Example 41 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class AttributeCertificateInfo method toASN1Primitive.
/**
* Produce an object suitable for an ASN1OutputStream.
* <pre>
* AttributeCertificateInfo ::= SEQUENCE {
* version AttCertVersion -- version is v2,
* holder Holder,
* issuer AttCertIssuer,
* signature AlgorithmIdentifier,
* serialNumber CertificateSerialNumber,
* attrCertValidityPeriod AttCertValidityPeriod,
* attributes SEQUENCE OF Attribute,
* issuerUniqueID UniqueIdentifier OPTIONAL,
* extensions Extensions OPTIONAL
* }
*
* AttCertVersion ::= INTEGER { v2(1) }
* </pre>
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(version);
v.add(holder);
v.add(issuer);
v.add(signature);
v.add(serialNumber);
v.add(attrCertValidityPeriod);
v.add(attributes);
if (issuerUniqueID != null) {
v.add(issuerUniqueID);
}
if (extensions != null) {
v.add(extensions);
}
return new DERSequence(v);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
Example 42 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class AttributeTable method addAttribute.
private void addAttribute(ASN1ObjectIdentifier oid, Attribute a) {
Object value = attributes.get(oid);
if (value == null) {
attributes.put(oid, a);
} else {
Vector v;
if (value instanceof Attribute) {
v = new Vector();
v.addElement(value);
v.addElement(a);
} else {
v = (Vector) value;
v.addElement(a);
}
attributes.put(oid, v);
}
}
Also used :
Vector(java.util.Vector)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
Example 43 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class PrivateKeyInfo method toASN1Primitive.
/**
* write out an RSA private key with its associated information
* as described in PKCS8.
* <pre>
* PrivateKeyInfo ::= SEQUENCE {
* version Version,
* privateKeyAlgorithm AlgorithmIdentifier {{PrivateKeyAlgorithms}},
* privateKey PrivateKey,
* attributes [0] IMPLICIT Attributes OPTIONAL
* }
* Version ::= INTEGER {v1(0)} (v1,...)
*
* PrivateKey ::= OCTET STRING
*
* Attributes ::= SET OF Attribute
* </pre>
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(new ASN1Integer(0));
v.add(algId);
v.add(privKey);
if (attributes != null) {
v.add(new DERTaggedObject(false, 0, attributes));
}
return new DERSequence(v);
}
Also used :
DERSequence(org.bouncycastle.asn1.DERSequence)
DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject)
ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector)
ASN1Integer(org.bouncycastle.asn1.ASN1Integer)
Example 44 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project robovm by robovm.
the class RFC3280CertPathUtilities method processCRLB1.
/**
* If the DP includes cRLIssuer, then verify that the issuer field in the
* complete CRL matches cRLIssuer in the DP and that the complete CRL
* contains an issuing distribution point extension with the indirectCRL
* boolean asserted. Otherwise, verify that the CRL issuer matches the
* certificate issuer.
*
* @param dp The distribution point.
* @param cert The certificate ot attribute certificate.
* @param crl The CRL for <code>cert</code>.
* @throws AnnotatedException if one of the above conditions does not apply or an error
* occurs.
*/
protected static void processCRLB1(DistributionPoint dp, Object cert, X509CRL crl) throws AnnotatedException {
ASN1Primitive idp = CertPathValidatorUtilities.getExtensionValue(crl, ISSUING_DISTRIBUTION_POINT);
boolean isIndirect = false;
if (idp != null) {
if (IssuingDistributionPoint.getInstance(idp).isIndirectCRL()) {
isIndirect = true;
}
}
byte[] issuerBytes = CertPathValidatorUtilities.getIssuerPrincipal(crl).getEncoded();
boolean matchIssuer = false;
if (dp.getCRLIssuer() != null) {
GeneralName[] genNames = dp.getCRLIssuer().getNames();
for (int j = 0; j < genNames.length; j++) {
if (genNames[j].getTagNo() == GeneralName.directoryName) {
try {
if (Arrays.areEqual(genNames[j].getName().toASN1Primitive().getEncoded(), issuerBytes)) {
matchIssuer = true;
}
} catch (IOException e) {
throw new AnnotatedException("CRL issuer information from distribution point cannot be decoded.", e);
}
}
}
if (matchIssuer && !isIndirect) {
throw new AnnotatedException("Distribution point contains cRLIssuer field but CRL is not indirect.");
}
if (!matchIssuer) {
throw new AnnotatedException("CRL issuer of CRL does not match CRL issuer of distribution point.");
}
} else {
if (CertPathValidatorUtilities.getIssuerPrincipal(crl).equals(CertPathValidatorUtilities.getEncodedIssuerPrincipal(cert))) {
matchIssuer = true;
}
}
if (!matchIssuer) {
throw new AnnotatedException("Cannot find matching CRL issuer for certificate.");
}
}
Also used :
GeneralName(org.bouncycastle.asn1.x509.GeneralName)
IOException(java.io.IOException)
ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)
IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint)
CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint)
DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)
Example 45 with Attribute
use of org.bouncycastle.asn1.pkcs.Attribute in project nhin-d by DirectProject.
the class IssuerAttributeField method injectReferenceValue.
/**
* {@inheritDoc}
*/
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
this.certificate = value;
if (rdnAttributeId.equals(RDNAttributeIdentifier.DISTINGUISHED_NAME)) {
final Collection<String> str = Arrays.asList(certificate.getIssuerX500Principal().getName(X500Principal.RFC2253));
this.policyValue = PolicyValueFactory.getInstance(str);
return;
}
DERObject tbsValue = null;
try {
tbsValue = this.getDERObject(certificate.getTBSCertificate());
}///CLOVER:OFF
catch (Exception e) {
throw new PolicyProcessException("Exception parsing TBS certificate fields.", e);
}
///CLOVER:ON
final TBSCertificateStructure tbsStruct = TBSCertificateStructure.getInstance(tbsValue);
final X509Name x509Name = getX509Name(tbsStruct);
@SuppressWarnings("unchecked") final Vector<String> values = x509Name.getValues(new DERObjectIdentifier(getRDNAttributeFieldId().getId()));
if (values.isEmpty() && this.isRequired())
throw new PolicyRequiredException(getFieldName() + " field attribute " + rdnAttributeId.getName() + " is marked as required but is not present.");
final Collection<String> retVal = values;
this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
DERObject(org.bouncycastle.asn1.DERObject)
X509Name(org.bouncycastle.asn1.x509.X509Name)
TBSCertificateStructure(org.bouncycastle.asn1.x509.TBSCertificateStructure)
DERObjectIdentifier(org.bouncycastle.asn1.DERObjectIdentifier)
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Aggregations
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)18
IOException (java.io.IOException)16
ArrayList (java.util.ArrayList)13
List (java.util.List)11
Attribute (org.bouncycastle.asn1.cms.Attribute)10
X509Certificate (java.security.cert.X509Certificate)9
DEROctetString (org.bouncycastle.asn1.DEROctetString)9
DERSequence (org.bouncycastle.asn1.DERSequence)9
GeneralName (org.bouncycastle.asn1.x509.GeneralName)9
Iterator (java.util.Iterator)8
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)8
DERObject (org.bouncycastle.asn1.DERObject)8
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)6
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)6
ASN1Set (org.bouncycastle.asn1.ASN1Set)6
AttributeTable (org.bouncycastle.asn1.cms.AttributeTable)6
Enumeration (java.util.Enumeration)5
X500Principal (javax.security.auth.x500.X500Principal)5
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)4
Vector (java.util.Vector)4
