/** * Return an AttributeCertificate interpretation of otherCert. * @deprecated use getOtherCert and getOtherTag to make sure message is really what it should be. * * @return an AttributeCertificate */ public AttributeCertificate getX509v2AttrCert() { return AttributeCertificate.getInstance(otherCert); }
/** * @param obj * @return an AttributeCertificate object */ public static AttributeCertificate getInstance(Object obj) { if (obj instanceof AttributeCertificate) { return (AttributeCertificate)obj; } else if (obj != null) { return new AttributeCertificate(ASN1Sequence.getInstance(obj)); } return null; }
/** * Sets Attribute certificates, which will be added as the VOMS extensions to the generated proxy. * @param ac to be set * @throws IOException IO exception */ public void setAttributeCertificates(AttributeCertificate[] ac) throws IOException { attributeCertificates = new AttributeCertificate[ac.length]; for (int i=0; i<ac.length; i++) attributeCertificates[i] = AttributeCertificate.getInstance(ac[i].getEncoded(ASN1Encoding.DER)); }
public int getVersion() { return cert.getAcinfo().getVersion().getValue().intValue() + 1; }
public final void verify( PublicKey key, String provider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = null; if (!cert.getSignatureAlgorithm().equals(cert.getAcinfo().getSignature())) { throw new CertificateException("Signature algorithm in certificate info not same as outer certificate"); } signature = Signature.getInstance(cert.getSignatureAlgorithm().getAlgorithm().getId(), provider); signature.initVerify(key); try { signature.update(cert.getAcinfo().getEncoded()); } catch (IOException e) { throw new SignatureException("Exception encoding certificate info object"); } if (!signature.verify(this.getSignature())) { throw new InvalidKeyException("Public key presented not for certificate signature"); } }
public byte[] getEncoded() throws IOException { return cert.getEncoded(); }
public byte[] getSignature() { return cert.getSignatureValue().getOctets(); }
public BigInteger getSerialNumber() { return cert.getAcinfo().getSerialNumber().getValue(); }
private String attributeCertificateInfoFor(AttributeCertificate certificate) { VOMSAttribute attribute = VOMSACUtils.deserializeVOMSAttributes(certificate); StringBuilder sb = new StringBuilder(); sb.append(attribute.getIssuer().getName(X500Principal.RFC2253)).append('\n'); sb.append(" +--Validity: ").append(validityStatementFor(certificate)).append('\n'); Extensions extensions = certificate.getAcinfo().getExtensions(); if (extensions != null) { ASN1ObjectIdentifier[] ids = extensions.getExtensionOIDs(); if (ids != null && ids.length != 0) { sb.append(" +--Extensions:\n"); sb.append(" | |\n"); int index = 1; for (ASN1ObjectIdentifier id : ids) { boolean isLast = index == ids.length; Extension e = extensions.getExtension(id); String padding = isLast ? " | " : " | | "; sb.append(extensionInfoFor(id, e, attribute, padding)); index++; } } } String oid = certificate.getSignatureAlgorithm().getAlgorithm().getId(); sb.append(" +--Algorithm: ").append(nameForOid(oid)).append('\n'); String fqanInfo = fqanInfoFor(attribute); if(!fqanInfo.isEmpty()) { sb.append(" +--FQANs: ").append(fqanInfo).append('\n'); } return sb.toString(); }
/** * Return an AttributeCertificate interpretation of otherCert. * @deprecated use getOtherCert and getOtherTag to make sure message is really what it should be. * * @return an AttributeCertificate */ public AttributeCertificate getX509v2AttrCert() { return AttributeCertificate.getInstance(otherCert); }
public AttributeCertificateIssuer getIssuer() { return new AttributeCertificateIssuer(cert.getAcinfo().getIssuer()); }
/** * * @return Attribute certificates or null if was not set * @throws IOException IO exception */ public AttributeCertificate[] getAttributeCertificates() throws IOException { if (attributeCertificates == null) return null; AttributeCertificate[] ret = new AttributeCertificate[attributeCertificates.length]; for (int i=0; i<attributeCertificates.length; i++) ret[i] = AttributeCertificate.getInstance( attributeCertificates[i].getEncoded(ASN1Encoding.DER)); return ret; } }
/** * @param obj * @return an AttributeCertificate object */ public static AttributeCertificate getInstance(Object obj) { if (obj instanceof AttributeCertificate) { return (AttributeCertificate)obj; } else if (obj != null) { return new AttributeCertificate(ASN1Sequence.getInstance(obj)); } return null; }
private static AttributeCertificate getObject(InputStream in) throws IOException { try { return AttributeCertificate.getInstance(new ASN1InputStream(in).readObject()); } catch (IOException e) { throw e; } catch (Exception e) { throw new IOException("exception decoding certificate structure: " + e.toString()); } }
public X509Attribute[] getAttributes(String oid) { ASN1Sequence seq = cert.getAcinfo().getAttributes(); List list = new ArrayList(); for (int i = 0; i != seq.size(); i++) { X509Attribute attr = new X509Attribute((ASN1Encodable)seq.getObjectAt(i)); if (attr.getOID().equals(oid)) { list.add(attr); } } if (list.size() == 0) { return null; } return (X509Attribute[])list.toArray(new X509Attribute[list.size()]); }
private static List<AttributeCertificate> extractAttributeCertificates(X509Certificate certificate) throws IOException { List<AttributeCertificate> certificates = new ArrayList<>(); byte[] payload = certificate.getExtensionValue(ATTRIBUTE_CERTIFICATE_OID); if(payload == null) { return Collections.emptyList(); } payload = decodeEncapsulation(payload); InputStream in = new ByteArrayInputStream(payload); ASN1Sequence acSequence = (ASN1Sequence) new ASN1InputStream(in).readObject(); for(Enumeration<ASN1Sequence> e1=acSequence.getObjects(); e1.hasMoreElements(); ) { ASN1Sequence acSequence2 = e1.nextElement(); for(Enumeration<ASN1Sequence> e2=acSequence2.getObjects(); e2.hasMoreElements(); ) { ASN1Sequence acSequence3 = e2.nextElement(); certificates.add(AttributeCertificate.getInstance(acSequence3)); } } return certificates; }
X509V2AttributeCertificate( AttributeCertificate cert) throws IOException { this.cert = cert; try { this.notAfter = cert.getAcinfo().getAttrCertValidityPeriod().getNotAfterTime().getDate(); this.notBefore = cert.getAcinfo().getAttrCertValidityPeriod().getNotBeforeTime().getDate(); } catch (ParseException e) { throw new IOException("invalid data structure in certificate!"); } }
/** * Used to get the AC extension object. * * @return The AC object */ public AttributeCertificate[] getAttributeCertificates() { DLSequence seqac = (DLSequence) ac.getObjectAt(0); AttributeCertificate[] ret = new AttributeCertificate[seqac.size()]; for (int i=0; i<ret.length; i++) ret[i] = AttributeCertificate.getInstance(seqac.getObjectAt(i)); return ret; }
private String validityStatementFor(AttributeCertificate certificate) { try { Date notBefore = certificate.getAcinfo().getAttrCertValidityPeriod().getNotBeforeTime().getDate(); Date notAfter = certificate.getAcinfo().getAttrCertValidityPeriod().getNotAfterTime().getDate(); return validityStatementFor(notBefore, notAfter); } catch(ParseException e) { return "problem parsing validity info (" + e.getMessage() + ")"; } }
AttributeCertificate.getInstance(theACs.nextElement()); acs.add(parsedAC);