List of usage examples for org.bouncycastle.jce.provider X509CertificateObject getEncoded
public byte[] getEncoded() throws CertificateEncodingException
From source file:org.italiangrid.voms.asn1.VOMSACUtils.java
License:Apache License
/** * Deserializes the VOMS ACCerts extension * //from w w w. j av a 2 s . c o m * @param ac * the VOMS {@link X509AttributeCertificateHolder} * @return the parsed array of {@link X509Certificate} */ private static X509Certificate[] deserializeACCerts(X509AttributeCertificateHolder ac) { List<X509Certificate> certs = new ArrayList<X509Certificate>(); X509Extension e = ac.getExtension(VOMS_CERTS_OID); if (e == null) return null; ASN1Sequence certSeq = (ASN1Sequence) e.getParsedValue(); if (certSeq.size() != 1) raiseACNonConformantError("unsupported accerts format."); // Down one level certSeq = (ASN1Sequence) certSeq.getObjectAt(0); @SuppressWarnings("unchecked") Enumeration<DERSequence> encodedCerts = certSeq.getObjects(); CertificateFactory cf = null; try { cf = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME); } catch (Exception ex) { throw new VOMSError("Certificate factory creation error: " + ex.getMessage(), ex); } while (encodedCerts.hasMoreElements()) { DERSequence s = encodedCerts.nextElement(); X509CertificateObject certObj = null; byte[] certData = null; X509Certificate theCert = null; try { certObj = new X509CertificateObject( X509CertificateStructure.getInstance(ASN1Sequence.getInstance(s))); certData = certObj.getEncoded(); theCert = (X509Certificate) cf.generateCertificate(new ByteArrayInputStream(certData)); } catch (CertificateParsingException ex) { throw new VOMSError("Certificate parsing error: " + ex.getMessage(), ex); } catch (CertificateEncodingException ex) { throw new VOMSError("Certificate encoding error: " + ex.getMessage(), ex); } catch (CertificateException ex) { throw new VOMSError("Error generating certificate from parsed data: " + ex.getMessage(), ex); } certs.add(theCert); } return certs.toArray(new X509Certificate[certs.size()]); }
From source file:org.jmrtd.lds.SignedDataUtil.java
License:Open Source License
public static X509Certificate getDocSigningCertificate(SignedData signedData) throws CertificateException { byte[] certSpec = null; ASN1Set certs = signedData.getCertificates(); if (certs == null || certs.size() <= 0) { return null; }/*from w ww . ja va 2 s. com*/ if (certs.size() != 1) { LOGGER.warning("Found " + certs.size() + " certificates"); } X509CertificateObject certObject = null; for (int i = 0; i < certs.size(); i++) { org.bouncycastle.asn1.x509.Certificate certAsASN1Object = org.bouncycastle.asn1.x509.Certificate .getInstance((ASN1Sequence) certs.getObjectAt(i)); certObject = new X509CertificateObject(certAsASN1Object); // NOTE: >= BC 1.48 // certObject = new X509CertificateObject(X509CertificateStructure.getInstance(certAsASN1Object)); // NOTE: <= BC 1.47 certSpec = certObject.getEncoded(); } /* * NOTE: we could have just returned that X509CertificateObject here, * but by reconstructing it using the client's default provider we hide * the fact that we're using BC. */ try { CertificateFactory factory = CertificateFactory.getInstance("X.509"); X509Certificate cert = (X509Certificate) factory .generateCertificate(new ByteArrayInputStream(certSpec)); return cert; } catch (Exception e) { /* NOTE: Reconstructing using preferred provider didn't work?!?! */ return certObject; } }