Search in sources :

Example 16 with ASN1Encodable

use of org.openecard.bouncycastle.asn1.ASN1Encodable in project athenz by yahoo.

the class Crypto method extractX509CSRDnsNames.

public static List<String> extractX509CSRDnsNames(PKCS10CertificationRequest certReq) {
    List<String> dnsNames = new ArrayList<>();
    Attribute[] attributes = certReq.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
    for (Attribute attribute : attributes) {
        for (ASN1Encodable value : attribute.getAttributeValues()) {
            Extensions extensions = Extensions.getInstance(value);
            GeneralNames gns = GeneralNames.fromExtensions(extensions, Extension.subjectAlternativeName);
            for (GeneralName name : gns.getNames()) {
                if (name.getTagNo() == GeneralName.dNSName) {
                    dnsNames.add(((DERIA5String) name.getName()).getString());
                }
            }
        }
    }
    return dnsNames;
}
Also used : GeneralNames(org.bouncycastle.asn1.x509.GeneralNames) Attribute(org.bouncycastle.asn1.pkcs.Attribute) ArrayList(java.util.ArrayList) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) GeneralName(org.bouncycastle.asn1.x509.GeneralName) Extensions(org.bouncycastle.asn1.x509.Extensions)

Example 17 with ASN1Encodable

use of org.openecard.bouncycastle.asn1.ASN1Encodable in project keystore-explorer by kaikramer.

the class X509Ext method getSMIMECapabilitiesStringValue.

private String getSMIMECapabilitiesStringValue(byte[] octets) throws IOException {
    // @formatter:off
    /*
			SMIMECapabilities ::= SEQUENCE OF SMIMECapability

			SMIMECapability ::= SEQUENCE
			{
				capabilityID OBJECT IDENTIFIER,
				parameters ANY DEFINED BY capabilityID OPTIONAL
			}
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    int capabilityNr = 0;
    ASN1Sequence asn1Sequence = ASN1Sequence.getInstance(octets);
    for (ASN1Encodable asn1Encodable : asn1Sequence.toArray()) {
        SMIMECapability capability = SMIMECapability.getInstance(asn1Encodable);
        ASN1ObjectIdentifier oid = capability.getCapabilityID();
        ASN1Encodable parameters = capability.getParameters();
        sb.append(MessageFormat.format(res.getString("SMIMECapability"), ++capabilityNr));
        sb.append(NEWLINE);
        sb.append(INDENT);
        sb.append(MessageFormat.format(res.getString("SMIMECapability.ObjectID"), ObjectIdUtil.toString(oid)));
        sb.append(NEWLINE);
        if (parameters != null) {
            sb.append(INDENT);
            sb.append(MessageFormat.format(res.getString("SMIMECapability.Parameter"), HexUtil.getHexString(parameters.toASN1Primitive().getEncoded())));
            sb.append(NEWLINE);
        }
    }
    return sb.toString();
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) SMIMECapability(org.bouncycastle.asn1.smime.SMIMECapability) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 18 with ASN1Encodable

use of org.openecard.bouncycastle.asn1.ASN1Encodable in project keystore-explorer by kaikramer.

the class X509Ext method getQcStatementsStringValue.

private String getQcStatementsStringValue(byte[] octets) throws IOException {
    // @formatter:off
    /*
			QCStatements ::= SEQUENCE OF QSStatement
		    QSStatement ::= SEQUENCE
		    {
		        statementId OBJECT IDENTIFIER,
		        statementInfo ANY DEFINED BY statementId OPTIONAL
		    }
		    QcEuLimitValue ::= MonetaryValue
			QcRetentionPeriod ::= INTEGER
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    int qcStatementNr = 0;
    ASN1Sequence qcStatements = ASN1Sequence.getInstance(octets);
    for (ASN1Encodable asn1Encodable : qcStatements.toArray()) {
        QCStatement qcStatement = QCStatement.getInstance(asn1Encodable);
        ASN1ObjectIdentifier statementId = qcStatement.getStatementId();
        ASN1Encodable statementInfo = qcStatement.getStatementInfo();
        int indentLevel = 1;
        sb.append(MessageFormat.format(res.getString("QCStatement.QCStatement"), ++qcStatementNr));
        sb.append(NEWLINE);
        QcStatementType qcStatementType = QcStatementType.resolveOid(statementId.getId());
        if (qcStatementType != null) {
            switch(qcStatementType) {
                case QC_SYNTAX_V1:
                case QC_SYNTAX_V2:
                    SemanticsInformation semanticsInfo = SemanticsInformation.getInstance(statementInfo);
                    sb.append(getSemanticInformationValueString(qcStatementType, semanticsInfo, indentLevel));
                    break;
                case QC_COMPLIANCE:
                    // no statementInfo
                    sb.append(INDENT.toString(indentLevel));
                    sb.append(res.getString(QcStatementType.QC_COMPLIANCE.getResKey()));
                    sb.append(NEWLINE);
                    break;
                case QC_EU_LIMIT_VALUE:
                    sb.append(INDENT.toString(indentLevel));
                    sb.append(res.getString(QcStatementType.QC_EU_LIMIT_VALUE.getResKey()));
                    sb.append(NEWLINE);
                    sb.append(getMonetaryValueStringValue(statementInfo, indentLevel + 1));
                    break;
                case QC_RETENTION_PERIOD:
                    ASN1Integer asn1Integer = ASN1Integer.getInstance(statementInfo);
                    sb.append(INDENT.toString(indentLevel));
                    sb.append(MessageFormat.format(res.getString(QcStatementType.QC_RETENTION_PERIOD.getResKey()), asn1Integer.getValue().toString()));
                    sb.append(NEWLINE);
                    break;
                case QC_SSCD:
                    // no statementInfo
                    sb.append(INDENT.toString(indentLevel));
                    sb.append(res.getString(QcStatementType.QC_SSCD.getResKey()));
                    sb.append(NEWLINE);
                    break;
                case QC_PDS:
                    ASN1Sequence pdsLocations = ASN1Sequence.getInstance(statementInfo);
                    sb.append(INDENT.toString(indentLevel));
                    sb.append(res.getString(QcStatementType.QC_PDS.getResKey()));
                    for (ASN1Encodable pdsLoc : pdsLocations) {
                        sb.append(NEWLINE);
                        sb.append(INDENT.toString(indentLevel + 1));
                        DLSequence pds = (DLSequence) pdsLoc;
                        sb.append(MessageFormat.format(res.getString("QCPDS.locations"), pds.getObjectAt(1), pds.getObjectAt(0)));
                    }
                    sb.append(NEWLINE);
                    break;
                case QC_TYPE:
                    sb.append(INDENT.toString(indentLevel));
                    sb.append(res.getString(QcStatementType.QC_TYPE.getResKey()));
                    ASN1Sequence qcTypes = ASN1Sequence.getInstance(statementInfo);
                    for (ASN1Encodable type : qcTypes) {
                        sb.append(NEWLINE);
                        sb.append(INDENT.toString(indentLevel + 1));
                        sb.append(ObjectIdUtil.toString((ASN1ObjectIdentifier) type));
                    }
                    sb.append(NEWLINE);
            }
        } else {
            // unknown statement type
            sb.append(INDENT.toString(indentLevel));
            sb.append(ObjectIdUtil.toString(statementId));
            if (statementInfo != null) {
                sb.append(statementInfo.toString());
            }
            sb.append(NEWLINE);
        }
    }
    return sb.toString();
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) QCStatement(org.bouncycastle.asn1.x509.qualified.QCStatement) DLSequence(org.bouncycastle.asn1.DLSequence) SemanticsInformation(org.bouncycastle.asn1.x509.qualified.SemanticsInformation) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 19 with ASN1Encodable

use of org.openecard.bouncycastle.asn1.ASN1Encodable in project keystore-explorer by kaikramer.

the class X509Ext method getCertificatePoliciesStringValue.

private String getCertificatePoliciesStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * CertificatePolicies ::= ASN1Sequence SIZE (1..MAX) OF PolicyInformation
		 *
		 * PolicyInformation ::= ASN1Sequence
		 * {
		 *      policyIdentifier CertPolicyId,
		 *      policyQualifiers ASN1Sequence SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL
		 * }
		 *
		 * CertPolicyId ::= OBJECT IDENTIFIER
		 *
		 * PolicyQualifierInfo ::= ASN1Sequence
		 * {
		 *      policyQualifierId PolicyQualifierId,
		 *      qualifier ANY DEFINED BY policyQualifierId
		 * }
		 *
		 * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
		 *
		 * Qualifier ::= CHOICE
		 * {
		 *      cPSuri CPSuri,
		 *      userNotice UserNotice
		 * }
		 *
		 * CPSuri ::= DERIA5String
		 *
		 * UserNotice ::= ASN1Sequence
		 * {
		 *      noticeRef NoticeReference OPTIONAL,
		 *      explicitText DisplayText OPTIONAL
		 * }
		 *
		 * NoticeReference ::= ASN1Sequence
		 * {
		 *      organization DisplayText,
		 *      noticeNumbers ASN1Sequence OF ASN1Integer
		 * }
		 *
		 * DisplayText ::= CHOICE
		 * {
		 *      ia5String DERIA5String (SIZE (1..200)),
		 *      visibleString VisibleString (SIZE (1..200)),
		 *      bmpString BMPString (SIZE (1..200)),
		 *      utf8String UTF8String (SIZE (1..200))
		 * }
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    CertificatePolicies certificatePolicies = CertificatePolicies.getInstance(value);
    int certPolicy = 0;
    for (PolicyInformation policyInformation : certificatePolicies.getPolicyInformation()) {
        certPolicy++;
        sb.append(MessageFormat.format(res.getString("CertificatePolicy"), certPolicy));
        sb.append(NEWLINE);
        ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier();
        String policyIdentifierStr = ObjectIdUtil.toString(policyIdentifier);
        sb.append(INDENT);
        sb.append(MessageFormat.format(res.getString("PolicyIdentifier"), policyIdentifierStr));
        sb.append(NEWLINE);
        ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers();
        if (policyQualifiers != null) {
            // Optional
            int policyQual = 0;
            for (ASN1Encodable policyQualifier : policyQualifiers.toArray()) {
                ASN1Sequence policyQualifierInfo = (ASN1Sequence) policyQualifier;
                sb.append(INDENT.toString(1));
                sb.append(MessageFormat.format(res.getString("PolicyQualifierInformation"), certPolicy, ++policyQual));
                sb.append(NEWLINE);
                ASN1ObjectIdentifier policyQualifierId = (ASN1ObjectIdentifier) policyQualifierInfo.getObjectAt(0);
                CertificatePolicyQualifierType certificatePolicyQualifierType = CertificatePolicyQualifierType.resolveOid(policyQualifierId.getId());
                if (certificatePolicyQualifierType != null) {
                    sb.append(INDENT.toString(2));
                    sb.append(certificatePolicyQualifierType.friendly());
                    sb.append(NEWLINE);
                    if (certificatePolicyQualifierType == PKIX_CPS_POINTER_QUALIFIER) {
                        DERIA5String cpsPointer = (DERIA5String) policyQualifierInfo.getObjectAt(1);
                        sb.append(INDENT.toString(2));
                        sb.append(MessageFormat.format(res.getString("CpsPointer"), "<a href=\"" + cpsPointer + "\">" + cpsPointer + "</a>"));
                        sb.append(NEWLINE);
                    } else if (certificatePolicyQualifierType == PKIX_USER_NOTICE_QUALIFIER) {
                        ASN1Encodable userNoticeObj = policyQualifierInfo.getObjectAt(1);
                        UserNotice userNotice = UserNotice.getInstance(userNoticeObj);
                        sb.append(INDENT.toString(2));
                        sb.append(res.getString("UserNotice"));
                        sb.append(NEWLINE);
                        NoticeReference noticeReference = userNotice.getNoticeRef();
                        DisplayText explicitText = userNotice.getExplicitText();
                        if (noticeReference != null) {
                            // Optional
                            sb.append(INDENT.toString(3));
                            sb.append(res.getString("NoticeReference"));
                            sb.append(NEWLINE);
                            DisplayText organization = noticeReference.getOrganization();
                            String organizationString = organization.getString();
                            sb.append(INDENT.toString(4));
                            sb.append(MessageFormat.format(res.getString("Organization"), organizationString));
                            sb.append(NEWLINE);
                            ASN1Integer[] noticeNumbers = noticeReference.getNoticeNumbers();
                            StringBuilder sbNoticeNumbers = new StringBuilder();
                            for (ASN1Integer noticeNumber : noticeNumbers) {
                                sbNoticeNumbers.append(noticeNumber.getValue().intValue());
                                sbNoticeNumbers.append(", ");
                            }
                            sbNoticeNumbers.setLength(sbNoticeNumbers.length() - 2);
                            sb.append(INDENT.toString(4));
                            sb.append(MessageFormat.format(res.getString("NoticeNumbers"), sbNoticeNumbers.toString()));
                            sb.append(NEWLINE);
                        }
                        if (explicitText != null) {
                            // Optional
                            String explicitTextString = explicitText.getString();
                            sb.append(INDENT.toString(3));
                            sb.append(MessageFormat.format(res.getString("ExplicitText"), explicitTextString));
                            sb.append(NEWLINE);
                        }
                    }
                }
            }
        }
    }
    return sb.toString();
}
Also used : PolicyInformation(org.bouncycastle.asn1.x509.PolicyInformation) UserNotice(org.bouncycastle.asn1.x509.UserNotice) DERBitString(org.bouncycastle.asn1.DERBitString) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERGeneralString(org.bouncycastle.asn1.DERGeneralString) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERIA5String(org.bouncycastle.asn1.DERIA5String) NoticeReference(org.bouncycastle.asn1.x509.NoticeReference) ASN1Integer(org.bouncycastle.asn1.ASN1Integer) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERIA5String(org.bouncycastle.asn1.DERIA5String) CertificatePolicies(org.bouncycastle.asn1.x509.CertificatePolicies) DisplayText(org.bouncycastle.asn1.x509.DisplayText) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 20 with ASN1Encodable

use of org.openecard.bouncycastle.asn1.ASN1Encodable in project keystore-explorer by kaikramer.

the class X509Ext method getPolicyMappingsStringValue.

private String getPolicyMappingsStringValue(byte[] value) throws IOException {
    // @formatter:off
    /*
		 * PolicyMappings ::= ASN1Sequence SIZE (1..MAX) OF PolicyMappings
		 *
		 * PolicyMappings ::= ASN1Sequence { issuerDomainPolicy CertPolicyId,
		 * subjectDomainPolicy CertPolicyId }
		 *
		 * CertPolicyId ::= OBJECT IDENTIFIER
		 */
    // @formatter:on
    StringBuilder sb = new StringBuilder();
    PolicyMappings policyMappings = PolicyMappings.getInstance(value);
    ASN1Sequence policyMappingsSeq = (ASN1Sequence) policyMappings.toASN1Primitive();
    int polMap = 0;
    for (ASN1Encodable policyMapping : policyMappingsSeq.toArray()) {
        ASN1Sequence policyMappingSeq = ASN1Sequence.getInstance(policyMapping.toASN1Primitive());
        polMap++;
        sb.append(MessageFormat.format(res.getString("PolicyMapping"), polMap));
        sb.append(NEWLINE);
        ASN1ObjectIdentifier issuerDomainPolicy = (ASN1ObjectIdentifier) policyMappingSeq.getObjectAt(0);
        ASN1ObjectIdentifier subjectDomainPolicy = (ASN1ObjectIdentifier) policyMappingSeq.getObjectAt(1);
        sb.append(INDENT);
        sb.append(MessageFormat.format(res.getString("IssuerDomainPolicy"), ObjectIdUtil.toString(issuerDomainPolicy)));
        sb.append(NEWLINE);
        sb.append(INDENT);
        sb.append(MessageFormat.format(res.getString("SubjectDomainPolicy"), ObjectIdUtil.toString(subjectDomainPolicy)));
        sb.append(NEWLINE);
    }
    return sb.toString();
}
Also used : ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) PolicyMappings(org.bouncycastle.asn1.x509.PolicyMappings) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) IssuingDistributionPoint(org.bouncycastle.asn1.x509.IssuingDistributionPoint) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Aggregations

ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)129 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)71 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)56 IOException (java.io.IOException)32 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)31 DEROctetString (org.bouncycastle.asn1.DEROctetString)29 DERIA5String (org.bouncycastle.asn1.DERIA5String)25 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)23 DERSequence (org.bouncycastle.asn1.DERSequence)22 ASN1Integer (org.bouncycastle.asn1.ASN1Integer)21 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)21 ArrayList (java.util.ArrayList)20 GeneralName (org.bouncycastle.asn1.x509.GeneralName)19 ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)17 AlgorithmIdentifier (org.bouncycastle.asn1.x509.AlgorithmIdentifier)17 X509Certificate (java.security.cert.X509Certificate)15 HashSet (java.util.HashSet)15 ASN1Primitive (org.bouncycastle.asn1.ASN1Primitive)15 DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)15 DERBMPString (org.bouncycastle.asn1.DERBMPString)14