本文整理汇总了Java中org.bouncycastle.asn1.x509.CRLDistPoint.getInstance方法的典型用法代码示例。如果您正苦于以下问题:Java CRLDistPoint.getInstance方法的具体用法?Java CRLDistPoint.getInstance怎么用?Java CRLDistPoint.getInstance使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.asn1.x509.CRLDistPoint的用法示例。
在下文中一共展示了CRLDistPoint.getInstance方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: CRLDistributionPointsImpl
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
public CRLDistributionPointsImpl(X509Certificate cert) throws CertificateException, IOException {
URINames = new ArrayList<>();
byte[] extVal = cert.getExtensionValue(Extension.cRLDistributionPoints.getId());
if (extVal == null)
return;
CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
DistributionPoint[] points = crlDistPoint.getDistributionPoints();
for (DistributionPoint p : points) {
GeneralNames tmp = p.getCRLIssuer();
if (tmp != null) {
GeneralName[] crlIssers = tmp.getNames();
for (int i = 0; i < crlIssers.length; i++) {
if (crlIssers[i].getTagNo() == GeneralName.uniformResourceIdentifier) {
String issuerUrl = crlIssers[i].toString();
URINames.add(issuerUrl);
}
}
}
}
}
示例2: getCRLDistributionPoint
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
*
* @return A list of ulrs that inform the location of the certificate revocation lists
* @throws IOException exception
*/
public List<String> getCRLDistributionPoint() throws IOException {
List<String> crlUrls = new ArrayList<>();
ASN1Primitive primitive = getExtensionValue(Extension.cRLDistributionPoints.getId());
if (primitive == null) {
return null;
}
CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(primitive);
DistributionPoint[] distributionPoints = crlDistPoint.getDistributionPoints();
for (DistributionPoint distributionPoint : distributionPoints) {
DistributionPointName dpn = distributionPoint.getDistributionPoint();
// Look for URIs in fullName
if (dpn != null) {
if (dpn.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames();
for (GeneralName genName : genNames) {
if (genName.getTagNo() == GeneralName.uniformResourceIdentifier) {
String url = DERIA5String.getInstance(genName.getName()).getString();
crlUrls.add(url);
logger.info("Adicionando a url {}", url);
}
}
}
}
}
return crlUrls;
}
示例3: getCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
public static List<String> getCrlDistributionPoints(byte[] crldpExt)
throws CertificateParsingException, IOException {
if (crldpExt == null) {
return new ArrayList<String>();
}
ASN1InputStream oAsnInStream = new ASN1InputStream(
new ByteArrayInputStream(crldpExt));
DERObject derObjCrlDP = oAsnInStream.readObject();
DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP;
byte[] crldpExtOctets = dosCrlDP.getOctets();
ASN1InputStream oAsnInStream2 = new ASN1InputStream(
new ByteArrayInputStream(crldpExtOctets));
DERObject derObj2 = oAsnInStream2.readObject();
CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
List<String> crlUrls = new ArrayList<String>();
for (DistributionPoint dp : distPoint.getDistributionPoints()) {
DistributionPointName dpn = dp.getDistributionPoint();
// Look for URIs in fullName
if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames = GeneralNames
.getInstance(dpn.getName()).getNames();
// Look for an URI
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
String url = DERIA5String.getInstance(
genNames[j].getName()).getString();
crlUrls.add(url);
}
}
}
}
return crlUrls;
}
示例4: getCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
public static List<String> getCrlDistributionPoints(byte[] crldpExt)
throws CertificateParsingException, IOException {
if (crldpExt == null) {
return new ArrayList<String>();
}
ASN1InputStream oAsnInStream = new ASN1InputStream(
new ByteArrayInputStream(crldpExt));
ASN1Primitive derObjCrlDP = oAsnInStream.readObject();
DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP;
byte[] crldpExtOctets = dosCrlDP.getOctets();
ASN1InputStream oAsnInStream2 = new ASN1InputStream(
new ByteArrayInputStream(crldpExtOctets));
ASN1Primitive derObj2 = oAsnInStream2.readObject();
CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
List<String> crlUrls = new ArrayList<String>();
for (DistributionPoint dp : distPoint.getDistributionPoints()) {
DistributionPointName dpn = dp.getDistributionPoint();
// Look for URIs in fullName
if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames = GeneralNames
.getInstance(dpn.getName()).getNames();
// Look for an URI
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
String url = DERIA5String.getInstance(
genNames[j].getName()).getString();
crlUrls.add(url);
}
}
}
}
return crlUrls;
}
示例5: getCrlUrls
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Gives back the {@code List} of CRL URI meta-data found within the given X509 certificate.
*
* @param certificateToken
* the cert token certificate
* @param checkInTrustAnchors
* if true, the method will search in the ServiceSupplyPoint urls
* @return the {@code List} of CRL URI, or empty list if the extension is not present
*/
public static List<String> getCrlUrls(final CertificateToken certificateToken, boolean checkInTrustAnchors) {
final List<String> urls = new ArrayList<String>();
final byte[] crlDistributionPointsBytes = certificateToken.getCertificate().getExtensionValue(Extension.cRLDistributionPoints.getId());
if (crlDistributionPointsBytes != null) {
try {
final ASN1Sequence asn1Sequence = DSSASN1Utils.getAsn1SequenceFromDerOctetString(crlDistributionPointsBytes);
final CRLDistPoint distPoint = CRLDistPoint.getInstance(asn1Sequence);
final DistributionPoint[] distributionPoints = distPoint.getDistributionPoints();
for (final DistributionPoint distributionPoint : distributionPoints) {
final DistributionPointName distributionPointName = distributionPoint.getDistributionPoint();
if (DistributionPointName.FULL_NAME != distributionPointName.getType()) {
continue;
}
final GeneralNames generalNames = (GeneralNames) distributionPointName.getName();
final GeneralName[] names = generalNames.getNames();
for (final GeneralName name : names) {
String location = parseGn(name);
if (location != null) {
urls.add(location);
}
}
}
} catch (Exception e) {
LOG.error("Unable to parse cRLDistributionPoints", e);
}
}
if (Utils.isCollectionEmpty(urls) && checkInTrustAnchors) {
return getServiceSupplyPoints(certificateToken, "crl", "certificateRevocationList");
}
return urls;
}
示例6: getCRLDistributionPoint
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Retorna URL da Lista de Certificados Revogados (CRL). Pode haver mais de uma dependendo do
* emissor do certificado<br>
* Mesmo que a CRL possua mais que uma fonte, retorna apenas a URL.<br>
* Caso essa informacao nao esteja no certificado, retorna <b>null</b>.<br>
*
* @return String
* @throws IOException
*/
public List<String> getCRLDistributionPoint() throws IOException{
//TODO - Precisa validar este metodo com a RFC
List<String> lcrS = new ArrayList<String>();
DERObject derObj = getExtensionValue(X509Extensions.CRLDistributionPoints.getId());
if(derObj == null) {
return null;
}
CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(derObj);
DistributionPoint[] dp = crlDistPoint.getDistributionPoints();
for(int i=0 ; i<dp.length ; i++) {
DERSequence seq = (DERSequence)new ASN1InputStream(dp[i].getDistributionPoint().getName().getDEREncoded()).readObject();
DERTaggedObject tag = (DERTaggedObject) seq.getObjectAt(0);
try{
ASN1OctetString oct = (DEROctetString)DEROctetString.getInstance(tag);
lcrS.add( new String(oct.getOctets()));
}catch (Exception e){
// N�o � um objeto com informa��o de DistributionPoint
}
// codifica��o antiga feita pelo Thiago, pegava apenas a primeira URL.
//URL da WEB
//if(tag.getTagNo() == 6) {
// DEROctetString oct = (DEROctetString)DEROctetString.getInstance(tag);
// return new String(oct.getOctets());
//}
}
return lcrS;
}
示例7: getCrlUri
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
public String getCrlUri(X509Certificate certificate) throws IOException {
ASN1Primitive obj;
try {
obj = getExtensionValue(certificate, Extension.cRLDistributionPoints.getId());
} catch (IOException ex) {
log.error("Failed to get CRL URL", ex);
return null;
}
if (obj == null) {
return null;
}
CRLDistPoint distPoint = CRLDistPoint.getInstance(obj);
DistributionPoint[] distributionPoints = distPoint.getDistributionPoints();
for (DistributionPoint distributionPoint : distributionPoints) {
DistributionPointName distributionPointName = distributionPoint.getDistributionPoint();
if (DistributionPointName.FULL_NAME != distributionPointName.getType()) {
continue;
}
GeneralNames generalNames = (GeneralNames) distributionPointName.getName();
GeneralName[] names = generalNames.getNames();
for (GeneralName name : names) {
if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
continue;
}
DERIA5String derStr = DERIA5String.getInstance((ASN1TaggedObject) name.toASN1Primitive(), false);
return derStr.getString();
}
}
return null;
}
示例8: getCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Extracts all CRL distribution point URLs from the "CRL Distribution Point"
* extension in a X.509 certificate. If CRL distribution point extension is
* unavailable, returns an empty list.
*/
public static List<String> getCrlDistributionPoints(
X509Certificate cert) throws CertificateParsingException, IOException {
byte[] crldpExt = cert.getExtensionValue(
X509Extensions.CRLDistributionPoints.getId());
ASN1InputStream oAsnInStream = new ASN1InputStream(
new ByteArrayInputStream(crldpExt));
ASN1Primitive derObjCrlDP = oAsnInStream.readObject();
DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP;
byte[] crldpExtOctets = dosCrlDP.getOctets();
ASN1InputStream oAsnInStream2 = new ASN1InputStream(
new ByteArrayInputStream(crldpExtOctets));
ASN1Primitive derObj2 = oAsnInStream2.readObject();
CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
List<String> crlUrls = new ArrayList<String>();
for (DistributionPoint dp : distPoint.getDistributionPoints()) {
System.out.println(dp);
DistributionPointName dpn = dp.getDistributionPoint();
// Look for URIs in fullName
if (dpn != null) {
if (dpn.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames = GeneralNames.getInstance(
dpn.getName()).getNames();
// Look for an URI
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
String url = DERIA5String.getInstance(
genNames[j].getName()).getString();
crlUrls.add(url);
}
}
}
}
}
return crlUrls;
}
示例9: getCrlDistributionPointsStringValue
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Get extension value for CRL Distribution Points as a string.
*
* @param bValue The octet string value
* @return Extension value as a string
* @throws IOException If an I/O problem occurs
*/
private String getCrlDistributionPointsStringValue(byte[] bValue)
throws IOException
{
CRLDistPoint dps = CRLDistPoint.getInstance(bValue);
DistributionPoint[] points = dps.getDistributionPoints();
StringBuilder sb = new StringBuilder();
sb.append("<ul>");
for (DistributionPoint point : points)
{
DistributionPointName dpn;
if ((dpn = point.getDistributionPoint()) != null)
{
sb.append("<li>");
switch (dpn.getType())
{
case DistributionPointName.FULL_NAME:
sb.append(RB.getString("CrlDistributionPoint.0.0"));
sb.append(": ");
sb.append(getGeneralNamesString((GeneralNames) dpn.getName(), LinkClass.CRL));
break;
case DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER:
sb.append(RB.getString("CrlDistributionPoint.0.1"));
sb.append(": ");
// TODO: need better decode?
sb.append(stringify(dpn.getName()));
break;
default:
sb.append(RB.getString("UnknownCrlDistributionPointName"));
sb.append(": ");
sb.append(stringify(dpn.getName()));
break;
}
sb.append("</li>");
}
ReasonFlags flags;
if ((flags = point.getReasons()) != null)
{
sb.append("<li>");
sb.append(RB.getString("CrlDistributionPoint.1"));
sb.append(": ");
// TODO: decode
sb.append(stringify(flags));
sb.append("</li>");
}
GeneralNames issuer;
if ((issuer = point.getCRLIssuer()) != null)
{
sb.append("<li>");
sb.append(RB.getString("CrlDistributionPoint.2"));
sb.append(": ");
sb.append(getGeneralNamesString(issuer, LinkClass.CRL));
sb.append("</li>");
}
}
sb.append("</ul>");
return sb.toString();
}
示例10: getCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Extracts all CRL distribution point URLs from the
* "CRL Distribution Point" extension in a X.509 certificate. If CRL
* distribution point extension is unavailable, returns an empty list.
*/
public static List<String> getCrlDistributionPoints(X509Certificate cert) throws CertificateParsingException,
IOException {
byte[] crldpExt = cert.getExtensionValue(X509Extension.cRLDistributionPoints.getId());
if (crldpExt == null) {
return new ArrayList<String>();
}
ASN1InputStream oAsnInStream = null;
ASN1InputStream oAsnInStream2 = null;
try {
oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt));
DERObject derObjCrlDP = oAsnInStream.readObject();
DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP;
byte[] crldpExtOctets = dosCrlDP.getOctets();
oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets));
DERObject derObj2 = oAsnInStream2.readObject();
CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
List<String> crlUrls = new ArrayList<String>();
for (DistributionPoint dp : distPoint.getDistributionPoints()) {
DistributionPointName dpn = dp.getDistributionPoint();
// Look for URIs in fullName
if (dpn != null && dpn.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames();
// Look for an URI
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
String url = DERIA5String.getInstance(genNames[j].getName()).getString();
crlUrls.add(url);
}
}
}
}
return crlUrls;
} finally {
if (oAsnInStream != null) {
oAsnInStream.close();
}
if (oAsnInStream2 != null) {
oAsnInStream2.close();
}
}
}
示例11: getCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Extracts all CRL distribution point URLs from the
* "CRL Distribution Point" extension in a X.509 certificate. If CRL
* distribution point extension is unavailable, returns an empty list.
*/
public static List<String> getCrlDistributionPoints(X509Certificate cert) {
ASN1InputStream oAsnInStream = null;
ASN1InputStream oAsnInStream2 = null;
try {
byte[] crldpExt = cert.getExtensionValue(Extension.cRLDistributionPoints.getId());
if (crldpExt == null) {
List<String> emptyList = new ArrayList<String>();
return emptyList;
}
oAsnInStream = new ASN1InputStream(new ByteArrayInputStream(crldpExt));
ASN1Primitive derObjCrlDP = oAsnInStream.readObject();
DEROctetString dosCrlDP = (DEROctetString) derObjCrlDP;
byte[] crldpExtOctets = dosCrlDP.getOctets();
oAsnInStream2 = new ASN1InputStream(new ByteArrayInputStream(crldpExtOctets));
ASN1Primitive derObj2 = oAsnInStream2.readObject();
CRLDistPoint distPoint = CRLDistPoint.getInstance(derObj2);
List<String> crlUrls = new ArrayList<String>();
for (DistributionPoint dp : distPoint.getDistributionPoints()) {
DistributionPointName dpn = dp.getDistributionPoint();
// Look for URIs in fullName
if (dpn != null) {
if (dpn.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames();
// Look for an URI
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
String url = DERIA5String.getInstance(genNames[j].getName()).getString();
crlUrls.add(url);
}
}
}
}
}
return crlUrls;
} catch (IOException ex) {
throw new RuntimeException(ex);
} finally {
org.apache.commons.io.IOUtils.closeQuietly(oAsnInStream);
org.apache.commons.io.IOUtils.closeQuietly(oAsnInStream2);
}
}
示例12: getCrlUri
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
/**
* Gives back the CRL URI meta-data found within the given X509 certificate.
*
* @param certificate
* the X509 certificate.
* @return the CRL URI, or <code>null</code> if the extension is not
* present.
*/
public static URI getCrlUri(X509Certificate certificate) {
byte[] crlDistributionPointsValue = certificate
.getExtensionValue(Extension.cRLDistributionPoints.getId());
if (null == crlDistributionPointsValue) {
return null;
}
ASN1Sequence seq;
try {
DEROctetString oct;
oct = (DEROctetString) (new ASN1InputStream(
new ByteArrayInputStream(crlDistributionPointsValue))
.readObject());
seq = (ASN1Sequence) new ASN1InputStream(oct.getOctets())
.readObject();
} catch (IOException e) {
throw new RuntimeException("IO error: " + e.getMessage(), e);
}
CRLDistPoint distPoint = CRLDistPoint.getInstance(seq);
DistributionPoint[] distributionPoints = distPoint
.getDistributionPoints();
for (DistributionPoint distributionPoint : distributionPoints) {
DistributionPointName distributionPointName = distributionPoint
.getDistributionPoint();
if (DistributionPointName.FULL_NAME != distributionPointName
.getType()) {
continue;
}
GeneralNames generalNames = (GeneralNames) distributionPointName
.getName();
GeneralName[] names = generalNames.getNames();
for (GeneralName name : names) {
if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
LOG.debug("not a uniform resource identifier");
continue;
}
DERIA5String derStr = DERIA5String.getInstance(name.getName());
String str = derStr.getString();
if (false == str.startsWith("http")) {
/*
* skip ldap:// protocols
*/
LOG.debug("not HTTP/HTTPS: " + str);
continue;
}
URI uri = toURI(str);
return uri;
}
}
return null;
}
示例13: getCrlDistPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
private static List<String> getCrlDistPoints(X509Certificate cert) throws Exception {
byte[] crlDistPointExt =
cert.getExtensionValue(X509Extension.cRLDistributionPoints.getId());
if (crlDistPointExt == null) {
List<String> emptyList = new ArrayList<String>();
return emptyList;
}
ASN1InputStream asnInStream =
new ASN1InputStream(new ByteArrayInputStream(crlDistPointExt));
ASN1Primitive derObjCrlDistPoint = asnInStream.readObject();
DEROctetString derOctStrCrlDistPoint = (DEROctetString) derObjCrlDistPoint;
byte[] crlDistPointBytes = derOctStrCrlDistPoint.getOctets();
ASN1InputStream asnInStream2 =
new ASN1InputStream(new ByteArrayInputStream(crlDistPointBytes));
ASN1Primitive derObjCrlDistPoint2 = asnInStream2.readObject();
CRLDistPoint crlDistPoints = CRLDistPoint.getInstance(derObjCrlDistPoint2);
List<String> crlUrls = new ArrayList<String>();
for (DistributionPoint dPoint: crlDistPoints.getDistributionPoints()) {
DistributionPointName dPointName = dPoint.getDistributionPoint();
if (dPointName != null) {
if (dPointName.getType() == DistributionPointName.FULL_NAME) {
GeneralName[] genNames =
GeneralNames.getInstance(dPointName.getName()).getNames();
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
String url =
DERIA5String.getInstance(genNames[j].getName()).getString();
crlUrls.add(url);
}
}
}
}
}
asnInStream.close();
asnInStream2.close();
return crlUrls;
}
示例14: checkExtensionCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
private void checkExtensionCrlDistributionPoints(StringBuilder failureMsg,
byte[] extensionValue, X509IssuerInfo issuerInfo) {
CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
if (isDistributionPoints == null) {
addViolation(failureMsg, "size of CRLDistributionPoints", 0, 1);
return;
} else {
int len = isDistributionPoints.length;
if (len != 1) {
addViolation(failureMsg, "size of CRLDistributionPoints", len, 1);
return;
}
}
Set<String> isCrlUrls = new HashSet<>();
for (DistributionPoint entry : isDistributionPoints) {
int asn1Type = entry.getDistributionPoint().getType();
if (asn1Type != DistributionPointName.FULL_NAME) {
addViolation(failureMsg, "tag of DistributionPointName of CRLDistibutionPoints",
asn1Type, DistributionPointName.FULL_NAME);
continue;
}
GeneralNames isDistributionPointNames =
GeneralNames.getInstance(entry.getDistributionPoint().getName());
GeneralName[] names = isDistributionPointNames.getNames();
for (int i = 0; i < names.length; i++) {
GeneralName name = names[i];
if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
addViolation(failureMsg, "tag of CRL URL", name.getTagNo(),
GeneralName.uniformResourceIdentifier);
} else {
String uri = ((ASN1String) name.getName()).getString();
isCrlUrls.add(uri);
}
}
Set<String> expCrlUrls = issuerInfo.crlUrls();
Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append("CRL URLs ").append(diffs.toString())
.append(" are present but not expected; ");
}
diffs = strInBnotInA(isCrlUrls, expCrlUrls);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append("CRL URLs ").append(diffs.toString())
.append(" are absent but are required; ");
}
}
}
示例15: checkExtensionDeltaCrlDistributionPoints
import org.bouncycastle.asn1.x509.CRLDistPoint; //导入方法依赖的package包/类
private void checkExtensionDeltaCrlDistributionPoints(StringBuilder failureMsg,
byte[] extensionValue, X509IssuerInfo issuerInfo) {
CRLDistPoint isCrlDistPoints = CRLDistPoint.getInstance(extensionValue);
DistributionPoint[] isDistributionPoints = isCrlDistPoints.getDistributionPoints();
if (isDistributionPoints == null) {
addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", 0, 1);
return;
} else {
int len = isDistributionPoints.length;
if (len != 1) {
addViolation(failureMsg, "size of CRLDistributionPoints (deltaCRL)", len, 1);
return;
}
}
Set<String> isCrlUrls = new HashSet<>();
for (DistributionPoint entry : isDistributionPoints) {
int asn1Type = entry.getDistributionPoint().getType();
if (asn1Type != DistributionPointName.FULL_NAME) {
addViolation(failureMsg,
"tag of DistributionPointName of CRLDistibutionPoints (deltaCRL)",
asn1Type, DistributionPointName.FULL_NAME);
continue;
}
GeneralNames isDistributionPointNames =
GeneralNames.getInstance(entry.getDistributionPoint().getName());
GeneralName[] names = isDistributionPointNames.getNames();
for (int i = 0; i < names.length; i++) {
GeneralName name = names[i];
if (name.getTagNo() != GeneralName.uniformResourceIdentifier) {
addViolation(failureMsg, "tag of deltaCRL URL", name.getTagNo(),
GeneralName.uniformResourceIdentifier);
} else {
String uri = ((ASN1String) name.getName()).getString();
isCrlUrls.add(uri);
}
}
Set<String> expCrlUrls = issuerInfo.crlUrls();
Set<String> diffs = strInBnotInA(expCrlUrls, isCrlUrls);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append("deltaCRL URLs ").append(diffs.toString())
.append(" are present but not expected; ");
}
diffs = strInBnotInA(isCrlUrls, expCrlUrls);
if (CollectionUtil.isNonEmpty(diffs)) {
failureMsg.append("deltaCRL URLs ").append(diffs.toString())
.append(" are absent but are required; ");
}
}
}