Java Code Examples for org.bouncycastle.asn1.x509.TBSCertificateStructure

The following are top voted examples for showing how to use org.bouncycastle.asn1.x509.TBSCertificateStructure. These examples are extracted from open source projects. You can vote up the examples you like and your votes will be used in our system to generate more good examples.
Example 1
Project: ipack   File: PrincipalUtil.java   View source code 7 votes vote down vote up
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 2
Project: ipack   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 3
Project: itext2   File: PdfPublicKeySecurityHandler.java   View source code 6 votes vote down vote up
private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0)
    throws GeneralSecurityException, IOException
{
    ASN1InputStream asn1inputstream = 
        new ASN1InputStream(new ByteArrayInputStream(x509certificate.getTBSCertificate()));
    TBSCertificateStructure tbscertificatestructure = 
        TBSCertificateStructure.getInstance(asn1inputstream.readObject());
    AlgorithmIdentifier algorithmidentifier = tbscertificatestructure.getSubjectPublicKeyInfo().getAlgorithm();
    IssuerAndSerialNumber issuerandserialnumber = 
        new IssuerAndSerialNumber(
            tbscertificatestructure.getIssuer(), 
            tbscertificatestructure.getSerialNumber().getValue());
    Cipher cipher = Cipher.getInstance(algorithmidentifier.getAlgorithm().getId());        
    cipher.init(1, x509certificate);
    DEROctetString deroctetstring = new DEROctetString(cipher.doFinal(abyte0));
    RecipientIdentifier recipId = new RecipientIdentifier(issuerandserialnumber);
    return new KeyTransRecipientInfo( recipId, algorithmidentifier, deroctetstring);
}
 
Example 4
Project: Direct-File-Downloader   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        ByteArrayInputStream    bIn = new ByteArrayInputStream(
            cert.getTBSCertificate());
        ASN1InputStream         aIn = new ASN1InputStream(bIn);
        TBSCertificateStructure tbsCert = new TBSCertificateStructure(
                                        (ASN1Sequence)aIn.readObject());

        return new X509Principal(tbsCert.getIssuer());
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 5
Project: Direct-File-Downloader   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        ByteArrayInputStream    bIn = new ByteArrayInputStream(
            cert.getTBSCertificate());
        ASN1InputStream         aIn = new ASN1InputStream(bIn);
        TBSCertificateStructure tbsCert = new TBSCertificateStructure(
                                        (ASN1Sequence)aIn.readObject());

        return new X509Principal(tbsCert.getSubject());
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 6
Project: Aki-SSL   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 7
Project: Aki-SSL   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 8
Project: CryptMeme   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 9
Project: CryptMeme   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 10
Project: irma_future_id   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 11
Project: irma_future_id   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 12
Project: bc-java   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 13
Project: bc-java   File: PrincipalUtil.java   View source code 6 votes vote down vote up
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
 
Example 14
Project: cagrid-general   File: ProxyPathValidator.java   View source code 6 votes vote down vote up
protected void checkKeyUsage(TBSCertificateStructure issuer,
			 X509Certificate[] certPath,
			 int index) 
throws ProxyPathValidatorException, IOException {

logger.debug("enter: checkKeyUsage");

boolean[] issuerKeyUsage = getKeyUsage(issuer);
if (issuerKeyUsage != null) {
    if (!issuerKeyUsage[5]) {
	throw new ProxyPathValidatorException(
		ProxyPathValidatorException.FAILURE,
		certPath[index],
		"KeyUsage extension present but keyCertSign bit not asserted");
    }
}

logger.debug("exit: checkKeyUsage");
   }
 
Example 15
Project: cagrid-general   File: ProxyPathValidator.java   View source code 6 votes vote down vote up
protected int getCAPathConstraint(TBSCertificateStructure crt) 
throws IOException {
X509Extensions extensions = crt.getExtensions();
if (extensions == null) {
    return -1;
}
X509Extension ext =
    extensions.getExtension(X509Extensions.BasicConstraints);
if (ext != null) {
    BasicConstraints basicExt = BouncyCastleUtil.getBasicConstraints(ext);
    if (basicExt.isCA()) {
	BigInteger pathLen = basicExt.getPathLenConstraint();
	return (pathLen == null) ? Integer.MAX_VALUE : pathLen.intValue();
    } else {
	return -1;
    }
}
return -1;
   }
 
Example 16
Project: cagrid-core   File: ProxyPathValidator.java   View source code 6 votes vote down vote up
protected void checkUnsupportedCriticalExtensions(TBSCertificateStructure crt, int certType,
	X509Certificate checkedProxy) throws ProxyPathValidatorException {

	logger.debug("enter: checkUnsupportedCriticalExtensions");

	X509Extensions extensions = crt.getExtensions();
	if (extensions != null) {
		Enumeration e = extensions.oids();
		while (e.hasMoreElements()) {
			DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
			X509Extension ext = extensions.getExtension(oid);
			if (ext.isCritical()) {
				if (oid.equals(X509Extensions.BasicConstraints) || oid.equals(X509Extensions.KeyUsage)
					|| (oid.equals(ProxyCertInfo.OID) && CertUtil.isGsi4Proxy(certType))
					|| (oid.equals(ProxyCertInfo.OLD_OID) && CertUtil.isGsi3Proxy(certType))) {
				} else {
					throw new ProxyPathValidatorException(ProxyPathValidatorException.UNSUPPORTED_EXTENSION,
						checkedProxy, "Unsuppored critical exception : " + oid.getId());
				}
			}
		}
	}

	logger.debug("exit: checkUnsupportedCriticalExtensions");
}
 
Example 17
Project: cagrid-core   File: ProxyPathValidator.java   View source code 6 votes vote down vote up
protected int getCAPathConstraint(TBSCertificateStructure crt) throws IOException {
	X509Extensions extensions = crt.getExtensions();
	if (extensions == null) {
		return -1;
	}
	X509Extension ext = extensions.getExtension(X509Extensions.BasicConstraints);
	if (ext != null) {
		BasicConstraints basicExt = BouncyCastleUtil.getBasicConstraints(ext);
		if (basicExt.isCA()) {
			BigInteger pathLen = basicExt.getPathLenConstraint();
			return (pathLen == null) ? Integer.MAX_VALUE : pathLen.intValue();
		} else {
			return -1;
		}
	}
	return -1;
}
 
Example 18
Project: irma_future_id   File: CMSUtils.java   View source code 5 votes vote down vote up
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
{
    try
    {
        return TBSCertificateStructure.getInstance(
            ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
    }
    catch (Exception e)
    {
        throw new IllegalArgumentException(
            "can't extract TBS structure from this cert");
    }
}
 
Example 19
Project: bc-java   File: CMSUtils.java   View source code 5 votes vote down vote up
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
{
    try
    {
        return TBSCertificateStructure.getInstance(
            ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
    }
    catch (Exception e)
    {
        throw new IllegalArgumentException(
            "can't extract TBS structure from this cert");
    }
}
 
Example 20
Project: cagrid-general   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected void checkUnsupportedCriticalExtensions(TBSCertificateStructure crt,
					      int certType,
					      X509Certificate checkedProxy) 
throws ProxyPathValidatorException {

logger.debug("enter: checkUnsupportedCriticalExtensions");

X509Extensions extensions = crt.getExtensions();
if (extensions != null) {
    Enumeration e = extensions.oids();
    while (e.hasMoreElements()) {
	DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
	X509Extension ext = extensions.getExtension(oid);
	if (ext.isCritical()) {
	    if (oid.equals(X509Extensions.BasicConstraints) ||
		oid.equals(X509Extensions.KeyUsage) ||
		(oid.equals(ProxyCertInfo.OID) && 
                        CertUtil.isGsi4Proxy(certType)) ||
		(oid.equals(ProxyCertInfo.OLD_OID) && 
                        CertUtil.isGsi3Proxy(certType))) {
	    } else {
		throw new ProxyPathValidatorException(
		      ProxyPathValidatorException
                             .UNSUPPORTED_EXTENSION,
		      checkedProxy,
		      "Unsuppored critical exception : " 
                             + oid.getId());
	    }
	}
    }
}

logger.debug("exit: checkUnsupportedCriticalExtensions");
   }
 
Example 21
Project: cagrid-general   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected ProxyCertInfo getProxyCertInfo(TBSCertificateStructure crt) 
throws IOException {
X509Extensions extensions = crt.getExtensions();
if (extensions == null) {
    return null;
}
X509Extension ext = 
    extensions.getExtension(ProxyCertInfo.OID);
       if (ext == null) {
           ext = extensions.getExtension(ProxyCertInfo.OLD_OID);
       }
return (ext != null) ? BouncyCastleUtil.getProxyCertInfo(ext) : null;
   }
 
Example 22
Project: cagrid-general   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected boolean[] getKeyUsage(TBSCertificateStructure crt) 
throws IOException {
X509Extensions extensions = crt.getExtensions();
if (extensions == null) {
    return null;
}
X509Extension ext =
    extensions.getExtension(X509Extensions.KeyUsage);
return (ext != null) ? BouncyCastleUtil.getKeyUsage(ext) : null;
   }
 
Example 23
Project: cagrid-core   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected void checkRestrictedProxy(TBSCertificateStructure proxy, X509Certificate[] certPath, int index)
	throws ProxyPathValidatorException, IOException {

	logger.debug("enter: checkRestrictedProxy");

	ProxyCertInfo info = getProxyCertInfo(proxy);

	// just a sanity check
	if (info == null) {
		throw new ProxyPathValidatorException(ProxyPathValidatorException.FAILURE, certPath[index],
			"Could not retreive ProxyCertInfo extension");
	}

	ProxyPolicy policy = info.getProxyPolicy();

	// another sanity check
	if (policy == null) {
		throw new ProxyPathValidatorException(ProxyPathValidatorException.FAILURE, certPath[index],
			"Could not retreive ProxyPolicy from ProxyCertInfo extension");
	}

	String pl = policy.getPolicyLanguage().getId();

	ProxyPolicyHandler handler = getProxyPolicyHandler(pl);

	if (handler == null) {
		throw new ProxyPathValidatorException(ProxyPathValidatorException.UNKNOWN_POLICY, certPath[index],
			"Unknown policy: " + pl);
	}

	handler.validate(info, certPath, index);

	logger.debug("exit: checkRestrictedProxy");

}
 
Example 24
Project: cagrid-core   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected void checkKeyUsage(TBSCertificateStructure issuer, X509Certificate[] certPath, int index)
	throws ProxyPathValidatorException, IOException {

	logger.debug("enter: checkKeyUsage");

	boolean[] issuerKeyUsage = getKeyUsage(issuer);
	if (issuerKeyUsage != null) {
		if (!issuerKeyUsage[5]) {
			throw new ProxyPathValidatorException(ProxyPathValidatorException.FAILURE, certPath[index],
				"KeyUsage extension present but keyCertSign bit not asserted");
		}
	}

	logger.debug("exit: checkKeyUsage");
}
 
Example 25
Project: cagrid-core   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected ProxyCertInfo getProxyCertInfo(TBSCertificateStructure crt) throws IOException {
	X509Extensions extensions = crt.getExtensions();
	if (extensions == null) {
		return null;
	}
	X509Extension ext = extensions.getExtension(ProxyCertInfo.OID);
	if (ext == null) {
		ext = extensions.getExtension(ProxyCertInfo.OLD_OID);
	}
	return (ext != null) ? BouncyCastleUtil.getProxyCertInfo(ext) : null;
}
 
Example 26
Project: cagrid-core   File: ProxyPathValidator.java   View source code 5 votes vote down vote up
protected boolean[] getKeyUsage(TBSCertificateStructure crt) throws IOException {
	X509Extensions extensions = crt.getExtensions();
	if (extensions == null) {
		return null;
	}
	X509Extension ext = extensions.getExtension(X509Extensions.KeyUsage);
	return (ext != null) ? BouncyCastleUtil.getKeyUsage(ext) : null;
}
 
Example 27
Project: ipack   File: CMSUtils.java   View source code 4 votes vote down vote up
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
    throws CertificateEncodingException
{
        return TBSCertificateStructure.getInstance(cert.getTBSCertificate());
}
 
Example 28
Project: irma_future_id   File: CMSUtils.java   View source code 4 votes vote down vote up
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
    throws CertificateEncodingException
{
        return TBSCertificateStructure.getInstance(cert.getTBSCertificate());
}
 
Example 29
Project: irma_future_id   File: CMSUtils.java   View source code 4 votes vote down vote up
static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert)
{
    TBSCertificateStructure tbsCert = getTBSCertificateStructure(cert);
    return new IssuerAndSerialNumber(tbsCert.getIssuer(), tbsCert.getSerialNumber().getValue());
}
 
Example 30
Project: bc-java   File: CMSUtils.java   View source code 4 votes vote down vote up
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
    throws CertificateEncodingException
{
        return TBSCertificateStructure.getInstance(cert.getTBSCertificate());
}
 
Example 31
Project: bc-java   File: CMSUtils.java   View source code 4 votes vote down vote up
static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert)
{
    TBSCertificateStructure tbsCert = getTBSCertificateStructure(cert);
    return new IssuerAndSerialNumber(tbsCert.getIssuer(), tbsCert.getSerialNumber().getValue());
}
 
Example 32
Project: cagrid-general   File: BouncyCastleUtil.java   View source code 4 votes vote down vote up
/**
    * Returns certificate type of the given certificate. 
    * This function calls {@link #getCertificateType(TBSCertificateStructure) 
    * getCertificateType} to get the certificate type. In case
    * the certificate type was initially determined as 
    * {@link GSIConstants#EEC GSIConstants.EEC} it is checked
    * against the trusted certificate list to see if it really
    * is a CA certificate. If the certificate is present in the
    * trusted certificate list the certificate type is changed
    * to {@link GSIConstants#CA GSIConstants.CA}. Otherwise, it is
    * left as it is (This is useful in cases where a valid CA
    * certificate does not have a BasicConstraints extension)
    *
    * @param crt the certificate to get the type of.
    * @param trustedCerts the trusted certificates to double check the 
    *                     {@link GSIConstants#EEC GSIConstants.EEC} 
    *                     certificate against. If null, a default
    *                     set of trusted certificate will be loaded
    *                     from a standard location.
    * @return the certificate type. The certificate type is determined
    *         by rules described above.
    * @exception IOException if something goes wrong.
    * @exception CertificateException for proxy certificates, if 
    *            the issuer DN of the certificate does not match
    *            the subject DN of the certificate without the
    *            last <I>CN</I> component. Also, for GSI-3 proxies
    *            when the <code>ProxyCertInfo</code> extension is 
    *            not marked as critical.
    */
   public static int getCertificateType(TBSCertificateStructure crt,
				 TrustedCertificates trustedCerts) 
throws CertificateException, IOException {
int type = getCertificateType(crt);

// check subject of the cert in trusted cert list
// to make sure the cert is not a ca cert
if (type == GSIConstants.EEC) {
    if (trustedCerts == null) {
	trustedCerts = 
	    TrustedCertificates.getDefaultTrustedCertificates();
    } 
    if (trustedCerts != null && 
	trustedCerts.getCertificate(crt.getSubject().toString()) != null) {
	type = GSIConstants.CA;
    }
}

return type;
   }
 
Example 33
Project: cagrid-general   File: ProxyPathValidator.java   View source code 4 votes vote down vote up
protected void checkRestrictedProxy(TBSCertificateStructure proxy,
				X509Certificate[] certPath,
				int index) 
throws ProxyPathValidatorException, IOException {

logger.debug("enter: checkRestrictedProxy");

ProxyCertInfo info = getProxyCertInfo(proxy);

// just a sanity check
if (info == null) {
     throw new ProxyPathValidatorException(
		   ProxyPathValidatorException.FAILURE,
	   certPath[index],
	   "Could not retreive ProxyCertInfo extension");
}

ProxyPolicy policy = info.getProxyPolicy();

// another sanity check
if (policy == null) {
    throw new ProxyPathValidatorException(
		   ProxyPathValidatorException.FAILURE,
	   certPath[index],
	   "Could not retreive ProxyPolicy from ProxyCertInfo extension");
}

String pl = policy.getPolicyLanguage().getId();

ProxyPolicyHandler handler = getProxyPolicyHandler(pl);

if (handler == null) {
     throw new ProxyPathValidatorException(
		   ProxyPathValidatorException.UNKNOWN_POLICY,
	   certPath[index],
	   "Unknown policy: " + pl);
}

handler.validate(info, certPath, index);

logger.debug("exit: checkRestrictedProxy");

   }
 
Example 34
Project: cagrid-general   File: ProxyPathValidator.java   View source code 4 votes vote down vote up
protected int getProxyPathConstraint(TBSCertificateStructure crt) 
throws IOException {
ProxyCertInfo proxyCertExt = getProxyCertInfo(crt);
return (proxyCertExt != null) ? proxyCertExt.getPathLenConstraint() : -1;
   }
 
Example 35
Project: cagrid-core   File: ProxyPathValidator.java   View source code 4 votes vote down vote up
protected int getProxyPathConstraint(TBSCertificateStructure crt) throws IOException {
	ProxyCertInfo proxyCertExt = getProxyCertInfo(crt);
	return (proxyCertExt != null) ? proxyCertExt.getPathLenConstraint() : -1;
}
 
Example 36
Project: cagrid-general   File: BouncyCastleUtil.java   View source code 2 votes vote down vote up
/**
    * Extracts the TBS certificate from the given certificate.
    *
    * @param cert the X.509 certificate to extract the TBS certificate from.
    * @return the TBS certificate
    * @exception IOException if extraction fails.
    * @exception CertificateEncodingException if extraction fails.
    */
   public static TBSCertificateStructure getTBSCertificateStructure(X509Certificate cert)
throws CertificateEncodingException, IOException {
DERObject obj = BouncyCastleUtil.toDERObject(cert.getTBSCertificate());
return TBSCertificateStructure.getInstance(obj);
   }