use of org.bouncycastle.asn1.x509.CertPolicyId in project robovm by robovm.
the class PolicyInformation method toASN1Primitive.
/*
* PolicyInformation ::= SEQUENCE {
* policyIdentifier CertPolicyId,
* policyQualifiers SEQUENCE SIZE (1..MAX) OF
* PolicyQualifierInfo OPTIONAL }
*/
public ASN1Primitive toASN1Primitive() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(policyIdentifier);
if (policyQualifiers != null) {
v.add(policyQualifiers);
}
return new DERSequence(v);
}
use of org.bouncycastle.asn1.x509.CertPolicyId in project XobotOS by xamarin.
the class PolicyInformation method toASN1Object.
/*
* PolicyInformation ::= SEQUENCE {
* policyIdentifier CertPolicyId,
* policyQualifiers SEQUENCE SIZE (1..MAX) OF
* PolicyQualifierInfo OPTIONAL }
*/
public DERObject toASN1Object() {
ASN1EncodableVector v = new ASN1EncodableVector();
v.add(policyIdentifier);
if (policyQualifiers != null) {
v.add(policyQualifiers);
}
return new DERSequence(v);
}
use of org.bouncycastle.asn1.x509.CertPolicyId in project keystore-explorer by kaikramer.
the class X509Ext method getCertificatePoliciesStringValue.
private String getCertificatePoliciesStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* CertificatePolicies ::= ASN1Sequence SIZE (1..MAX) OF PolicyInformation
*
* PolicyInformation ::= ASN1Sequence
* {
* policyIdentifier CertPolicyId,
* policyQualifiers ASN1Sequence SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
* }
*
* CertPolicyId ::= OBJECT IDENTIFIER
*
* PolicyQualifierInfo ::= ASN1Sequence
* {
* policyQualifierId PolicyQualifierId,
* qualifier ANY DEFINED BY policyQualifierId
* }
*
* PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
*
* Qualifier ::= CHOICE
* {
* cPSuri CPSuri,
* userNotice UserNotice
* }
*
* CPSuri ::= DERIA5String
*
* UserNotice ::= ASN1Sequence
* {
* noticeRef NoticeReference OPTIONAL,
* explicitText DisplayText OPTIONAL
* }
*
* NoticeReference ::= ASN1Sequence
* {
* organization DisplayText,
* noticeNumbers ASN1Sequence OF ASN1Integer
* }
*
* DisplayText ::= CHOICE
* {
* ia5String DERIA5String (SIZE (1..200)),
* visibleString VisibleString (SIZE (1..200)),
* bmpString BMPString (SIZE (1..200)),
* utf8String UTF8String (SIZE (1..200))
* }
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
CertificatePolicies certificatePolicies = CertificatePolicies.getInstance(value);
int certPolicy = 0;
for (PolicyInformation policyInformation : certificatePolicies.getPolicyInformation()) {
certPolicy++;
sb.append(MessageFormat.format(res.getString("CertificatePolicy"), certPolicy));
sb.append(NEWLINE);
ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier();
String policyIdentifierStr = ObjectIdUtil.toString(policyIdentifier);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("PolicyIdentifier"), policyIdentifierStr));
sb.append(NEWLINE);
ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers();
if (policyQualifiers != null) {
// Optional
int policyQual = 0;
for (ASN1Encodable policyQualifier : policyQualifiers.toArray()) {
ASN1Sequence policyQualifierInfo = (ASN1Sequence) policyQualifier;
sb.append(INDENT.toString(1));
sb.append(MessageFormat.format(res.getString("PolicyQualifierInformation"), certPolicy, ++policyQual));
sb.append(NEWLINE);
ASN1ObjectIdentifier policyQualifierId = (ASN1ObjectIdentifier) policyQualifierInfo.getObjectAt(0);
CertificatePolicyQualifierType certificatePolicyQualifierType = CertificatePolicyQualifierType.resolveOid(policyQualifierId.getId());
if (certificatePolicyQualifierType != null) {
sb.append(INDENT.toString(2));
sb.append(certificatePolicyQualifierType.friendly());
sb.append(NEWLINE);
if (certificatePolicyQualifierType == PKIX_CPS_POINTER_QUALIFIER) {
DERIA5String cpsPointer = (DERIA5String) policyQualifierInfo.getObjectAt(1);
sb.append(INDENT.toString(2));
sb.append(MessageFormat.format(res.getString("CpsPointer"), "<a href=\"" + cpsPointer + "\">" + cpsPointer + "</a>"));
sb.append(NEWLINE);
} else if (certificatePolicyQualifierType == PKIX_USER_NOTICE_QUALIFIER) {
ASN1Encodable userNoticeObj = policyQualifierInfo.getObjectAt(1);
UserNotice userNotice = UserNotice.getInstance(userNoticeObj);
sb.append(INDENT.toString(2));
sb.append(res.getString("UserNotice"));
sb.append(NEWLINE);
NoticeReference noticeReference = userNotice.getNoticeRef();
DisplayText explicitText = userNotice.getExplicitText();
if (noticeReference != null) {
// Optional
sb.append(INDENT.toString(3));
sb.append(res.getString("NoticeReference"));
sb.append(NEWLINE);
DisplayText organization = noticeReference.getOrganization();
String organizationString = organization.getString();
sb.append(INDENT.toString(4));
sb.append(MessageFormat.format(res.getString("Organization"), organizationString));
sb.append(NEWLINE);
ASN1Integer[] noticeNumbers = noticeReference.getNoticeNumbers();
StringBuilder sbNoticeNumbers = new StringBuilder();
for (ASN1Integer noticeNumber : noticeNumbers) {
sbNoticeNumbers.append(noticeNumber.getValue().intValue());
sbNoticeNumbers.append(", ");
}
sbNoticeNumbers.setLength(sbNoticeNumbers.length() - 2);
sb.append(INDENT.toString(4));
sb.append(MessageFormat.format(res.getString("NoticeNumbers"), sbNoticeNumbers.toString()));
sb.append(NEWLINE);
}
if (explicitText != null) {
// Optional
String explicitTextString = explicitText.getString();
sb.append(INDENT.toString(3));
sb.append(MessageFormat.format(res.getString("ExplicitText"), explicitTextString));
sb.append(NEWLINE);
}
}
}
}
}
}
return sb.toString();
}
use of org.bouncycastle.asn1.x509.CertPolicyId in project keystore-explorer by kaikramer.
the class X509Ext method getPolicyMappingsStringValue.
private String getPolicyMappingsStringValue(byte[] value) throws IOException {
// @formatter:off
/*
* PolicyMappings ::= ASN1Sequence SIZE (1..MAX) OF PolicyMappings
*
* PolicyMappings ::= ASN1Sequence { issuerDomainPolicy CertPolicyId,
* subjectDomainPolicy CertPolicyId }
*
* CertPolicyId ::= OBJECT IDENTIFIER
*/
// @formatter:on
StringBuilder sb = new StringBuilder();
PolicyMappings policyMappings = PolicyMappings.getInstance(value);
ASN1Sequence policyMappingsSeq = (ASN1Sequence) policyMappings.toASN1Primitive();
int polMap = 0;
for (ASN1Encodable policyMapping : policyMappingsSeq.toArray()) {
ASN1Sequence policyMappingSeq = ASN1Sequence.getInstance(policyMapping.toASN1Primitive());
polMap++;
sb.append(MessageFormat.format(res.getString("PolicyMapping"), polMap));
sb.append(NEWLINE);
ASN1ObjectIdentifier issuerDomainPolicy = (ASN1ObjectIdentifier) policyMappingSeq.getObjectAt(0);
ASN1ObjectIdentifier subjectDomainPolicy = (ASN1ObjectIdentifier) policyMappingSeq.getObjectAt(1);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("IssuerDomainPolicy"), ObjectIdUtil.toString(issuerDomainPolicy)));
sb.append(NEWLINE);
sb.append(INDENT);
sb.append(MessageFormat.format(res.getString("SubjectDomainPolicy"), ObjectIdUtil.toString(subjectDomainPolicy)));
sb.append(NEWLINE);
}
return sb.toString();
}
use of org.bouncycastle.asn1.x509.CertPolicyId in project xipki by xipki.
the class ExtensionsChecker method checkExtensionPolicyMappings.
// method checkExtensionCertificatePolicies
private void checkExtensionPolicyMappings(StringBuilder failureMsg, byte[] extensionValue, Extensions requestedExtensions, ExtensionControl extControl) {
QaPolicyMappingsOption conf = policyMappings;
if (conf == null) {
byte[] expected = getExpectedExtValue(Extension.policyMappings, requestedExtensions, extControl);
if (!Arrays.equals(expected, extensionValue)) {
addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected));
}
return;
}
ASN1Sequence isPolicyMappings = DERSequence.getInstance(extensionValue);
Map<String, String> isMap = new HashMap<>();
int size = isPolicyMappings.size();
for (int i = 0; i < size; i++) {
ASN1Sequence seq = ASN1Sequence.getInstance(isPolicyMappings.getObjectAt(i));
CertPolicyId issuerDomainPolicy = CertPolicyId.getInstance(seq.getObjectAt(0));
CertPolicyId subjectDomainPolicy = CertPolicyId.getInstance(seq.getObjectAt(1));
isMap.put(issuerDomainPolicy.getId(), subjectDomainPolicy.getId());
}
Set<String> expIssuerDomainPolicies = conf.getIssuerDomainPolicies();
for (String expIssuerDomainPolicy : expIssuerDomainPolicies) {
String expSubjectDomainPolicy = conf.addSubjectDomainPolicy(expIssuerDomainPolicy);
String isSubjectDomainPolicy = isMap.remove(expIssuerDomainPolicy);
if (isSubjectDomainPolicy == null) {
failureMsg.append("issuerDomainPolicy '").append(expIssuerDomainPolicy).append("' is absent but is required; ");
} else if (!isSubjectDomainPolicy.equals(expSubjectDomainPolicy)) {
addViolation(failureMsg, "subjectDomainPolicy for issuerDomainPolicy", isSubjectDomainPolicy, expSubjectDomainPolicy);
}
}
if (CollectionUtil.isNonEmpty(isMap)) {
failureMsg.append("issuerDomainPolicies '").append(isMap.keySet()).append("' are present but not expected; ");
}
}
Aggregations