Example 11 with AnnotatedException
use of com.github.zhenwei.provider.jce.provider.AnnotatedException in project LinLong-Java by zhenwei1108.
the class PKIXCertPathReviewer method processQcStatements.
private boolean processQcStatements(X509Certificate cert, int index) {
try {
boolean unknownStatement = false;
ASN1Sequence qcSt = (ASN1Sequence) getExtensionValue(cert, QC_STATEMENT);
for (int j = 0; j < qcSt.size(); j++) {
QCStatement stmt = QCStatement.getInstance(qcSt.getObjectAt(j));
if (QCStatement.id_etsi_qcs_QcCompliance.equals(stmt.getStatementId())) {
// process statement - just write a notification that the certificate contains this statement
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcEuCompliance");
addNotification(msg, index);
} else if (QCStatement.id_qcs_pkixQCSyntax_v1.equals(stmt.getStatementId())) {
// process statement - just recognize the statement
} else if (QCStatement.id_etsi_qcs_QcSSCD.equals(stmt.getStatementId())) {
// process statement - just write a notification that the certificate contains this statement
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcSSCD");
addNotification(msg, index);
} else if (QCStatement.id_etsi_qcs_LimiteValue.equals(stmt.getStatementId())) {
// process statement - write a notification containing the limit value
MonetaryValue limit = MonetaryValue.getInstance(stmt.getStatementInfo());
Iso4217CurrencyCode currency = limit.getCurrency();
double value = limit.getAmount().doubleValue() * Math.pow(10, limit.getExponent().doubleValue());
ErrorBundle msg;
if (limit.getCurrency().isAlphabetic()) {
msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcLimitValueAlpha", new Object[] { limit.getCurrency().getAlphabetic(), new TrustedInput(new Double(value)), limit });
} else {
msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcLimitValueNum", new Object[] { Integers.valueOf(limit.getCurrency().getNumeric()), new TrustedInput(new Double(value)), limit });
}
addNotification(msg, index);
} else {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcUnknownStatement", new Object[] { stmt.getStatementId(), new UntrustedInput(stmt) });
addNotification(msg, index);
unknownStatement = true;
}
}
return !unknownStatement;
} catch (AnnotatedException ae) {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.QcStatementExtError");
addError(msg, index);
}
return false;
}
Also used :
ASN1Sequence(com.github.zhenwei.core.asn1.ASN1Sequence)
QCStatement(com.github.zhenwei.core.asn1.x509.qualified.QCStatement)
ErrorBundle(com.github.zhenwei.core.i18n.ErrorBundle)
MonetaryValue(com.github.zhenwei.core.asn1.x509.qualified.MonetaryValue)
TrustedInput(com.github.zhenwei.core.i18n.filter.TrustedInput)
ASN1TaggedObject(com.github.zhenwei.core.asn1.ASN1TaggedObject)
UntrustedInput(com.github.zhenwei.core.i18n.filter.UntrustedInput)
Iso4217CurrencyCode(com.github.zhenwei.core.asn1.x509.qualified.Iso4217CurrencyCode)
IssuingDistributionPoint(com.github.zhenwei.core.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(com.github.zhenwei.core.asn1.x509.CRLDistPoint)
DistributionPoint(com.github.zhenwei.core.asn1.x509.DistributionPoint)
AnnotatedException(com.github.zhenwei.provider.jce.provider.AnnotatedException)
Example 12 with AnnotatedException
use of com.github.zhenwei.provider.jce.provider.AnnotatedException in project LinLong-Java by zhenwei1108.
the class PKIXCertPathReviewer method checkPathLength.
/*
* checks: - path length constraints and reports - total path length
*/
private void checkPathLength() {
// init
int maxPathLength = n;
int totalPathLength = 0;
X509Certificate cert = null;
int i;
for (int index = certs.size() - 1; index > 0; index--) {
i = n - index;
cert = (X509Certificate) certs.get(index);
if (!isSelfIssued(cert)) {
if (maxPathLength <= 0) {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.pathLengthExtended");
addError(msg);
}
maxPathLength--;
totalPathLength++;
}
// m)
BasicConstraints bc;
try {
bc = BasicConstraints.getInstance(getExtensionValue(cert, BASIC_CONSTRAINTS));
} catch (AnnotatedException ae) {
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.processLengthConstError");
addError(msg, index);
bc = null;
}
if (bc != null) {
BigInteger _pathLengthConstraint = bc.getPathLenConstraint();
if (_pathLengthConstraint != null) {
int _plc = _pathLengthConstraint.intValue();
if (_plc < maxPathLength) {
maxPathLength = _plc;
}
}
}
}
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.totalPathLength", new Object[] { Integers.valueOf(totalPathLength) });
addNotification(msg);
}
Also used :
ErrorBundle(com.github.zhenwei.core.i18n.ErrorBundle)
BigInteger(java.math.BigInteger)
BasicConstraints(com.github.zhenwei.core.asn1.x509.BasicConstraints)
IssuingDistributionPoint(com.github.zhenwei.core.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(com.github.zhenwei.core.asn1.x509.CRLDistPoint)
DistributionPoint(com.github.zhenwei.core.asn1.x509.DistributionPoint)
X509Certificate(java.security.cert.X509Certificate)
AnnotatedException(com.github.zhenwei.provider.jce.provider.AnnotatedException)
Example 13 with AnnotatedException
use of com.github.zhenwei.provider.jce.provider.AnnotatedException in project LinLong-Java by zhenwei1108.
the class CertPathValidatorUtilities method findCertificates.
/**
* Return a Collection of all certificates or attribute certificates found in the X509Store's that
* are matching the certSelect criteriums.
*
* @param certSelect a {@link Selector} object that will be used to select the certificates
* @param certStores a List containing only {@link X509Store} objects. These are used to search
* for certificates.
* @return a Collection of all found {@link X509Certificate} or {@link
* com.github.zhenwei.provider.x509.X509AttributeCertificate} objects. May be empty but never
* <code>null</code>.
*/
protected static Collection findCertificates(X509CertStoreSelector certSelect, List certStores) throws AnnotatedException {
Set certs = new HashSet();
Iterator iter = certStores.iterator();
com.github.zhenwei.provider.jcajce.provider.asymmetric.x509.CertificateFactory certFact = new com.github.zhenwei.provider.jcajce.provider.asymmetric.x509.CertificateFactory();
while (iter.hasNext()) {
Object obj = iter.next();
if (obj instanceof Store) {
Store certStore = (Store) obj;
try {
for (Iterator it = certStore.getMatches(certSelect).iterator(); it.hasNext(); ) {
Object cert = it.next();
if (cert instanceof Encodable) {
certs.add(certFact.engineGenerateCertificate(new ByteArrayInputStream(((Encodable) cert).getEncoded())));
} else if (cert instanceof Certificate) {
certs.add(cert);
} else {
throw new AnnotatedException("Unknown object found in certificate store.");
}
}
} catch (StoreException e) {
throw new AnnotatedException("Problem while picking certificates from X.509 store.", e);
} catch (IOException e) {
throw new AnnotatedException("Problem while extracting certificates from X.509 store.", e);
} catch (CertificateException e) {
throw new AnnotatedException("Problem while extracting certificates from X.509 store.", e);
}
} else {
CertStore certStore = (CertStore) obj;
try {
certs.addAll(certStore.getCertificates(certSelect));
} catch (CertStoreException e) {
throw new AnnotatedException("Problem while picking certificates from certificate store.", e);
}
}
}
return certs;
}
Also used :
Set(java.util.Set)
HashSet(java.util.HashSet)
CertStoreException(java.security.cert.CertStoreException)
Store(com.github.zhenwei.core.util.Store)
CertStore(java.security.cert.CertStore)
CertificateException(java.security.cert.CertificateException)
IOException(java.io.IOException)
CertStoreException(java.security.cert.CertStoreException)
StoreException(com.github.zhenwei.core.util.StoreException)
ByteArrayInputStream(java.io.ByteArrayInputStream)
Iterator(java.util.Iterator)
Encodable(com.github.zhenwei.core.util.Encodable)
ASN1Encodable(com.github.zhenwei.core.asn1.ASN1Encodable)
CertStore(java.security.cert.CertStore)
HashSet(java.util.HashSet)
X509Certificate(java.security.cert.X509Certificate)
Certificate(java.security.cert.Certificate)
AnnotatedException(com.github.zhenwei.provider.jce.provider.AnnotatedException)
Aggregations
AnnotatedException (com.github.zhenwei.provider.jce.provider.AnnotatedException)13
Iterator (java.util.Iterator)8
IssuingDistributionPoint (com.github.zhenwei.core.asn1.x509.IssuingDistributionPoint)7
StoreException (com.github.zhenwei.core.util.StoreException)7
IOException (java.io.IOException)7
CertStoreException (java.security.cert.CertStoreException)7
CRLDistPoint (com.github.zhenwei.core.asn1.x509.CRLDistPoint)6
DistributionPoint (com.github.zhenwei.core.asn1.x509.DistributionPoint)6
ErrorBundle (com.github.zhenwei.core.i18n.ErrorBundle)6
CertPathValidatorException (java.security.cert.CertPathValidatorException)6
ASN1TaggedObject (com.github.zhenwei.core.asn1.ASN1TaggedObject)5
GeneralSecurityException (java.security.GeneralSecurityException)5
X509Certificate (java.security.cert.X509Certificate)5
HashSet (java.util.HashSet)5
Set (java.util.Set)5
ASN1Sequence (com.github.zhenwei.core.asn1.ASN1Sequence)4
UntrustedInput (com.github.zhenwei.core.i18n.filter.UntrustedInput)4
CertificateException (java.security.cert.CertificateException)4
X500Principal (javax.security.auth.x500.X500Principal)4
ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)3
