use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.
the class PasswordValidationDetailsResponseControl method encodeValue.
/**
* Encodes the provided information to an ASN.1 element suitable for use as
* the control value.
*
* @param responseType The response type for this password
* validation details response control. This
* must not be {@code null}.
* @param validationResults A list of the results obtained when
* validating the password against the
* password quality requirements. This must
* be {@code null} or empty if the
* {@code responseType} element has a value
* other than {@code VALIDATION_DETAILS}.
* @param missingCurrentPassword Indicates whether the associated operation
* is a self change that failed (or would have
* failed if not for additional validation
* failures) because the user did not provide
* his/her current password as required.
* @param mustChangePassword Indicates whether the associated operation
* is an add or administrative reset that will
* require the user to change his/her password
* immediately after authenticating before
* allowing them to perform any other
* operation in the server.
* @param secondsUntilExpiration The maximum length of time, in seconds,
* that the newly-set password will be
* considered valid. This may be {@code null}
* if the new password will be considered
* valid indefinitely.
*
* @return The encoded control value.
*/
@NotNull()
private static ASN1OctetString encodeValue(@NotNull final PasswordValidationDetailsResponseType responseType, @Nullable final Collection<PasswordQualityRequirementValidationResult> validationResults, final boolean missingCurrentPassword, final boolean mustChangePassword, @Nullable final Integer secondsUntilExpiration) {
final ArrayList<ASN1Element> elements = new ArrayList<>(4);
switch(responseType) {
case VALIDATION_DETAILS:
if (validationResults == null) {
elements.add(new ASN1Sequence(responseType.getBERType()));
} else {
final ArrayList<ASN1Element> resultElements = new ArrayList<>(validationResults.size());
for (final PasswordQualityRequirementValidationResult r : validationResults) {
resultElements.add(r.encode());
}
elements.add(new ASN1Sequence(responseType.getBERType(), resultElements));
}
break;
case NO_PASSWORD_PROVIDED:
case MULTIPLE_PASSWORDS_PROVIDED:
case NO_VALIDATION_ATTEMPTED:
elements.add(new ASN1Null(responseType.getBERType()));
break;
}
if (missingCurrentPassword) {
elements.add(new ASN1Boolean(TYPE_MISSING_CURRENT_PASSWORD, missingCurrentPassword));
}
if (mustChangePassword) {
elements.add(new ASN1Boolean(TYPE_MUST_CHANGE_PW, mustChangePassword));
}
if (secondsUntilExpiration != null) {
elements.add(new ASN1Integer(TYPE_SECONDS_UNTIL_EXPIRATION, secondsUntilExpiration));
}
return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testEncodeCertificateWithInvalidOID.
/**
* Tests the behavior when trying to encode a certificate that includes a
* malformed OID.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testEncodeCertificateWithInvalidOID() throws Exception {
final long notBefore = System.currentTimeMillis();
final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
final X509Certificate c = new X509Certificate(X509CertificateVersion.V1, BigInteger.valueOf(123456789L), new OID("1234.5678"), new ASN1Null(), new ASN1BitString(new boolean[1235]), new DN("CN=Issuer,O=Example Corp,C=US"), notBefore, notAfter, new DN("CN=ldap.example.com,O=Example Corp,C=US"), new OID("1.2.3.5"), new ASN1Null(), new ASN1BitString(new boolean[123]), null, null, null);
c.encode();
}
use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testDecodeValidityMalformedNotBefore.
/**
* Tests the behavior when trying to decode a certificate with a validity
* sequence whose first element is neither a UTCTime nor a GeneralizedTime.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testDecodeValidityMalformedNotBefore() throws Exception {
final long notBefore = System.currentTimeMillis();
final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(2).encode()), new ASN1BigInteger(12435L), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1OctetString("malformed notBefore"), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
new X509Certificate(valueSequence.encode());
}
use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testDecodeSerialNumberNotInteger.
/**
* Tests the behavior when trying to decode a certificate with a serial number
* that cannot be parsed as an integer.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testDecodeSerialNumberNotInteger() throws Exception {
final long notBefore = System.currentTimeMillis();
final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(2).encode()), new ASN1OctetString(), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1UTCTime(notBefore), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
new X509Certificate(valueSequence.encode());
}
use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.
the class X509CertificateTestCase method testDecodeVersionOutOfRange.
/**
* Tests the behavior when trying to decode a certificate with a version that
* is out of the range of allowed values.
*
* @throws Exception If an unexpected problem occurs.
*/
@Test(expectedExceptions = { CertException.class })
public void testDecodeVersionOutOfRange() throws Exception {
final long notBefore = System.currentTimeMillis();
final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(999).encode()), new ASN1BigInteger(12435L), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1UTCTime(notBefore), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
new X509Certificate(valueSequence.encode());
}
Aggregations