Java Code Examples for org.bouncycastle.asn1.x509.AuthorityInformationAccess

The following are top voted examples for showing how to use org.bouncycastle.asn1.x509.AuthorityInformationAccess. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: ipack   File: PKIXCertPathReviewer.java   View source code 6 votes vote down vote up
protected Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
{
    Vector urls = new Vector();
    
    if (authInfoAccess != null)
    {
        AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
        for (int i = 0; i < ads.length; i++)
        {
            if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
            {
                GeneralName name = ads[i].getAccessLocation();
                if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
                {
                    String url = ((DERIA5String) name.getName()).getString();
                    urls.add(url);
                }
            }
        }
    }
    
    return urls;
}
 
Example 2
Project: signer   File: BasicCertificate.java   View source code 6 votes vote down vote up
/**
    * Returns the AuthorityInfoAccess extension value on list format.<br>
    * Otherwise, returns <b>list empty</b>.<br>
    * @return List Authority info access list
    */
public List<String> getAuthorityInfoAccess() {
	List<String> address = new ArrayList<String>();
	try {
		byte[] authorityInfoAccess = certificate.getExtensionValue(Extension.authorityInfoAccess.getId());
		if (authorityInfoAccess != null && authorityInfoAccess.length > 0) {
			AuthorityInformationAccess infoAccess = AuthorityInformationAccess.getInstance(X509ExtensionUtil
					.fromExtensionValue(authorityInfoAccess));
			for (AccessDescription desc : infoAccess.getAccessDescriptions())
				if (desc.getAccessLocation().getTagNo() == GeneralName.uniformResourceIdentifier)
					address.add(((DERIA5String) desc.getAccessLocation().getName()).getString());
		}
		return address;
	} catch (IOException error) {
		logger.info(error.getMessage());
		return address;
	}
}
 
Example 3
Project: Aki-SSL   File: PKIXCertPathReviewer.java   View source code 6 votes vote down vote up
protected Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
{
    Vector urls = new Vector();
    
    if (authInfoAccess != null)
    {
        AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
        for (int i = 0; i < ads.length; i++)
        {
            if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
            {
                GeneralName name = ads[i].getAccessLocation();
                if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
                {
                    String url = ((DERIA5String) name.getName()).getString();
                    urls.add(url);
                }
            }
        }
    }
    
    return urls;
}
 
Example 4
Project: signer-source   File: DerEncoder.java   View source code 6 votes vote down vote up
public static void extractAuthorityInformationAccess(List<String> OCSPUrl,
		DERObject aiaExt) {
	AuthorityInformationAccess aia = AuthorityInformationAccess
			.getInstance(aiaExt);
	AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
	DERObjectIdentifier OCSPOid = new DERObjectIdentifier(
			"1.3.6.1.5.5.7.48.1"); //$NON-NLS-1$
	for (AccessDescription accessDescription : accessDescriptions) {
		GeneralName generalName = accessDescription.getAccessLocation();
		String nextName = generalName.getName().toString();
		DERObjectIdentifier acessMethod = accessDescription
				.getAccessMethod();
		if (acessMethod.equals(OCSPOid)) {
			OCSPUrl.add(nextName);
		}
	}
}
 
Example 5
Project: signer-source   File: DerEncoder.java   View source code 6 votes vote down vote up
public static void extractAuthorityInformationAccess(List<String> OCSPUrl,
		ASN1Primitive aiaExt) {
	AuthorityInformationAccess aia = AuthorityInformationAccess
			.getInstance(aiaExt);
	AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
	DERObjectIdentifier OCSPOid = new DERObjectIdentifier(
			"1.3.6.1.5.5.7.48.1"); //$NON-NLS-1$
	for (AccessDescription accessDescription : accessDescriptions) {
		GeneralName generalName = accessDescription.getAccessLocation();
		String nextName = generalName.getName().toString();
		DERObjectIdentifier acessMethod = accessDescription
				.getAccessMethod();
		if (acessMethod.equals(OCSPOid)) {
			OCSPUrl.add(nextName);
		}
	}
}
 
Example 6
Project: dss   File: DSSASN1Utils.java   View source code 6 votes vote down vote up
private static List<String> getAccessLocations(final CertificateToken certificate, ASN1ObjectIdentifier aiaType) {
	List<String> locationsUrls = new ArrayList<String>();
	final byte[] authInfoAccessExtensionValue = certificate.getCertificate().getExtensionValue(Extension.authorityInfoAccess.getId());
	if (null == authInfoAccessExtensionValue) {
		return locationsUrls;
	}

	try {
		ASN1Sequence asn1Sequence = DSSASN1Utils.getAsn1SequenceFromDerOctetString(authInfoAccessExtensionValue);
		AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(asn1Sequence);
		AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions();
		for (AccessDescription accessDescription : accessDescriptions) {
			if (aiaType.equals(accessDescription.getAccessMethod())) {
				GeneralName gn = accessDescription.getAccessLocation();
				String location = parseGn(gn);
				if (location != null) {
					locationsUrls.add(location);
				}
			}
		}
	} catch (Exception e) {
		LOG.error("Unable to parse authorityInfoAccess", e);
	}
	return locationsUrls;
}
 
Example 7
Project: CryptMeme   File: PKIXCertPathReviewer.java   View source code 6 votes vote down vote up
protected Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
{
    Vector urls = new Vector();
    
    if (authInfoAccess != null)
    {
        AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
        for (int i = 0; i < ads.length; i++)
        {
            if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
            {
                GeneralName name = ads[i].getAccessLocation();
                if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
                {
                    String url = ((DERIA5String) name.getName()).getString();
                    urls.add(url);
                }
            }
        }
    }
    
    return urls;
}
 
Example 8
Project: xipki   File: ExtensionsChecker.java   View source code 6 votes vote down vote up
private void checkExtensionAuthorityInfoAccess(StringBuilder failureMsg,
        byte[] extensionValue, X509IssuerInfo issuerInfo) {
    AuthorityInfoAccessControl aiaControl = certProfile.aiaControl();
    Set<String> expCaIssuerUris = (aiaControl == null || aiaControl.includesCaIssuers())
            ? issuerInfo.caIssuerUrls() : Collections.emptySet();

    Set<String> expOcspUris = (aiaControl == null || aiaControl.includesOcsp())
            ? issuerInfo.ocspUrls() : Collections.emptySet();

    if (CollectionUtil.isEmpty(expCaIssuerUris) && CollectionUtil.isEmpty(expOcspUris)) {
        failureMsg.append("AIA is present but expected is 'none'; ");
        return;
    }

    AuthorityInformationAccess isAia = AuthorityInformationAccess.getInstance(extensionValue);
    checkAia(failureMsg, isAia, X509ObjectIdentifiers.id_ad_caIssuers, expCaIssuerUris);
    checkAia(failureMsg, isAia, X509ObjectIdentifiers.id_ad_ocsp, expOcspUris);
}
 
Example 9
Project: irma_future_id   File: PKIXCertPathReviewer.java   View source code 6 votes vote down vote up
protected Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
{
    Vector urls = new Vector();
    
    if (authInfoAccess != null)
    {
        AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
        for (int i = 0; i < ads.length; i++)
        {
            if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
            {
                GeneralName name = ads[i].getAccessLocation();
                if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
                {
                    String url = ((DERIA5String) name.getName()).getString();
                    urls.add(url);
                }
            }
        }
    }
    
    return urls;
}
 
Example 10
Project: bc-java   File: PKIXCertPathReviewer.java   View source code 6 votes vote down vote up
protected Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
{
    Vector urls = new Vector();
    
    if (authInfoAccess != null)
    {
        AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
        for (int i = 0; i < ads.length; i++)
        {
            if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
            {
                GeneralName name = ads[i].getAccessLocation();
                if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
                {
                    String url = ((DERIA5String) name.getName()).getString();
                    urls.add(url);
                }
            }
        }
    }
    
    return urls;
}
 
Example 11
Project: gwt-crypto   File: ServiceLocator.java   View source code 5 votes vote down vote up
private ServiceLocator(ASN1Sequence sequence)
{
    this.issuer = X500Name.getInstance(sequence.getObjectAt(0));
    if (sequence.size() == 2)
    {
        this.locator = AuthorityInformationAccess.getInstance(sequence.getObjectAt(1));
    }
    else
    {
        this.locator = null;

    }
}
 
Example 12
Project: portecle   File: X509Ext.java   View source code 5 votes vote down vote up
/**
 * Get Authority Information Access (1.3.6.1.5.5.7.1.1) or Subject Information Access (1.3.6.1.5.5.7.1.11) extension
 * value as a string.
 * 
 * @param bValue The octet string value
 * @return Extension value as a string
 * @throws IOException If an I/O problem occurs
 */
private String getInformationAccessStringValue(byte[] bValue)
    throws IOException
{
	AuthorityInformationAccess access = AuthorityInformationAccess.getInstance(bValue);

	StringBuilder sb = new StringBuilder();

	AccessDescription[] accDescs = access.getAccessDescriptions();
	for (AccessDescription accDesc : accDescs)
	{
		if (sb.length() != 0)
		{
			sb.append("<br>");
		}

		String accOid = accDesc.getAccessMethod().toString();
		String accMeth = getRes(accOid, "UnrecognisedAccessMethod");

		LinkClass linkClass = LinkClass.BROWSER;
		if (accOid.equals(AccessDescription.id_ad_ocsp.getId()))
		{
			linkClass = LinkClass.OCSP;
		}
		else if (accOid.equals(AccessDescription.id_ad_caIssuers.getId()))
		{
			linkClass = LinkClass.CERTIFICATE;
		}

		sb.append("<ul><li>");
		sb.append(MessageFormat.format(accMeth, accOid));
		sb.append(": <ul><li>");
		sb.append(getGeneralNameString(accDesc.getAccessLocation(), linkClass));
		sb.append("</li></ul></li></ul>");
	}

	return sb.toString();
}
 
Example 13
Project: Aki-SSL   File: ServiceLocator.java   View source code 5 votes vote down vote up
private ServiceLocator(ASN1Sequence sequence)
{
    this.issuer = X500Name.getInstance(sequence.getObjectAt(0));
    if (sequence.size() == 2)
    {
        this.locator = AuthorityInformationAccess.getInstance(sequence.getObjectAt(1));
    }
    else
    {
        this.locator = null;

    }
}
 
Example 14
Project: keystore-explorer   File: DAuthorityInformationAccess.java   View source code 5 votes vote down vote up
private void prepopulateWithValue(byte[] value) throws IOException {
	AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(value);

	List<AccessDescription> accessDescriptionList =
			new ArrayList<AccessDescription>(Arrays.asList(authorityInformationAccess.getAccessDescriptions()));

	jadAccessDescriptions.setAccessDescriptions(accessDescriptionList);
}
 
Example 15
Project: keystore-explorer   File: DAuthorityInformationAccess.java   View source code 5 votes vote down vote up
private void okPressed() {
	List<AccessDescription> accessDescriptions = jadAccessDescriptions.getAccessDescriptions();

	if (accessDescriptions.size() == 0) {
		JOptionPane.showMessageDialog(this, res.getString("DAuthorityInformationAccess.ValueReq.message"),
				getTitle(), JOptionPane.WARNING_MESSAGE);
		return;
	}

	ASN1EncodableVector vec = new ASN1EncodableVector();
	for (AccessDescription accessDescription : accessDescriptions) {
		vec.add(accessDescription);
	}
	AuthorityInformationAccess authorityInformationAccess =
			AuthorityInformationAccess.getInstance(new DERSequence(vec));

	try {
		value = authorityInformationAccess.getEncoded(ASN1Encoding.DER);
	} catch (IOException ex) {
		DError dError = new DError(this, ex);
		dError.setLocationRelativeTo(this);
		dError.setVisible(true);
		return;
	}

	closeDialog();
}
 
Example 16
Project: signer-source   File: DerEncoder.java   View source code 5 votes vote down vote up
public static void extractAuthorityInformationAccess(List<String> OCSPUrl,
		ASN1Primitive aiaExt) {
	AuthorityInformationAccess aia = AuthorityInformationAccess.getInstance(aiaExt);
	AccessDescription[] accessDescriptions = aia.getAccessDescriptions();
	DERObjectIdentifier OCSPOid = new DERObjectIdentifier(
			"1.3.6.1.5.5.7.48.1"); //$NON-NLS-1$
	for (AccessDescription accessDescription : accessDescriptions) {
		GeneralName generalName = accessDescription.getAccessLocation();
		String nextName = generalName.getName().toString();
		ASN1ObjectIdentifier acessMethod = accessDescription.getAccessMethod();
		if (acessMethod.equals(OCSPOid)) {
			OCSPUrl.add(nextName);
		}
	}
}
 
Example 17
Project: acme-client   File: X509Utils.java   View source code 5 votes vote down vote up
public static String getCACertificateURL(X509Certificate certificate) throws IOException {
	byte[] bOctets = ((ASN1OctetString) ASN1Primitive.fromByteArray(certificate.getExtensionValue(Extension.authorityInfoAccess.getId()))).getOctets();
	AuthorityInformationAccess access = AuthorityInformationAccess.getInstance(ASN1Sequence.fromByteArray(bOctets));
	for (AccessDescription ad:access.getAccessDescriptions()){
		if (ad.getAccessMethod().equals(X509ObjectIdentifiers.id_ad_caIssuers)){
			return ad.getAccessLocation().getName().toString();
		}
	}
	return null;
}
 
Example 18
Project: jtrust   File: OcspTrustLinker.java   View source code 5 votes vote down vote up
private URI getAccessLocation(X509Certificate certificate,
		ASN1ObjectIdentifier accessMethod) throws IOException,
		URISyntaxException {
	byte[] authInfoAccessExtensionValue = certificate
			.getExtensionValue(Extension.authorityInfoAccess.getId());
	if (null == authInfoAccessExtensionValue) {
		return null;
	}
	AuthorityInformationAccess authorityInformationAccess;
	DEROctetString oct = (DEROctetString) (new ASN1InputStream(
			new ByteArrayInputStream(authInfoAccessExtensionValue))
			.readObject());
	authorityInformationAccess = AuthorityInformationAccess
			.getInstance(new ASN1InputStream(oct.getOctets()).readObject());
	AccessDescription[] accessDescriptions = authorityInformationAccess
			.getAccessDescriptions();
	for (AccessDescription accessDescription : accessDescriptions) {
		LOG.debug("access method: " + accessDescription.getAccessMethod());
		boolean correctAccessMethod = accessDescription.getAccessMethod()
				.equals(accessMethod);
		if (!correctAccessMethod) {
			continue;
		}
		GeneralName gn = accessDescription.getAccessLocation();
		if (gn.getTagNo() != GeneralName.uniformResourceIdentifier) {
			LOG.debug("not a uniform resource identifier");
			continue;
		}
		DERIA5String str = DERIA5String.getInstance(gn.getName());
		String accessLocation = str.getString();
		LOG.debug("access location: " + accessLocation);
		URI uri = toURI(accessLocation);
		LOG.debug("access location URI: " + uri);
		return uri;
	}
	return null;
}
 
Example 19
Project: oxAuth   File: OCSPCertificateVerifier.java   View source code 5 votes vote down vote up
@SuppressWarnings({ "deprecation", "resource" })
private String getOCSPUrl(X509Certificate certificate) throws IOException {
	ASN1Primitive obj;
	try {
		obj = getExtensionValue(certificate, Extension.authorityInfoAccess.getId());
	} catch (IOException ex) {
		log.error("Failed to get OCSP URL", ex);
		return null;
	}

	if (obj == null) {
		return null;
	}

	AuthorityInformationAccess authorityInformationAccess = AuthorityInformationAccess.getInstance(obj);

	AccessDescription[] accessDescriptions = authorityInformationAccess.getAccessDescriptions();
	for (AccessDescription accessDescription : accessDescriptions) {
		boolean correctAccessMethod = accessDescription.getAccessMethod().equals(X509ObjectIdentifiers.ocspAccessMethod);
		if (!correctAccessMethod) {
			continue;
		}

		GeneralName name = accessDescription.getAccessLocation();
		if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
			continue;
		}

		DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
		return derStr.getString();
	}

	return null;

}
 
Example 20
Project: gwt-crypto   File: ServiceLocator.java   View source code 4 votes vote down vote up
public AuthorityInformationAccess getLocator()
{
    return locator;
}
 
Example 21
Project: Aki-SSL   File: ServiceLocator.java   View source code 4 votes vote down vote up
public AuthorityInformationAccess getLocator()
{
    return locator;
}
 
Example 22
Project: keystore-explorer   File: X509Ext.java   View source code 4 votes vote down vote up
private String getAuthorityInformationAccessStringValue(byte[] value) throws IOException {
	// @formatter:off

	/*
	 * AuthorityInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
	 * AccessDescription
	 *
	 * AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
	 * accessLocation GeneralName }
	 */

	// @formatter:on

	StringBuilder sb = new StringBuilder();

	AuthorityInformationAccess authorityInfoAccess = AuthorityInformationAccess.getInstance(value);

	int accessDesc = 0;

	for (AccessDescription accessDescription : authorityInfoAccess.getAccessDescriptions()) {
		accessDesc++;

		// Convert OID to access method
		ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();

		AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());

		String accessMethodStr = null;

		if (accessMethodType != null) {
			accessMethodStr = accessMethodType.friendly();
		} else {
			// Unrecognised Access Method OID
			accessMethodStr = ObjectIdUtil.toString(accessMethod);
		}

		GeneralName accessLocation = accessDescription.getAccessLocation();

		String accessLocationStr = GeneralNameUtil.toString(accessLocation);

		sb.append(MessageFormat.format(res.getString("AuthorityInformationAccess"), accessDesc));
		sb.append(NEWLINE);
		sb.append(INDENT);
		sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
		sb.append(NEWLINE);
		sb.append(INDENT);
		sb.append(res.getString("AccessLocation"));
		sb.append(NEWLINE);
		sb.append(INDENT.toString(2));
		sb.append(accessLocationStr);
		sb.append(NEWLINE);
	}

	return sb.toString();
}
 
Example 23
Project: xipki   File: ExtensionsChecker.java   View source code 4 votes vote down vote up
private static void checkAia(StringBuilder failureMsg, AuthorityInformationAccess aia,
        ASN1ObjectIdentifier accessMethod, Set<String> expectedUris) {
    String typeDesc;
    if (X509ObjectIdentifiers.id_ad_ocsp.equals(accessMethod)) {
        typeDesc = "OCSP";
    } else if (X509ObjectIdentifiers.id_ad_caIssuers.equals(accessMethod)) {
        typeDesc = "caIssuer";
    } else {
        typeDesc = accessMethod.getId();
    }

    List<AccessDescription> isAccessDescriptions = new LinkedList<>();
    for (AccessDescription accessDescription : aia.getAccessDescriptions()) {
        if (accessMethod.equals(accessDescription.getAccessMethod())) {
            isAccessDescriptions.add(accessDescription);
        }
    }

    int size = isAccessDescriptions.size();
    if (size != expectedUris.size()) {
        addViolation(failureMsg, "number of AIA " + typeDesc + " URIs",
                size, expectedUris.size());
        return;
    }

    Set<String> isUris = new HashSet<>();
    for (int i = 0; i < size; i++) {
        GeneralName isAccessLocation = isAccessDescriptions.get(i).getAccessLocation();
        if (isAccessLocation.getTagNo() != GeneralName.uniformResourceIdentifier) {
            addViolation(failureMsg, "tag of accessLocation of AIA ",
                    isAccessLocation.getTagNo(), GeneralName.uniformResourceIdentifier);
        } else {
            String isOcspUri = ((ASN1String) isAccessLocation.getName()).getString();
            isUris.add(isOcspUri);
        }
    }

    Set<String> diffs = strInBnotInA(expectedUris, isUris);
    if (CollectionUtil.isNonEmpty(diffs)) {
        failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
        failureMsg.append(" are present but not expected; ");
    }

    diffs = strInBnotInA(isUris, expectedUris);
    if (CollectionUtil.isNonEmpty(diffs)) {
        failureMsg.append(typeDesc).append(" URIs ").append(diffs.toString());
        failureMsg.append(" are absent but are required; ");
    }
}