List of usage examples for org.bouncycastle.cert X509AttributeCertificateHolder getExtension
public Extension getExtension(ASN1ObjectIdentifier oid)
From source file:org.italiangrid.voms.asn1.VOMSACUtils.java
License:Apache License
@SuppressWarnings("rawtypes") private static List<String> deserializeACTargets(X509AttributeCertificateHolder ac) { List<String> targets = new ArrayList<String>(); X509Extension targetExtension = ac.getExtension(X509Extension.targetInformation); if (targetExtension == null) return targets; TargetInformation ti = TargetInformation.getInstance((ASN1Sequence) targetExtension.getParsedValue()); // Only one Targets according to RFC 3281 Targets asn1TargetContainer = ti.getTargetsObjects()[0]; // The deserialization has to be done by hand since it seems VOMS // does not correctly encode the ACTargets extension... ASN1Sequence targetSequence = (ASN1Sequence) asn1TargetContainer.getDERObject(); Target[] asn1Targets = new Target[targetSequence.size()]; int count = 0; for (Enumeration e = targetSequence.getObjects(); e.hasMoreElements();) { // There's one sequence more than expected here that makes // the bc constructor fail... ASN1Sequence seq = (ASN1Sequence) e.nextElement(); ASN1TaggedObject val = (ASN1TaggedObject) seq.getObjectAt(0); asn1Targets[count++] = Target.getInstance(val); }//ww w .j av a 2s. c om // Extract the actual string for (Target t : asn1Targets) { GeneralName targetURI = t.getTargetName(); if (targetURI.getTagNo() != GeneralName.uniformResourceIdentifier) raiseACNonConformantError("wrong AC target extension encoding. Only URI targets are supported."); String targetString = ((DERIA5String) targetURI.getName()).getString(); targets.add(targetString); } return targets; }
From source file:org.italiangrid.voms.asn1.VOMSACUtils.java
License:Apache License
/** * Deserializes the VOMS generic attributes * /*from w ww . j av a 2 s . c o m*/ * @param ac * the VOMS {@link X509AttributeCertificateHolder} * @return the {@link List} of {@link VOMSGenericAttribute} contained in the * ac */ private static List<VOMSGenericAttribute> deserializeGAs(X509AttributeCertificateHolder ac) { List<VOMSGenericAttribute> gas = new ArrayList<VOMSGenericAttribute>(); X509Extension gasExtension = ac.getExtension(VOMS_GENERIC_ATTRS_OID); if (gasExtension == null) return gas; // SEQUENCE of TagList - contains just one taglist element ASN1Sequence tagContainerSeq = (ASN1Sequence) gasExtension.getParsedValue(); if (tagContainerSeq.size() != 1) raiseACNonConformantError("unsupported generic attributes container format."); // TagList - this also should be a sigle element sequence ASN1Sequence tagListSeq = (ASN1Sequence) tagContainerSeq.getObjectAt(0); if (tagListSeq.size() > 1) raiseACNonConformantError("unsupported taglist format."); // This TagList sequence is empty, gLite 3.2 VOMS versions had a bug // that added the extension even there were no attributes encoded... if (tagListSeq.size() == 0) return gas; // Down one level tagListSeq = (ASN1Sequence) tagListSeq.getObjectAt(0); // TODO: check policyAuthority!! // GeneralNames policyAuthority = // GeneralNames.getInstance(tagListSeq.getObjectAt(0)); // tags SEQUENCE OF Tag ASN1Sequence tags = (ASN1Sequence) tagListSeq.getObjectAt(1); @SuppressWarnings("unchecked") Enumeration<ASN1Sequence> e = tags.getObjects(); while (e.hasMoreElements()) { ASN1Sequence theActualTag = e.nextElement(); if (theActualTag.size() != 3) raiseACNonConformantError("unsupported tag format."); VOMSGenericAttributeImpl attribute = new VOMSGenericAttributeImpl(); attribute.setName(new String(DEROctetString.getInstance(theActualTag.getObjectAt(0)).getOctets())); attribute.setValue(new String(DEROctetString.getInstance(theActualTag.getObjectAt(1)).getOctets())); attribute.setContext(new String(DEROctetString.getInstance(theActualTag.getObjectAt(2)).getOctets())); gas.add(attribute); } return gas; }
From source file:org.italiangrid.voms.asn1.VOMSACUtils.java
License:Apache License
/** * Deserializes the VOMS ACCerts extension * //from w ww . j a v a2s .com * @param ac * the VOMS {@link X509AttributeCertificateHolder} * @return the parsed array of {@link X509Certificate} */ private static X509Certificate[] deserializeACCerts(X509AttributeCertificateHolder ac) { List<X509Certificate> certs = new ArrayList<X509Certificate>(); X509Extension e = ac.getExtension(VOMS_CERTS_OID); if (e == null) return null; ASN1Sequence certSeq = (ASN1Sequence) e.getParsedValue(); if (certSeq.size() != 1) raiseACNonConformantError("unsupported accerts format."); // Down one level certSeq = (ASN1Sequence) certSeq.getObjectAt(0); @SuppressWarnings("unchecked") Enumeration<DERSequence> encodedCerts = certSeq.getObjects(); CertificateFactory cf = null; try { cf = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME); } catch (Exception ex) { throw new VOMSError("Certificate factory creation error: " + ex.getMessage(), ex); } while (encodedCerts.hasMoreElements()) { DERSequence s = encodedCerts.nextElement(); X509CertificateObject certObj = null; byte[] certData = null; X509Certificate theCert = null; try { certObj = new X509CertificateObject( X509CertificateStructure.getInstance(ASN1Sequence.getInstance(s))); certData = certObj.getEncoded(); theCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(certData)); } catch (CertificateParsingException ex) { throw new VOMSError("Certificate parsing error: " + ex.getMessage(), ex); } catch (CertificateEncodingException ex) { throw new VOMSError("Certificate encoding error: " + ex.getMessage(), ex); } catch (CertificateException ex) { throw new VOMSError("Error generating certificate from parsed data: " + ex.getMessage(), ex); } certs.add(theCert); } return certs.toArray(new X509Certificate[certs.size()]); }
From source file:org.xipki.commons.security.util.X509Util.java
License:Open Source License
public static byte[] getCoreExtValue(final X509AttributeCertificateHolder cert, final ASN1ObjectIdentifier type) throws CertificateEncodingException { ParamUtil.requireNonNull("cert", cert); ParamUtil.requireNonNull("type", type); Extension ext = cert.getExtension(type); if (ext == null) { return null; }//w w w. j a v a 2 s .co m return ext.getExtnValue().getOctets(); }