Search in sources :

Example 6 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class BaseX509Certprofile method createDateOfBirthRdn.

private static RDN createDateOfBirthRdn(ASN1ObjectIdentifier type, ASN1Encodable rdnValue) throws BadCertTemplateException {
    ParamUtil.requireNonNull("type", type);
    String text;
    ASN1Encodable newRdnValue = null;
    if (rdnValue instanceof ASN1GeneralizedTime) {
        text = ((ASN1GeneralizedTime) rdnValue).getTimeString();
        newRdnValue = rdnValue;
    } else if (rdnValue instanceof ASN1String && !(rdnValue instanceof DERUniversalString)) {
        text = ((ASN1String) rdnValue).getString();
    } else {
        throw new BadCertTemplateException("Value of RDN dateOfBirth has incorrect syntax");
    }
    if (!SubjectDnSpec.PATTERN_DATE_OF_BIRTH.matcher(text).matches()) {
        throw new BadCertTemplateException("Value of RDN dateOfBirth does not have format YYYMMDD000000Z");
    }
    if (newRdnValue == null) {
        newRdnValue = new DERGeneralizedTime(text);
    }
    return new RDN(type, newRdnValue);
}
Also used : DERGeneralizedTime(org.bouncycastle.asn1.DERGeneralizedTime) BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1GeneralizedTime(org.bouncycastle.asn1.ASN1GeneralizedTime) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1String(org.bouncycastle.asn1.ASN1String) RDN(org.bouncycastle.asn1.x500.RDN)

Example 7 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method createGeneralName.

private static GeneralName createGeneralName(GeneralName reqName, Set<GeneralNameMode> modes) throws BadCertTemplateException {
    int tag = reqName.getTagNo();
    GeneralNameMode mode = null;
    if (modes != null) {
        for (GeneralNameMode m : modes) {
            if (m.getTag().getTag() == tag) {
                mode = m;
                break;
            }
        }
        if (mode == null) {
            throw new BadCertTemplateException("generalName tag " + tag + " is not allowed");
        }
    }
    switch(tag) {
        case GeneralName.rfc822Name:
        case GeneralName.dNSName:
        case GeneralName.uniformResourceIdentifier:
        case GeneralName.iPAddress:
        case GeneralName.registeredID:
        case GeneralName.directoryName:
            return new GeneralName(tag, reqName.getName());
        case GeneralName.otherName:
            ASN1Sequence reqSeq = ASN1Sequence.getInstance(reqName.getName());
            ASN1ObjectIdentifier type = ASN1ObjectIdentifier.getInstance(reqSeq.getObjectAt(0));
            if (mode != null && !mode.getAllowedTypes().contains(type)) {
                throw new BadCertTemplateException("otherName.type " + type.getId() + " is not allowed");
            }
            ASN1Encodable value = ASN1TaggedObject.getInstance(reqSeq.getObjectAt(1)).getObject();
            String text;
            if (!(value instanceof ASN1String)) {
                throw new BadCertTemplateException("otherName.value is not a String");
            } else {
                text = ((ASN1String) value).getString();
            }
            ASN1EncodableVector vector = new ASN1EncodableVector();
            vector.add(type);
            vector.add(new DERTaggedObject(true, 0, new DERUTF8String(text)));
            DERSequence seq = new DERSequence(vector);
            return new GeneralName(GeneralName.otherName, seq);
        case GeneralName.ediPartyName:
            reqSeq = ASN1Sequence.getInstance(reqName.getName());
            int size = reqSeq.size();
            String nameAssigner = null;
            int idx = 0;
            if (size > 1) {
                DirectoryString ds = DirectoryString.getInstance(ASN1TaggedObject.getInstance(reqSeq.getObjectAt(idx++)).getObject());
                nameAssigner = ds.getString();
            }
            DirectoryString ds = DirectoryString.getInstance(ASN1TaggedObject.getInstance(reqSeq.getObjectAt(idx++)).getObject());
            String partyName = ds.getString();
            vector = new ASN1EncodableVector();
            if (nameAssigner != null) {
                vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner)));
            }
            vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName)));
            seq = new DERSequence(vector);
            return new GeneralName(GeneralName.ediPartyName, seq);
        default:
            throw new RuntimeException("should not reach here, unknown GeneralName tag " + tag);
    }
// end switch
}
Also used : GeneralNameMode(org.xipki.ca.api.profile.GeneralNameMode) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERTaggedObject(org.bouncycastle.asn1.DERTaggedObject) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) CRLDistPoint(org.bouncycastle.asn1.x509.CRLDistPoint) DistributionPoint(org.bouncycastle.asn1.x509.DistributionPoint) ASN1Sequence(org.bouncycastle.asn1.ASN1Sequence) DERSequence(org.bouncycastle.asn1.DERSequence) BadCertTemplateException(org.xipki.ca.api.BadCertTemplateException) ASN1EncodableVector(org.bouncycastle.asn1.ASN1EncodableVector) GeneralName(org.bouncycastle.asn1.x509.GeneralName) ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)

Example 8 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project xipki by xipki.

the class ExtensionsChecker method checkDirectoryString.

private void checkDirectoryString(ASN1ObjectIdentifier extType, QaDirectoryString conf, StringBuilder failureMsg, byte[] extensionValue, Extensions requestedExtensions, ExtensionControl extControl) {
    if (conf == null) {
        byte[] expected = getExpectedExtValue(extType, requestedExtensions, extControl);
        if (!Arrays.equals(expected, extensionValue)) {
            addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected));
        }
        return;
    }
    ASN1Primitive asn1;
    try {
        asn1 = ASN1Primitive.fromByteArray(extensionValue);
    } catch (IOException ex) {
        failureMsg.append("invalid syntax of extension value; ");
        return;
    }
    boolean correctStringType;
    switch(conf.getType()) {
        case bmpString:
            correctStringType = (asn1 instanceof DERBMPString);
            break;
        case printableString:
            correctStringType = (asn1 instanceof DERPrintableString);
            break;
        case teletexString:
            correctStringType = (asn1 instanceof DERT61String);
            break;
        case utf8String:
            correctStringType = (asn1 instanceof DERUTF8String);
            break;
        default:
            throw new RuntimeException("should not reach here, unknown DirectoryStringType " + conf.getType());
    }
    if (!correctStringType) {
        failureMsg.append("extension value is not of type DirectoryString.").append(conf.getText()).append("; ");
        return;
    }
    String extTextValue = ((ASN1String) asn1).getString();
    if (!conf.getText().equals(extTextValue)) {
        addViolation(failureMsg, "content", extTextValue, conf.getText());
    }
}
Also used : DERUTF8String(org.bouncycastle.asn1.DERUTF8String) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERT61String(org.bouncycastle.asn1.DERT61String) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) IOException(java.io.IOException) ASN1OctetString(org.bouncycastle.asn1.ASN1OctetString) DERBMPString(org.bouncycastle.asn1.DERBMPString) DERPrintableString(org.bouncycastle.asn1.DERPrintableString) DERUTF8String(org.bouncycastle.asn1.DERUTF8String) ASN1String(org.bouncycastle.asn1.ASN1String) DirectoryString(org.bouncycastle.asn1.x500.DirectoryString) QaDirectoryString(org.xipki.ca.qa.internal.QaDirectoryString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) DERT61String(org.bouncycastle.asn1.DERT61String) ASN1String(org.bouncycastle.asn1.ASN1String) ASN1Primitive(org.bouncycastle.asn1.ASN1Primitive)

Example 9 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project robovm by robovm.

the class IETFUtils method valueToString.

public static String valueToString(ASN1Encodable value) {
    StringBuffer vBuf = new StringBuffer();
    if (value instanceof ASN1String && !(value instanceof DERUniversalString)) {
        String v = ((ASN1String) value).getString();
        if (v.length() > 0 && v.charAt(0) == '#') {
            vBuf.append("\\" + v);
        } else {
            vBuf.append(v);
        }
    } else {
        try {
            vBuf.append("#" + bytesToString(Hex.encode(value.toASN1Primitive().getEncoded(ASN1Encoding.DER))));
        } catch (IOException e) {
            throw new IllegalArgumentException("Other value has no encoded form");
        }
    }
    int end = vBuf.length();
    int index = 0;
    if (vBuf.length() >= 2 && vBuf.charAt(0) == '\\' && vBuf.charAt(1) == '#') {
        index += 2;
    }
    while (index != end) {
        if ((vBuf.charAt(index) == ',') || (vBuf.charAt(index) == '"') || (vBuf.charAt(index) == '\\') || (vBuf.charAt(index) == '+') || (vBuf.charAt(index) == '=') || (vBuf.charAt(index) == '<') || (vBuf.charAt(index) == '>') || (vBuf.charAt(index) == ';')) {
            vBuf.insert(index, "\\");
            index++;
            end++;
        }
        index++;
    }
    int start = 0;
    if (vBuf.length() > 0) {
        while (vBuf.charAt(start) == ' ') {
            vBuf.insert(start, "\\");
            start += 2;
        }
    }
    int endBuf = vBuf.length() - 1;
    while (endBuf >= 0 && vBuf.charAt(endBuf) == ' ') {
        vBuf.insert(endBuf, '\\');
        endBuf--;
    }
    return vBuf.toString();
}
Also used : DERUniversalString(org.bouncycastle.asn1.DERUniversalString) ASN1String(org.bouncycastle.asn1.ASN1String) ASN1String(org.bouncycastle.asn1.ASN1String) DERUniversalString(org.bouncycastle.asn1.DERUniversalString) IOException(java.io.IOException)

Example 10 with ASN1String

use of org.openecard.bouncycastle.asn1.ASN1String in project robovm by robovm.

the class X509CertificateObject method getAlternativeNames.

private static Collection getAlternativeNames(byte[] extVal) throws CertificateParsingException {
    if (extVal == null) {
        return null;
    }
    try {
        Collection temp = new ArrayList();
        Enumeration it = ASN1Sequence.getInstance(extVal).getObjects();
        while (it.hasMoreElements()) {
            GeneralName genName = GeneralName.getInstance(it.nextElement());
            List list = new ArrayList();
            list.add(Integers.valueOf(genName.getTagNo()));
            switch(genName.getTagNo()) {
                case GeneralName.ediPartyName:
                case GeneralName.x400Address:
                case GeneralName.otherName:
                    list.add(genName.getEncoded());
                    break;
                case GeneralName.directoryName:
                    // BEGIN android-changed
                    list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
                    // END android-changed
                    break;
                case GeneralName.dNSName:
                case GeneralName.rfc822Name:
                case GeneralName.uniformResourceIdentifier:
                    list.add(((ASN1String) genName.getName()).getString());
                    break;
                case GeneralName.registeredID:
                    list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
                    break;
                case GeneralName.iPAddress:
                    byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets();
                    final String addr;
                    try {
                        addr = InetAddress.getByAddress(addrBytes).getHostAddress();
                    } catch (UnknownHostException e) {
                        continue;
                    }
                    list.add(addr);
                    break;
                default:
                    throw new IOException("Bad tag number: " + genName.getTagNo());
            }
            temp.add(Collections.unmodifiableList(list));
        }
        if (temp.size() == 0) {
            return null;
        }
        return Collections.unmodifiableCollection(temp);
    } catch (Exception e) {
        throw new CertificateParsingException(e.getMessage());
    }
}
Also used : Enumeration(java.util.Enumeration) CertificateParsingException(java.security.cert.CertificateParsingException) UnknownHostException(java.net.UnknownHostException) ArrayList(java.util.ArrayList) Collection(java.util.Collection) List(java.util.List) ArrayList(java.util.ArrayList) GeneralName(org.bouncycastle.asn1.x509.GeneralName) DERBitString(org.bouncycastle.asn1.DERBitString) DEROctetString(org.bouncycastle.asn1.DEROctetString) DERIA5String(org.bouncycastle.asn1.DERIA5String) ASN1String(org.bouncycastle.asn1.ASN1String) IOException(java.io.IOException) CertificateExpiredException(java.security.cert.CertificateExpiredException) SignatureException(java.security.SignatureException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) InvalidKeyException(java.security.InvalidKeyException) CertificateEncodingException(java.security.cert.CertificateEncodingException) CertificateNotYetValidException(java.security.cert.CertificateNotYetValidException) CertificateParsingException(java.security.cert.CertificateParsingException) IOException(java.io.IOException) CertificateException(java.security.cert.CertificateException) UnknownHostException(java.net.UnknownHostException) NoSuchProviderException(java.security.NoSuchProviderException)

Aggregations

ASN1String (org.bouncycastle.asn1.ASN1String)18 DERIA5String (org.bouncycastle.asn1.DERIA5String)9 DEROctetString (org.bouncycastle.asn1.DEROctetString)9 ASN1OctetString (org.bouncycastle.asn1.ASN1OctetString)8 DERUniversalString (org.bouncycastle.asn1.DERUniversalString)8 GeneralName (org.bouncycastle.asn1.x509.GeneralName)7 IOException (java.io.IOException)6 DERBMPString (org.bouncycastle.asn1.DERBMPString)6 DERPrintableString (org.bouncycastle.asn1.DERPrintableString)6 DERT61String (org.bouncycastle.asn1.DERT61String)6 DERUTF8String (org.bouncycastle.asn1.DERUTF8String)6 DirectoryString (org.bouncycastle.asn1.x500.DirectoryString)5 QaDirectoryString (org.xipki.ca.qa.internal.QaDirectoryString)5 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)4 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)4 ArrayList (java.util.ArrayList)3 HashSet (java.util.HashSet)3 ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)3 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)3 DERBitString (org.bouncycastle.asn1.DERBitString)3