You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2018/10/23 17:12:20 UTC
svn commit: r1844682 -
/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java
Author: tilman
Date: Tue Oct 23 17:12:20 2018
New Revision: 1844682
URL: http://svn.apache.org/viewvc?rev=1844682&view=rev
Log:
PDFBOX-3017: use constants from BC
Modified:
pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java
Modified: pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java?rev=1844682&r1=1844681&r2=1844682&view=diff
==============================================================================
--- pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java (original)
+++ pdfbox/branches/2.0/examples/src/main/java/org/apache/pdfbox/examples/signature/validation/CertInformationCollector.java Tue Oct 23 17:12:20 2018
@@ -43,6 +43,7 @@ import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.cms.Attribute;
import org.bouncycastle.asn1.cms.AttributeTable;
import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import org.bouncycastle.asn1.x509.Extension;
import org.bouncycastle.cert.X509CertificateHolder;
import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
import org.bouncycastle.cms.CMSException;
@@ -65,14 +66,6 @@ public class CertInformationCollector
{
private static final Log LOG = LogFactory.getLog(CertInformationCollector.class);
- // As described in https://tools.ietf.org/html/rfc3280.html#section-4.2.2.1
- private static final String ID_PE_AUTHORITYINFOACCESS = "1.3.6.1.5.5.7.1.1";
-
- // As described in https://tools.ietf.org/html/rfc3280.html#section-4.2.1.14
- // Disable false Sonar warning for "Hardcoded IP Address ..."
- @SuppressWarnings("squid:S1313")
- private static final String ID_CE_CRLDISTRIBUTIONPOINTS = "2.5.29.31";
-
private static final int MAX_CERTIFICATE_CHAIN_DEPTH = 5;
private final Map<BigInteger, X509Certificate> certificateStore = new HashMap<BigInteger, X509Certificate>();
@@ -269,7 +262,8 @@ public class CertInformationCollector
certInfo.certificate = certificate;
// Certificate Authority Information Access
- byte[] authorityExtensionValue = certificate.getExtensionValue(ID_PE_AUTHORITYINFOACCESS);
+ // As described in https://tools.ietf.org/html/rfc3280.html#section-4.2.2.1
+ byte[] authorityExtensionValue = certificate.getExtensionValue(Extension.authorityInfoAccess.getId());
if (authorityExtensionValue != null)
{
CertInformationHelper.getAuthorityInfoExtensionValue(authorityExtensionValue, certInfo);
@@ -280,7 +274,8 @@ public class CertInformationCollector
getAlternativeIssuerCertificate(certInfo, maxDepth);
}
- byte[] crlExtensionValue = certificate.getExtensionValue(ID_CE_CRLDISTRIBUTIONPOINTS);
+ // As described in https://tools.ietf.org/html/rfc3280.html#section-4.2.1.14
+ byte[] crlExtensionValue = certificate.getExtensionValue(Extension.cRLDistributionPoints.getId());
if (crlExtensionValue != null)
{
certInfo.crlUrl = CertInformationHelper.getCrlUrlFromExtensionValue(crlExtensionValue);