Example 6 with PolicyProcessException
use of org.nhindirect.policy.PolicyProcessException in project nhin-d by DirectProject.
the class StackMachine_createOperatorExecutorTest method testCreateBinaryOperator_tooFewArguments_assertExecption.
public void testCreateBinaryOperator_tooFewArguments_assertExecption() throws Exception {
StackMachine stMachine = new StackMachine();
boolean exceptionOccured = false;
try {
stMachine.createOperatorExecutor(PolicyOperator.LOGICAL_AND, PolicyValueFactory.getInstance(12345));
} catch (PolicyProcessException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
StackMachine(org.nhindirect.policy.impl.machine.StackMachine)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Example 7 with PolicyProcessException
use of org.nhindirect.policy.PolicyProcessException in project nhin-d by DirectProject.
the class TrustChainValidator method getIntermediateCertsByAIA.
/**
* Retrieves intermediate certificate using the AIA extension.
* @param certificate The certificate to search for AIA extensions.
* @return Returns a collection of intermediate certs using the AIA extension. If the AIA extension does not exists
* or the certificate cannot be downloaded from the URL, then an empty list is returned.
*/
protected Collection<X509Certificate> getIntermediateCertsByAIA(X509Certificate certificate) {
final Collection<X509Certificate> retVal = new ArrayList<X509Certificate>();
// check to see if there are extensions
final AuthorityInfoAccessExtentionField aiaField = new AuthorityInfoAccessExtentionField(false);
try {
// we can get all names from the AuthorityInfoAccessExtentionField objects
aiaField.injectReferenceValue(certificate);
final Collection<String> urlPairs = aiaField.getPolicyValue().getPolicyValue();
// look through all of the values (if they exist) for caIssuers
for (String urlPair : urlPairs) {
if (urlPair.startsWith(CA_ISSUER_CHECK_STRING)) {
// the url pair is in the format of caIssuer:URL... need to break it
// apart to get the url
final String url = urlPair.substring(CA_ISSUER_CHECK_STRING.length());
// now pull the certificate from the URL
try {
final Collection<X509Certificate> intermCerts = downloadCertsFromAIA(url);
retVal.addAll(intermCerts);
} catch (NHINDException e) {
LOGGER.warn("Intermediate cert cannot be resolved from AIA extension.", e);
}
}
}
}///CLOVER:OFF
catch (PolicyProcessException e) {
LOGGER.warn("Intermediate cert cannot be resolved from AIA extension.", e);
}
return retVal;
}
Also used :
AuthorityInfoAccessExtentionField(org.nhindirect.policy.x509.AuthorityInfoAccessExtentionField)
ArrayList(java.util.ArrayList)
ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString)
NHINDException(org.nhindirect.stagent.NHINDException)
X509Certificate(java.security.cert.X509Certificate)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Example 8 with PolicyProcessException
use of org.nhindirect.policy.PolicyProcessException in project nhin-d by DirectProject.
the class StackMachine_createOperatorExecutorTest method testCreateUnaryOperator_tooFewArguments_assertExecption.
public void testCreateUnaryOperator_tooFewArguments_assertExecption() throws Exception {
StackMachine stMachine = new StackMachine();
boolean exceptionOccured = false;
try {
stMachine.createOperatorExecutor(PolicyOperator.LOGICAL_NOT);
} catch (PolicyProcessException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
StackMachine(org.nhindirect.policy.impl.machine.StackMachine)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Example 9 with PolicyProcessException
use of org.nhindirect.policy.PolicyProcessException in project nhin-d by DirectProject.
the class DefaultNHINDAgent method filterCertificatesByPolicy.
protected Collection<X509Certificate> filterCertificatesByPolicy(InternetAddress sender, PolicyResolver resolver, Collection<X509Certificate> certsToFilter, boolean incoming) {
if (certsToFilter == null || certsToFilter.isEmpty())
return certsToFilter;
final Collection<X509Certificate> filteredCerts;
// apply the policy if it exists
if (resolver != null) {
filteredCerts = new ArrayList<X509Certificate>();
// get the incoming policy based on the sender
final Collection<PolicyExpression> expressions = (incoming) ? resolver.getIncomingPolicy(sender) : resolver.getOutgoingPolicy(sender);
// loop through filters and certs
for (X509Certificate cert : certsToFilter) {
boolean filterCert = false;
for (PolicyExpression expression : expressions) {
try {
// check for compliance
if (!policyFilter.isCompliant(cert, expression)) {
filterCert = true;
break;
}
} catch (PolicyRequiredException requiredException) {
filterCert = true;
break;
} catch (PolicyProcessException processException) {
throw new AgentException(AgentError.InvalidPolicy, processException);
}
}
if (!filterCert)
filteredCerts.add(cert);
}
} else
filteredCerts = certsToFilter;
return filteredCerts;
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
PolicyExpression(org.nhindirect.policy.PolicyExpression)
X509Certificate(java.security.cert.X509Certificate)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Example 10 with PolicyProcessException
use of org.nhindirect.policy.PolicyProcessException in project nhin-d by DirectProject.
the class StackMachine method createOperatorExecutor.
/**
* Creates an executor instance for an operator and a set of operands.
* @param operator The operation that will be executed.
* @param values The operands used by the executor.
* @return An instance of a {@link PolicyOperatorExecutor} that will evaluate the operation.
* @throws PolicyProcessException
*/
protected PolicyOperatorExecutor<?, ?> createOperatorExecutor(PolicyOperator operator, PolicyValue<?>... values) throws PolicyProcessException {
PolicyOperatorExecutor<?, ?> executor = null;
Constructor<?> constructor = null;
switch(operator.getParamsType()) {
case BINARY:
{
try {
constructor = operator.getExecutorClass().getConstructor(PolicyValue.class, PolicyValue.class, PolicyOperator.class);
}///CLOVER:OFF
catch (Exception e) {
throw new PolicyProcessException("Failed to get constructor for operator executor.", e);
}
///CLOVER:ON
break;
}
case UNARY:
{
try {
constructor = operator.getExecutorClass().getConstructor(PolicyValue.class, PolicyOperator.class);
}///CLOVER:OFF
catch (Exception e) {
throw new PolicyProcessException("Failed to get constructor for operator executor.", e);
}
///CLOVER:ON
break;
}
}
try {
if (values.length == 1)
executor = PolicyOperatorExecutor.class.cast(constructor.newInstance(values[0], operator));
else
executor = PolicyOperatorExecutor.class.cast(constructor.newInstance(values[0], values[1], operator));
}///CLOVER:OFF
catch (Exception e) {
throw new PolicyProcessException("Failed to create operator executor.", e);
}
return executor;
}
Also used :
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Aggregations
PolicyProcessException (org.nhindirect.policy.PolicyProcessException)12
X509Certificate (java.security.cert.X509Certificate)4
ASN1InputStream (org.bouncycastle.asn1.ASN1InputStream)3
ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)3
PolicyExpression (org.nhindirect.policy.PolicyExpression)3
InternetAddress (javax.mail.internet.InternetAddress)2
DERObject (org.bouncycastle.asn1.DERObject)2
TBSCertificateStructure (org.bouncycastle.asn1.x509.TBSCertificateStructure)2
PolicyFilter (org.nhindirect.policy.PolicyFilter)2
PolicyRequiredException (org.nhindirect.policy.PolicyRequiredException)2
StackMachine (org.nhindirect.policy.impl.machine.StackMachine)2
PolicyResolver (org.nhindirect.stagent.policy.PolicyResolver)2
ArrayList (java.util.ArrayList)1
DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)1
DERSequence (org.bouncycastle.asn1.DERSequence)1
X509Name (org.bouncycastle.asn1.x509.X509Name)1
CMSException (org.bouncycastle.cms.CMSException)1
AuthorityInfoAccessExtentionField (org.nhindirect.policy.x509.AuthorityInfoAccessExtentionField)1
AgentException (org.nhindirect.stagent.AgentException)1
NHINDException (org.nhindirect.stagent.NHINDException)1
