Search in sources :

Example 6 with UserNotice

use of org.bouncycastle.asn1.x509.UserNotice in project xipki by xipki.

the class XmlX509CertprofileUtil method createPolicyQualifiers.

private static ASN1Sequence createPolicyQualifiers(List<CertificatePolicyQualifier> qualifiers) {
    ParamUtil.requireNonNull("qualifiers", qualifiers);
    List<PolicyQualifierInfo> qualifierInfos = new ArrayList<>(qualifiers.size());
    for (CertificatePolicyQualifier qualifier : qualifiers) {
        PolicyQualifierInfo qualifierInfo;
        if (qualifier.getCpsUri() != null) {
            qualifierInfo = new PolicyQualifierInfo(qualifier.getCpsUri());
        } else if (qualifier.getUserNotice() != null) {
            UserNotice userNotice = new UserNotice(null, qualifier.getUserNotice());
            qualifierInfo = new PolicyQualifierInfo(PKCSObjectIdentifiers.id_spq_ets_unotice, userNotice);
        } else {
            qualifierInfo = null;
        }
        if (qualifierInfo != null) {
            qualifierInfos.add(qualifierInfo);
        }
    // PolicyQualifierId qualifierId
    }
    return new DERSequence(qualifierInfos.toArray(new PolicyQualifierInfo[0]));
}
Also used : DERSequence(org.bouncycastle.asn1.DERSequence) ArrayList(java.util.ArrayList) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) UserNotice(org.bouncycastle.asn1.x509.UserNotice) CertificatePolicyQualifier(org.xipki.ca.api.profile.x509.CertificatePolicyQualifier)

Example 7 with UserNotice

use of org.bouncycastle.asn1.x509.UserNotice in project xipki by xipki.

the class ExtensionsChecker method checkExtensionCertificatePolicies.

// method checkExtensionTlsFeature
private void checkExtensionCertificatePolicies(StringBuilder failureMsg, byte[] extensionValue, Extensions requestedExtensions, ExtensionControl extControl) {
    QaCertificatePolicies conf = certificatePolicies;
    if (conf == null) {
        byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestedExtensions, extControl);
        if (!Arrays.equals(expected, extensionValue)) {
            addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected));
        }
        return;
    }
    org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies.getInstance(extensionValue);
    PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation();
    for (PolicyInformation isPolicyInformation : isPolicyInformations) {
        ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier();
        QaCertificatePolicyInformation expCp = conf.getPolicyInformation(isPolicyId.getId());
        if (expCp == null) {
            failureMsg.append("certificate policy '").append(isPolicyId).append("' is not expected; ");
            continue;
        }
        QaPolicyQualifiers expCpPq = expCp.getPolicyQualifiers();
        if (expCpPq == null) {
            continue;
        }
        ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers();
        List<String> isCpsUris = new LinkedList<>();
        List<String> isUserNotices = new LinkedList<>();
        int size = isPolicyQualifiers.size();
        for (int i = 0; i < size; i++) {
            PolicyQualifierInfo isPolicyQualifierInfo = (PolicyQualifierInfo) isPolicyQualifiers.getObjectAt(i);
            ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId();
            ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier();
            if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) {
                String isCpsUri = ((DERIA5String) isQualifier).getString();
                isCpsUris.add(isCpsUri);
            } else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) {
                UserNotice isUserNotice = UserNotice.getInstance(isQualifier);
                if (isUserNotice.getExplicitText() != null) {
                    isUserNotices.add(isUserNotice.getExplicitText().getString());
                }
            }
        }
        List<QaPolicyQualifierInfo> qualifierInfos = expCpPq.getPolicyQualifiers();
        for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) {
            if (qualifierInfo instanceof QaCpsUriPolicyQualifier) {
                String value = ((QaCpsUriPolicyQualifier) qualifierInfo).getCpsUri();
                if (!isCpsUris.contains(value)) {
                    failureMsg.append("CPSUri '").append(value).append("' is absent but is required; ");
                }
            } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) {
                String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice();
                if (!isUserNotices.contains(value)) {
                    failureMsg.append("userNotice '").append(value).append("' is absent but is required; ");
                }
            } else {
                throw new RuntimeException("should not reach here");
            }
        }
    }
    for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) {
        boolean present = false;
        for (PolicyInformation isPolicyInformation : isPolicyInformations) {
            if (isPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) {
                present = true;
                break;
            }
        }
        if (present) {
            continue;
        }
        failureMsg.append("certificate policy '").append(cp.getPolicyId()).append("' is absent but is required; ");
    }
}
Also used : PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation) QaCertificatePolicyInformation(org.xipki.ca.qa.internal.QaCertificatePolicies.QaCertificatePolicyInformation) UserNotice(org.bouncycastle.asn1.x509.UserNotice) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) QaPolicyQualifiers(org.xipki.ca.qa.internal.QaPolicyQualifiers) QaPolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo) QaUserNoticePolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo.QaUserNoticePolicyQualifierInfo) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) QaCertificatePolicyInformation(org.xipki.ca.qa.internal.QaCertificatePolicies.QaCertificatePolicyInformation) LinkedList(java.util.LinkedList) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) QaPolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) QaUserNoticePolicyQualifierInfo(org.xipki.ca.qa.internal.QaPolicyQualifierInfo.QaUserNoticePolicyQualifierInfo) QaCertificatePolicies(org.xipki.ca.qa.internal.QaCertificatePolicies) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) QaCpsUriPolicyQualifier(org.xipki.ca.qa.internal.QaPolicyQualifierInfo.QaCpsUriPolicyQualifier)

Example 8 with UserNotice

use of org.bouncycastle.asn1.x509.UserNotice in project keystore-explorer by kaikramer.

the class PolicyInformationUtil method toString.

/**
 * Get string representation of user notice.
 *
 * @param userNotice
 *            User notice
 * @return String representation of user notice
 */
public static String toString(UserNotice userNotice) {
    StringBuffer sbUserNotice = new StringBuffer();
    NoticeReference noticeReference = userNotice.getNoticeRef();
    if (noticeReference != null) {
        DisplayText organization = noticeReference.getOrganization();
        if (organization != null) {
            sbUserNotice.append(MessageFormat.format(res.getString("PolicyInformationUtil.Organization"), organization.getString()));
            if ((noticeReference.getNoticeNumbers() != null) || (userNotice.getExplicitText() != null)) {
                sbUserNotice.append(", ");
            }
        }
        ASN1Integer[] noticeNumbers = noticeReference.getNoticeNumbers();
        StringBuffer sbNoticeNumbers = new StringBuffer();
        if (noticeNumbers != null) {
            for (int i = 0; i < noticeNumbers.length; i++) {
                ASN1Integer noticeNumber = noticeNumbers[i];
                sbNoticeNumbers.append(noticeNumber.getValue().intValue());
                if ((i + 1) < noticeNumbers.length) {
                    sbNoticeNumbers.append(" ");
                }
            }
            sbUserNotice.append(MessageFormat.format(res.getString("PolicyInformationUtil.NoticeNumbers"), sbNoticeNumbers.toString()));
            if (userNotice.getExplicitText() != null) {
                sbUserNotice.append(", ");
            }
        }
    }
    DisplayText explicitText = userNotice.getExplicitText();
    if (explicitText != null) {
        sbUserNotice.append(MessageFormat.format(res.getString("PolicyInformationUtil.ExplicitText"), explicitText.getString()));
    }
    return sbUserNotice.toString();
}
Also used : DisplayText(org.bouncycastle.asn1.x509.DisplayText) NoticeReference(org.bouncycastle.asn1.x509.NoticeReference) ASN1Integer(org.bouncycastle.asn1.ASN1Integer)

Example 9 with UserNotice

use of org.bouncycastle.asn1.x509.UserNotice in project keystore-explorer by kaikramer.

the class PolicyInformationUtil method toString.

// @formatter:off
/*
	 * PolicyInformation ::= ASN1Sequence { policyIdentifier CertPolicyId,
	 * policyQualifiers ASN1Sequence SIZE (1..MAX) OF PolicyQualifierInfo
	 * OPTIONAL }
	 *
	 * CertPolicyId ::= OBJECT IDENTIFIER
	 *
	 * PolicyQualifierInfo ::= ASN1Sequence { policyQualifierId
	 * PolicyQualifierId, qualifier ANY DEFINED BY policyQualifierId }
	 *
	 * -- policyQualifierIds for Internet policy qualifiers
	 *
	 * id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } id-qt-cps OBJECT IDENTIFIER ::=
	 * { id-qt 1 } id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 }
	 *
	 * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
	 *
	 * Qualifier ::= CHOICE { cPSuri CPSuri, userNotice UserNotice }
	 *
	 * CPSuri ::= DERIA5String
	 *
	 * UserNotice ::= ASN1Sequence { noticeRef NoticeReference OPTIONAL,
	 * explicitText DisplayText OPTIONAL}
	 *
	 * NoticeReference ::= ASN1Sequence { organization DisplayText,
	 * noticeNumbers ASN1Sequence OF ASN1Integer }
	 *
	 * DisplayText ::= CHOICE { ia5String DERIA5String (SIZE (1..200)),
	 * visibleString VisibleString (SIZE (1..200)), bmpString BMPString (SIZE
	 * (1..200)), utf8String UTF8String (SIZE (1..200)) }
	 */
// @formatter:on
/**
 * Get string representation of policy information.
 *
 * @param policyInformation
 *            Policy information
 * @return String representation of policy information
 * @throws IOException
 *             If policy information is invalid
 */
public static String toString(PolicyInformation policyInformation) throws IOException {
    StringBuffer sbPolicyInformation = new StringBuffer();
    ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier();
    sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyIdentifier"), policyIdentifier.getId()));
    ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers();
    if (policyQualifiers != null) {
        sbPolicyInformation.append(", ");
        StringBuffer sbPolicyQualifiers = new StringBuffer();
        for (int i = 0; i < policyQualifiers.size(); i++) {
            PolicyQualifierInfo policyQualifierInfo = PolicyQualifierInfo.getInstance(policyQualifiers.getObjectAt(i));
            sbPolicyQualifiers.append(toString(policyQualifierInfo));
            if ((i + 1) < policyQualifiers.size()) {
                sbPolicyQualifiers.append(", ");
            }
        }
        sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyQualifiers"), sbPolicyQualifiers));
    }
    return sbPolicyInformation.toString();
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 10 with UserNotice

use of org.bouncycastle.asn1.x509.UserNotice in project keystore-explorer by kaikramer.

the class DPolicyQualifierInfoChooser method okPressed.

private void okPressed() {
    PolicyQualifierInfo newPolicyQualifierInfo = null;
    try {
        if (jrbCps.isSelected()) {
            String cps = jtfCps.getText().trim();
            if (cps.length() == 0) {
                JOptionPane.showMessageDialog(this, res.getString("DPolicyQualifierInfoChooser.CpsValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newPolicyQualifierInfo = new PolicyQualifierInfo(new ASN1ObjectIdentifier(PKIX_CPS_POINTER_QUALIFIER.oid()), (new DERIA5String(cps)).toASN1Primitive());
        } else {
            UserNotice userNotice = junUserNotice.getUserNotice();
            if (userNotice == null) {
                JOptionPane.showMessageDialog(this, res.getString("DPolicyQualifierInfoChooser.UserNoticeValueReq.message"), getTitle(), JOptionPane.WARNING_MESSAGE);
                return;
            }
            newPolicyQualifierInfo = new PolicyQualifierInfo(new ASN1ObjectIdentifier(PKIX_USER_NOTICE_QUALIFIER.oid()), userNotice);
        }
    } catch (Exception ex) {
        DError dError = new DError(this, ex);
        dError.setLocationRelativeTo(this);
        dError.setVisible(true);
        return;
    }
    policyQualifierInfo = newPolicyQualifierInfo;
    closeDialog();
}
Also used : DERIA5String(org.bouncycastle.asn1.DERIA5String) PolicyQualifierInfo(org.bouncycastle.asn1.x509.PolicyQualifierInfo) UserNotice(org.bouncycastle.asn1.x509.UserNotice) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier) IOException(java.io.IOException) DError(org.kse.gui.error.DError)

Aggregations

UserNotice (org.bouncycastle.asn1.x509.UserNotice)8 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)6 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)4 DERIA5String (org.bouncycastle.asn1.DERIA5String)4 NoticeReference (org.bouncycastle.asn1.x509.NoticeReference)4 PolicyQualifierInfo (org.bouncycastle.asn1.x509.PolicyQualifierInfo)4 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)3 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)3 DisplayText (org.bouncycastle.asn1.x509.DisplayText)3 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)2 DERBMPString (org.bouncycastle.asn1.DERBMPString)2 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)2 DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)2 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)2 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)2 PolicyInformation (org.bouncycastle.asn1.x509.PolicyInformation)2 Container (java.awt.Container)1 IOException (java.io.IOException)1 ArrayList (java.util.ArrayList)1 LinkedList (java.util.LinkedList)1