Package org.bouncycastle.x509

Examples of org.bouncycastle.x509.X509Util$Implementation


            throw new InvalidAlgorithmParameterException(
                "TargetConstraints must be an instance of "
                    + X509AttributeCertStoreSelector.class.getName() + " for "
                    + this.getClass().getName() + " class.");
        }
        X509AttributeCertificate attrCert = ((X509AttributeCertStoreSelector) certSelect)
            .getAttributeCert();

        CertPath holderCertPath = RFC3281CertPathUtilities.processAttrCert1(attrCert, pkixParams);
        CertPathValidatorResult result = RFC3281CertPathUtilities.processAttrCert2(certPath, pkixParams);
        X509Certificate issuerCert = (X509Certificate) certPath
View Full Code Here


    protected static Set getDeltaCRLs(Date currentDate,
                                      ExtendedPKIXParameters paramsPKIX, X509CRL completeCRL)
        throws AnnotatedException
    {

        X509CRLStoreSelector deltaSelect = new X509CRLStoreSelector();

        // 5.2.4 (a)
        try
        {
            deltaSelect.addIssuerName(CertPathValidatorUtilities
                .getIssuerPrincipal(completeCRL).getEncoded());
        }
        catch (IOException e)
        {
            throw new AnnotatedException("Cannot extract issuer from CRL.", e);
        }

        BigInteger completeCRLNumber = null;
        try
        {
            ASN1Primitive derObject = CertPathValidatorUtilities.getExtensionValue(completeCRL,
                CRL_NUMBER);
            if (derObject != null)
            {
                completeCRLNumber = ASN1Integer.getInstance(derObject).getPositiveValue();
            }
        }
        catch (Exception e)
        {
            throw new AnnotatedException(
                "CRL number extension could not be extracted from CRL.", e);
        }

        // 5.2.4 (b)
        byte[] idp = null;
        try
        {
            idp = completeCRL.getExtensionValue(ISSUING_DISTRIBUTION_POINT);
        }
        catch (Exception e)
        {
            throw new AnnotatedException(
                "Issuing distribution point extension value could not be read.",
                e);
        }

        // 5.2.4 (d)

        deltaSelect.setMinCRLNumber(completeCRLNumber == null ? null : completeCRLNumber
            .add(BigInteger.valueOf(1)));

        deltaSelect.setIssuingDistributionPoint(idp);
        deltaSelect.setIssuingDistributionPointEnabled(true);

        // 5.2.4 (c)
        deltaSelect.setMaxBaseCRLNumber(completeCRLNumber);

        // find delta CRLs
        Set temp = CRL_UTIL.findCRLs(deltaSelect, paramsPKIX, currentDate);

        Set result = new HashSet();
View Full Code Here

     */
    protected static Set getCompleteCRLs(DistributionPoint dp, Object cert,
                                         Date currentDate, ExtendedPKIXParameters paramsPKIX)
        throws AnnotatedException
    {
        X509CRLStoreSelector crlselect = new X509CRLStoreSelector();
        try
        {
            Set issuers = new HashSet();
            if (cert instanceof X509AttributeCertificate)
            {
                issuers.add(((X509AttributeCertificate)cert)
                    .getIssuer().getPrincipals()[0]);
            }
            else
            {
                issuers.add(getEncodedIssuerPrincipal(cert));
            }
            CertPathValidatorUtilities.getCRLIssuersFromDistributionPoint(dp, issuers, crlselect, paramsPKIX);
        }
        catch (AnnotatedException e)
        {
            throw new AnnotatedException(
                "Could not get issuer information from distribution point.", e);
        }
        if (cert instanceof X509Certificate)
        {
            crlselect.setCertificateChecking((X509Certificate)cert);
        }
        else if (cert instanceof X509AttributeCertificate)
        {
            crlselect.setAttrCertificateChecking((X509AttributeCertificate)cert);
        }


        crlselect.setCompleteCRLEnabled(true);

        Set crls = CRL_UTIL.findCRLs(crlselect, paramsPKIX, currentDate);

        if (crls.isEmpty())
        {
View Full Code Here

        X509Certificate cert,
        X509CRL crl)
        throws AnnotatedException
    {
        Set deltaSet = new HashSet();
        X509CRLStoreSelector crlselect = new X509CRLStoreSelector();
        crlselect.setCertificateChecking(cert);

        try
        {
            crlselect.addIssuerName(crl.getIssuerX500Principal().getEncoded());
        }
        catch (IOException e)
        {
            throw new AnnotatedException("Cannot extract issuer from CRL." + e, e);
        }

        crlselect.setCompleteCRLEnabled(true);
        Set completeSet = CRL_UTIL.findCRLs(crlselect, paramsPKIX, currentDate);

        if (paramsPKIX.isUseDeltasEnabled())
        {
            // get delta CRL(s)
View Full Code Here

    {
        if (!(selector instanceof X509CRLStoreSelector))
        {
            return Collections.EMPTY_SET;
        }
        X509CRLStoreSelector xselector = (X509CRLStoreSelector)selector;
        Set set = new HashSet();
        // test only delta CRLs should be selected
        if (xselector.isDeltaCRLIndicatorEnabled())
        {
            set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
        }
        // nothing specified
        else
View Full Code Here

    private Collection getCertificatesFromCrossCertificatePairs(
        X509CertStoreSelector xselector) throws StoreException
    {
        Set set = new HashSet();
        X509CertPairStoreSelector ps = new X509CertPairStoreSelector();

        ps.setForwardSelector(xselector);
        ps.setReverseSelector(new X509CertStoreSelector());
       
        Set crossCerts = new HashSet(helper.getCrossCertificatePairs(ps));
        Set forward = new HashSet();
        Set reverse = new HashSet();
        Iterator it = crossCerts.iterator();
View Full Code Here

        targetIter = targets.iterator();
        while (targetIter.hasNext() && result == null)
        {
            cert = (X509AttributeCertificate) targetIter.next();
           
            X509CertStoreSelector selector = new X509CertStoreSelector();
            Principal[] principals = cert.getIssuer().getPrincipals();
            Set issuers = new HashSet();
            for (int i = 0; i < principals.length; i++)
            {
                try
                {
                    if (principals[i] instanceof X500Principal)
                    {
                        selector.setSubject(((X500Principal)principals[i]).getEncoded());
                    }
                    issuers.addAll(CertPathValidatorUtilities.findCertificates(selector, pkixParams.getStores()));
                    issuers.addAll(CertPathValidatorUtilities.findCertificates(selector, pkixParams.getCertStores()));
                }
                catch (AnnotatedException e)
View Full Code Here

    protected static Collection findIssuerCerts(
        X509Certificate cert,
        ExtendedPKIXBuilderParameters pkixParams)
        throws AnnotatedException
    {
        X509CertStoreSelector certSelect = new X509CertStoreSelector();
        Set certs = new HashSet();
        try
        {
            certSelect.setSubject(cert.getIssuerX500Principal().getEncoded());
        }
        catch (IOException ex)
        {
            throw new AnnotatedException(
                "Subject criteria for certificate selector to find issuer certificate could not be set.", ex);
View Full Code Here

        List list = crossCertificatePairSubjectSearch(selector, attrs,
            attrNames, subjectAttributeNames);
        Set resultSet = createCrossCertificatePairs(list, selector);
        if (resultSet.size() == 0)
        {
            X509CertStoreSelector emptyCertselector = new X509CertStoreSelector();
            X509CertPairStoreSelector emptySelector = new X509CertPairStoreSelector();

            emptySelector.setForwardSelector(emptyCertselector);
            emptySelector.setReverseSelector(emptyCertselector);
            list = crossCertificatePairSubjectSearch(emptySelector, attrs,
View Full Code Here

        List list = certSubjectSerialSearch(selector, attrs, attrNames,
            subjectAttributeNames);
        Set resultSet = createCerts(list, selector);
        if (resultSet.size() == 0)
        {
            X509CertStoreSelector emptySelector = new X509CertStoreSelector();
            list = certSubjectSerialSearch(emptySelector, attrs, attrNames,
                subjectAttributeNames);
            resultSet.addAll(createCerts(list, selector));
        }
View Full Code Here

TOP

Related Classes of org.bouncycastle.x509.X509Util$Implementation

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.