Java Code Examples for org.bouncycastle.asn1.x509.AccessDescription#getAccessMethod()
The following examples show how to use
org.bouncycastle.asn1.x509.AccessDescription#getAccessMethod() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: IdentifiedCertprofile.java From xipki with Apache License 2.0 | 5 votes |
|
private static ASN1Sequence createSubjectInfoAccess(
Map<ASN1ObjectIdentifier, Extension> requestedExtensions,
Map<ASN1ObjectIdentifier, Set<GeneralNameMode>> modes) throws BadCertTemplateException {
if (modes == null) {
return null;
}
Extension extn = requestedExtensions.get(Extension.subjectInfoAccess);
if (extn == null) {
return null;
}
ASN1Encodable extValue = extn.getParsedValue();
if (extValue == null) {
return null;
}
ASN1Sequence reqSeq = ASN1Sequence.getInstance(extValue);
int size = reqSeq.size();
ASN1EncodableVector vec = new ASN1EncodableVector();
for (int i = 0; i < size; i++) {
AccessDescription ad = AccessDescription.getInstance(reqSeq.getObjectAt(i));
ASN1ObjectIdentifier accessMethod = ad.getAccessMethod();
Set<GeneralNameMode> generalNameModes = modes.get(accessMethod);
if (generalNameModes == null) {
throw new BadCertTemplateException("subjectInfoAccess.accessMethod "
+ accessMethod.getId() + " is not allowed");
}
GeneralName accessLocation = BaseCertprofile.createGeneralName(
ad.getAccessLocation(), generalNameModes);
vec.add(new AccessDescription(accessMethod, accessLocation));
} // end for
return vec.size() > 0 ? new DERSequence(vec) : null;
}
Example 2
| Source File: X509Ext.java From keystore-explorer with GNU General Public License v3.0 | 4 votes |
|
private String getAuthorityInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* AuthorityInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
AuthorityInformationAccess authorityInfoAccess = AuthorityInformationAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : authorityInfoAccess.getAccessDescriptions()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else {
// Unrecognised Access Method OID
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("AuthorityInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT.toString(2));
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Example 3
| Source File: X509Ext.java From keystore-explorer with GNU General Public License v3.0 | 4 votes |
|
private String getSubjectInformationAccessStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* SubjectInfoAccessSyntax ::= ASN1Sequence SIZE (1..MAX) OF
* AccessDescription
*
* AccessDescription ::= ASN1Sequence { accessMethod OBJECT IDENTIFIER,
* accessLocation GeneralName }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
SubjectInfoAccess subjectInfoAccess = SubjectInfoAccess.getInstance(value);
int accessDesc = 0;
for (AccessDescription accessDescription : subjectInfoAccess.getAccessDescriptionList()) {
accessDesc++;
// Convert OID to access method
ASN1ObjectIdentifier accessMethod = accessDescription.getAccessMethod();
AccessMethodType accessMethodType = AccessMethodType.resolveOid(accessMethod.getId());
String accessMethodStr = null;
if (accessMethodType != null) {
accessMethodStr = accessMethodType.friendly();
} else {
// Unrecognised Access Method OID
accessMethodStr = ObjectIdUtil.toString(accessMethod);
}
GeneralName accessLocation = accessDescription.getAccessLocation();
String accessLocationStr = GeneralNameUtil.toString(accessLocation);
sb.append(MessageFormat.format(res.getString("SubjectInformationAccess"), accessDesc));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("AccessMethod"), accessMethodStr));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(res.getString("AccessLocation"));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(INDENT);
sb.append(accessLocationStr);
sb.append(NEWLINE);
}
return sb.toString();
}
Example 4
| Source File: ExtensionsChecker.java From xipki with Apache License 2.0 | 4 votes |
|
private void checkExtnSubjectInfoAccess(StringBuilder failureMsg, byte[] extensionValue,
Extensions requestedExtns, ExtensionControl extControl) {
Map<ASN1ObjectIdentifier, Set<GeneralNameMode>> conf =
certprofile.getSubjectInfoAccessModes();
if (conf == null) {
failureMsg.append("extension is present but not expected; ");
return;
}
ASN1Encodable requestExtValue = null;
if (requestedExtns != null) {
requestExtValue = requestedExtns.getExtensionParsedValue(Extension.subjectInfoAccess);
}
if (requestExtValue == null) {
failureMsg.append("extension is present but not expected; ");
return;
}
ASN1Sequence requestSeq = ASN1Sequence.getInstance(requestExtValue);
ASN1Sequence certSeq = ASN1Sequence.getInstance(extensionValue);
int size = requestSeq.size();
if (certSeq.size() != size) {
addViolation(failureMsg, "size of GeneralNames", certSeq.size(), size);
return;
}
for (int i = 0; i < size; i++) {
AccessDescription ad = AccessDescription.getInstance(requestSeq.getObjectAt(i));
ASN1ObjectIdentifier accessMethod = ad.getAccessMethod();
Set<GeneralNameMode> generalNameModes = conf.get(accessMethod);
if (generalNameModes == null) {
failureMsg.append("accessMethod in requestedExtension ")
.append(accessMethod.getId()).append(" is not allowed; ");
continue;
}
AccessDescription certAccessDesc = AccessDescription.getInstance(
certSeq.getObjectAt(i));
ASN1ObjectIdentifier certAccessMethod = certAccessDesc.getAccessMethod();
boolean bo = (accessMethod == null) ? (certAccessMethod == null)
: accessMethod.equals(certAccessMethod);
if (!bo) {
addViolation(failureMsg, "accessMethod",
(certAccessMethod == null) ? "null" : certAccessMethod.getId(),
(accessMethod == null) ? "null" : accessMethod.getId());
continue;
}
GeneralName accessLocation;
try {
accessLocation = createGeneralName(ad.getAccessLocation(), generalNameModes);
} catch (BadCertTemplateException ex) {
failureMsg.append("invalid requestedExtension: ").append(ex.getMessage()).append("; ");
continue;
}
GeneralName certAccessLocation = certAccessDesc.getAccessLocation();
if (!certAccessLocation.equals(accessLocation)) {
failureMsg.append("accessLocation does not match the requested one; ");
}
}
}
