use of com.github.zhenwei.core.asn1.x509.PolicyInformation in project keystore-explorer by kaikramer.
the class PolicyInformationTableCellRend method getTableCellRendererComponent.
/**
* Returns the rendered cell.
*
* @param jtPolicyInformation The JTable
* @param value The value to assign to the cell
* @param isSelected True if cell is selected
* @param row The row of the cell to render
* @param col The column of the cell to render
* @param hasFocus If true, render cell appropriately
* @return The renderered cell
*/
@Override
public Component getTableCellRendererComponent(JTable jtPolicyInformation, Object value, boolean isSelected, boolean hasFocus, int row, int col) {
JLabel cell = (JLabel) super.getTableCellRendererComponent(jtPolicyInformation, value, isSelected, hasFocus, row, col);
PolicyInformation policyInformation = (PolicyInformation) value;
try {
String policyInformationStr = PolicyInformationUtil.toString(policyInformation);
cell.setText(policyInformationStr);
cell.setToolTipText(policyInformationStr);
} catch (IOException ex) {
// We build this data so should not
throw new RuntimeException(ex);
// happen
}
cell.setHorizontalAlignment(LEFT);
cell.setBorder(new EmptyBorder(0, 5, 0, 5));
return cell;
}
use of com.github.zhenwei.core.asn1.x509.PolicyInformation in project xipki by xipki.
the class A2gChecker method checkExtnCertificatePolicies.
// method checkExtnBiometricInfo
void checkExtnCertificatePolicies(StringBuilder failureMsg, byte[] extnValue, Extensions requestedExtns, ExtensionControl extnControl) {
CertificatePolicies certificatePolicies = caller.getCertificatePolicies();
if (certificatePolicies == null) {
caller.checkConstantExtnValue(Extension.certificatePolicies, failureMsg, extnValue, requestedExtns, extnControl);
return;
}
Map<String, CertificatePolicyInformationType> expPoliciesMap = new HashMap<>();
for (CertificatePolicyInformationType cp : caller.getCertificatePolicies().getCertificatePolicyInformations()) {
expPoliciesMap.put(cp.getPolicyIdentifier().getOid(), cp);
}
Set<String> expPolicyIds = new HashSet<>(expPoliciesMap.keySet());
org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies.getInstance(extnValue);
PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation();
for (PolicyInformation isPolicyInformation : isPolicyInformations) {
ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier();
expPolicyIds.remove(isPolicyId.getId());
CertificatePolicyInformationType expCp = expPoliciesMap.get(isPolicyId.getId());
if (expCp == null) {
failureMsg.append("certificate policy '").append(isPolicyId).append("' is not expected; ");
continue;
}
List<PolicyQualifier> expCpPq = expCp.getPolicyQualifiers();
if (isEmpty(expCpPq)) {
continue;
}
ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers();
List<String> isCpsUris = new LinkedList<>();
List<String> isUserNotices = new LinkedList<>();
int size = isPolicyQualifiers.size();
for (int i = 0; i < size; i++) {
PolicyQualifierInfo isPolicyQualifierInfo = PolicyQualifierInfo.getInstance(isPolicyQualifiers.getObjectAt(i));
ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId();
ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier();
if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) {
String isCpsUri = DERIA5String.getInstance(isQualifier).getString();
isCpsUris.add(isCpsUri);
} else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) {
UserNotice isUserNotice = UserNotice.getInstance(isQualifier);
if (isUserNotice.getExplicitText() != null) {
isUserNotices.add(isUserNotice.getExplicitText().getString());
}
}
}
for (PolicyQualifier qualifierInfo : expCpPq) {
String value = qualifierInfo.getValue();
switch(qualifierInfo.getType()) {
case cpsUri:
if (!isCpsUris.contains(value)) {
failureMsg.append("CPSUri '").append(value).append("' is absent but is required; ");
}
continue;
case userNotice:
if (!isUserNotices.contains(value)) {
failureMsg.append("userNotice '").append(value).append("' is absent but is required; ");
}
continue;
default:
throw new IllegalStateException("should not reach here");
}
}
}
for (String policyId : expPolicyIds) {
failureMsg.append("certificate policy '").append(policyId).append("' is absent but is required; ");
}
}
use of com.github.zhenwei.core.asn1.x509.PolicyInformation in project xipki by xipki.
the class CertificatePolicies method toXiCertificatePolicies.
public org.bouncycastle.asn1.x509.CertificatePolicies toXiCertificatePolicies() {
List<CertificatePolicyInformationType> policyPairs = getCertificatePolicyInformations();
List<CertificatePolicyInformation> policyInfos = new ArrayList<>(policyPairs.size());
for (CertificatePolicyInformationType policyPair : policyPairs) {
List<CertificatePolicyQualifier> qualifiers = null;
List<PolicyQualifier> policyQualifiers = policyPair.getPolicyQualifiers();
if (!policyQualifiers.isEmpty()) {
qualifiers = new ArrayList<>(policyQualifiers.size());
for (PolicyQualifier m : policyQualifiers) {
CertificatePolicyQualifier qualifier = m.getType() == PolicyQualfierType.cpsUri ? CertificatePolicyQualifier.getInstanceForCpsUri(m.getValue()) : CertificatePolicyQualifier.getInstanceForUserNotice(m.getValue());
qualifiers.add(qualifier);
}
}
CertificatePolicyInformation cpi = new CertificatePolicyInformation(policyPair.getPolicyIdentifier().getOid(), qualifiers);
policyInfos.add(cpi);
}
int size = policyInfos.size();
PolicyInformation[] infos = new PolicyInformation[size];
int idx = 0;
for (CertificatePolicyInformation policyInfo : policyInfos) {
String policyId = policyInfo.getCertPolicyId();
List<CertificatePolicyQualifier> qualifiers = policyInfo.getQualifiers();
ASN1Sequence policyQualifiers = null;
if (CollectionUtil.isNotEmpty(qualifiers)) {
policyQualifiers = createPolicyQualifiers(qualifiers);
}
ASN1ObjectIdentifier policyOid = new ASN1ObjectIdentifier(policyId);
infos[idx++] = (policyQualifiers == null) ? new PolicyInformation(policyOid) : new PolicyInformation(policyOid, policyQualifiers);
}
return new org.bouncycastle.asn1.x509.CertificatePolicies(infos);
}
use of com.github.zhenwei.core.asn1.x509.PolicyInformation in project j2objc by google.
the class PolicyChecker method removeInvalidNodes.
/**
* Removes those nodes which do not intersect with the initial policies
* specified by the user.
*
* @param rootNode the root node of the valid policy tree
* @param certIndex the index of the certificate being processed
* @param initPolicies the Set of policies required by the user
* @param currCertPolicies the CertificatePoliciesExtension of the
* certificate being processed
* @returns the root node of the valid policy tree after modification
* @exception CertPathValidatorException Exception thrown if error occurs.
*/
private static PolicyNodeImpl removeInvalidNodes(PolicyNodeImpl rootNode, int certIndex, Set<String> initPolicies, CertificatePoliciesExtension currCertPolicies) throws CertPathValidatorException {
List<PolicyInformation> policyInfo = null;
try {
policyInfo = currCertPolicies.get(CertificatePoliciesExtension.POLICIES);
} catch (IOException ioe) {
throw new CertPathValidatorException("Exception while " + "retrieving policyOIDs", ioe);
}
boolean childDeleted = false;
for (PolicyInformation curPolInfo : policyInfo) {
String curPolicy = curPolInfo.getPolicyIdentifier().getIdentifier().toString();
if (debug != null)
debug.println("PolicyChecker.processPolicies() " + "processing policy second time: " + curPolicy);
Set<PolicyNodeImpl> validNodes = rootNode.getPolicyNodesValid(certIndex, curPolicy);
for (PolicyNodeImpl curNode : validNodes) {
PolicyNodeImpl parentNode = (PolicyNodeImpl) curNode.getParent();
if (parentNode.getValidPolicy().equals(ANY_POLICY)) {
if ((!initPolicies.contains(curPolicy)) && (!curPolicy.equals(ANY_POLICY))) {
if (debug != null)
debug.println("PolicyChecker.processPolicies() " + "before deleting: policy tree = " + rootNode);
parentNode.deleteChild(curNode);
childDeleted = true;
if (debug != null)
debug.println("PolicyChecker.processPolicies() " + "after deleting: policy tree = " + rootNode);
}
}
}
}
if (childDeleted) {
rootNode.prune(certIndex);
if (!rootNode.getChildren().hasNext()) {
rootNode = null;
}
}
return rootNode;
}
use of com.github.zhenwei.core.asn1.x509.PolicyInformation in project dcache by dCache.
the class X509Plugin method listPolicies.
private List<String> listPolicies(X509Certificate eec) throws AuthenticationException {
byte[] encoded;
try {
encoded = getExtensionBytes(eec, OID_CERTIFICATE_POLICIES);
} catch (IOException e) {
LOG.warn("Malformed policy extension {}: {}", eec.getIssuerX500Principal().getName(), e.getMessage());
return Collections.emptyList();
}
if (encoded == null) {
// has no Certificate Policies extension.
return Collections.emptyList();
}
Enumeration<ASN1Encodable> asn1EncodedPolicies = ASN1Sequence.getInstance(encoded).getObjects();
List<String> policies = new ArrayList<>();
while (asn1EncodedPolicies.hasMoreElements()) {
ASN1Encodable asn1EncodedPolicy = asn1EncodedPolicies.nextElement();
if (asn1EncodedPolicy.equals(ANY_POLICY)) {
continue;
}
PolicyInformation policy = PolicyInformation.getInstance(asn1EncodedPolicy);
policies.add(policy.getPolicyIdentifier().getId());
}
return policies;
}
Aggregations