Example 6 with ASN1GeneralizedTime
use of org.bouncycastle.asn1.ASN1GeneralizedTime in project xipki by xipki.
the class CmpResponder method buildErrorPkiMessage.
// method addProtection
protected PKIMessage buildErrorPkiMessage(ASN1OctetString tid, PKIHeader requestHeader, int failureCode, String statusText) {
GeneralName respRecipient = requestHeader.getSender();
PKIHeaderBuilder respHeader = new PKIHeaderBuilder(requestHeader.getPvno().getValue().intValue(), getSender(), respRecipient);
respHeader.setMessageTime(new ASN1GeneralizedTime(new Date()));
if (tid != null) {
respHeader.setTransactionID(tid);
}
ASN1OctetString senderNonce = requestHeader.getSenderNonce();
if (senderNonce != null) {
respHeader.setRecipNonce(senderNonce);
}
PKIStatusInfo status = generateRejectionStatus(failureCode, statusText);
ErrorMsgContent error = new ErrorMsgContent(status);
PKIBody body = new PKIBody(PKIBody.TYPE_ERROR, error);
return new PKIMessage(respHeader.build(), body);
}
Also used :
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
ProtectedPKIMessage(org.bouncycastle.cert.cmp.ProtectedPKIMessage)
PKIMessage(org.bouncycastle.asn1.cmp.PKIMessage)
GeneralPKIMessage(org.bouncycastle.cert.cmp.GeneralPKIMessage)
PKIBody(org.bouncycastle.asn1.cmp.PKIBody)
PKIHeaderBuilder(org.bouncycastle.asn1.cmp.PKIHeaderBuilder)
PKIStatusInfo(org.bouncycastle.asn1.cmp.PKIStatusInfo)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
ErrorMsgContent(org.bouncycastle.asn1.cmp.ErrorMsgContent)
Date(java.util.Date)
Example 7 with ASN1GeneralizedTime
use of org.bouncycastle.asn1.ASN1GeneralizedTime in project xipki by xipki.
the class ExtensionsChecker method checkExtensionPrivateKeyUsagePeriod.
// method checkExtensionValidityModel
private void checkExtensionPrivateKeyUsagePeriod(StringBuilder failureMsg, byte[] extensionValue, Date certNotBefore, Date certNotAfter) {
ASN1GeneralizedTime notBefore = new ASN1GeneralizedTime(certNotBefore);
Date dateNotAfter;
CertValidity privateKeyUsagePeriod = certProfile.getPrivateKeyUsagePeriod();
if (privateKeyUsagePeriod == null) {
dateNotAfter = certNotAfter;
} else {
dateNotAfter = privateKeyUsagePeriod.add(certNotBefore);
if (dateNotAfter.after(certNotAfter)) {
dateNotAfter = certNotAfter;
}
}
ASN1GeneralizedTime notAfter = new ASN1GeneralizedTime(dateNotAfter);
org.bouncycastle.asn1.x509.PrivateKeyUsagePeriod extValue = org.bouncycastle.asn1.x509.PrivateKeyUsagePeriod.getInstance(extensionValue);
ASN1GeneralizedTime time = extValue.getNotBefore();
if (time == null) {
failureMsg.append("notBefore is absent but expected present; ");
} else if (!time.equals(notBefore)) {
addViolation(failureMsg, "notBefore", time.getTimeString(), notBefore.getTimeString());
}
time = extValue.getNotAfter();
if (time == null) {
failureMsg.append("notAfter is absent but expected present; ");
} else if (!time.equals(notAfter)) {
addViolation(failureMsg, "notAfter", time.getTimeString(), notAfter.getTimeString());
}
}
Also used :
CertValidity(org.xipki.ca.api.profile.CertValidity)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
Date(java.util.Date)
Example 8 with ASN1GeneralizedTime
use of org.bouncycastle.asn1.ASN1GeneralizedTime in project xipki by xipki.
the class SubjectChecker method getRdnTextValueOfRequest.
private static String getRdnTextValueOfRequest(RDN requestedRdn) throws BadCertTemplateException {
ASN1ObjectIdentifier type = requestedRdn.getFirst().getType();
ASN1Encodable vec = requestedRdn.getFirst().getValue();
if (ObjectIdentifiers.DN_DATE_OF_BIRTH.equals(type)) {
if (!(vec instanceof ASN1GeneralizedTime)) {
throw new BadCertTemplateException("requested RDN is not of GeneralizedTime");
}
return ((ASN1GeneralizedTime) vec).getTimeString();
} else if (ObjectIdentifiers.DN_POSTAL_ADDRESS.equals(type)) {
if (!(vec instanceof ASN1Sequence)) {
throw new BadCertTemplateException("requested RDN is not of Sequence");
}
ASN1Sequence seq = (ASN1Sequence) vec;
final int n = seq.size();
StringBuilder sb = new StringBuilder();
for (int i = 0; i < n; i++) {
ASN1Encodable obj = seq.getObjectAt(i);
String textValue = X509Util.rdnValueToString(obj);
sb.append("[").append(i).append("]=").append(textValue).append(",");
}
return sb.toString();
} else {
return X509Util.rdnValueToString(vec);
}
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERT61String(org.bouncycastle.asn1.DERT61String)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 9 with ASN1GeneralizedTime
use of org.bouncycastle.asn1.ASN1GeneralizedTime in project xipki by xipki.
the class SubjectChecker method getAtvValueString.
private static String getAtvValueString(String name, AttributeTypeAndValue atv, StringType stringType, StringBuilder failureMsg) {
ASN1ObjectIdentifier type = atv.getType();
ASN1Encodable atvValue = atv.getValue();
if (ObjectIdentifiers.DN_DATE_OF_BIRTH.equals(type)) {
if (!(atvValue instanceof ASN1GeneralizedTime)) {
failureMsg.append(name).append(" is not of type GeneralizedTime; ");
return null;
}
return ((ASN1GeneralizedTime) atvValue).getTimeString();
} else if (ObjectIdentifiers.DN_POSTAL_ADDRESS.equals(type)) {
if (!(atvValue instanceof ASN1Sequence)) {
failureMsg.append(name).append(" is not of type Sequence; ");
return null;
}
ASN1Sequence seq = (ASN1Sequence) atvValue;
final int n = seq.size();
StringBuilder sb = new StringBuilder();
boolean validEncoding = true;
for (int i = 0; i < n; i++) {
ASN1Encodable obj = seq.getObjectAt(i);
if (!matchStringType(obj, stringType)) {
failureMsg.append(name).append(".[").append(i).append("] is not of type ").append(stringType.name()).append("; ");
validEncoding = false;
break;
}
String textValue = X509Util.rdnValueToString(obj);
sb.append("[").append(i).append("]=").append(textValue).append(",");
}
if (!validEncoding) {
return null;
}
return sb.toString();
} else {
if (!matchStringType(atvValue, stringType)) {
failureMsg.append(name).append(" is not of type " + stringType.name()).append("; ");
return null;
}
return X509Util.rdnValueToString(atvValue);
}
}
Also used :
ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence)
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERT61String(org.bouncycastle.asn1.DERT61String)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 10 with ASN1GeneralizedTime
use of org.bouncycastle.asn1.ASN1GeneralizedTime in project keystore-explorer by kaikramer.
the class DPrivateKeyUsagePeriod method prepopulateWithValue.
private void prepopulateWithValue(byte[] value) throws IOException {
PrivateKeyUsagePeriod privateKeyUsagePeriod = PrivateKeyUsagePeriod.getInstance(value);
ASN1GeneralizedTime notBefore = privateKeyUsagePeriod.getNotBefore();
if (notBefore != null) {
try {
jdtNotBefore.setDateTime(notBefore.getDate());
} catch (ParseException e) {
throw new IOException(e);
}
}
ASN1GeneralizedTime notAfter = privateKeyUsagePeriod.getNotAfter();
if (notAfter != null) {
try {
jdtNotAfter.setDateTime(notAfter.getDate());
} catch (ParseException e) {
throw new IOException(e);
}
}
}
Also used :
ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime)
ParseException(java.text.ParseException)
IOException(java.io.IOException)
PrivateKeyUsagePeriod(org.bouncycastle.asn1.x509.PrivateKeyUsagePeriod)
Aggregations
ASN1GeneralizedTime (org.bouncycastle.asn1.ASN1GeneralizedTime)20
Date (java.util.Date)11
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)8
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)8
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)7
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)7
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)7
DERIA5String (org.bouncycastle.asn1.DERIA5String)7
DEROctetString (org.bouncycastle.asn1.DEROctetString)7
IOException (java.io.IOException)6
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)6
ParseException (java.text.ParseException)5
DERBMPString (org.bouncycastle.asn1.DERBMPString)5
DERT61String (org.bouncycastle.asn1.DERT61String)5
ASN1String (org.bouncycastle.asn1.ASN1String)4
Extension (org.bouncycastle.asn1.x509.Extension)4
BigInteger (java.math.BigInteger)3
ArrayList (java.util.ArrayList)3
LinkedList (java.util.LinkedList)3
BadCertTemplateException (org.xipki.ca.api.BadCertTemplateException)3
