AuthorityInformationAccess.java
/*
* GovWay - A customizable API Gateway
* https://govway.org
*
* Copyright (c) 2005-2024 Link.it srl (https://link.it).
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 3, as published by
* the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package org.openspcoop2.utils.certificate;
import java.security.cert.CertificateParsingException;
import java.util.ArrayList;
import java.util.List;
import org.bouncycastle.asn1.x509.AccessDescription;
import org.bouncycastle.asn1.x509.Extensions;
import org.bouncycastle.asn1.x509.GeneralName;
/**
* AuthorityInformationAccess
*
* @author Poli Andrea (apoli@link.it)
* @author $Author$
* @version $Rev$, $Date$
*/
public class AuthorityInformationAccess {
private static final String CA_ISSUERS = "1.3.6.1.5.5.7.48.2";
private static final String OCSP = "1.3.6.1.5.5.7.48.1";
private List<GeneralName> caIssuers = new ArrayList<>();
private List<GeneralName> ocsps = new ArrayList<>();
public List<GeneralName> getObjectCAIssuers() {
return this.caIssuers;
}
public GeneralName getObjectCAIssuer(int index) {
return this.caIssuers!=null && (this.caIssuers.size()>index) ? this.caIssuers.get(index) : null;
}
public List<String> getCAIssuers() {
List<String> s = new ArrayList<>();
if(this.caIssuers!=null && !this.caIssuers.isEmpty()) {
for (GeneralName o : this.caIssuers) {
if(o.getName()!=null) {
s.add(o.getName().toString());
}
}
}
return s;
}
public String getCAIssuer(int index) {
if(this.caIssuers!=null && (this.caIssuers.size()>index)) {
return (this.caIssuers.get(index)!=null && this.caIssuers.get(index).getName()!=null) ? this.caIssuers.get(index).getName().toString() : null;
}
return null;
}
public boolean containsCAIssuer(String name) throws CertificateParsingException {
return containsCAIssuerEngine(null, name);
}
public boolean containsCAIssuer(int tagNum, String name) throws CertificateParsingException {
return containsCAIssuerEngine(tagNum, name);
}
private boolean containsCAIssuerEngine(Integer tagNum, String name) throws CertificateParsingException {
if(name==null) {
throw new CertificateParsingException("Param name undefined");
}
if(this.caIssuers!=null && !this.caIssuers.isEmpty()) {
for (GeneralName o : this.caIssuers) {
if(isEquals(o, tagNum, name)) {
return true;
}
}
}
return false;
}
public List<GeneralName> getObjectOCSPs() {
return this.ocsps;
}
public GeneralName getObjectOCSP(int index) {
return this.ocsps!=null && (this.ocsps.size()>index) ? this.ocsps.get(index) : null;
}
public List<String> getOCSPs() {
List<String> s = new ArrayList<>();
if(this.ocsps!=null && !this.ocsps.isEmpty()) {
for (GeneralName o : this.ocsps) {
if(o.getName()!=null) {
s.add(o.getName().toString());
}
}
}
return s;
}
public String getOCSP(int index) {
if(this.ocsps!=null && (this.ocsps.size()>index)) {
return (this.ocsps.get(index)!=null && this.ocsps.get(index).getName()!=null) ? this.ocsps.get(index).getName().toString() : null;
}
return null;
}
public boolean containsOCSP(String name) throws CertificateParsingException {
return containsOCSPEngine(null, name);
}
public boolean containsOCSP(int tagNum, String name) throws CertificateParsingException {
return containsOCSPEngine(tagNum, name);
}
private boolean containsOCSPEngine(Integer tagNum, String name) throws CertificateParsingException {
if(name==null) {
throw new CertificateParsingException("Param name undefined");
}
if(this.ocsps!=null && !this.ocsps.isEmpty()) {
for (GeneralName o : this.ocsps) {
if(isEquals(o, tagNum, name)) {
return true;
}
}
}
return false;
}
public static AuthorityInformationAccess getAuthorityInformationAccess(byte[]encoded) {
org.bouncycastle.asn1.x509.Certificate c =org.bouncycastle.asn1.x509.Certificate.getInstance(encoded);
Extensions exts = c.getTBSCertificate().getExtensions();
if (exts != null){
org.bouncycastle.asn1.x509.AuthorityInformationAccess auth = org.bouncycastle.asn1.x509.AuthorityInformationAccess.fromExtensions(exts);
if(auth!=null) {
return readAIA(auth);
/**AuthorityInformationAccess aia = readAIA(auth);
System.out.println("======================");
System.out.println("AuthorityInformationAccess '"+auth.toString()+"'");
if(auth.getAccessDescriptions()!=null && auth.getAccessDescriptions().length>0) {
System.out.println("Len '"+auth.getAccessDescriptions().length+"'");
for (int i = 0; i < auth.getAccessDescriptions().length; i++) {
AccessDescription ad = auth.getAccessDescriptions()[i];
System.out.println("AD["+i+"]=["+ad.getAccessMethod()+"]["+ad.getAccessLocation()+"]["+ad.getAccessLocation().getTagNo()+"]["+ad.getAccessLocation().getName()+"]");
}
}
System.out.println("======================");
return aia;*/
}
}
return null;
}
private static AuthorityInformationAccess readAIA(org.bouncycastle.asn1.x509.AuthorityInformationAccess auth) {
AuthorityInformationAccess aia = null;
if(auth.getAccessDescriptions()!=null && auth.getAccessDescriptions().length>0) {
aia = new AuthorityInformationAccess();
for (int i = 0; i < auth.getAccessDescriptions().length; i++) {
AccessDescription ad = auth.getAccessDescriptions()[i];
if(ad.getAccessMethod()!=null) {
if(CA_ISSUERS.equals(ad.getAccessMethod().getId())) {
aia.caIssuers.add(ad.getAccessLocation());
}
else if(OCSP.equals(ad.getAccessMethod().getId())) {
aia.ocsps.add(ad.getAccessLocation());
}
}
}
}
return aia;
}
private boolean isEquals(GeneralName o, Integer tagNum, String name) {
if(o.getName()!=null && name.equals(o.getName().toString())) {
if(tagNum==null) {
return true;
}
else {
if(tagNum.intValue() == o.getTagNo()) {
return true;
}
}
}
return false;
}
}