Examples with PolicyQualifierInfo org.bouncycastle.asn1.x509.PolicyQualifierInfo used on opensource projects

Search in sources :

Example 11 with PolicyQualifierInfo

use of org.bouncycastle.asn1.x509.PolicyQualifierInfo in project xipki by xipki.

the class XmlX509CertprofileUtil method createPolicyQualifiers.

private static ASN1Sequence createPolicyQualifiers(List<CertificatePolicyQualifier> qualifiers) {
    ParamUtil.requireNonNull("qualifiers", qualifiers);
    List<PolicyQualifierInfo> qualifierInfos = new ArrayList<>(qualifiers.size());
    for (CertificatePolicyQualifier qualifier : qualifiers) {
        PolicyQualifierInfo qualifierInfo;
        if (qualifier.getCpsUri() != null) {
            qualifierInfo = new PolicyQualifierInfo(qualifier.getCpsUri());
        } else if (qualifier.getUserNotice() != null) {
            UserNotice userNotice = new UserNotice(null, qualifier.getUserNotice());
            qualifierInfo = new PolicyQualifierInfo(PKCSObjectIdentifiers.id_spq_ets_unotice, userNotice);
        } else {
            qualifierInfo = null;
        }
        if (qualifierInfo != null) {
            qualifierInfos.add(qualifierInfo);
        }
    // PolicyQualifierId qualifierId
    }
    return new DERSequence(qualifierInfos.toArray(new PolicyQualifierInfo[0]));
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ArrayList(java.util.ArrayList) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) UserNotice(org.bouncycastle.asn1.x509.UserNotice) CertificatePolicyQualifier(org.xipki.ca.api.profile.x509.CertificatePolicyQualifier)

Example 12 with PolicyQualifierInfo

use of org.bouncycastle.asn1.x509.PolicyQualifierInfo in project robovm by robovm.

the class CertPathValidatorUtilities method getQualifierSet.

// crl checking
//
// policy checking
// 
protected static final Set getQualifierSet(ASN1Sequence qualifiers) throws CertPathValidatorException {
    Set pq = new HashSet();
    if (qualifiers == null) {
        return pq;
    }
    ByteArrayOutputStream bOut = new ByteArrayOutputStream();
    ASN1OutputStream aOut = new ASN1OutputStream(bOut);
    Enumeration e = qualifiers.getObjects();
    while (e.hasMoreElements()) {
        try {
            aOut.writeObject((ASN1Encodable) e.nextElement());
            pq.add(new PolicyQualifierInfo(bOut.toByteArray()));
        } catch (IOException ex) {
            throw new ExtCertPathValidatorException("Policy qualifier info cannot be decoded.", ex);
        }
        bOut.reset();
    }
    return pq;
}
Also used : Set(java.util.Set) HashSet(java.util.HashSet) Enumeration(java.util.Enumeration) ExtCertPathValidatorException(org.bouncycastle.jce.exception.ExtCertPathValidatorException) PolicyQualifierInfo(java.security.cert.PolicyQualifierInfo) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) ASN1OutputStream(org.bouncycastle.asn1.ASN1OutputStream) HashSet(java.util.HashSet)

Example 13 with PolicyQualifierInfo

use of org.bouncycastle.asn1.x509.PolicyQualifierInfo in project nhin-d by DirectProject.

the class CertificatePolicyCpsUriExtensionField method injectReferenceValue.

/**
	 * {@inheritDoc}
	 */
@Override
public void injectReferenceValue(X509Certificate value) throws PolicyProcessException {
    this.certificate = value;
    final DERObject exValue = getExtensionValue(value);
    if (exValue == null) {
        if (isRequired())
            throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
        else {
            final Collection<String> emptyList = Collections.emptyList();
            this.policyValue = PolicyValueFactory.getInstance(emptyList);
            return;
        }
    }
    final Collection<String> retVal = new ArrayList<String>();
    final ASN1Sequence seq = (ASN1Sequence) exValue;
    @SuppressWarnings("unchecked") final Enumeration<DEREncodable> pols = seq.getObjects();
    while (pols.hasMoreElements()) {
        final PolicyInformation pol = PolicyInformation.getInstance(pols.nextElement());
        if (pol.getPolicyQualifiers() != null) {
            @SuppressWarnings("unchecked") final Enumeration<DEREncodable> polInfos = pol.getPolicyQualifiers().getObjects();
            while (polInfos.hasMoreElements()) {
                final PolicyQualifierInfo polInfo = PolicyQualifierInfo.getInstance(polInfos.nextElement());
                if (polInfo.getPolicyQualifierId().equals(PolicyQualifierId.id_qt_cps)) {
                    retVal.add(polInfo.getQualifier().toString());
                }
            }
        }
    }
    ///CLOVER:OFF
    if (retVal.isEmpty() && isRequired())
        throw new PolicyRequiredException("Extention " + getExtentionIdentifier().getDisplay() + " is marked as required by is not present.");
    ///CLOVER:ON	
    this.policyValue = PolicyValueFactory.getInstance(retVal);
}
Also used : PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException) DERObject(org.bouncycastle.asn1.DERObject) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation) DEREncodable(org.bouncycastle.asn1.DEREncodable) ArrayList(java.util.ArrayList) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo)

Example 14 with PolicyQualifierInfo

use of org.bouncycastle.asn1.x509.PolicyQualifierInfo in project xipki by xipki.

the class ExtensionsChecker method checkExtensionCertificatePolicies.

// method checkExtensionTlsFeature
private void checkExtensionCertificatePolicies(StringBuilder failureMsg, byte[] extensionValue, Extensions requestedExtensions, ExtensionControl extControl) {
    QaCertificatePolicies conf = certificatePolicies;
    if (conf == null) {
        byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestedExtensions, extControl);
        if (!Arrays.equals(expected, extensionValue)) {
            addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected));
        }
        return;
    }
    org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies.getInstance(extensionValue);
    PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation();
    for (PolicyInformation isPolicyInformation : isPolicyInformations) {
        ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier();
        QaCertificatePolicyInformation expCp = conf.getPolicyInformation(isPolicyId.getId());
        if (expCp == null) {
            failureMsg.append("certificate policy '").append(isPolicyId).append("' is not expected; ");
            continue;
        }
        QaPolicyQualifiers expCpPq = expCp.getPolicyQualifiers();
        if (expCpPq == null) {
            continue;
        }
        ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers();
        List<String> isCpsUris = new LinkedList<>();
        List<String> isUserNotices = new LinkedList<>();
        int size = isPolicyQualifiers.size();
        for (int i = 0; i < size; i++) {
            PolicyQualifierInfo isPolicyQualifierInfo = (PolicyQualifierInfo) isPolicyQualifiers.getObjectAt(i);
            ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId();
            ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier();
            if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) {
                String isCpsUri = ((DERIA5String) isQualifier).getString();
                isCpsUris.add(isCpsUri);
            } else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) {
                UserNotice isUserNotice = UserNotice.getInstance(isQualifier);
                if (isUserNotice.getExplicitText() != null) {
                    isUserNotices.add(isUserNotice.getExplicitText().getString());
                }
            }
        }
        List<QaPolicyQualifierInfo> qualifierInfos = expCpPq.getPolicyQualifiers();
        for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) {
            if (qualifierInfo instanceof QaCpsUriPolicyQualifier) {
                String value = ((QaCpsUriPolicyQualifier) qualifierInfo).getCpsUri();
                if (!isCpsUris.contains(value)) {
                    failureMsg.append("CPSUri '").append(value).append("' is absent but is required; ");
                }
            } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) {
                String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice();
                if (!isUserNotices.contains(value)) {
                    failureMsg.append("userNotice '").append(value).append("' is absent but is required; ");
                }
            } else {
                throw new RuntimeException("should not reach here");
            }
        }
    }
    for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) {
        boolean present = false;
        for (PolicyInformation isPolicyInformation : isPolicyInformations) {
            if (isPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) {
                present = true;
                break;
            }
        }
        if (present) {
            continue;
        }
        failureMsg.append("certificate policy '").append(cp.getPolicyId()).append("' is absent but is required; ");
    }
}
Also used : PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation) QaCertificatePolicyInformation(org.xipki.ca.qa.internal.QaCertificatePolicies.QaCertificatePolicyInformation) UserNotice(org.bouncycastle.asn1.x509.UserNotice) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) QaPolicyQualifiers(org.xipki.ca.qa.internal.QaPolicyQualifiers) QaPolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo) QaUserNoticePolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo.QaUserNoticePolicyQualifierInfo) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) QaCertificatePolicyInformation(org.xipki.ca.qa.internal.QaCertificatePolicies.QaCertificatePolicyInformation) LinkedList(java.util.LinkedList) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) QaPolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) QaUserNoticePolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo.QaUserNoticePolicyQualifierInfo) QaCertificatePolicies(org.xipki.ca.qa.internal.QaCertificatePolicies) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) QaCpsUriPolicyQualifier(org.xipki.ca.qa.internal.QaPolicyQualifierInfo.QaCpsUriPolicyQualifier)

Example 15 with PolicyQualifierInfo

use of org.bouncycastle.asn1.x509.PolicyQualifierInfo in project keystore-explorer by kaikramer.

the class PolicyInformationUtil method toString.

// @formatter:off
/*
	 * PolicyInformation ::= ASN1Sequence { policyIdentifier CertPolicyId,
	 * policyQualifiers ASN1Sequence SIZE (1..MAX) OF PolicyQualifierInfo
	 * OPTIONAL }
	 *
	 * CertPolicyId ::= OBJECT IDENTIFIER
	 *
	 * PolicyQualifierInfo ::= ASN1Sequence { policyQualifierId
	 * PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId }
	 *
	 * -- policyQualifierIds for Internet policy qualifiers
	 *
	 * id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } id-qt-cps OBJECT IDENTIFIER ::=
	 * { id-qt 1 } id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
	 *
	 * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
	 *
	 * Qualifier ::= CHOICE { cPSuri CPSuri, userNotice UserNotice }
	 *
	 * CPSuri ::= DERIA5String
	 *
	 * UserNotice ::= ASN1Sequence { noticeRef NoticeReference OPTIONAL,
	 * explicitText DisplayText OPTIONAL}
	 *
	 * NoticeReference ::= ASN1Sequence { organization DisplayText,
	 * noticeNumbers ASN1Sequence OF ASN1Integer }
	 *
	 * DisplayText ::= CHOICE { ia5String DERIA5String (SIZE (1..200)),
	 * visibleString VisibleString (SIZE (1..200)), bmpString BMPString (SIZE
	 * (1..200)), utf8String UTF8String (SIZE (1..200)) }
	 */
// @formatter:on
/**
 * Get string representation of policy information.
 *
 * @param policyInformation
 *            Policy information
 * @return String representation of policy information
 * @throws IOException
 *             If policy information is invalid
 */
public static String toString(PolicyInformation policyInformation) throws IOException {
    StringBuffer sbPolicyInformation = new StringBuffer();
    ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier();
    sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyIdentifier"), policyIdentifier.getId()));
    ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers();
    if (policyQualifiers != null) {
        sbPolicyInformation.append(", ");
        StringBuffer sbPolicyQualifiers = new StringBuffer();
        for (int i = 0; i < policyQualifiers.size(); i++) {
            PolicyQualifierInfo policyQualifierInfo = PolicyQualifierInfo.getInstance(policyQualifiers.getObjectAt(i));
            sbPolicyQualifiers.append(toString(policyQualifierInfo));
            if ((i + 1) < policyQualifiers.size()) {
                sbPolicyQualifiers.append(", ");
            }
        }
        sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyQualifiers"), sbPolicyQualifiers));
    }
    return sbPolicyInformation.toString();
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

PolicyQualifierInfo (org.bouncycastle.asn1.x509.PolicyQualifierInfo)12 IOException (java.io.IOException)7 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)7 UserNotice (org.bouncycastle.asn1.x509.UserNotice)6 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)5 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)4 DERIA5String (org.bouncycastle.asn1.DERIA5String)4 DERSequence (org.bouncycastle.asn1.DERSequence)4 PolicyInformation (org.bouncycastle.asn1.x509.PolicyInformation)4 DError (org.kse.gui.error.DError)4 ArrayList (java.util.ArrayList)3 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)3 Container (java.awt.Container)2 Point (java.awt.Point)2 ByteArrayOutputStream (java.io.ByteArrayOutputStream)2 PolicyQualifierInfo (java.security.cert.PolicyQualifierInfo)2 Enumeration (java.util.Enumeration)2 HashSet (java.util.HashSet)2 Set (java.util.Set)2 JDialog (javax.swing.JDialog)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial