Example 36 with ExtensionsType
use of org.xipki.ca.certprofile.x509.jaxb.ExtensionsType in project xipki by xipki.
the class XmlX509CertprofileUtil method buildExtensionControls.
// method buildKeyAlgorithms
public static Map<ASN1ObjectIdentifier, ExtensionControl> buildExtensionControls(ExtensionsType extensionsType) throws CertprofileException {
ParamUtil.requireNonNull("extensionsType", extensionsType);
// Extension controls
Map<ASN1ObjectIdentifier, ExtensionControl> controls = new HashMap<>();
for (ExtensionType m : extensionsType.getExtension()) {
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(m.getType().getValue());
if (controls.containsKey(oid)) {
throw new CertprofileException("duplicated definition of extension " + oid.getId());
}
ExtensionControl ctrl = new ExtensionControl(m.isCritical(), m.isRequired(), m.isPermittedInRequest());
controls.put(oid, ctrl);
}
return Collections.unmodifiableMap(controls);
}
Also used :
HashMap(java.util.HashMap)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
ExtensionControl(org.xipki.ca.api.profile.ExtensionControl)
ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 37 with ExtensionsType
use of org.xipki.ca.certprofile.x509.jaxb.ExtensionsType in project xipki by xipki.
the class XmlX509CertprofileUtil method buildConstantExtesions.
// method buildExtKeyUsageOptions
public static Map<ASN1ObjectIdentifier, ExtensionValue> buildConstantExtesions(ExtensionsType extensionsType) throws CertprofileException {
if (extensionsType == null) {
return null;
}
Map<ASN1ObjectIdentifier, ExtensionValue> map = new HashMap<>();
for (ExtensionType m : extensionsType.getExtension()) {
ASN1ObjectIdentifier oid = new ASN1ObjectIdentifier(m.getType().getValue());
if (Extension.subjectAlternativeName.equals(oid) || Extension.subjectInfoAccess.equals(oid) || Extension.biometricInfo.equals(oid)) {
continue;
}
if (m.getValue() == null || !(m.getValue().getAny() instanceof ConstantExtValue)) {
continue;
}
ConstantExtValue extConf = (ConstantExtValue) m.getValue().getAny();
byte[] encodedValue = extConf.getValue();
ASN1StreamParser parser = new ASN1StreamParser(encodedValue);
ASN1Encodable value;
try {
value = parser.readObject();
} catch (IOException ex) {
throw new CertprofileException("could not parse the constant extension value", ex);
}
ExtensionValue extension = new ExtensionValue(m.isCritical(), value);
map.put(oid, extension);
}
if (CollectionUtil.isEmpty(map)) {
return null;
}
return Collections.unmodifiableMap(map);
}
Also used :
ExtensionValue(org.xipki.ca.api.profile.ExtensionValue)
HashMap(java.util.HashMap)
CertprofileException(org.xipki.ca.api.profile.CertprofileException)
ExtensionType(org.xipki.ca.certprofile.x509.jaxb.ExtensionType)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
IOException(java.io.IOException)
ConstantExtValue(org.xipki.ca.certprofile.x509.jaxb.ConstantExtValue)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
ASN1StreamParser(org.bouncycastle.asn1.ASN1StreamParser)
Example 38 with ExtensionsType
use of org.xipki.ca.certprofile.x509.jaxb.ExtensionsType in project xipki by xipki.
the class XmlX509Certprofile method initRestriction.
private void initRestriction(Set<ASN1ObjectIdentifier> extnIds, ExtensionsType extensionsType) throws CertprofileException {
ASN1ObjectIdentifier type = ObjectIdentifiers.id_extension_restriction;
if (!extensionControls.containsKey(type)) {
return;
}
extnIds.remove(type);
Restriction extConf = (Restriction) getExtensionValue(type, extensionsType, Restriction.class);
if (extConf == null) {
return;
}
DirectoryStringType stringType = XmlX509CertprofileUtil.convertDirectoryStringType(extConf.getType());
ASN1Encodable extValue = stringType.createDirectoryString(extConf.getText());
restriction = new ExtensionValue(extensionControls.get(type).isCritical(), extValue);
}
Also used :
Restriction(org.xipki.ca.certprofile.x509.jaxb.Restriction)
ExtensionValue(org.xipki.ca.api.profile.ExtensionValue)
ASN1Encodable(org.bouncycastle.asn1.ASN1Encodable)
DirectoryStringType(org.xipki.ca.api.profile.DirectoryStringType)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 39 with ExtensionsType
use of org.xipki.ca.certprofile.x509.jaxb.ExtensionsType in project xipki by xipki.
the class XmlX509Certprofile method initAdmission.
private void initAdmission(Set<ASN1ObjectIdentifier> extnIds, ExtensionsType extensionsType) throws CertprofileException {
ASN1ObjectIdentifier type = ObjectIdentifiers.id_extension_admission;
if (!extensionControls.containsKey(type)) {
return;
}
extnIds.remove(type);
AdmissionSyntax extConf = (AdmissionSyntax) getExtensionValue(type, extensionsType, AdmissionSyntax.class);
if (extConf == null) {
return;
}
this.admission = XmlX509CertprofileUtil.buildAdmissionSyntax(extensionControls.get(type).isCritical(), extConf);
}
Also used :
AdmissionSyntax(org.xipki.ca.certprofile.x509.jaxb.AdmissionSyntax)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Example 40 with ExtensionsType
use of org.xipki.ca.certprofile.x509.jaxb.ExtensionsType in project xipki by xipki.
the class XmlX509Certprofile method initSubjectInfoAccess.
private void initSubjectInfoAccess(Set<ASN1ObjectIdentifier> extnIds, ExtensionsType extensionsType) throws CertprofileException {
ASN1ObjectIdentifier type = Extension.subjectInfoAccess;
if (!extensionControls.containsKey(type)) {
return;
}
extnIds.remove(type);
SubjectInfoAccess extConf = (SubjectInfoAccess) getExtensionValue(type, extensionsType, SubjectInfoAccess.class);
if (extConf == null) {
return;
}
List<Access> list = extConf.getAccess();
this.subjectInfoAccessModes = new HashMap<>();
for (Access entry : list) {
this.subjectInfoAccessModes.put(new ASN1ObjectIdentifier(entry.getAccessMethod().getValue()), XmlX509CertprofileUtil.buildGeneralNameMode(entry.getAccessLocation()));
}
}
Also used :
SubjectInfoAccess(org.xipki.ca.certprofile.x509.jaxb.SubjectInfoAccess)
AuthorityInfoAccess(org.xipki.ca.certprofile.x509.jaxb.AuthorityInfoAccess)
SubjectInfoAccess(org.xipki.ca.certprofile.x509.jaxb.SubjectInfoAccess)
Access(org.xipki.ca.certprofile.x509.jaxb.SubjectInfoAccess.Access)
ASN1ObjectIdentifier(org.bouncycastle.asn1.ASN1ObjectIdentifier)
Aggregations
ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)39
ExtensionType (org.xipki.ca.certprofile.x509.jaxb.ExtensionType)20
ExtensionsType (org.xipki.ca.certprofile.x509.jaxb.ExtensionsType)18
Subject (org.xipki.ca.certprofile.x509.jaxb.X509ProfileType.Subject)18
RdnType (org.xipki.ca.certprofile.x509.jaxb.RdnType)17
X509ProfileType (org.xipki.ca.certprofile.x509.jaxb.X509ProfileType)17
ExtensionValueType (org.xipki.ca.certprofile.x509.jaxb.ExtensionValueType)16
KeyUsageEnum (org.xipki.ca.certprofile.x509.jaxb.KeyUsageEnum)16
TlsExtensionType (org.xipki.security.TlsExtensionType)16
ExtensionValue (org.xipki.ca.api.profile.ExtensionValue)13
CertprofileException (org.xipki.ca.api.profile.CertprofileException)9
ASN1Encodable (org.bouncycastle.asn1.ASN1Encodable)8
IOException (java.io.IOException)5
HashMap (java.util.HashMap)5
DERSequence (org.bouncycastle.asn1.DERSequence)5
SubjectAltName (org.xipki.ca.certprofile.x509.jaxb.SubjectAltName)5
ASN1EncodableVector (org.bouncycastle.asn1.ASN1EncodableVector)4
ASN1Integer (org.bouncycastle.asn1.ASN1Integer)4
ASN1StreamParser (org.bouncycastle.asn1.ASN1StreamParser)4
AuthorityInfoAccess (org.xipki.ca.certprofile.x509.jaxb.AuthorityInfoAccess)4
