Example 1 with TargetInformation
use of com.github.zhenwei.core.asn1.x509.TargetInformation in project LinLong-Java by zhenwei1108.
the class X509AttributeCertificateHolderSelector method match.
/**
* Decides if the given attribute certificate should be selected.
*
* @param obj The X509AttributeCertificateHolder which should be checked.
* @return <code>true</code> if the attribute certificate is a match
* <code>false</code> otherwise.
*/
public boolean match(Object obj) {
if (!(obj instanceof X509AttributeCertificateHolder)) {
return false;
}
X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder) obj;
if (this.attributeCert != null) {
if (!this.attributeCert.equals(attrCert)) {
return false;
}
}
if (serialNumber != null) {
if (!attrCert.getSerialNumber().equals(serialNumber)) {
return false;
}
}
if (holder != null) {
if (!attrCert.getHolder().equals(holder)) {
return false;
}
}
if (issuer != null) {
if (!attrCert.getIssuer().equals(issuer)) {
return false;
}
}
if (attributeCertificateValid != null) {
if (!attrCert.isValidOn(attributeCertificateValid)) {
return false;
}
}
if (!targetNames.isEmpty() || !targetGroups.isEmpty()) {
Extension targetInfoExt = attrCert.getExtension(Extension.targetInformation);
if (targetInfoExt != null) {
TargetInformation targetinfo;
try {
targetinfo = TargetInformation.getInstance(targetInfoExt.getParsedValue());
} catch (IllegalArgumentException e) {
return false;
}
Targets[] targetss = targetinfo.getTargetsObjects();
if (!targetNames.isEmpty()) {
boolean found = false;
for (int i = 0; i < targetss.length; i++) {
Targets t = targetss[i];
Target[] targets = t.getTargets();
for (int j = 0; j < targets.length; j++) {
if (targetNames.contains(GeneralName.getInstance(targets[j].getTargetName()))) {
found = true;
break;
}
}
}
if (!found) {
return false;
}
}
if (!targetGroups.isEmpty()) {
boolean found = false;
for (int i = 0; i < targetss.length; i++) {
Targets t = targetss[i];
Target[] targets = t.getTargets();
for (int j = 0; j < targets.length; j++) {
if (targetGroups.contains(GeneralName.getInstance(targets[j].getTargetGroup()))) {
found = true;
break;
}
}
}
if (!found) {
return false;
}
}
}
}
return true;
}
Also used :
Extension(com.github.zhenwei.core.asn1.x509.Extension)
Target(com.github.zhenwei.core.asn1.x509.Target)
TargetInformation(com.github.zhenwei.core.asn1.x509.TargetInformation)
X509AttributeCertificateHolder(com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder)
Targets(com.github.zhenwei.core.asn1.x509.Targets)
Example 2 with TargetInformation
use of com.github.zhenwei.core.asn1.x509.TargetInformation in project LinLong-Java by zhenwei1108.
the class X509AttributeCertStoreSelector method match.
/**
* Decides if the given attribute certificate should be selected.
*
* @param obj The attribute certificate which should be checked.
* @return <code>true</code> if the attribute certificate can be selected,
* <code>false</code> otherwise.
*/
public boolean match(Object obj) {
if (!(obj instanceof X509AttributeCertificate)) {
return false;
}
X509AttributeCertificate attrCert = (X509AttributeCertificate) obj;
if (this.attributeCert != null) {
if (!this.attributeCert.equals(attrCert)) {
return false;
}
}
if (serialNumber != null) {
if (!attrCert.getSerialNumber().equals(serialNumber)) {
return false;
}
}
if (holder != null) {
if (!attrCert.getHolder().equals(holder)) {
return false;
}
}
if (issuer != null) {
if (!attrCert.getIssuer().equals(issuer)) {
return false;
}
}
if (attributeCertificateValid != null) {
try {
attrCert.checkValidity(attributeCertificateValid);
} catch (CertificateExpiredException e) {
return false;
} catch (CertificateNotYetValidException e) {
return false;
}
}
if (!targetNames.isEmpty() || !targetGroups.isEmpty()) {
byte[] targetInfoExt = attrCert.getExtensionValue(Extension.targetInformation.getId());
if (targetInfoExt != null) {
TargetInformation targetinfo;
try {
targetinfo = TargetInformation.getInstance(new ASN1InputStream(((DEROctetString) DEROctetString.fromByteArray(targetInfoExt)).getOctets()).readObject());
} catch (IOException e) {
return false;
} catch (IllegalArgumentException e) {
return false;
}
Targets[] targetss = targetinfo.getTargetsObjects();
if (!targetNames.isEmpty()) {
boolean found = false;
for (int i = 0; i < targetss.length; i++) {
Targets t = targetss[i];
Target[] targets = t.getTargets();
for (int j = 0; j < targets.length; j++) {
if (targetNames.contains(GeneralName.getInstance(targets[j].getTargetName()))) {
found = true;
break;
}
}
}
if (!found) {
return false;
}
}
if (!targetGroups.isEmpty()) {
boolean found = false;
for (int i = 0; i < targetss.length; i++) {
Targets t = targetss[i];
Target[] targets = t.getTargets();
for (int j = 0; j < targets.length; j++) {
if (targetGroups.contains(GeneralName.getInstance(targets[j].getTargetGroup()))) {
found = true;
break;
}
}
}
if (!found) {
return false;
}
}
}
}
return true;
}
Also used :
CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException)
ASN1InputStream(com.github.zhenwei.core.asn1.ASN1InputStream)
CertificateExpiredException(java.security.cert.CertificateExpiredException)
Targets(com.github.zhenwei.core.asn1.x509.Targets)
IOException(java.io.IOException)
DEROctetString(com.github.zhenwei.core.asn1.DEROctetString)
Target(com.github.zhenwei.core.asn1.x509.Target)
TargetInformation(com.github.zhenwei.core.asn1.x509.TargetInformation)
Aggregations
Target (com.github.zhenwei.core.asn1.x509.Target)2
TargetInformation (com.github.zhenwei.core.asn1.x509.TargetInformation)2
Targets (com.github.zhenwei.core.asn1.x509.Targets)2
ASN1InputStream (com.github.zhenwei.core.asn1.ASN1InputStream)1
DEROctetString (com.github.zhenwei.core.asn1.DEROctetString)1
Extension (com.github.zhenwei.core.asn1.x509.Extension)1
X509AttributeCertificateHolder (com.github.zhenwei.pkix.cert.X509AttributeCertificateHolder)1
IOException (java.io.IOException)1
CertificateExpiredException (java.security.cert.CertificateExpiredException)1
CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)1
