Search in sources :

Example 56 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project robovm by robovm.

the class X509CertSelectorTest method test_addSubjectAlternativeNameLintLjava_lang_String2.

/**
     * java.security.cert.X509CertSelector#addSubjectAlternativeName(int, String)
     */
public void test_addSubjectAlternativeNameLintLjava_lang_String2() throws Exception {
    GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
    GeneralName san2 = new GeneralName(2, "dNSName");
    GeneralNames sans1 = new GeneralNames();
    sans1.addName(san6);
    sans1.addName(san2);
    X509CertSelector selector = new X509CertSelector();
    selector.addSubjectAlternativeName(6, "http://uniform.Resource.Id");
    selector.addSubjectAlternativeName(2, "dNSName");
    GeneralNames sans2 = new GeneralNames();
    sans2.addName(san2);
    TestCert cert1 = new TestCert(sans1);
    TestCert cert2 = new TestCert(sans2);
    assertTrue(selector.match(cert1));
    assertFalse(selector.match(cert2));
    selector.setSubjectAlternativeNames(null);
    GeneralName name = new GeneralName(new Name("O=Android"));
    try {
        selector.addSubjectAlternativeName(0, (name.toString()));
    } catch (IOException e) {
    // ok
    }
}
Also used : GeneralNames(org.apache.harmony.security.x509.GeneralNames) X509CertSelector(java.security.cert.X509CertSelector) GeneralName(org.apache.harmony.security.x509.GeneralName) IOException(java.io.IOException) GeneralName(org.apache.harmony.security.x509.GeneralName) OtherName(org.apache.harmony.security.x509.OtherName) Name(org.apache.harmony.security.x501.Name)

Example 57 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project robovm by robovm.

the class X509CertSelectorTest method test_setPathToNamesLjava_util_Collection.

/**
     * java.security.cert.X509CertSelector#setPathToNames(Collection<List<?>>)
     */
public void test_setPathToNamesLjava_util_Collection() throws Exception {
    GeneralName san0 = new GeneralName(new OtherName("1.2.3.4.5", new byte[] { 1, 2, 0, 1 }));
    GeneralName san1 = new GeneralName(1, "rfc@822.Name");
    GeneralName san2 = new GeneralName(2, "dNSName");
    GeneralName san3 = new GeneralName(new ORAddress());
    GeneralName san4 = new GeneralName(new Name("O=Organization"));
    GeneralName san6 = new GeneralName(6, "http://uniform.Resource.Id");
    GeneralName san7 = new GeneralName(7, "1.1.1.1");
    GeneralName san8 = new GeneralName(8, "1.2.3.4444.55555");
    GeneralNames sans1 = new GeneralNames();
    sans1.addName(san0);
    sans1.addName(san1);
    sans1.addName(san2);
    sans1.addName(san3);
    sans1.addName(san4);
    sans1.addName(san6);
    sans1.addName(san7);
    sans1.addName(san8);
    GeneralNames sans2 = new GeneralNames();
    sans2.addName(san0);
    TestCert cert1 = new TestCert(sans1);
    TestCert cert2 = new TestCert(sans2);
    X509CertSelector selector = new X509CertSelector();
    selector.setMatchAllSubjectAltNames(true);
    selector.setPathToNames(null);
    assertTrue("Any certificate should match in the case of null " + "subjectAlternativeNames criteria.", selector.match(cert1) && selector.match(cert2));
    Collection<List<?>> sans = sans1.getPairsList();
    selector.setPathToNames(sans);
    selector.getPathToNames();
}
Also used : GeneralNames(org.apache.harmony.security.x509.GeneralNames) OtherName(org.apache.harmony.security.x509.OtherName) X509CertSelector(java.security.cert.X509CertSelector) List(java.util.List) ArrayList(java.util.ArrayList) GeneralName(org.apache.harmony.security.x509.GeneralName) ORAddress(org.apache.harmony.security.x509.ORAddress) GeneralName(org.apache.harmony.security.x509.GeneralName) OtherName(org.apache.harmony.security.x509.OtherName) Name(org.apache.harmony.security.x501.Name)

Example 58 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project robovm by robovm.

the class CertPathValidatorUtilities method addAdditionalStoresFromCRLDistributionPoint.

// BEGIN android-removed
// protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect,
//                                              List certStores)
//     throws AnnotatedException
// {
//     Set certs = new HashSet();
//     Iterator iter = certStores.iterator();
//
//     while (iter.hasNext())
//     {
//         Object obj = iter.next();
//
//         if (obj instanceof X509Store)
//         {
//             X509Store certStore = (X509Store)obj;
//             try
//             {
//                 certs.addAll(certStore.getMatches(certSelect));
//             }
//             catch (StoreException e)
//             {
//                 throw new AnnotatedException(
//                         "Problem while picking certificates from X.509 store.", e);
//             }
//         }
//     }
//     return certs;
// }
// END android-removed
protected static void addAdditionalStoresFromCRLDistributionPoint(CRLDistPoint crldp, ExtendedPKIXParameters pkixParams) throws AnnotatedException {
    if (crldp != null) {
        DistributionPoint[] dps = null;
        try {
            dps = crldp.getDistributionPoints();
        } catch (Exception e) {
            throw new AnnotatedException("Distribution points could not be read.", e);
        }
        for (int i = 0; i < dps.length; i++) {
            DistributionPointName dpn = dps[i].getDistributionPoint();
            // look for URIs in fullName
            if (dpn != null) {
                if (dpn.getType() == DistributionPointName.FULL_NAME) {
                    GeneralName[] genNames = GeneralNames.getInstance(dpn.getName()).getNames();
                    // look for an URI
                    for (int j = 0; j < genNames.length; j++) {
                        if (genNames[j].getTagNo() == GeneralName.uniformResourceIdentifier) {
                            String location = DERIA5String.getInstance(genNames[j].getName()).getString();
                            CertPathValidatorUtilities.addAdditionalStoreFromLocation(location, pkixParams);
                        }
                    }
                }
            }
        }
    }
}
Also used : DistributionPointName(org.bouncycastle.asn1.x509.DistributionPointName) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) GeneralSecurityException(java.security.GeneralSecurityException) CertPathValidatorException(java.security.cert.CertPathValidatorException) ParseException(java.text.ParseException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) CertStoreException(java.security.cert.CertStoreException) CRLException(java.security.cert.CRLException) CertificateParsingException(java.security.cert.CertificateParsingException) StoreException(org.bouncycastle.util.StoreException) IOException(java.io.IOException) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)

Example 59 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project robovm by robovm.

the class X509CertSelector method toString.

/**
     * Returns a string representation of this {@code X509CertSelector}
     * instance.
     *
     * @return a string representation of this {@code X509CertSelector}
     *         instance.
     */
public String toString() {
    // For convenient reading of the string representation
    // all of the fields named according to the rfc 3280
    // (http://www.ietf.org/rfc/rfc3280.txt).
    StringBuilder result = new StringBuilder();
    result.append("X509CertSelector: \n[");
    if (this.certificateEquals != null) {
        result.append("\n  certificateEquals: ").append(certificateEquals);
    }
    if (this.serialNumber != null) {
        result.append("\n  serialNumber: ").append(serialNumber);
    }
    if (this.issuer != null) {
        result.append("\n  issuer: ").append(issuer);
    }
    if (this.subject != null) {
        result.append("\n  subject: ").append(subject);
    }
    if (this.subjectKeyIdentifier != null) {
        result.append("\n  subjectKeyIdentifier: ").append(Array.getBytesAsString(subjectKeyIdentifier));
    }
    if (this.authorityKeyIdentifier != null) {
        result.append("\n  authorityKeyIdentifier: ").append(Array.getBytesAsString(authorityKeyIdentifier));
    }
    if (this.certificateValid != null) {
        result.append("\n  certificateValid: ").append(certificateValid);
    }
    if (this.subjectPublicKeyAlgID != null) {
        result.append("\n  subjectPublicKeyAlgID: ").append(subjectPublicKeyAlgID);
    }
    if (this.privateKeyValid != null) {
        result.append("\n  privateKeyValid: ").append(privateKeyValid);
    }
    if (this.subjectPublicKey != null) {
        result.append("\n  subjectPublicKey: ").append(Array.getBytesAsString(subjectPublicKey));
    }
    if (this.keyUsage != null) {
        result.append("\n  keyUsage: \n  [");
        String[] kuNames = new String[] { "digitalSignature", "nonRepudiation", "keyEncipherment", "dataEncipherment", "keyAgreement", "keyCertSign", "cRLSign", "encipherOnly", "decipherOnly" };
        for (int i = 0; i < 9; i++) {
            if (keyUsage[i]) {
                result.append("\n    ").append(kuNames[i]);
            }
        }
        result.append("\n  ]");
    }
    if (this.extendedKeyUsage != null) {
        result.append("\n  extendedKeyUsage: ").append(extendedKeyUsage.toString());
    }
    result.append("\n  matchAllNames: ").append(matchAllNames);
    result.append("\n  pathLen: ").append(pathLen);
    if (this.subjectAltNames != null) {
        result.append("\n  subjectAltNames:  \n  [");
        for (int i = 0; i < 9; i++) {
            List<GeneralName> names = subjectAltNames[i];
            if (names != null) {
                int size = names.size();
                for (GeneralName generalName : names) {
                    result.append("\n    ").append(generalName.toString());
                }
            }
        }
        result.append("\n  ]");
    }
    if (this.nameConstraints != null) {
    }
    if (this.policies != null) {
        result.append("\n  policies: ").append(policies.toString());
    }
    if (this.pathToNames != null) {
        result.append("\n  pathToNames:  \n  [");
        for (GeneralName generalName : pathToNames) {
            result.append("\n    ").append(generalName.toString());
        }
    }
    result.append("\n]");
    return result.toString();
}
Also used : ASN1OctetString(org.apache.harmony.security.asn1.ASN1OctetString) GeneralName(org.apache.harmony.security.x509.GeneralName)

Example 60 with GeneralName

use of org.bouncycastle.asn1.x509.GeneralName in project robovm by robovm.

the class X509CertSelector method addPathToName.

/**
     * Adds a {@literal "pathToName"} to the respective criterion.
     *
     * @param type
     *            the type of the name.
     * @param name
     *            the name in string format.
     * @throws IOException
     *             if parsing fails.
     * @see #setPathToNames
     */
public void addPathToName(int type, String name) throws IOException {
    GeneralName path_name = new GeneralName(type, name);
    // create only if there was not any errors
    if (pathToNames == null) {
        pathToNames = new ArrayList<GeneralName>();
    }
    pathToNames.add(path_name);
}
Also used : GeneralName(org.apache.harmony.security.x509.GeneralName)

Aggregations

GeneralName (org.bouncycastle.asn1.x509.GeneralName)39 IOException (java.io.IOException)29 GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)24 ArrayList (java.util.ArrayList)23 List (java.util.List)20 GeneralName (org.apache.harmony.security.x509.GeneralName)18 X509Certificate (java.security.cert.X509Certificate)16 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)16 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)15 X500Name (org.bouncycastle.asn1.x500.X500Name)10 GeneralName (sun.security.x509.GeneralName)10 GeneralSecurityException (java.security.GeneralSecurityException)9 CertPathValidatorException (java.security.cert.CertPathValidatorException)9 Date (java.util.Date)9 Enumeration (java.util.Enumeration)9 BasicConstraints (org.bouncycastle.asn1.x509.BasicConstraints)9 CertificateExpiredException (java.security.cert.CertificateExpiredException)8 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)8 X500Principal (javax.security.auth.x500.X500Principal)8 DERIA5String (org.bouncycastle.asn1.DERIA5String)8