Search in sources :

Example 1 with ASN1Null

use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.

the class PasswordValidationDetailsResponseControl method encodeValue.

/**
 * Encodes the provided information to an ASN.1 element suitable for use as
 * the control value.
 *
 * @param  responseType            The response type for this password
 *                                 validation details response control.  This
 *                                 must not be {@code null}.
 * @param  validationResults       A list of the results obtained when
 *                                 validating the password against the
 *                                 password quality requirements.  This must
 *                                 be {@code null} or empty if the
 *                                 {@code responseType} element has a value
 *                                 other than {@code VALIDATION_DETAILS}.
 * @param  missingCurrentPassword  Indicates whether the associated operation
 *                                 is a self change that failed (or would have
 *                                 failed if not for additional validation
 *                                 failures) because the user did not provide
 *                                 his/her current password as required.
 * @param  mustChangePassword      Indicates whether the associated operation
 *                                 is an add or administrative reset that will
 *                                 require the user to change his/her password
 *                                 immediately after authenticating before
 *                                 allowing them to perform any other
 *                                 operation in the server.
 * @param  secondsUntilExpiration  The maximum length of time, in seconds,
 *                                 that the newly-set password will be
 *                                 considered valid.  This may be {@code null}
 *                                 if the new password will be considered
 *                                 valid indefinitely.
 *
 * @return  The encoded control value.
 */
@NotNull()
private static ASN1OctetString encodeValue(@NotNull final PasswordValidationDetailsResponseType responseType, @Nullable final Collection<PasswordQualityRequirementValidationResult> validationResults, final boolean missingCurrentPassword, final boolean mustChangePassword, @Nullable final Integer secondsUntilExpiration) {
    final ArrayList<ASN1Element> elements = new ArrayList<>(4);
    switch(responseType) {
        case VALIDATION_DETAILS:
            if (validationResults == null) {
                elements.add(new ASN1Sequence(responseType.getBERType()));
            } else {
                final ArrayList<ASN1Element> resultElements = new ArrayList<>(validationResults.size());
                for (final PasswordQualityRequirementValidationResult r : validationResults) {
                    resultElements.add(r.encode());
                }
                elements.add(new ASN1Sequence(responseType.getBERType(), resultElements));
            }
            break;
        case NO_PASSWORD_PROVIDED:
        case MULTIPLE_PASSWORDS_PROVIDED:
        case NO_VALIDATION_ATTEMPTED:
            elements.add(new ASN1Null(responseType.getBERType()));
            break;
    }
    if (missingCurrentPassword) {
        elements.add(new ASN1Boolean(TYPE_MISSING_CURRENT_PASSWORD, missingCurrentPassword));
    }
    if (mustChangePassword) {
        elements.add(new ASN1Boolean(TYPE_MUST_CHANGE_PW, mustChangePassword));
    }
    if (secondsUntilExpiration != null) {
        elements.add(new ASN1Integer(TYPE_SECONDS_UNTIL_EXPIRATION, secondsUntilExpiration));
    }
    return new ASN1OctetString(new ASN1Sequence(elements).encode());
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ArrayList(java.util.ArrayList) ASN1Boolean(com.unboundid.asn1.ASN1Boolean) ASN1Integer(com.unboundid.asn1.ASN1Integer) ASN1Null(com.unboundid.asn1.ASN1Null) NotNull(com.unboundid.util.NotNull)

Example 2 with ASN1Null

use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testEncodeCertificateWithInvalidOID.

/**
 * Tests the behavior when trying to encode a certificate that includes a
 * malformed OID.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testEncodeCertificateWithInvalidOID() throws Exception {
    final long notBefore = System.currentTimeMillis();
    final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
    final X509Certificate c = new X509Certificate(X509CertificateVersion.V1, BigInteger.valueOf(123456789L), new OID("1234.5678"), new ASN1Null(), new ASN1BitString(new boolean[1235]), new DN("CN=Issuer,O=Example Corp,C=US"), notBefore, notAfter, new DN("CN=ldap.example.com,O=Example Corp,C=US"), new OID("1.2.3.5"), new ASN1Null(), new ASN1BitString(new boolean[123]), null, null, null);
    c.encode();
}
Also used : DN(com.unboundid.ldap.sdk.DN) OID(com.unboundid.util.OID) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Null(com.unboundid.asn1.ASN1Null) Test(org.testng.annotations.Test)

Example 3 with ASN1Null

use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testDecodeValidityMalformedNotBefore.

/**
 * Tests the behavior when trying to decode a certificate with a validity
 * sequence whose first element is neither a UTCTime nor a GeneralizedTime.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testDecodeValidityMalformedNotBefore() throws Exception {
    final long notBefore = System.currentTimeMillis();
    final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(2).encode()), new ASN1BigInteger(12435L), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1OctetString("malformed notBefore"), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
    new X509Certificate(valueSequence.encode());
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1UTCTime(com.unboundid.asn1.ASN1UTCTime) ASN1BigInteger(com.unboundid.asn1.ASN1BigInteger) DN(com.unboundid.ldap.sdk.DN) ASN1Integer(com.unboundid.asn1.ASN1Integer) OID(com.unboundid.util.OID) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1Null(com.unboundid.asn1.ASN1Null) Test(org.testng.annotations.Test)

Example 4 with ASN1Null

use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testDecodeSerialNumberNotInteger.

/**
 * Tests the behavior when trying to decode a certificate with a serial number
 * that cannot be parsed as an integer.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testDecodeSerialNumberNotInteger() throws Exception {
    final long notBefore = System.currentTimeMillis();
    final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(2).encode()), new ASN1OctetString(), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1UTCTime(notBefore), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
    new X509Certificate(valueSequence.encode());
}
Also used : ASN1OctetString(com.unboundid.asn1.ASN1OctetString) ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1UTCTime(com.unboundid.asn1.ASN1UTCTime) DN(com.unboundid.ldap.sdk.DN) ASN1Integer(com.unboundid.asn1.ASN1Integer) OID(com.unboundid.util.OID) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Null(com.unboundid.asn1.ASN1Null) Test(org.testng.annotations.Test)

Example 5 with ASN1Null

use of org.webpki.asn1.ASN1Null in project ldapsdk by pingidentity.

the class X509CertificateTestCase method testDecodeVersionOutOfRange.

/**
 * Tests the behavior when trying to decode a certificate with a version that
 * is out of the range of allowed values.
 *
 * @throws  Exception  If an unexpected problem occurs.
 */
@Test(expectedExceptions = { CertException.class })
public void testDecodeVersionOutOfRange() throws Exception {
    final long notBefore = System.currentTimeMillis();
    final long notAfter = notBefore + (365L * 24L * 60L * 60L * 1000L);
    final ASN1Sequence valueSequence = new ASN1Sequence(new ASN1Sequence(new ASN1Element((byte) 0xA0, new ASN1Integer(999).encode()), new ASN1BigInteger(12435L), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), X509Certificate.encodeName(new DN("CN=issuer")), new ASN1Sequence(new ASN1UTCTime(notBefore), new ASN1UTCTime(notAfter)), X509Certificate.encodeName(new DN("CN=ldap.example.com")), new ASN1Sequence(new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.5")), new ASN1Null()), new ASN1BitString(new boolean[1024]))), new ASN1Sequence(new ASN1ObjectIdentifier(new OID("1.2.3.4")), new ASN1Null()), new ASN1BitString(new boolean[1024]));
    new X509Certificate(valueSequence.encode());
}
Also used : ASN1Sequence(com.unboundid.asn1.ASN1Sequence) ASN1Element(com.unboundid.asn1.ASN1Element) ASN1UTCTime(com.unboundid.asn1.ASN1UTCTime) ASN1BigInteger(com.unboundid.asn1.ASN1BigInteger) DN(com.unboundid.ldap.sdk.DN) ASN1Integer(com.unboundid.asn1.ASN1Integer) OID(com.unboundid.util.OID) ASN1ObjectIdentifier(com.unboundid.asn1.ASN1ObjectIdentifier) ASN1BitString(com.unboundid.asn1.ASN1BitString) ASN1Null(com.unboundid.asn1.ASN1Null) Test(org.testng.annotations.Test)

Aggregations

ASN1Null (com.unboundid.asn1.ASN1Null)69 Test (org.testng.annotations.Test)65 ASN1BitString (com.unboundid.asn1.ASN1BitString)36 ASN1OctetString (com.unboundid.asn1.ASN1OctetString)33 DN (com.unboundid.ldap.sdk.DN)33 OID (com.unboundid.util.OID)32 ASN1Sequence (com.unboundid.asn1.ASN1Sequence)28 ASN1ObjectIdentifier (com.unboundid.asn1.ASN1ObjectIdentifier)23 ASN1Integer (com.unboundid.asn1.ASN1Integer)21 ASN1Element (com.unboundid.asn1.ASN1Element)20 ASN1BigInteger (com.unboundid.asn1.ASN1BigInteger)15 ASN1GeneralizedTime (com.unboundid.asn1.ASN1GeneralizedTime)9 ASN1UTCTime (com.unboundid.asn1.ASN1UTCTime)6 ArrayList (java.util.ArrayList)6 ASN1Null (com.github.zhenwei.core.asn1.ASN1Null)5 Date (java.util.Date)5 ASN1ObjectIdentifier (com.github.zhenwei.core.asn1.ASN1ObjectIdentifier)3 ASN1OctetString (com.github.zhenwei.core.asn1.ASN1OctetString)3 AlgorithmParameters (java.security.AlgorithmParameters)3 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)3