view the source code for org.bouncycastle.asn1.x509 X509Extension targetInformation.

Click Source Link

Document

TargetInformation extension in attribute certificates.

Usage

From source file:org.italiangrid.voms.asn1.VOMSACGenerator.java

License:Apache License

public X509AttributeCertificateHolder generateVOMSAttributeCertificate(
        EnumSet<ACGenerationProperties> generationProperties, List<String> fqans,
        List<VOMSGenericAttribute> gas, List<String> targets, X509Certificate holderCert,
        BigInteger serialNumber, Date notBefore, Date notAfter, String voName, String host, int port) {

    AttributeCertificateHolder holder = null;
    AttributeCertificateIssuer issuer = null;

    try {/*from ww w.  java2  s . com*/

        holder = buildHolder(holderCert);
        issuer = buildIssuer();

    } catch (CertificateEncodingException e) {
        throw new VOMSError(e.getMessage(), e);
    }

    X509v2AttributeCertificateBuilder builder = new X509v2AttributeCertificateBuilder(holder, issuer,
            serialNumber, notBefore, notAfter);

    GeneralName policyAuthorityInfo = buildPolicyAuthorityInfo(voName, host, port);

    builder.addAttribute(VOMS_FQANS_OID, buildFQANsAttributeContent(fqans, policyAuthorityInfo));

    if (gas != null && !gas.isEmpty())
        builder.addExtension(VOMS_GENERIC_ATTRS_OID, false,
                buildGAExtensionContent(generationProperties, gas, policyAuthorityInfo));

    if (targets != null && !targets.isEmpty())
        builder.addExtension(X509Extension.targetInformation, true,
                buildTargetsExtensionContent(generationProperties, targets));

    if (!generationProperties.contains(ACGenerationProperties.SKIP_AC_CERTS_EXTENSION))
        builder.addExtension(VOMS_CERTS_OID, false, buildACCertsExtensionContent(generationProperties));

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_FAKE_CRITICAL_EXTENSION))
        builder.addExtension(FAKE_EXT_OID, true, new DERSequence());

    boolean noRevAvailIsCritical = false;
    boolean akidIsCritical = false;

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_NO_REV_AVAIL_EXTENSION))
        noRevAvailIsCritical = true;

    if (generationProperties.contains(ACGenerationProperties.INCLUDE_CRITICAL_AKID_EXTENSION))
        akidIsCritical = true;

    builder.addExtension(X509Extension.noRevAvail, noRevAvailIsCritical, new DERNull());

    AuthorityKeyIdentifier akid = buildAuthorityKeyIdentifier();

    builder.addExtension(X509Extension.authorityKeyIdentifier, akidIsCritical,
            akid != null ? akid : new DERNull());

    return builder.build(getSigner(generationProperties));

}

From source file:org.italiangrid.voms.asn1.VOMSACUtils.java

License:Apache License

@SuppressWarnings("rawtypes")
private static List<String> deserializeACTargets(X509AttributeCertificateHolder ac) {

    List<String> targets = new ArrayList<String>();

    X509Extension targetExtension = ac.getExtension(X509Extension.targetInformation);

    if (targetExtension == null)
        return targets;

    TargetInformation ti = TargetInformation.getInstance((ASN1Sequence) targetExtension.getParsedValue());

    // Only one Targets according to RFC 3281
    Targets asn1TargetContainer = ti.getTargetsObjects()[0];

    // The deserialization has to be done by hand since it seems VOMS
    // does not correctly encode the ACTargets extension...
    ASN1Sequence targetSequence = (ASN1Sequence) asn1TargetContainer.getDERObject();
    Target[] asn1Targets = new Target[targetSequence.size()];

    int count = 0;

    for (Enumeration e = targetSequence.getObjects(); e.hasMoreElements();) {

        // There's one sequence more than expected here that makes
        // the bc constructor fail...
        ASN1Sequence seq = (ASN1Sequence) e.nextElement();
        ASN1TaggedObject val = (ASN1TaggedObject) seq.getObjectAt(0);
        asn1Targets[count++] = Target.getInstance(val);
    }/* w ww  .  j  av  a2s  .c o  m*/

    // Extract the actual string
    for (Target t : asn1Targets) {

        GeneralName targetURI = t.getTargetName();

        if (targetURI.getTagNo() != GeneralName.uniformResourceIdentifier)
            raiseACNonConformantError("wrong AC target extension encoding. Only URI targets are supported.");

        String targetString = ((DERIA5String) targetURI.getName()).getString();
        targets.add(targetString);
    }
    return targets;
}