Example 6 with AttributeTypeAndValue
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project XobotOS by xamarin.
the class IETFUtils method appendTypeAndValue.
public static void appendTypeAndValue(StringBuffer buf, AttributeTypeAndValue typeAndValue, Hashtable oidSymbols) {
String sym = (String) oidSymbols.get(typeAndValue.getType());
if (sym != null) {
buf.append(sym);
} else {
buf.append(typeAndValue.getType().getId());
}
buf.append('=');
buf.append(valueToString(typeAndValue.getValue()));
}
Also used :
ASN1String(org.bouncycastle.asn1.ASN1String)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
Example 7 with AttributeTypeAndValue
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project XobotOS by xamarin.
the class RFC4519Style method atvAreEqual.
private boolean atvAreEqual(AttributeTypeAndValue atv1, AttributeTypeAndValue atv2) {
if (atv1 == atv2) {
return true;
}
if (atv1 == null) {
return false;
}
if (atv2 == null) {
return false;
}
ASN1ObjectIdentifier o1 = atv1.getType();
ASN1ObjectIdentifier o2 = atv2.getType();
if (!o1.equals(o2)) {
return false;
}
String v1 = IETFUtils.canonicalize(IETFUtils.valueToString(atv1.getValue()));
String v2 = IETFUtils.canonicalize(IETFUtils.valueToString(atv2.getValue()));
if (!v1.equals(v2)) {
return false;
}
return true;
}
Also used :
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 8 with AttributeTypeAndValue
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class BaseX509Certprofile method getSubject.
@Override
public SubjectInfo getSubject(X500Name requestedSubject) throws CertprofileException, BadCertTemplateException {
ParamUtil.requireNonNull("requestedSubject", requestedSubject);
verifySubjectDnOccurence(requestedSubject);
RDN[] requstedRdns = requestedSubject.getRDNs();
SubjectControl scontrol = getSubjectControl();
List<RDN> rdns = new LinkedList<>();
for (ASN1ObjectIdentifier type : scontrol.getTypes()) {
RdnControl control = scontrol.getControl(type);
if (control == null) {
continue;
}
RDN[] thisRdns = getRdns(requstedRdns, type);
if (thisRdns == null) {
continue;
}
int len = thisRdns.length;
if (len == 0) {
continue;
}
if (ObjectIdentifiers.DN_EmailAddress.equals(type)) {
throw new BadCertTemplateException("emailAddress is not allowed");
}
if (len == 1) {
ASN1Encodable rdnValue = thisRdns[0].getFirst().getValue();
RDN rdn;
if (ObjectIdentifiers.DN_DATE_OF_BIRTH.equals(type)) {
rdn = createDateOfBirthRdn(type, rdnValue);
} else if (ObjectIdentifiers.DN_POSTAL_ADDRESS.equals(type)) {
rdn = createPostalAddressRdn(type, rdnValue, control, 0);
} else {
String value = X509Util.rdnValueToString(rdnValue);
rdn = createSubjectRdn(value, type, control, 0);
}
if (rdn != null) {
rdns.add(rdn);
}
} else {
if (ObjectIdentifiers.DN_DATE_OF_BIRTH.equals(type)) {
for (int i = 0; i < len; i++) {
RDN rdn = createDateOfBirthRdn(type, thisRdns[i].getFirst().getValue());
rdns.add(rdn);
}
} else if (ObjectIdentifiers.DN_POSTAL_ADDRESS.equals(type)) {
for (int i = 0; i < len; i++) {
RDN rdn = createPostalAddressRdn(type, thisRdns[i].getFirst().getValue(), control, i);
rdns.add(rdn);
}
} else {
String[] values = new String[len];
for (int i = 0; i < len; i++) {
values[i] = X509Util.rdnValueToString(thisRdns[i].getFirst().getValue());
}
values = sortRdns(control, values);
int idx = 0;
for (String value : values) {
rdns.add(createSubjectRdn(value, type, control, idx++));
}
}
// if
}
// if
}
// for
Set<String> subjectDnGroups = scontrol.getGroups();
if (CollectionUtil.isNonEmpty(subjectDnGroups)) {
Set<String> consideredGroups = new HashSet<>();
final int n = rdns.size();
List<RDN> newRdns = new ArrayList<>(rdns.size());
for (int i = 0; i < n; i++) {
RDN rdn = rdns.get(i);
ASN1ObjectIdentifier type = rdn.getFirst().getType();
String group = scontrol.getGroup(type);
if (group == null) {
newRdns.add(rdn);
} else if (!consideredGroups.contains(group)) {
List<AttributeTypeAndValue> atvs = new LinkedList<>();
atvs.add(rdn.getFirst());
for (int j = i + 1; j < n; j++) {
RDN rdn2 = rdns.get(j);
ASN1ObjectIdentifier type2 = rdn2.getFirst().getType();
String group2 = scontrol.getGroup(type2);
if (group.equals(group2)) {
atvs.add(rdn2.getFirst());
}
}
newRdns.add(new RDN(atvs.toArray(new AttributeTypeAndValue[0])));
consideredGroups.add(group);
}
}
// for
rdns = newRdns;
}
// if
X500Name grantedSubject = new X500Name(rdns.toArray(new RDN[0]));
return new SubjectInfo(grantedSubject, null);
}
Also used :
ArrayList(java.util.ArrayList)
ASN1String(org.bouncycastle.asn1.ASN1String)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
X500Name(org.bouncycastle.asn1.x500.X500Name)
LinkedList(java.util.LinkedList)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
RdnControl(org.xipki.ca.api.profile.RdnControl)
BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException)
ArrayList(java.util.ArrayList)
LinkedList(java.util.LinkedList)
List(java.util.List)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
RDN(org.bouncycastle.asn1.x500.RDN)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
HashSet(java.util.HashSet)
Example 9 with AttributeTypeAndValue
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class X509Util method canonicalizName.
public static String canonicalizName(X500Name name) {
ParamUtil.requireNonNull("name", name);
ASN1ObjectIdentifier[] tmpTypes = name.getAttributeTypes();
int len = tmpTypes.length;
List<String> types = new ArrayList<>(len);
for (ASN1ObjectIdentifier type : tmpTypes) {
types.add(type.getId());
}
Collections.sort(types);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < len; i++) {
String type = types.get(i);
if (i > 0) {
sb.append(",");
}
sb.append(type).append("=");
RDN[] rdns = name.getRDNs(new ASN1ObjectIdentifier(type));
List<String> values = new ArrayList<>(1);
for (int j = 0; j < rdns.length; j++) {
RDN rdn = rdns[j];
if (rdn.isMultiValued()) {
AttributeTypeAndValue[] atvs = rdn.getTypesAndValues();
for (AttributeTypeAndValue atv : atvs) {
if (type.equals(atv.getType().getId())) {
String textValue = IETFUtils.valueToString(atv.getValue()).toLowerCase();
values.add(textValue);
}
}
} else {
String textValue = IETFUtils.valueToString(rdn.getFirst().getValue()).toLowerCase();
values.add(textValue);
}
}
// end for(j)
sb.append(values.get(0));
final int n2 = values.size();
if (n2 > 1) {
for (int j = 1; j < n2; j++) {
sb.append(";").append(values.get(j));
}
}
}
return sb.toString();
}
Also used :
ArrayList(java.util.ArrayList)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
DirectoryString(org.bouncycastle.asn1.x500.DirectoryString)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
ASN1String(org.bouncycastle.asn1.ASN1String)
DERUniversalString(org.bouncycastle.asn1.DERUniversalString)
RDN(org.bouncycastle.asn1.x500.RDN)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
Example 10 with AttributeTypeAndValue
use of org.bouncycastle.asn1.crmf.AttributeTypeAndValue in project xipki by xipki.
the class SubjectChecker method checkSubjectAttributeMultiValued.
// method checkSubjectAttributeNotMultiValued
private ValidationIssue checkSubjectAttributeMultiValued(ASN1ObjectIdentifier type, X500Name subject, X500Name requestedSubject) throws BadCertTemplateException {
ValidationIssue issue = createSubjectIssue(type);
RDN[] rdns = subject.getRDNs(type);
int rdnsSize = (rdns == null) ? 0 : rdns.length;
RDN[] requestedRdns = requestedSubject.getRDNs(type);
if (rdnsSize != 1) {
if (rdnsSize == 0) {
// check optional attribute but is present in requestedSubject
if (requestedRdns != null && requestedRdns.length > 0) {
issue.setFailureMessage("is absent but expected present");
}
} else {
issue.setFailureMessage("number of RDNs '" + rdnsSize + "' is not 1");
}
return issue;
}
// control
final RdnControl rdnControl = subjectControl.getControl(type);
// check the encoding
StringType stringType = null;
if (rdnControl != null) {
stringType = rdnControl.getStringType();
}
List<String> requestedCoreAtvTextValues = new LinkedList<>();
if (requestedRdns != null) {
for (RDN requestedRdn : requestedRdns) {
String textValue = getRdnTextValueOfRequest(requestedRdn);
requestedCoreAtvTextValues.add(textValue);
}
if (rdnControl != null && rdnControl.getPatterns() != null) {
// sort the requestedRDNs
requestedCoreAtvTextValues = sort(requestedCoreAtvTextValues, rdnControl.getPatterns());
}
}
if (rdns == null) {
// return always false, only to make the null checker happy
return issue;
}
StringBuilder failureMsg = new StringBuilder();
AttributeTypeAndValue[] li = rdns[0].getTypesAndValues();
List<AttributeTypeAndValue> atvs = new LinkedList<>();
for (AttributeTypeAndValue m : li) {
if (type.equals(m.getType())) {
atvs.add(m);
}
}
final int atvsSize = atvs.size();
int minOccurs = (rdnControl == null) ? 0 : rdnControl.getMinOccurs();
int maxOccurs = (rdnControl == null) ? 0 : rdnControl.getMaxOccurs();
if (atvsSize < minOccurs || atvsSize > maxOccurs) {
issue.setFailureMessage("number of AttributeTypeAndValuess '" + atvsSize + "' is not within [" + minOccurs + ", " + maxOccurs + "]");
return issue;
}
for (int i = 0; i < atvsSize; i++) {
AttributeTypeAndValue atv = atvs.get(i);
String atvTextValue = getAtvValueString("AttributeTypeAndValue[" + i + "]", atv, stringType, failureMsg);
if (atvTextValue == null) {
continue;
}
checkAttributeTypeAndValue("AttributeTypeAndValue[" + i + "]", type, atvTextValue, rdnControl, requestedCoreAtvTextValues, i, failureMsg);
}
int len = failureMsg.length();
if (len > 2) {
failureMsg.delete(len - 2, len);
issue.setFailureMessage(failureMsg.toString());
}
return issue;
}
Also used :
StringType(org.xipki.ca.api.profile.StringType)
DERBMPString(org.bouncycastle.asn1.DERBMPString)
DERIA5String(org.bouncycastle.asn1.DERIA5String)
DERUTF8String(org.bouncycastle.asn1.DERUTF8String)
DERT61String(org.bouncycastle.asn1.DERT61String)
DERPrintableString(org.bouncycastle.asn1.DERPrintableString)
ValidationIssue(org.xipki.common.qa.ValidationIssue)
LinkedList(java.util.LinkedList)
AttributeTypeAndValue(org.bouncycastle.asn1.x500.AttributeTypeAndValue)
RdnControl(org.xipki.ca.api.profile.RdnControl)
RDN(org.bouncycastle.asn1.x500.RDN)
Aggregations
AttributeTypeAndValue (org.bouncycastle.asn1.x500.AttributeTypeAndValue)13
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)12
RDN (org.bouncycastle.asn1.x500.RDN)12
DERUTF8String (org.bouncycastle.asn1.DERUTF8String)8
DERIA5String (org.bouncycastle.asn1.DERIA5String)7
X500Name (org.bouncycastle.asn1.x500.X500Name)7
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)6
ASN1String (org.bouncycastle.asn1.ASN1String)6
DERPrintableString (org.bouncycastle.asn1.DERPrintableString)6
DERUniversalString (org.bouncycastle.asn1.DERUniversalString)6
ArrayList (java.util.ArrayList)5
DERBMPString (org.bouncycastle.asn1.DERBMPString)4
LinkedList (java.util.LinkedList)3
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3
DEROctetString (org.bouncycastle.asn1.DEROctetString)3
DERT61String (org.bouncycastle.asn1.DERT61String)3
PKIBody (org.bouncycastle.asn1.cmp.PKIBody)3
PKIMessage (org.bouncycastle.asn1.cmp.PKIMessage)3
AttributeTypeAndValue (org.bouncycastle.asn1.crmf.AttributeTypeAndValue)3
CertReqMessages (org.bouncycastle.asn1.crmf.CertReqMessages)3
