Search in sources :

Example 71 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class XmlX509CertprofileUtil method createCertificatePolicies.

public static org.bouncycastle.asn1.x509.CertificatePolicies createCertificatePolicies(List<CertificatePolicyInformation> policyInfos) throws CertprofileException {
    ParamUtil.requireNonEmpty("policyInfos", policyInfos);
    int size = policyInfos.size();
    PolicyInformation[] infos = new PolicyInformation[size];
    int idx = 0;
    for (CertificatePolicyInformation policyInfo : policyInfos) {
        String policyId = policyInfo.getCertPolicyId();
        List<CertificatePolicyQualifier> qualifiers = policyInfo.getQualifiers();
        ASN1Sequence policyQualifiers = null;
        if (CollectionUtil.isNonEmpty(qualifiers)) {
            policyQualifiers = createPolicyQualifiers(qualifiers);
        }
        ASN1ObjectIdentifier policyOid = new ASN1ObjectIdentifier(policyId);
        infos[idx++] = (policyQualifiers == null) ? new PolicyInformation(policyOid) : new PolicyInformation(policyOid, policyQualifiers);
    }
    return new org.bouncycastle.asn1.x509.CertificatePolicies(infos);
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation) CertificatePolicyInformation(org.xipki.ca.api.profile.x509.CertificatePolicyInformation) CertificatePolicyInformation(org.xipki.ca.api.profile.x509.CertificatePolicyInformation) CertificatePolicies(org.xipki.ca.certprofile.x509.jaxb.CertificatePolicies) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) CertificatePolicyQualifier(org.xipki.ca.api.profile.x509.CertificatePolicyQualifier) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 72 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class XmlX509CertprofileUtil method buildNamingAuthority.

private static NamingAuthority buildNamingAuthority(NamingAuthorityType jaxb) {
    ASN1ObjectIdentifier oid = (jaxb.getOid() == null) ? null : new ASN1ObjectIdentifier(jaxb.getOid().getValue());
    String url = StringUtil.isBlank(jaxb.getUrl()) ? null : jaxb.getUrl();
    DirectoryString text = StringUtil.isBlank(jaxb.getText()) ? null : new DirectoryString(jaxb.getText());
    return new NamingAuthority(oid, url, text);
}
Also used : NamingAuthority(org.bouncycastle.asn1.isismtt.x509.NamingAuthority) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 73 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class XmlX509CertprofileUtil method buildKeyAlgorithms.

public static Map<ASN1ObjectIdentifier, KeyParametersOption> buildKeyAlgorithms(KeyAlgorithms keyAlgos) throws CertprofileException {
    ParamUtil.requireNonNull("keyAlgos", keyAlgos);
    Map<ASN1ObjectIdentifier, KeyParametersOption> keyAlgorithms = new HashMap<>();
    for (AlgorithmType type : keyAlgos.getAlgorithm()) {
        List<OidWithDescType> algIds = type.getAlgorithm();
        List<ASN1ObjectIdentifier> oids = new ArrayList<>(algIds.size());
        for (OidWithDescType algId : algIds) {
            ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(algId.getValue());
            if (keyAlgorithms.containsKey(oid)) {
                throw new CertprofileException("duplicate definition of keyAlgorithm " + oid.getId());
            }
            oids.add(oid);
        }
        KeyParametersOption keyParamsOption = convertKeyParametersOption(type);
        for (ASN1ObjectIdentifier oid : oids) {
            keyAlgorithms.put(oid, keyParamsOption);
        }
    }
    return CollectionUtil.unmodifiableMap(keyAlgorithms);
}
Also used : OidWithDescType(org.xipki.ca.certprofile.x509.jaxb.OidWithDescType) AlgorithmType(org.xipki.ca.certprofile.x509.jaxb.AlgorithmType) KeyParametersOption(org.xipki.ca.api.profile.KeyParametersOption) HashMap(java.util.HashMap) CertprofileException(org.xipki.ca.api.profile.CertprofileException) ArrayList(java.util.ArrayList) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 74 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class BaseX509Certprofile method createPostalAddressRdn.

private static RDN createPostalAddressRdn(ASN1ObjectIdentifier type, ASN1Encodable rdnValue, RdnControl control, int index) throws BadCertTemplateException {
    ParamUtil.requireNonNull("type", type);
    if (!(rdnValue instanceof ASN1Sequence)) {
        throw new BadCertTemplateException("rdnValue of RDN postalAddress has incorrect syntax");
    }
    ASN1Sequence seq = (ASN1Sequence) rdnValue;
    final int size = seq.size();
    if (size < 1 || size > 6) {
        throw new BadCertTemplateException("Sequence size of RDN postalAddress is not within [1, 6]: " + size);
    }
    ASN1EncodableVector vec = new ASN1EncodableVector();
    for (int i = 0; i < size; i++) {
        ASN1Encodable line = seq.getObjectAt(i);
        String text;
        if (line instanceof ASN1String && !(line instanceof DERUniversalString)) {
            text = ((ASN1String) line).getString();
        } else {
            throw new BadCertTemplateException(String.format("postalAddress[%d] has incorrect syntax", i));
        }
        ASN1Encodable asn1Line = createRdnValue(text, type, control, index);
        vec.add(asn1Line);
    }
    return new RDN(type, new DERSequence(vec));
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1String(org.bouncycastle.asn1.ASN1String) RDN(org.bouncycastle.asn1.x500.RDN)

Example 75 with ASN1ObjectIdentifier

use of org.bouncycastle.asn1.ASN1ObjectIdentifier in project xipki by xipki.

the class BaseX509Certprofile method createDateOfBirthRdn.

private static RDN createDateOfBirthRdn(ASN1ObjectIdentifier type, ASN1Encodable rdnValue) throws BadCertTemplateException {
    ParamUtil.requireNonNull("type", type);
    String text;
    ASN1Encodable newRdnValue = null;
    if (rdnValue instanceof ASN1GeneralizedTime) {
        text = ((ASN1GeneralizedTime) rdnValue).getTimeString();
        newRdnValue = rdnValue;
    } else if (rdnValue instanceof ASN1String && !(rdnValue instanceof DERUniversalString)) {
        text = ((ASN1String) rdnValue).getString();
    } else {
        throw new BadCertTemplateException("Value of RDN dateOfBirth has incorrect syntax");
    }
    if (!SubjectDnSpec.PATTERN_DATE_OF_BIRTH.matcher(text).matches()) {
        throw new BadCertTemplateException("Value of RDN dateOfBirth does not have format YYYMMDD000000Z");
    }
    if (newRdnValue == null) {
        newRdnValue = new DERGeneralizedTime(text);
    }
    return new RDN(type, newRdnValue);
}
Also used : DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime) BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1String(org.bouncycastle.asn1.ASN1String) RDN(org.bouncycastle.asn1.x500.RDN)

Aggregations

ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)331 IOException (java.io.IOException)85 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)80 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)61 DEROctetString (org.bouncycastle.asn1.DEROctetString)60 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)57 DERIA5String (org.bouncycastle.asn1.DERIA5String)57 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)52 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)50 DERSequence (org.bouncycastle.asn1.DERSequence)47 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)44 ASN1String (org.bouncycastle.asn1.ASN1String)41 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)38 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)37 Extension (org.bouncycastle.asn1.x509.Extension)36 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)35 ArrayList (java.util.ArrayList)34 BigInteger (java.math.BigInteger)33 X500Name (org.bouncycastle.asn1.x500.X500Name)33 HashSet (java.util.HashSet)31