Java 类org.bouncycastle.asn1.x509.TBSCertificateStructure 实例源码

项目:ipack    文件:PrincipalUtil.java   
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:ipack    文件:PrincipalUtil.java   
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:itext2    文件:PdfPublicKeySecurityHandler.java   
private KeyTransRecipientInfo computeRecipientInfo(X509Certificate x509certificate, byte[] abyte0)
    throws GeneralSecurityException, IOException
{
    ASN1InputStream asn1inputstream = 
        new ASN1InputStream(new ByteArrayInputStream(x509certificate.getTBSCertificate()));
    TBSCertificateStructure tbscertificatestructure = 
        TBSCertificateStructure.getInstance(asn1inputstream.readObject());
    AlgorithmIdentifier algorithmidentifier = tbscertificatestructure.getSubjectPublicKeyInfo().getAlgorithm();
    IssuerAndSerialNumber issuerandserialnumber = 
        new IssuerAndSerialNumber(
            tbscertificatestructure.getIssuer(), 
            tbscertificatestructure.getSerialNumber().getValue());
    Cipher cipher = Cipher.getInstance(algorithmidentifier.getAlgorithm().getId());        
    cipher.init(1, x509certificate);
    DEROctetString deroctetstring = new DEROctetString(cipher.doFinal(abyte0));
    RecipientIdentifier recipId = new RecipientIdentifier(issuerandserialnumber);
    return new KeyTransRecipientInfo( recipId, algorithmidentifier, deroctetstring);
}
项目:Direct-File-Downloader    文件:PrincipalUtil.java   
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        ByteArrayInputStream    bIn = new ByteArrayInputStream(
            cert.getTBSCertificate());
        ASN1InputStream         aIn = new ASN1InputStream(bIn);
        TBSCertificateStructure tbsCert = new TBSCertificateStructure(
                                        (ASN1Sequence)aIn.readObject());

        return new X509Principal(tbsCert.getIssuer());
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:Direct-File-Downloader    文件:PrincipalUtil.java   
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        ByteArrayInputStream    bIn = new ByteArrayInputStream(
            cert.getTBSCertificate());
        ASN1InputStream         aIn = new ASN1InputStream(bIn);
        TBSCertificateStructure tbsCert = new TBSCertificateStructure(
                                        (ASN1Sequence)aIn.readObject());

        return new X509Principal(tbsCert.getSubject());
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:Aki-SSL    文件:PrincipalUtil.java   
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:Aki-SSL    文件:PrincipalUtil.java   
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:CryptMeme    文件:PrincipalUtil.java   
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:CryptMeme    文件:PrincipalUtil.java   
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:irma_future_id    文件:PrincipalUtil.java   
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:irma_future_id    文件:PrincipalUtil.java   
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:bc-java    文件:PrincipalUtil.java   
/**
 * return the issuer of the given cert as an X509PrincipalObject.
 */
public static X509Principal getIssuerX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));

        return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:bc-java    文件:PrincipalUtil.java   
/**
 * return the subject of the given cert as an X509PrincipalObject.
 */
public static X509Principal getSubjectX509Principal(
    X509Certificate cert)
    throws CertificateEncodingException
{
    try
    {
        TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
                ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
        return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
    }
    catch (IOException e)
    {
        throw new CertificateEncodingException(e.toString());
    }
}
项目:cagrid-general    文件:ProxyPathValidator.java   
protected void checkKeyUsage(TBSCertificateStructure issuer,
             X509Certificate[] certPath,
             int index) 
throws ProxyPathValidatorException, IOException {

logger.debug("enter: checkKeyUsage");

boolean[] issuerKeyUsage = getKeyUsage(issuer);
if (issuerKeyUsage != null) {
    if (!issuerKeyUsage[5]) {
    throw new ProxyPathValidatorException(
        ProxyPathValidatorException.FAILURE,
        certPath[index],
        "KeyUsage extension present but keyCertSign bit not asserted");
    }
}

logger.debug("exit: checkKeyUsage");
   }
项目:cagrid-general    文件:ProxyPathValidator.java   
protected int getCAPathConstraint(TBSCertificateStructure crt) 
throws IOException {
X509Extensions extensions = crt.getExtensions();
if (extensions == null) {
    return -1;
}
X509Extension ext =
    extensions.getExtension(X509Extensions.BasicConstraints);
if (ext != null) {
    BasicConstraints basicExt = BouncyCastleUtil.getBasicConstraints(ext);
    if (basicExt.isCA()) {
    BigInteger pathLen = basicExt.getPathLenConstraint();
    return (pathLen == null) ? Integer.MAX_VALUE : pathLen.intValue();
    } else {
    return -1;
    }
}
return -1;
   }
项目:cagrid-core    文件:ProxyPathValidator.java   
protected void checkUnsupportedCriticalExtensions(TBSCertificateStructure crt, int certType,
    X509Certificate checkedProxy) throws ProxyPathValidatorException {

    logger.debug("enter: checkUnsupportedCriticalExtensions");

    X509Extensions extensions = crt.getExtensions();
    if (extensions != null) {
        Enumeration e = extensions.oids();
        while (e.hasMoreElements()) {
            DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
            X509Extension ext = extensions.getExtension(oid);
            if (ext.isCritical()) {
                if (oid.equals(X509Extensions.BasicConstraints) || oid.equals(X509Extensions.KeyUsage)
                    || (oid.equals(ProxyCertInfo.OID) && CertUtil.isGsi4Proxy(certType))
                    || (oid.equals(ProxyCertInfo.OLD_OID) && CertUtil.isGsi3Proxy(certType))) {
                } else {
                    throw new ProxyPathValidatorException(ProxyPathValidatorException.UNSUPPORTED_EXTENSION,
                        checkedProxy, "Unsuppored critical exception : " + oid.getId());
                }
            }
        }
    }

    logger.debug("exit: checkUnsupportedCriticalExtensions");
}
项目:cagrid-core    文件:ProxyPathValidator.java   
protected int getCAPathConstraint(TBSCertificateStructure crt) throws IOException {
    X509Extensions extensions = crt.getExtensions();
    if (extensions == null) {
        return -1;
    }
    X509Extension ext = extensions.getExtension(X509Extensions.BasicConstraints);
    if (ext != null) {
        BasicConstraints basicExt = BouncyCastleUtil.getBasicConstraints(ext);
        if (basicExt.isCA()) {
            BigInteger pathLen = basicExt.getPathLenConstraint();
            return (pathLen == null) ? Integer.MAX_VALUE : pathLen.intValue();
        } else {
            return -1;
        }
    }
    return -1;
}
项目:irma_future_id    文件:CMSUtils.java   
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
{
    try
    {
        return TBSCertificateStructure.getInstance(
            ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
    }
    catch (Exception e)
    {
        throw new IllegalArgumentException(
            "can't extract TBS structure from this cert");
    }
}
项目:bc-java    文件:CMSUtils.java   
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
{
    try
    {
        return TBSCertificateStructure.getInstance(
            ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
    }
    catch (Exception e)
    {
        throw new IllegalArgumentException(
            "can't extract TBS structure from this cert");
    }
}
项目:cagrid-general    文件:ProxyPathValidator.java   
protected void checkUnsupportedCriticalExtensions(TBSCertificateStructure crt,
                          int certType,
                          X509Certificate checkedProxy) 
throws ProxyPathValidatorException {

logger.debug("enter: checkUnsupportedCriticalExtensions");

X509Extensions extensions = crt.getExtensions();
if (extensions != null) {
    Enumeration e = extensions.oids();
    while (e.hasMoreElements()) {
    DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
    X509Extension ext = extensions.getExtension(oid);
    if (ext.isCritical()) {
        if (oid.equals(X509Extensions.BasicConstraints) ||
        oid.equals(X509Extensions.KeyUsage) ||
        (oid.equals(ProxyCertInfo.OID) && 
                        CertUtil.isGsi4Proxy(certType)) ||
        (oid.equals(ProxyCertInfo.OLD_OID) && 
                        CertUtil.isGsi3Proxy(certType))) {
        } else {
        throw new ProxyPathValidatorException(
              ProxyPathValidatorException
                             .UNSUPPORTED_EXTENSION,
              checkedProxy,
              "Unsuppored critical exception : " 
                             + oid.getId());
        }
    }
    }
}

logger.debug("exit: checkUnsupportedCriticalExtensions");
   }
项目:cagrid-general    文件:ProxyPathValidator.java   
protected ProxyCertInfo getProxyCertInfo(TBSCertificateStructure crt) 
throws IOException {
X509Extensions extensions = crt.getExtensions();
if (extensions == null) {
    return null;
}
X509Extension ext = 
    extensions.getExtension(ProxyCertInfo.OID);
       if (ext == null) {
           ext = extensions.getExtension(ProxyCertInfo.OLD_OID);
       }
return (ext != null) ? BouncyCastleUtil.getProxyCertInfo(ext) : null;
   }
项目:cagrid-general    文件:ProxyPathValidator.java   
protected boolean[] getKeyUsage(TBSCertificateStructure crt) 
throws IOException {
X509Extensions extensions = crt.getExtensions();
if (extensions == null) {
    return null;
}
X509Extension ext =
    extensions.getExtension(X509Extensions.KeyUsage);
return (ext != null) ? BouncyCastleUtil.getKeyUsage(ext) : null;
   }
项目:cagrid-core    文件:ProxyPathValidator.java   
protected void checkRestrictedProxy(TBSCertificateStructure proxy, X509Certificate[] certPath, int index)
    throws ProxyPathValidatorException, IOException {

    logger.debug("enter: checkRestrictedProxy");

    ProxyCertInfo info = getProxyCertInfo(proxy);

    // just a sanity check
    if (info == null) {
        throw new ProxyPathValidatorException(ProxyPathValidatorException.FAILURE, certPath[index],
            "Could not retreive ProxyCertInfo extension");
    }

    ProxyPolicy policy = info.getProxyPolicy();

    // another sanity check
    if (policy == null) {
        throw new ProxyPathValidatorException(ProxyPathValidatorException.FAILURE, certPath[index],
            "Could not retreive ProxyPolicy from ProxyCertInfo extension");
    }

    String pl = policy.getPolicyLanguage().getId();

    ProxyPolicyHandler handler = getProxyPolicyHandler(pl);

    if (handler == null) {
        throw new ProxyPathValidatorException(ProxyPathValidatorException.UNKNOWN_POLICY, certPath[index],
            "Unknown policy: " + pl);
    }

    handler.validate(info, certPath, index);

    logger.debug("exit: checkRestrictedProxy");

}
项目:cagrid-core    文件:ProxyPathValidator.java   
protected void checkKeyUsage(TBSCertificateStructure issuer, X509Certificate[] certPath, int index)
    throws ProxyPathValidatorException, IOException {

    logger.debug("enter: checkKeyUsage");

    boolean[] issuerKeyUsage = getKeyUsage(issuer);
    if (issuerKeyUsage != null) {
        if (!issuerKeyUsage[5]) {
            throw new ProxyPathValidatorException(ProxyPathValidatorException.FAILURE, certPath[index],
                "KeyUsage extension present but keyCertSign bit not asserted");
        }
    }

    logger.debug("exit: checkKeyUsage");
}
项目:cagrid-core    文件:ProxyPathValidator.java   
protected ProxyCertInfo getProxyCertInfo(TBSCertificateStructure crt) throws IOException {
    X509Extensions extensions = crt.getExtensions();
    if (extensions == null) {
        return null;
    }
    X509Extension ext = extensions.getExtension(ProxyCertInfo.OID);
    if (ext == null) {
        ext = extensions.getExtension(ProxyCertInfo.OLD_OID);
    }
    return (ext != null) ? BouncyCastleUtil.getProxyCertInfo(ext) : null;
}
项目:cagrid-core    文件:ProxyPathValidator.java   
protected boolean[] getKeyUsage(TBSCertificateStructure crt) throws IOException {
    X509Extensions extensions = crt.getExtensions();
    if (extensions == null) {
        return null;
    }
    X509Extension ext = extensions.getExtension(X509Extensions.KeyUsage);
    return (ext != null) ? BouncyCastleUtil.getKeyUsage(ext) : null;
}
项目:ipack    文件:CMSUtils.java   
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
    throws CertificateEncodingException
{
        return TBSCertificateStructure.getInstance(cert.getTBSCertificate());
}
项目:irma_future_id    文件:CMSUtils.java   
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
    throws CertificateEncodingException
{
        return TBSCertificateStructure.getInstance(cert.getTBSCertificate());
}
项目:irma_future_id    文件:CMSUtils.java   
static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert)
{
    TBSCertificateStructure tbsCert = getTBSCertificateStructure(cert);
    return new IssuerAndSerialNumber(tbsCert.getIssuer(), tbsCert.getSerialNumber().getValue());
}
项目:bc-java    文件:CMSUtils.java   
static TBSCertificateStructure getTBSCertificateStructure(
    X509Certificate cert)
    throws CertificateEncodingException
{
        return TBSCertificateStructure.getInstance(cert.getTBSCertificate());
}
项目:bc-java    文件:CMSUtils.java   
static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert)
{
    TBSCertificateStructure tbsCert = getTBSCertificateStructure(cert);
    return new IssuerAndSerialNumber(tbsCert.getIssuer(), tbsCert.getSerialNumber().getValue());
}
项目:cagrid-general    文件:BouncyCastleUtil.java   
/**
    * Returns certificate type of the given certificate. 
    * This function calls {@link #getCertificateType(TBSCertificateStructure) 
    * getCertificateType} to get the certificate type. In case
    * the certificate type was initially determined as 
    * {@link GSIConstants#EEC GSIConstants.EEC} it is checked
    * against the trusted certificate list to see if it really
    * is a CA certificate. If the certificate is present in the
    * trusted certificate list the certificate type is changed
    * to {@link GSIConstants#CA GSIConstants.CA}. Otherwise, it is
    * left as it is (This is useful in cases where a valid CA
    * certificate does not have a BasicConstraints extension)
    *
    * @param crt the certificate to get the type of.
    * @param trustedCerts the trusted certificates to double check the 
    *                     {@link GSIConstants#EEC GSIConstants.EEC} 
    *                     certificate against. If null, a default
    *                     set of trusted certificate will be loaded
    *                     from a standard location.
    * @return the certificate type. The certificate type is determined
    *         by rules described above.
    * @exception IOException if something goes wrong.
    * @exception CertificateException for proxy certificates, if 
    *            the issuer DN of the certificate does not match
    *            the subject DN of the certificate without the
    *            last <I>CN</I> component. Also, for GSI-3 proxies
    *            when the <code>ProxyCertInfo</code> extension is 
    *            not marked as critical.
    */
   public static int getCertificateType(TBSCertificateStructure crt,
                 TrustedCertificates trustedCerts) 
throws CertificateException, IOException {
int type = getCertificateType(crt);

// check subject of the cert in trusted cert list
// to make sure the cert is not a ca cert
if (type == GSIConstants.EEC) {
    if (trustedCerts == null) {
    trustedCerts = 
        TrustedCertificates.getDefaultTrustedCertificates();
    } 
    if (trustedCerts != null && 
    trustedCerts.getCertificate(crt.getSubject().toString()) != null) {
    type = GSIConstants.CA;
    }
}

return type;
   }
项目:cagrid-general    文件:ProxyPathValidator.java   
protected void checkRestrictedProxy(TBSCertificateStructure proxy,
                X509Certificate[] certPath,
                int index) 
throws ProxyPathValidatorException, IOException {

logger.debug("enter: checkRestrictedProxy");

ProxyCertInfo info = getProxyCertInfo(proxy);

// just a sanity check
if (info == null) {
     throw new ProxyPathValidatorException(
           ProxyPathValidatorException.FAILURE,
       certPath[index],
       "Could not retreive ProxyCertInfo extension");
}

ProxyPolicy policy = info.getProxyPolicy();

// another sanity check
if (policy == null) {
    throw new ProxyPathValidatorException(
           ProxyPathValidatorException.FAILURE,
       certPath[index],
       "Could not retreive ProxyPolicy from ProxyCertInfo extension");
}

String pl = policy.getPolicyLanguage().getId();

ProxyPolicyHandler handler = getProxyPolicyHandler(pl);

if (handler == null) {
     throw new ProxyPathValidatorException(
           ProxyPathValidatorException.UNKNOWN_POLICY,
       certPath[index],
       "Unknown policy: " + pl);
}

handler.validate(info, certPath, index);

logger.debug("exit: checkRestrictedProxy");

   }
项目:cagrid-general    文件:ProxyPathValidator.java   
protected int getProxyPathConstraint(TBSCertificateStructure crt) 
throws IOException {
ProxyCertInfo proxyCertExt = getProxyCertInfo(crt);
return (proxyCertExt != null) ? proxyCertExt.getPathLenConstraint() : -1;
   }
项目:cagrid-core    文件:ProxyPathValidator.java   
protected int getProxyPathConstraint(TBSCertificateStructure crt) throws IOException {
    ProxyCertInfo proxyCertExt = getProxyCertInfo(crt);
    return (proxyCertExt != null) ? proxyCertExt.getPathLenConstraint() : -1;
}
项目:cagrid-general    文件:BouncyCastleUtil.java   
/**
    * Extracts the TBS certificate from the given certificate.
    *
    * @param cert the X.509 certificate to extract the TBS certificate from.
    * @return the TBS certificate
    * @exception IOException if extraction fails.
    * @exception CertificateEncodingException if extraction fails.
    */
   public static TBSCertificateStructure getTBSCertificateStructure(X509Certificate cert)
throws CertificateEncodingException, IOException {
DERObject obj = BouncyCastleUtil.toDERObject(cert.getTBSCertificate());
return TBSCertificateStructure.getInstance(obj);
   }