use of com.android.org.bouncycastle.asn1.x509.Attribute in project xipki by xipki.
the class CheckCertCmd method execute0.
@Override
protected Object execute0() throws Exception {
Set<String> issuerNames = qaSystemManager.getIssuerNames();
if (isEmpty(issuerNames)) {
throw new IllegalCmdParamException("no issuer is configured");
}
if (issuerName == null) {
if (issuerNames.size() != 1) {
throw new IllegalCmdParamException("no issuer is specified");
}
issuerName = issuerNames.iterator().next();
}
if (!issuerNames.contains(issuerName)) {
throw new IllegalCmdParamException("issuer " + issuerName + " is not within the configured issuers " + issuerNames);
}
X509IssuerInfo issuerInfo = qaSystemManager.getIssuer(issuerName);
X509CertprofileQa qa = qaSystemManager.getCertprofile(profileName);
if (qa == null) {
throw new IllegalCmdParamException("found no certificate profile named '" + profileName + "'");
}
CertificationRequest csr = CertificationRequest.getInstance(IoUtil.read(csrFile));
Extensions extensions = null;
CertificationRequestInfo reqInfo = csr.getCertificationRequestInfo();
ASN1Set attrs = reqInfo.getAttributes();
for (int i = 0; i < attrs.size(); i++) {
Attribute attr = Attribute.getInstance(attrs.getObjectAt(i));
if (PKCSObjectIdentifiers.pkcs_9_at_extensionRequest.equals(attr.getAttrType())) {
extensions = Extensions.getInstance(attr.getAttributeValues()[0]);
}
}
byte[] certBytes = IoUtil.read(certFile);
ValidationResult result = qa.checkCert(certBytes, issuerInfo, reqInfo.getSubject(), reqInfo.getSubjectPublicKeyInfo(), extensions);
StringBuilder sb = new StringBuilder();
sb.append(certFile).append(" (certprofile ").append(profileName).append(")\n");
sb.append("\tcertificate is ");
sb.append(result.isAllSuccessful() ? "valid" : "invalid");
if (verbose.booleanValue()) {
for (ValidationIssue issue : result.getValidationIssues()) {
sb.append("\n");
format(issue, " ", sb);
}
}
println(sb.toString());
if (!result.isAllSuccessful()) {
throw new CmdFailure("certificate is invalid");
}
return null;
}
use of com.android.org.bouncycastle.asn1.x509.Attribute in project signer by demoiselle.
the class SigningCertificate method getValue.
@Override
public Attribute getValue() {
try {
X509Certificate cert = (X509Certificate) certificates[0];
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_1);
byte[] hash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(cert.getSubjectDN().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serial = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serial);
ESSCertID essCertId = new ESSCertID(hash, issuerSerial);
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new DERSequence(new ASN1Encodable[] { new DERSequence(essCertId), new DERSequence(DERNull.INSTANCE) })));
} catch (CertificateEncodingException ex) {
throw new SignerException(ex.getMessage());
}
}
use of com.android.org.bouncycastle.asn1.x509.Attribute in project signer by demoiselle.
the class CertificateRefs method getValue.
@Override
public Attribute getValue() throws SignerException {
try {
int chainSize = certificates.length - 1;
OtherCertID[] arrayOtherCertID = new OtherCertID[chainSize];
for (int i = 1; i <= chainSize; i++) {
X509Certificate issuerCert = null;
X509Certificate cert = (X509Certificate) certificates[i];
if (i < chainSize) {
issuerCert = (X509Certificate) certificates[i + 1];
} else {
// raiz
issuerCert = (X509Certificate) certificates[i];
}
Digest digest = DigestFactory.getInstance().factoryDefault();
digest.setAlgorithm(DigestAlgorithmEnum.SHA_256);
byte[] certHash = digest.digest(cert.getEncoded());
X500Name dirName = new X500Name(issuerCert.getSubjectX500Principal().getName());
GeneralName name = new GeneralName(dirName);
GeneralNames issuer = new GeneralNames(name);
ASN1Integer serialNumber = new ASN1Integer(cert.getSerialNumber());
IssuerSerial issuerSerial = new IssuerSerial(issuer, serialNumber);
AlgorithmIdentifier algId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
OtherCertID otherCertID = new OtherCertID(algId, certHash, issuerSerial);
arrayOtherCertID[i - 1] = otherCertID;
}
return new Attribute(new ASN1ObjectIdentifier(identifier), new DERSet(new ASN1Encodable[] { new DERSequence(arrayOtherCertID) }));
} catch (CertificateEncodingException e) {
throw new SignerException(e.getMessage());
}
}
use of com.android.org.bouncycastle.asn1.x509.Attribute in project gocd by gocd.
the class GoConfigFieldLoader method parse.
public void parse() {
if (isImplicitCollection()) {
field.setAccessible(true);
Object val = GoConfigClassLoader.classParser(e, field.getType(), configCache, new GoCipher(), registry, configReferenceElements).parseImplicitCollection();
setValue(val);
} else if (isSubtag(field)) {
field.setAccessible(true);
Object val = subtagParser(e, field, configCache, registry, configReferenceElements).parse();
setValue(val);
} else if (isAttribute(field)) {
field.setAccessible(true);
Object val = attributeParser(e, field).parse(defaultValue());
setValue(val);
} else if (isConfigValue()) {
field.setAccessible(true);
Object val = e.getText();
setValue(val);
} else if (isAnnotationPresent(field, ConfigReferenceElement.class)) {
field.setAccessible(true);
ConfigReferenceElement referenceField = field.getAnnotation(ConfigReferenceElement.class);
Attribute attribute = e.getAttribute(referenceField.referenceAttribute());
if (attribute == null) {
bomb(String.format("Expected attribute `%s` to be present for %s.", referenceField.referenceAttribute(), e.getName()));
}
String refId = attribute.getValue();
Object referredObject = configReferenceElements.get(referenceField.referenceCollection(), refId);
setValue(referredObject);
}
}
use of com.android.org.bouncycastle.asn1.x509.Attribute in project mycore by MyCoRe-Org.
the class MCRNodeBuilderTest method testExpressionsToIgnore.
@Test
public void testExpressionsToIgnore() throws JaxenException, JDOMException {
Element built = new MCRNodeBuilder().buildElement("element[2]", null, null);
assertNotNull(built);
assertEquals("element", built.getName());
built = new MCRNodeBuilder().buildElement("element[contains(.,'foo')]", null, null);
assertNotNull(built);
assertEquals("element", built.getName());
built = new MCRNodeBuilder().buildElement("foo|bar", null, null);
assertNull(built);
Attribute attribute = new MCRNodeBuilder().buildAttribute("@lang[preceding::*/foo='bar']", "value", null);
assertNotNull(attribute);
assertEquals("lang", attribute.getName());
assertEquals("value", attribute.getValue());
built = new MCRNodeBuilder().buildElement("parent/child/following::node/foo='bar'", null, null);
assertNotNull(built);
assertEquals("child", built.getName());
assertNotNull(built.getParentElement());
assertEquals("parent", built.getParentElement().getName());
assertEquals(0, built.getChildren().size());
assertEquals("", built.getText());
}
Aggregations