Example 16 with PolicyRequiredException
use of org.nhindirect.policy.PolicyRequiredException in project nhin-d by DirectProject.
the class AuthorityInfoAccessOCSPLocExtentionField_injectReferenceValueTest method testInjectRefereneValue_aiaDoesNotExist_required_assertException.
public void testInjectRefereneValue_aiaDoesNotExist_required_assertException() throws Exception {
final X509Certificate cert = TestUtils.loadCertificate("altNameOnly.der");
final AuthorityInfoAccessOCSPLocExtentionField field = new AuthorityInfoAccessOCSPLocExtentionField(true);
boolean exceptionOccured = false;
try {
field.injectReferenceValue(cert);
} catch (PolicyRequiredException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
AuthorityInfoAccessOCSPLocExtentionField(org.nhindirect.policy.x509.AuthorityInfoAccessOCSPLocExtentionField)
X509Certificate(java.security.cert.X509Certificate)
Example 17 with PolicyRequiredException
use of org.nhindirect.policy.PolicyRequiredException in project nhin-d by DirectProject.
the class BasicContraintsExtensionField_injectReferenceValueTest method testInjectReferenceValue_basicContraintNotExists_required_assertException.
public void testInjectReferenceValue_basicContraintNotExists_required_assertException() throws Exception {
final X509Certificate cert = TestUtils.loadCertificate("SESTestAccount-Signiture.der");
final BasicContraintsExtensionField field = new BasicContraintsExtensionField(true);
boolean exceptionOccured = false;
try {
field.injectReferenceValue(cert);
} catch (PolicyRequiredException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
BasicContraintsExtensionField(org.nhindirect.policy.x509.BasicContraintsExtensionField)
X509Certificate(java.security.cert.X509Certificate)
Example 18 with PolicyRequiredException
use of org.nhindirect.policy.PolicyRequiredException in project nhin-d by DirectProject.
the class AuthorityInfoAccessExtentionField_injectReferenceValueTest method testInjectRefereneValue_aiaDoesNotExist_required_assertException.
public void testInjectRefereneValue_aiaDoesNotExist_required_assertException() throws Exception {
final X509Certificate cert = TestUtils.loadCertificate("altNameOnly.der");
final AuthorityInfoAccessExtentionField field = new AuthorityInfoAccessExtentionField(true);
boolean exceptionOccured = false;
try {
field.injectReferenceValue(cert);
} catch (PolicyRequiredException e) {
exceptionOccured = true;
}
assertTrue(exceptionOccured);
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
AuthorityInfoAccessExtentionField(org.nhindirect.policy.x509.AuthorityInfoAccessExtentionField)
X509Certificate(java.security.cert.X509Certificate)
Example 19 with PolicyRequiredException
use of org.nhindirect.policy.PolicyRequiredException in project nhin-d by DirectProject.
the class DefaultNHINDAgent method filterCertificatesByPolicy.
protected Collection<X509Certificate> filterCertificatesByPolicy(InternetAddress sender, PolicyResolver resolver, Collection<X509Certificate> certsToFilter, boolean incoming) {
if (certsToFilter == null || certsToFilter.isEmpty())
return certsToFilter;
final Collection<X509Certificate> filteredCerts;
// apply the policy if it exists
if (resolver != null) {
filteredCerts = new ArrayList<X509Certificate>();
// get the incoming policy based on the sender
final Collection<PolicyExpression> expressions = (incoming) ? resolver.getIncomingPolicy(sender) : resolver.getOutgoingPolicy(sender);
// loop through filters and certs
for (X509Certificate cert : certsToFilter) {
boolean filterCert = false;
for (PolicyExpression expression : expressions) {
try {
// check for compliance
if (!policyFilter.isCompliant(cert, expression)) {
filterCert = true;
break;
}
} catch (PolicyRequiredException requiredException) {
filterCert = true;
break;
} catch (PolicyProcessException processException) {
throw new AgentException(AgentError.InvalidPolicy, processException);
}
}
if (!filterCert)
filteredCerts.add(cert);
}
} else
filteredCerts = certsToFilter;
return filteredCerts;
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
PolicyExpression(org.nhindirect.policy.PolicyExpression)
X509Certificate(java.security.cert.X509Certificate)
PolicyProcessException(org.nhindirect.policy.PolicyProcessException)
Example 20 with PolicyRequiredException
use of org.nhindirect.policy.PolicyRequiredException in project nhin-d by DirectProject.
the class DefaultNHINDAgent_filterCertificateByPolicyTest method testFilterCertificateByPolicy_requiredFieldMissing_assertNoCertsFiltered.
public void testFilterCertificateByPolicy_requiredFieldMissing_assertNoCertsFiltered() throws Exception {
final PolicyFilter filter = mock(PolicyFilter.class);
doThrow(new PolicyRequiredException("Just Passing Through")).when(filter).isCompliant((X509Certificate) any(), (PolicyExpression) any());
final PolicyExpression expression = mock(PolicyExpression.class);
final X509Certificate cert = mock(X509Certificate.class);
final Collection<X509Certificate> certs = Arrays.asList(cert);
final PolicyResolver resolver = mock(PolicyResolver.class);
when(resolver.getIncomingPolicy((InternetAddress) any())).thenReturn(Arrays.asList(expression));
final DefaultNHINDAgent agent = new DefaultNHINDAgent("", mock(CertificateResolver.class), mock(CertificateResolver.class), mock(TrustAnchorResolver.class));
agent.setPolicyFilter(filter);
Collection<X509Certificate> filteredCerts = agent.filterCertificatesByPolicy(new InternetAddress("me@you.com"), resolver, certs, true);
assertEquals(0, filteredCerts.size());
}
Also used :
PolicyRequiredException(org.nhindirect.policy.PolicyRequiredException)
InternetAddress(javax.mail.internet.InternetAddress)
TrustAnchorResolver(org.nhindirect.stagent.trust.TrustAnchorResolver)
PolicyFilter(org.nhindirect.policy.PolicyFilter)
PolicyResolver(org.nhindirect.stagent.policy.PolicyResolver)
PolicyExpression(org.nhindirect.policy.PolicyExpression)
CertificateResolver(org.nhindirect.stagent.cert.CertificateResolver)
X509Certificate(java.security.cert.X509Certificate)
Aggregations
PolicyRequiredException (org.nhindirect.policy.PolicyRequiredException)31
X509Certificate (java.security.cert.X509Certificate)19
DERObject (org.bouncycastle.asn1.DERObject)12
ArrayList (java.util.ArrayList)7
PolicyExpression (org.nhindirect.policy.PolicyExpression)4
PolicyFilter (org.nhindirect.policy.PolicyFilter)3
KeyUsageExtensionField (org.nhindirect.policy.x509.KeyUsageExtensionField)3
InternetAddress (javax.mail.internet.InternetAddress)2
ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)2
DEREncodable (org.bouncycastle.asn1.DEREncodable)2
DERObjectIdentifier (org.bouncycastle.asn1.DERObjectIdentifier)2
AccessDescription (org.bouncycastle.asn1.x509.AccessDescription)2
AuthorityInformationAccess (org.bouncycastle.asn1.x509.AuthorityInformationAccess)2
GeneralName (org.bouncycastle.asn1.x509.GeneralName)2
GeneralNames (org.bouncycastle.asn1.x509.GeneralNames)2
PolicyInformation (org.bouncycastle.asn1.x509.PolicyInformation)2
PolicyProcessException (org.nhindirect.policy.PolicyProcessException)2
PolicyResolver (org.nhindirect.stagent.policy.PolicyResolver)2
ByteArrayOutputStream (java.io.ByteArrayOutputStream)1
File (java.io.File)1
