List of usage examples for org.bouncycastle.asn1.x500 DirectoryString getString
public String getString()
From source file:net.sf.keystore_explorer.crypto.x509.GeneralNameUtil.java
License:Open Source License
/** * Get string representation for all General Names. * * @param generalName/*w w w.ja v a 2s . c om*/ * General name * @return String representation of general name * @throws IOException * If general name is invalid */ public static String toString(GeneralName generalName) throws IOException { if (generalName == null) { return ""; } switch (generalName.getTagNo()) { case GeneralName.ediPartyName: { /* EDIPartyName ::= SEQUENCE { * nameAssigner [0] DirectoryString OPTIONAL, * partyName [1] DirectoryString } */ ASN1Sequence ediPartyName = (ASN1Sequence) generalName.getName(); DirectoryString nameAssigner = DirectoryString.getInstance(ediPartyName.getObjectAt(0)); DirectoryString partyName = DirectoryString.getInstance(ediPartyName.getObjectAt(1)); String nameAssignerStr = null; if (nameAssigner != null) { // Optional nameAssignerStr = nameAssigner.getString(); } String partyNameStr = partyName.getString(); if (nameAssignerStr != null) { return MessageFormat.format(res.getString("GeneralNameUtil.EdiPartyGeneralName"), nameAssignerStr, partyNameStr); } else { return MessageFormat.format(res.getString("GeneralNameUtil.EdiPartyGeneralNameNoAssigner"), partyNameStr); } } case GeneralName.otherName: { return parseUPN(generalName); } case GeneralName.x400Address: { /* * No support for this at the moment - just get a hex dump * The Oracle CertificateFactory blows up if a certificate extension contains this anyway */ ASN1Encodable x400Address = generalName.getName(); return MessageFormat.format(res.getString("GeneralNameUtil.X400AddressGeneralName"), HexUtil.getHexString(x400Address.toASN1Primitive().getEncoded(ASN1Encoding.DER))); } default: { return safeToString(generalName, true); } } }
From source file:net.sf.keystore_explorer.crypto.x509.X509Ext.java
License:Open Source License
private String getAttributeValueString(ASN1ObjectIdentifier attributeType, ASN1Encodable attributeValue) throws IOException { // @formatter:off /* AttributeValue ::= ANY */ // @formatter:on // Get value string for recognized attribute types AttributeTypeType attributeTypeType = AttributeTypeType.resolveOid(attributeType.getId()); if (attributeTypeType == COMMON_NAME) { DirectoryString commonName = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return commonName.getString(); } else if (attributeTypeType == SERIAL_NUMBER) { DERPrintableString serialNumber = DERPrintableString.getInstance(value); return serialNumber.getString(); } else if (attributeTypeType == COUNTRY_NAME) { DERPrintableString countryName = DERPrintableString.getInstance(value); return countryName.getString(); } else if (attributeTypeType == LOCALITY_NAME) { DirectoryString localityName = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return localityName.getString(); } else if (attributeTypeType == STATE_NAME) { DirectoryString stateName = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return stateName.getString(); } else if (attributeTypeType == STREET_ADDRESS) { DirectoryString street = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return street.getString(); } else if (attributeTypeType == ORGANIZATION_NAME) { DirectoryString organizationName = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return organizationName.getString(); } else if (attributeTypeType == ORGANIZATIONAL_UNIT) { DirectoryString organizationalUnitName = DirectoryString .getInstance(ASN1Primitive.fromByteArray(value)); return organizationalUnitName.getString(); } else if (attributeTypeType == TITLE) { DirectoryString title = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return title.getString(); } else if (attributeTypeType == EMAIL_ADDRESS) { DERIA5String emailAddress = DERIA5String.getInstance(value); return emailAddress.getString(); } else if (attributeTypeType == UNSTRUCTURED_NAME) { DERIA5String emailAddress = DERIA5String.getInstance(value); return emailAddress.getString(); } else if (attributeTypeType == UNSTRUCTURED_ADDRESS) { DERPrintableString serialNumber = DERPrintableString.getInstance(value); return serialNumber.getString(); } else if (attributeTypeType == USER_ID) { DirectoryString title = DirectoryString.getInstance(ASN1Primitive.fromByteArray(value)); return title.getString(); } else if (attributeTypeType == MAIL) { DERIA5String emailAddress = DERIA5String.getInstance(value); return emailAddress.getString(); } else if (attributeTypeType == DOMAIN_COMPONENT) { DERIA5String domainComponent = DERIA5String.getInstance(value); return domainComponent.getString(); }/* w w w.ja v a 2s . c o m*/ // Attribute type not recognized - return hex string for value else { return HexUtil.getHexString(value); } }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionAdmission(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestExtensions, final ExtensionControl extControl) { QaAdmission conf = admission;/* ww w . ja va 2s . c o m*/ if (conf == null) { byte[] expected = getExpectedExtValue(ObjectIdentifiers.id_extension_admission, requestExtensions, extControl); if (Arrays.equals(expected, extensionValue) == false) { failureMsg.append("extension valus is '").append(hex(extensionValue)); failureMsg.append("' but expected '").append(expected == null ? "not present" : hex(expected)) .append("'"); failureMsg.append("; "); } return; } ASN1Sequence seq = ASN1Sequence.getInstance(extensionValue); AdmissionSyntax iAdmissionSyntax = AdmissionSyntax.getInstance(seq); Admissions[] iAdmissions = iAdmissionSyntax.getContentsOfAdmissions(); int n = iAdmissions == null ? 0 : iAdmissions.length; if (n != 1) { failureMsg.append("size of Admissions is '").append(n).append("' but expected is '1'"); failureMsg.append("; "); return; } Admissions iAdmission = iAdmissions[0]; ProfessionInfo[] iProfessionInfos = iAdmission.getProfessionInfos(); n = iProfessionInfos == null ? 0 : iProfessionInfos.length; if (n != 1) { failureMsg.append("size of ProfessionInfo is '").append(n).append("' but expected is '1'"); failureMsg.append("; "); return; } ProfessionInfo iProfessionInfo = iProfessionInfos[0]; String iRegistrationNumber = iProfessionInfo.getRegistrationNumber(); String eRegistrationNumber = conf.getRegistrationNumber(); if (eRegistrationNumber == null) { if (iRegistrationNumber != null) { failureMsg.append("RegistrationNumber is '").append(iRegistrationNumber); failureMsg.append("' but expected is 'null'"); failureMsg.append("; "); } } else if (eRegistrationNumber.equals(iRegistrationNumber) == false) { failureMsg.append("RegistrationNumber is '").append(iRegistrationNumber); failureMsg.append("' but expected is '").append(eRegistrationNumber).append("'"); failureMsg.append("; "); } byte[] iAddProfessionInfo = null; if (iProfessionInfo.getAddProfessionInfo() != null) { iAddProfessionInfo = iProfessionInfo.getAddProfessionInfo().getOctets(); } byte[] eAddProfessionInfo = conf.getAddProfessionInfo(); if (eAddProfessionInfo == null) { if (iAddProfessionInfo != null) { failureMsg.append("AddProfessionInfo is '").append(hex(iAddProfessionInfo)); failureMsg.append("' but expected is 'null'"); failureMsg.append("; "); } } else { if (iAddProfessionInfo == null) { failureMsg.append("AddProfessionInfo is 'null' but expected is '").append(hex(eAddProfessionInfo)); failureMsg.append("'"); failureMsg.append("; "); } else if (Arrays.equals(eAddProfessionInfo, iAddProfessionInfo) == false) { failureMsg.append("AddProfessionInfo is '").append(hex(iAddProfessionInfo)); failureMsg.append("' but expected is '").append(hex(eAddProfessionInfo)).append("'"); failureMsg.append("; "); } } List<String> eProfessionOids = conf.getProfessionOIDs(); ASN1ObjectIdentifier[] _iProfessionOids = iProfessionInfo.getProfessionOIDs(); List<String> iProfessionOids = new LinkedList<>(); if (_iProfessionOids != null) { for (ASN1ObjectIdentifier entry : _iProfessionOids) { iProfessionOids.add(entry.getId()); } } Set<String> diffs = str_in_b_not_in_a(eProfessionOids, iProfessionOids); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("ProfessionOIDs ").append(diffs.toString()).append(" are present but not expected"); failureMsg.append("; "); } diffs = str_in_b_not_in_a(iProfessionOids, eProfessionOids); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("ProfessionOIDs ").append(diffs.toString()).append(" are absent but are required"); failureMsg.append("; "); } List<String> eProfessionItems = conf.getProfessionItems(); DirectoryString[] items = iProfessionInfo.getProfessionItems(); List<String> iProfessionItems = new LinkedList<>(); if (items != null) { for (DirectoryString item : items) { iProfessionItems.add(item.getString()); } } diffs = str_in_b_not_in_a(eProfessionItems, iProfessionItems); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("ProfessionItems ").append(diffs.toString()).append(" are present but not expected"); failureMsg.append("; "); } diffs = str_in_b_not_in_a(iProfessionItems, eProfessionItems); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("ProfessionItems ").append(diffs.toString()).append(" are absent but are required"); failureMsg.append("; "); } }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private static GeneralName createGeneralName(final GeneralName reqName, final Set<GeneralNameMode> modes) throws BadCertTemplateException { int tag = reqName.getTagNo(); GeneralNameMode mode = null;/*from w w w . ja v a2 s. c om*/ for (GeneralNameMode m : modes) { if (m.getTag().getTag() == tag) { mode = m; break; } } if (mode == null) { throw new BadCertTemplateException("generalName tag " + tag + " is not allowed"); } switch (tag) { case GeneralName.rfc822Name: case GeneralName.dNSName: case GeneralName.uniformResourceIdentifier: case GeneralName.iPAddress: case GeneralName.registeredID: case GeneralName.directoryName: { return new GeneralName(tag, reqName.getName()); } case GeneralName.otherName: { ASN1Sequence reqSeq = ASN1Sequence.getInstance(reqName.getName()); ASN1ObjectIdentifier type = ASN1ObjectIdentifier.getInstance(reqSeq.getObjectAt(0)); if (mode.getAllowedTypes().contains(type) == false) { throw new BadCertTemplateException("otherName.type " + type.getId() + " is not allowed"); } ASN1Encodable value = ((ASN1TaggedObject) reqSeq.getObjectAt(1)).getObject(); String text; if (value instanceof ASN1String == false) { throw new BadCertTemplateException("otherName.value is not a String"); } else { text = ((ASN1String) value).getString(); } ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(type); vector.add(new DERTaggedObject(true, 0, new DERUTF8String(text))); DERSequence seq = new DERSequence(vector); return new GeneralName(GeneralName.otherName, seq); } case GeneralName.ediPartyName: { ASN1Sequence reqSeq = ASN1Sequence.getInstance(reqName.getName()); int n = reqSeq.size(); String nameAssigner = null; int idx = 0; if (n > 1) { DirectoryString ds = DirectoryString .getInstance(((ASN1TaggedObject) reqSeq.getObjectAt(idx++)).getObject()); nameAssigner = ds.getString(); } DirectoryString ds = DirectoryString .getInstance(((ASN1TaggedObject) reqSeq.getObjectAt(idx++)).getObject()); String partyName = ds.getString(); ASN1EncodableVector vector = new ASN1EncodableVector(); if (nameAssigner != null) { vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner))); } vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName))); ASN1Sequence seq = new DERSequence(vector); return new GeneralName(GeneralName.ediPartyName, seq); } default: { throw new RuntimeException("should not reach here, unknwon GeneralName tag " + tag); } } // end switch }
From source file:org.xipki.ca.server.impl.IdentifiedX509Certprofile.java
License:Open Source License
private static GeneralName createGeneralName(final GeneralName reqName, final Set<GeneralNameMode> modes) throws BadCertTemplateException { int tag = reqName.getTagNo(); GeneralNameMode mode = null;//from ww w . j a v a2s .c om for (GeneralNameMode m : modes) { if (m.getTag().getTag() == tag) { mode = m; break; } } if (mode == null) { throw new BadCertTemplateException("generalName tag " + tag + " is not allowed"); } switch (tag) { case GeneralName.rfc822Name: case GeneralName.dNSName: case GeneralName.uniformResourceIdentifier: case GeneralName.iPAddress: case GeneralName.registeredID: case GeneralName.directoryName: { return new GeneralName(tag, reqName.getName()); } case GeneralName.otherName: { ASN1Sequence reqSeq = ASN1Sequence.getInstance(reqName.getName()); ASN1ObjectIdentifier type = ASN1ObjectIdentifier.getInstance(reqSeq.getObjectAt(0)); if (mode.getAllowedTypes().contains(type) == false) { throw new BadCertTemplateException("otherName.type " + type.getId() + " is not allowed"); } ASN1Encodable value = ((ASN1TaggedObject) reqSeq.getObjectAt(1)).getObject(); String text; if (value instanceof ASN1String == false) { throw new BadCertTemplateException("otherName.value is not a String"); } else { text = ((ASN1String) value).getString(); } ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(type); vector.add(new DERTaggedObject(true, 0, new DERUTF8String(text))); DERSequence seq = new DERSequence(vector); return new GeneralName(GeneralName.otherName, seq); } case GeneralName.ediPartyName: { ASN1Sequence reqSeq = ASN1Sequence.getInstance(reqName.getName()); int n = reqSeq.size(); String nameAssigner = null; int idx = 0; if (n > 1) { DirectoryString ds = DirectoryString .getInstance(((ASN1TaggedObject) reqSeq.getObjectAt(idx++)).getObject()); nameAssigner = ds.getString(); } DirectoryString ds = DirectoryString .getInstance(((ASN1TaggedObject) reqSeq.getObjectAt(idx++)).getObject()); String partyName = ds.getString(); ASN1EncodableVector vector = new ASN1EncodableVector(); if (nameAssigner != null) { vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner))); } vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName))); ASN1Sequence seq = new DERSequence(vector); return new GeneralName(GeneralName.ediPartyName, seq); } default: { throw new RuntimeException("should not reach here, unknown GeneralName tag " + tag); } }// end switch(tag) }
From source file:org.xipki.pki.ca.api.profile.x509.X509CertprofileUtil.java
License:Open Source License
public static GeneralName createGeneralName(@NonNull final GeneralName requestedName, @NonNull final Set<GeneralNameMode> modes) throws BadCertTemplateException { ParamUtil.requireNonNull("requestedName", requestedName); int tag = requestedName.getTagNo(); GeneralNameMode mode = null;//from w w w. ja v a2 s . c o m if (modes != null) { for (GeneralNameMode m : modes) { if (m.getTag().getTag() == tag) { mode = m; break; } } if (mode == null) { throw new BadCertTemplateException("generalName tag " + tag + " is not allowed"); } } switch (tag) { case GeneralName.rfc822Name: case GeneralName.dNSName: case GeneralName.uniformResourceIdentifier: case GeneralName.iPAddress: case GeneralName.registeredID: case GeneralName.directoryName: return new GeneralName(tag, requestedName.getName()); case GeneralName.otherName: ASN1Sequence reqSeq = ASN1Sequence.getInstance(requestedName.getName()); int size = reqSeq.size(); if (size != 2) { throw new BadCertTemplateException("invalid otherName sequence: size is not 2: " + size); } ASN1ObjectIdentifier type = ASN1ObjectIdentifier.getInstance(reqSeq.getObjectAt(0)); if (mode != null && !mode.getAllowedTypes().contains(type)) { throw new BadCertTemplateException("otherName.type " + type.getId() + " is not allowed"); } ASN1Encodable asn1 = reqSeq.getObjectAt(1); if (!(asn1 instanceof ASN1TaggedObject)) { throw new BadCertTemplateException("otherName.value is not tagged Object"); } int tagNo = ASN1TaggedObject.getInstance(asn1).getTagNo(); if (tagNo != 0) { throw new BadCertTemplateException("otherName.value does not have tag 0: " + tagNo); } ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(type); vector.add(new DERTaggedObject(true, 0, ASN1TaggedObject.getInstance(asn1).getObject())); DERSequence seq = new DERSequence(vector); return new GeneralName(GeneralName.otherName, seq); case GeneralName.ediPartyName: reqSeq = ASN1Sequence.getInstance(requestedName.getName()); size = reqSeq.size(); String nameAssigner = null; int idx = 0; if (size > 1) { DirectoryString ds = DirectoryString .getInstance(ASN1TaggedObject.getInstance(reqSeq.getObjectAt(idx++)).getObject()); nameAssigner = ds.getString(); } DirectoryString ds = DirectoryString .getInstance(ASN1TaggedObject.getInstance(reqSeq.getObjectAt(idx++)).getObject()); String partyName = ds.getString(); vector = new ASN1EncodableVector(); if (nameAssigner != null) { vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner))); } vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName))); seq = new DERSequence(vector); return new GeneralName(GeneralName.ediPartyName, seq); default: throw new RuntimeException("should not reach here, unknown GeneralName tag " + tag); } // end switch (tag) }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private static GeneralName createGeneralName(final GeneralName reqName, final Set<GeneralNameMode> modes) throws BadCertTemplateException { int tag = reqName.getTagNo(); GeneralNameMode mode = null;//from www .j a v a 2s. c o m if (modes != null) { for (GeneralNameMode m : modes) { if (m.getTag().getTag() == tag) { mode = m; break; } } if (mode == null) { throw new BadCertTemplateException("generalName tag " + tag + " is not allowed"); } } switch (tag) { case GeneralName.rfc822Name: case GeneralName.dNSName: case GeneralName.uniformResourceIdentifier: case GeneralName.iPAddress: case GeneralName.registeredID: case GeneralName.directoryName: return new GeneralName(tag, reqName.getName()); case GeneralName.otherName: ASN1Sequence reqSeq = ASN1Sequence.getInstance(reqName.getName()); ASN1ObjectIdentifier type = ASN1ObjectIdentifier.getInstance(reqSeq.getObjectAt(0)); if (mode != null && !mode.getAllowedTypes().contains(type)) { throw new BadCertTemplateException("otherName.type " + type.getId() + " is not allowed"); } ASN1Encodable value = ASN1TaggedObject.getInstance(reqSeq.getObjectAt(1)).getObject(); String text; if (!(value instanceof ASN1String)) { throw new BadCertTemplateException("otherName.value is not a String"); } else { text = ((ASN1String) value).getString(); } ASN1EncodableVector vector = new ASN1EncodableVector(); vector.add(type); vector.add(new DERTaggedObject(true, 0, new DERUTF8String(text))); DERSequence seq = new DERSequence(vector); return new GeneralName(GeneralName.otherName, seq); case GeneralName.ediPartyName: reqSeq = ASN1Sequence.getInstance(reqName.getName()); int size = reqSeq.size(); String nameAssigner = null; int idx = 0; if (size > 1) { DirectoryString ds = DirectoryString .getInstance(ASN1TaggedObject.getInstance(reqSeq.getObjectAt(idx++)).getObject()); nameAssigner = ds.getString(); } DirectoryString ds = DirectoryString .getInstance(ASN1TaggedObject.getInstance(reqSeq.getObjectAt(idx++)).getObject()); String partyName = ds.getString(); vector = new ASN1EncodableVector(); if (nameAssigner != null) { vector.add(new DERTaggedObject(false, 0, new DirectoryString(nameAssigner))); } vector.add(new DERTaggedObject(false, 1, new DirectoryString(partyName))); seq = new DERSequence(vector); return new GeneralName(GeneralName.ediPartyName, seq); default: throw new RuntimeException("should not reach here, unknown GeneralName tag " + tag); } // end switch }