Package org.apache.geronimo.crypto.asn1.x509

Examples of org.apache.geronimo.crypto.asn1.x509.X509Extensions


        catch (IOException e)
        {
            throw new IllegalArgumentException("error encoding reason: " + e);
        }
       
        X509Extensions entryExtensions = new X509Extensions(extOids, extValues);
       
        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
       
        crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
       
View Full Code Here


        return certificateIssuer;
    }

    private Set getExtensionOIDs(boolean critical)
    {
        X509Extensions extensions = c.getExtensions();

        if (extensions != null)
        {
            Set set = new HashSet();
            Enumeration e = extensions.oids();

            while (e.hasMoreElements())
            {
                DERObjectIdentifier oid = (DERObjectIdentifier) e.nextElement();
                X509Extension ext = extensions.getExtension(oid);

                if (critical == ext.isCritical())
                {
                    set.add(oid.getId());
                }
View Full Code Here

        return getExtensionOIDs(false);
    }

    public byte[] getExtensionValue(String oid)
    {
        X509Extensions exts = c.getExtensions();

        if (exts != null)
        {
            X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid));

            if (ext != null)
            {
                try
                {
View Full Code Here

        buf.append("      userCertificate: ").append(this.getSerialNumber()).append(nl);
        buf.append("       revocationDate: ").append(this.getRevocationDate()).append(nl);
        buf.append("       certificateIssuer: ").append(this.getCertificateIssuer()).append(nl);

        X509Extensions extensions = c.getExtensions();

        if (extensions != null)
        {
            Enumeration e = extensions.oids();
            if (e.hasMoreElements())
            {
                buf.append("   crlEntryExtensions:").append(nl);

                while (e.hasMoreElements())
                {
                    DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement();
                    X509Extension ext = extensions.getExtension(oid);
                    if (ext.getValue() != null)
                    {
                        byte[]                  octs = ext.getValue().getOctets();
                        ASN1InputStream dIn = new ASN1InputStream(octs);
                        buf.append("                       critical(").append(ext.isCritical()).append(") ");
View Full Code Here

          // Look for extension OIDs
          Iterator iter = m_extensionOids.iterator();
          while (iter.hasNext()) {
            String oidstr = (String)iter.next();
            DERObjectIdentifier oid = new DERObjectIdentifier(oidstr);
            X509Extensions reqexts = req.getRequestExtensions();
            if (reqexts != null) {
              X509Extension ext = reqexts.getExtension(oid);
              if (null != ext) {
                // We found an extension, call the extenstion class
                if (m_log.isDebugEnabled()) {
                  m_log.debug("Found OCSP extension oid: "+oidstr);
                }
                IOCSPExtension extObj = (IOCSPExtension)m_extensionMap.get(oidstr);
                if (extObj != null) {
                  // Find the certificate from the certId
                  X509Certificate cert = null;
                  cert = (X509Certificate)this.data.certificateStoreSession.findCertificateByIssuerAndSerno(this.data.m_adm, cacert.getSubjectDN().getName(), certId.getSerialNumber());
                  if (cert != null) {
                    // Call the OCSP extension
                    Hashtable retext = extObj.process(request, cert, certStatus);
                    if (retext != null) {
                      // Add the returned X509Extensions to the responseExtension we will add to the basic OCSP response
                      responseExtensions.putAll(retext);
                    } else {
                      String errMsg = intres.getLocalizedMessage("ocsp.errorprocessextension", extObj.getClass().getName()new Integer(extObj.getLastErrorCode()));
                      m_log.error(errMsg);
                    }
                  }
                }
              }
            }
          }
        } // end of huge for loop
        if (cacert != null) {
          // Add responseExtensions
          X509Extensions exts = new X509Extensions(responseExtensions);
          // generate the signed response object
          BasicOCSPResp basicresp = signOCSPResponse(req, responseList, exts, cacert);
          ocspresp = res.generate(OCSPRespGenerator.SUCCESSFUL, basicresp);
          auditLogger.paramPut(IAuditLogger.STATUS, OCSPRespGenerator.SUCCESSFUL);
          transactionLogger.paramPut(ITransactionLogger.STATUS, OCSPRespGenerator.SUCCESSFUL);
View Full Code Here

        OCSPReqGenerator gen = new OCSPReqGenerator();
        gen.addRequest(new CertificateID(CertificateID.HASH_SHA1, cacert, racert.getSerialNumber()));
        Hashtable exts = new Hashtable();
        X509Extension ext = new X509Extension(false, new DEROctetString("123456789".getBytes()));
        exts.put(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, ext);
        gen.setRequestExtensions(new X509Extensions(exts));
        OCSPReq req = gen.generate();

        // A response to create
    ArrayList responseList = new ArrayList();
    CertificateID certId = req.getRequestList()[0].getCertID();
View Full Code Here

    dOut.writeObject(ku);
    byte[] value = bOut.toByteArray();
    X509Extension kuext = new X509Extension(false, new DEROctetString(value));
    values.add(kuext);
    oids.add(X509Extensions.KeyUsage);
        myCertTemplate.setExtensions(new X509Extensions(oids, values));
        CertRequest myCertRequest = new CertRequest(new DERInteger(4), myCertTemplate);
        CertReqMsg myCertReqMsg = new CertReqMsg(myCertRequest);
        ProofOfPossession myProofOfPossession = new ProofOfPossession(new DERNull(), 0);
        myCertReqMsg.setPop(myProofOfPossession);
        AttributeTypeAndValue av = new AttributeTypeAndValue(CRMFObjectIdentifiers.regCtrl_regToken, new DERUTF8String("foo123"));
View Full Code Here

        if (respIdType == OcspConfiguration.RESPONDERIDTYPE_NAME) {
          res = new BasicOCSPRespGenerator(new RespID(respondercert.getSubjectX500Principal()));
        } else {
          res = new BasicOCSPRespGenerator(respondercert.getPublicKey());
        }
        X509Extensions reqexts = req.getRequestExtensions();
        if (reqexts != null) {
          X509Extension ext = reqexts.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_response);
            if (null != ext) {
                //m_log.debug("Found extension AcceptableResponses");
                ASN1OctetString oct = ext.getValue();
                try {
                    ASN1Sequence seq = ASN1Sequence.getInstance(new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())).readObject());
View Full Code Here

        while (iter.hasNext()) {
            OCSPResponseItem item = (OCSPResponseItem)iter.next();
              basicRes.addResponse(item.getCertID(), item.getCertStatus(), item.getThisUpdate(), item.getNextUpdate(), null);         
        }
      }
      X509Extensions exts = serviceReq.getExtensions();
      if (exts != null) {
        Enumeration oids = exts.oids();
        if (oids.hasMoreElements()) {
            basicRes.setResponseExtensions(exts);         
        }
      }
View Full Code Here

     *
     * @param req OCSPReq
     * @return a Hashtable, can be empty nut not null
     */
    public static Hashtable getStandardResponseExtensions(OCSPReq req) {
        X509Extensions reqexts = req.getRequestExtensions();
        Hashtable table = new Hashtable();
        if (reqexts != null) {
          // Table of extensions to include in the response
            X509Extension ext = reqexts.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
            if (null != ext) {
                //m_log.debug("Found extension Nonce");
                table.put(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, ext);
            }
        }
View Full Code Here

TOP

Related Classes of org.apache.geronimo.crypto.asn1.x509.X509Extensions

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.