use of com.github.zhenwei.provider.jce.provider.AnnotatedException in project LinLong-Java by zhenwei1108.
the class PKIXCertPathReviewer method processQcStatements.
private boolean processQcStatements(X509Certificate cert, int index) {
try {
boolean unknownStatement = false;
ASN1Sequence qcSt = (ASN1Sequence) getExtensionValue(cert, QC_STATEMENT);
for (int j = 0; j < qcSt.size(); j++) {
QCStatement stmt = QCStatement.getInstance(qcSt.getObjectAt(j));
if (QCStatement.id_etsi_qcs_QcCompliance.equals(stmt.getStatementId())) {
// process statement - just write a notification that the certificate contains this statement
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcEuCompliance");
addNotification(msg, index);
} else if (QCStatement.id_qcs_pkixQCSyntax_v1.equals(stmt.getStatementId())) {
// process statement - just recognize the statement
} else if (QCStatement.id_etsi_qcs_QcSSCD.equals(stmt.getStatementId())) {
// process statement - just write a notification that the certificate contains this statement
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcSSCD");
addNotification(msg, index);
} else if (QCStatement.id_etsi_qcs_LimiteValue.equals(stmt.getStatementId())) {
// process statement - write a notification containing the limit value
MonetaryValue limit = MonetaryValue.getInstance(stmt.getStatementInfo());
Iso4217CurrencyCode currency = limit.getCurrency();
double value = limit.getAmount().doubleValue() * Math.pow(10, limit.getExponent().doubleValue());
ErrorBundle msg;
if (limit.getCurrency().isAlphabetic()) {
msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcLimitValueAlpha", new Object[] { limit.getCurrency().getAlphabetic(), new TrustedInput(new Double(value)), limit });
} else {
msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcLimitValueNum", new Object[] { Integers.valueOf(limit.getCurrency().getNumeric()), new TrustedInput(new Double(value)), limit });
}
addNotification(msg, index);
} else {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcUnknownStatement", new Object[] { stmt.getStatementId(), new UntrustedInput(stmt) });
addNotification(msg, index);
unknownStatement = true;
}
}
return !unknownStatement;
} catch (AnnotatedException ae) {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcStatementExtError");
addError(msg, index);
}
return false;
}
use of com.github.zhenwei.provider.jce.provider.AnnotatedException in project LinLong-Java by zhenwei1108.
the class PKIXCertPathReviewer method checkPathLength.
/*
* checks: - path length constraints and reports - total path length
*/
private void checkPathLength() {
// init
int maxPathLength = n;
int totalPathLength = 0;
X509Certificate cert = null;
int i;
for (int index = certs.size() - 1; index > 0; index--) {
i = n - index;
cert = (X509Certificate) certs.get(index);
if (!isSelfIssued(cert)) {
if (maxPathLength <= 0) {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.pathLengthExtended");
addError(msg);
}
maxPathLength--;
totalPathLength++;
}
// m)
BasicConstraints bc;
try {
bc = BasicConstraints.getInstance(getExtensionValue(cert, BASIC_CONSTRAINTS));
} catch (AnnotatedException ae) {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.processLengthConstError");
addError(msg, index);
bc = null;
}
if (bc != null) {
BigInteger _pathLengthConstraint = bc.getPathLenConstraint();
if (_pathLengthConstraint != null) {
int _plc = _pathLengthConstraint.intValue();
if (_plc < maxPathLength) {
maxPathLength = _plc;
}
}
}
}
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.totalPathLength", new Object[] { Integers.valueOf(totalPathLength) });
addNotification(msg);
}
use of com.github.zhenwei.provider.jce.provider.AnnotatedException in project LinLong-Java by zhenwei1108.
the class CertPathValidatorUtilities method findCertificates.
/**
* Return a Collection of all certificates or attribute certificates found in the X509Store's that
* are matching the certSelect criteriums.
*
* @param certSelect a {@link Selector} object that will be used to select the certificates
* @param certStores a List containing only {@link X509Store} objects. These are used to search
* for certificates.
* @return a Collection of all found {@link X509Certificate} or {@link
* com.github.zhenwei.provider.x509.X509AttributeCertificate} objects. May be empty but never
* <code>null</code>.
*/
protected static Collection findCertificates(X509CertStoreSelector certSelect, List certStores) throws AnnotatedException {
Set certs = new HashSet();
Iterator iter = certStores.iterator();
com.github.zhenwei.provider.jcajce.provider.asymmetric.x509.CertificateFactory certFact = new com.github.zhenwei.provider.jcajce.provider.asymmetric.x509.CertificateFactory();
while (iter.hasNext()) {
Object obj = iter.next();
if (obj instanceof Store) {
Store certStore = (Store) obj;
try {
for (Iterator it = certStore.getMatches(certSelect).iterator(); it.hasNext(); ) {
Object cert = it.next();
if (cert instanceof Encodable) {
certs.add(certFact.engineGenerateCertificate(new ByteArrayInputStream(((Encodable) cert).getEncoded())));
} else if (cert instanceof Certificate) {
certs.add(cert);
} else {
throw new AnnotatedException("Unknown object found in certificate store.");
}
}
} catch (StoreException e) {
throw new AnnotatedException("Problem while picking certificates from X.509 store.", e);
} catch (IOException e) {
throw new AnnotatedException("Problem while extracting certificates from X.509 store.", e);
} catch (CertificateException e) {
throw new AnnotatedException("Problem while extracting certificates from X.509 store.", e);
}
} else {
CertStore certStore = (CertStore) obj;
try {
certs.addAll(certStore.getCertificates(certSelect));
} catch (CertStoreException e) {
throw new AnnotatedException("Problem while picking certificates from certificate store.", e);
}
}
}
return certs;
}
Aggregations