Examples with PolicyConstraints org.bouncycastle.asn1.x509.PolicyConstraints used on opensource projects

Search in sources :

Example 1 with PolicyConstraints

use of org.bouncycastle.asn1.x509.PolicyConstraints in project XobotOS by xamarin.

the class RFC3280CertPathUtilities method wrapupCertB.

protected static int wrapupCertB(CertPath certPath, int index, int explicitPolicy) throws CertPathValidatorException {
    List certs = certPath.getCertificates();
    X509Certificate cert = (X509Certificate) certs.get(index);
    //
    // (b)
    //
    int tmpInt;
    ASN1Sequence pc = null;
    try {
        pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
    } catch (AnnotatedException e) {
        throw new ExtCertPathValidatorException("Policy constraints could not be decoded.", e, certPath, index);
    }
    if (pc != null) {
        Enumeration policyConstraints = pc.getObjects();
        while (policyConstraints.hasMoreElements()) {
            ASN1TaggedObject constraint = (ASN1TaggedObject) policyConstraints.nextElement();
            switch(constraint.getTagNo()) {
                case 0:
                    try {
                        tmpInt = DERInteger.getInstance(constraint, false).getValue().intValue();
                    } catch (Exception e) {
                        throw new ExtCertPathValidatorException("Policy constraints requireExplicitPolicy field could not be decoded.", e, certPath, index);
                    }
                    if (tmpInt == 0) {
                        return 0;
                    }
                    break;
            }
        }
    }
    return explicitPolicy;
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) Enumeration(java.util.Enumeration) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) List(java.util.List) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) CertificateExpiredException(java.security.cert.CertificateExpiredException) GeneralSecurityException(java.security.GeneralSecurityException) CertPathValidatorException(java.security.cert.CertPathValidatorException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertPathBuilderException(java.security.cert.CertPathBuilderException) IOException(java.io.IOException)

Example 2 with PolicyConstraints

use of org.bouncycastle.asn1.x509.PolicyConstraints in project XobotOS by xamarin.

the class RFC3280CertPathUtilities method prepareNextCertI2.

protected static int prepareNextCertI2(CertPath certPath, int index, int policyMapping) throws CertPathValidatorException {
    List certs = certPath.getCertificates();
    X509Certificate cert = (X509Certificate) certs.get(index);
    //
    // (i)
    //
    ASN1Sequence pc = null;
    try {
        pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
    } catch (Exception e) {
        throw new ExtCertPathValidatorException("Policy constraints extension cannot be decoded.", e, certPath, index);
    }
    int tmpInt;
    if (pc != null) {
        Enumeration policyConstraints = pc.getObjects();
        while (policyConstraints.hasMoreElements()) {
            try {
                ASN1TaggedObject constraint = ASN1TaggedObject.getInstance(policyConstraints.nextElement());
                if (constraint.getTagNo() == 1) {
                    tmpInt = DERInteger.getInstance(constraint, false).getValue().intValue();
                    if (tmpInt < policyMapping) {
                        return tmpInt;
                    }
                    break;
                }
            } catch (IllegalArgumentException e) {
                throw new ExtCertPathValidatorException("Policy constraints extension contents cannot be decoded.", e, certPath, index);
            }
        }
    }
    return policyMapping;
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) Enumeration(java.util.Enumeration) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) List(java.util.List) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) CertificateExpiredException(java.security.cert.CertificateExpiredException) GeneralSecurityException(java.security.GeneralSecurityException) CertPathValidatorException(java.security.cert.CertPathValidatorException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertPathBuilderException(java.security.cert.CertPathBuilderException) IOException(java.io.IOException) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)

Example 3 with PolicyConstraints

use of org.bouncycastle.asn1.x509.PolicyConstraints in project robovm by robovm.

the class RFC3280CertPathUtilities method prepareNextCertI2.

protected static int prepareNextCertI2(CertPath certPath, int index, int policyMapping) throws CertPathValidatorException {
    List certs = certPath.getCertificates();
    X509Certificate cert = (X509Certificate) certs.get(index);
    //
    // (i)
    //
    ASN1Sequence pc = null;
    try {
        pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
    } catch (Exception e) {
        throw new ExtCertPathValidatorException("Policy constraints extension cannot be decoded.", e, certPath, index);
    }
    int tmpInt;
    if (pc != null) {
        Enumeration policyConstraints = pc.getObjects();
        while (policyConstraints.hasMoreElements()) {
            try {
                ASN1TaggedObject constraint = ASN1TaggedObject.getInstance(policyConstraints.nextElement());
                if (constraint.getTagNo() == 1) {
                    tmpInt = DERInteger.getInstance(constraint, false).getValue().intValue();
                    if (tmpInt < policyMapping) {
                        return tmpInt;
                    }
                    break;
                }
            } catch (IllegalArgumentException e) {
                throw new ExtCertPathValidatorException("Policy constraints extension contents cannot be decoded.", e, certPath, index);
            }
        }
    }
    return policyMapping;
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) Enumeration(java.util.Enumeration) ASN1TaggedObject(org.bouncycastle.asn1.ASN1TaggedObject) List(java.util.List) ArrayList(java.util.ArrayList) X509Certificate(java.security.cert.X509Certificate) CertificateExpiredException(java.security.cert.CertificateExpiredException) GeneralSecurityException(java.security.GeneralSecurityException) CertPathValidatorException(java.security.cert.CertPathValidatorException) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertPathBuilderException(java.security.cert.CertPathBuilderException) IOException(java.io.IOException) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)

Example 4 with PolicyConstraints

use of org.bouncycastle.asn1.x509.PolicyConstraints in project keystore-explorer by kaikramer.

the class X509Ext method getPolicyConstraintsStringValue.

private String getPolicyConstraintsStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * PolicyConstraints ::= ASN1Sequence { requireExplicitPolicy [0]
		 * SkipCerts OPTIONAL, inhibitPolicyMapping [1] SkipCerts OPTIONAL }
		 *
		 * SkipCerts ::= ASN1Integer (0..MAX)
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    PolicyConstraints policyConstraints = PolicyConstraints.getInstance(value);
    int requireExplicitPolicy = policyConstraints.getRequireExplicitPolicy();
    int inhibitPolicyMapping = policyConstraints.getInhibitPolicyMapping();
    if (requireExplicitPolicy != -1) {
        // Optional
        sb.append(MessageFormat.format(res.getString("RequireExplicitPolicy"), requireExplicitPolicy));
        sb.append(NEWLINE);
    }
    if (inhibitPolicyMapping != -1) {
        // Optional
        sb.append(MessageFormat.format(res.getString("InhibitPolicyMapping"), inhibitPolicyMapping));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint)

Example 5 with PolicyConstraints

use of org.bouncycastle.asn1.x509.PolicyConstraints in project Spark by igniterealtime.

the class CertificateModel method policyConstraintsExtractor.

private String policyConstraintsExtractor(ASN1Primitive primitive) {
    PolicyConstraints pc = PolicyConstraints.getInstance(primitive);
    String value = "";
    if (pc.getInhibitPolicyMapping() != null) {
        value += Res.getString("cert.extension.policy.constraints.inhibit.policy.mapping") + ": " + pc.getInhibitPolicyMapping() + "\n";
    }
    if (pc.getRequireExplicitPolicyMapping() != null) {
        value += Res.getString("cert.extension.policy.constraints.require.explicit.policy.mapping") + ": " + pc.getRequireExplicitPolicyMapping();
    }
    return value;
}
Also used : PolicyConstraints(org.bouncycastle.asn1.x509.PolicyConstraints) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)

Aggregations

ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)9 IOException (java.io.IOException)7 ArrayList (java.util.ArrayList)7 List (java.util.List)7 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)7 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)7 IssuingDistributionPoint (org.bouncycastle.asn1.x509.IssuingDistributionPoint)7 GeneralSecurityException (java.security.GeneralSecurityException)6 CertPathBuilderException (java.security.cert.CertPathBuilderException)6 CertPathValidatorException (java.security.cert.CertPathValidatorException)6 CertificateExpiredException (java.security.cert.CertificateExpiredException)6 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)6 X509Certificate (java.security.cert.X509Certificate)6 Enumeration (java.util.Enumeration)6 ASN1TaggedObject (org.bouncycastle.asn1.ASN1TaggedObject)6 ExtCertPathValidatorException (org.bouncycastle.jce.exception.ExtCertPathValidatorException)6 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)4 DERSequence (org.bouncycastle.asn1.DERSequence)3 DERTaggedObject (org.bouncycastle.asn1.DERTaggedObject)3 BigInteger (java.math.BigInteger)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial