List of usage examples for org.bouncycastle.asn1.x509 GeneralName equals
public boolean equals(Object o)
From source file:net.sf.keystore_explorer.gui.crypto.generalname.JGeneralNames.java
License:Open Source License
private void selectGeneralNameInTable(GeneralName generalName) { for (int i = 0; i < jtGeneralNames.getRowCount(); i++) { if (generalName.equals(jtGeneralNames.getValueAt(i, 0))) { jtGeneralNames.changeSelection(i, 0, false, false); return; }// w w w . j ava 2s . c om } }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionNameConstraintsSubtrees(final StringBuilder failureMsg, final String description, final GeneralSubtree[] subtrees, final List<QaGeneralSubtree> expectedSubtrees) { int iSize = subtrees == null ? 0 : subtrees.length; int eSize = expectedSubtrees == null ? 0 : expectedSubtrees.size(); if (iSize != eSize) { failureMsg.append("size of " + description + " is '" + iSize + "' but expected '" + eSize + "'"); failureMsg.append("; "); return;/*from www . j a va 2 s .com*/ } for (int i = 0; i < iSize; i++) { GeneralSubtree iSubtree = subtrees[i]; QaGeneralSubtree eSubtree = expectedSubtrees.get(i); BigInteger bigInt = iSubtree.getMinimum(); int iMinimum = bigInt == null ? 0 : bigInt.intValue(); Integer _int = eSubtree.getMinimum(); int eMinimum = _int == null ? 0 : _int.intValue(); String desc = description + " [" + i + "]"; if (iMinimum != eMinimum) { failureMsg.append("minimum of " + desc + " is '" + iMinimum + "' but expected '" + eMinimum + "'"); failureMsg.append("; "); } bigInt = iSubtree.getMaximum(); Integer iMaximum = bigInt == null ? null : bigInt.intValue(); Integer eMaximum = eSubtree.getMaximum(); if (iMaximum != eMaximum) { failureMsg.append("maxmum of " + desc + " is '" + iMaximum + "' but expected '" + eMaximum + "'"); failureMsg.append("; "); } GeneralName iBase = iSubtree.getBase(); GeneralName eBase; if (eSubtree.getDirectoryName() != null) { eBase = new GeneralName(X509Util.reverse(new X500Name(eSubtree.getDirectoryName()))); } else if (eSubtree.getDNSName() != null) { eBase = new GeneralName(GeneralName.dNSName, eSubtree.getDNSName()); } else if (eSubtree.getIpAddress() != null) { eBase = new GeneralName(GeneralName.iPAddress, eSubtree.getIpAddress()); } else if (eSubtree.getRfc822Name() != null) { eBase = new GeneralName(GeneralName.rfc822Name, eSubtree.getRfc822Name()); } else if (eSubtree.getUri() != null) { eBase = new GeneralName(GeneralName.uniformResourceIdentifier, eSubtree.getUri()); } else { throw new RuntimeException("should not reach here, unknown child of GeneralName"); } if (iBase.equals(eBase) == false) { failureMsg.append("base of " + desc + " is '" + iBase + "' but expected '" + eBase + "'"); failureMsg.append("; "); } } }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionSubjectInfoAccess(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestExtensions, final ExtensionControl extControl) { if (allowedSubjectInfoAccessModes == null) { byte[] expected = getExpectedExtValue(Extension.subjectAlternativeName, requestExtensions, extControl); if (Arrays.equals(expected, extensionValue) == false) { failureMsg.append("extension valus is '").append(hex(extensionValue)); failureMsg.append("' but expected '").append(expected == null ? "not present" : hex(expected)) .append("'"); failureMsg.append("; "); }//from www.j a v a 2s . c o m return; } ASN1Encodable requestExtValue = null; if (requestExtensions != null) { requestExtValue = requestExtensions.getExtensionParsedValue(Extension.subjectInfoAccess); } if (requestExtValue == null) { failureMsg.append("extension is present but not expected"); failureMsg.append("; "); return; } ASN1Sequence requestSeq = ASN1Sequence.getInstance(requestExtValue); ASN1Sequence certSeq = ASN1Sequence.getInstance(extensionValue); int n = requestSeq.size(); if (certSeq.size() != n) { failureMsg.append("size of GeneralNames is '").append(certSeq.size()); failureMsg.append("' but expected '").append(n).append("'"); failureMsg.append("; "); return; } for (int i = 0; i < n; i++) { AccessDescription ad = AccessDescription.getInstance(requestSeq.getObjectAt(i)); ASN1ObjectIdentifier accessMethod = ad.getAccessMethod(); Set<GeneralNameMode> generalNameModes; if (accessMethod == null) { generalNameModes = allowedSubjectInfoAccessModes.get(X509Certprofile.OID_ZERO); } else { generalNameModes = allowedSubjectInfoAccessModes.get(accessMethod); } if (generalNameModes == null) { failureMsg.append("accessMethod in requestExtension "); failureMsg.append(accessMethod == null ? "NULL" : accessMethod.getId()); failureMsg.append(" is not allowed"); failureMsg.append("; "); continue; } AccessDescription certAccessDesc = AccessDescription.getInstance(certSeq.getObjectAt(i)); ASN1ObjectIdentifier certAccessMethod = certAccessDesc.getAccessMethod(); boolean b; if (accessMethod == null) { b = certAccessDesc == null; } else { b = accessMethod.equals(certAccessMethod); } if (b == false) { failureMsg.append("accessMethod is '") .append(certAccessMethod == null ? "null" : certAccessMethod.getId()); failureMsg.append("' but expected '").append(accessMethod == null ? "null" : accessMethod.getId()); failureMsg.append("; "); continue; } GeneralName accessLocation; try { accessLocation = createGeneralName(ad.getAccessLocation(), generalNameModes); } catch (BadCertTemplateException e) { failureMsg.append("invalid requestExtension: " + e.getMessage()); failureMsg.append("; "); continue; } GeneralName certAccessLocation = certAccessDesc.getAccessLocation(); if (certAccessLocation.equals(accessLocation) == false) { failureMsg.append("accessLocation does not match the requested one"); failureMsg.append("; "); } } }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionNameConstraintsSubtrees(final StringBuilder failureMsg, final String description, final GeneralSubtree[] subtrees, final List<QaGeneralSubtree> expectedSubtrees) { int isSize = (subtrees == null) ? 0 : subtrees.length; int expSize = (expectedSubtrees == null) ? 0 : expectedSubtrees.size(); if (isSize != expSize) { addViolation(failureMsg, "size of " + description, isSize, expSize); return;//ww w . ja v a 2 s . c o m } if (subtrees == null || expectedSubtrees == null) { return; } for (int i = 0; i < isSize; i++) { GeneralSubtree isSubtree = subtrees[i]; QaGeneralSubtree expSubtree = expectedSubtrees.get(i); BigInteger bigInt = isSubtree.getMinimum(); int isMinimum = (bigInt == null) ? 0 : bigInt.intValue(); Integer minimum = expSubtree.getMinimum(); int expMinimum = (minimum == null) ? 0 : minimum.intValue(); String desc = description + " [" + i + "]"; if (isMinimum != expMinimum) { addViolation(failureMsg, "minimum of " + desc, isMinimum, expMinimum); } bigInt = isSubtree.getMaximum(); Integer isMaximum = (bigInt == null) ? null : bigInt.intValue(); Integer expMaximum = expSubtree.getMaximum(); if (!CompareUtil.equalsObject(isMaximum, expMaximum)) { addViolation(failureMsg, "maxmum of " + desc, isMaximum, expMaximum); } GeneralName isBase = isSubtree.getBase(); GeneralName expBase; if (expSubtree.getDirectoryName() != null) { expBase = new GeneralName(X509Util.reverse(new X500Name(expSubtree.getDirectoryName()))); } else if (expSubtree.getDnsName() != null) { expBase = new GeneralName(GeneralName.dNSName, expSubtree.getDnsName()); } else if (expSubtree.getIpAddress() != null) { expBase = new GeneralName(GeneralName.iPAddress, expSubtree.getIpAddress()); } else if (expSubtree.getRfc822Name() != null) { expBase = new GeneralName(GeneralName.rfc822Name, expSubtree.getRfc822Name()); } else if (expSubtree.getUri() != null) { expBase = new GeneralName(GeneralName.uniformResourceIdentifier, expSubtree.getUri()); } else { throw new RuntimeException("should not reach here, unknown child of GeneralName"); } if (!isBase.equals(expBase)) { addViolation(failureMsg, "base of " + desc, isBase, expBase); } } }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionSubjectInfoAccess(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestedExtensions, final ExtensionControl extControl) { Map<ASN1ObjectIdentifier, Set<GeneralNameMode>> conf = certProfile.getSubjectInfoAccessModes(); if (conf == null) { failureMsg.append("extension is present but not expected; "); return;// w w w .j a va 2s . c om } ASN1Encodable requestExtValue = null; if (requestedExtensions != null) { requestExtValue = requestedExtensions.getExtensionParsedValue(Extension.subjectInfoAccess); } if (requestExtValue == null) { failureMsg.append("extension is present but not expected; "); return; } ASN1Sequence requestSeq = ASN1Sequence.getInstance(requestExtValue); ASN1Sequence certSeq = ASN1Sequence.getInstance(extensionValue); int size = requestSeq.size(); if (certSeq.size() != size) { addViolation(failureMsg, "size of GeneralNames", certSeq.size(), size); return; } for (int i = 0; i < size; i++) { AccessDescription ad = AccessDescription.getInstance(requestSeq.getObjectAt(i)); ASN1ObjectIdentifier accessMethod = ad.getAccessMethod(); Set<GeneralNameMode> generalNameModes = conf.get(accessMethod); if (generalNameModes == null) { failureMsg.append("accessMethod in requestedExtension "); failureMsg.append(accessMethod.getId()).append(" is not allowed; "); continue; } AccessDescription certAccessDesc = AccessDescription.getInstance(certSeq.getObjectAt(i)); ASN1ObjectIdentifier certAccessMethod = certAccessDesc.getAccessMethod(); boolean bo = (accessMethod == null) ? (certAccessMethod == null) : accessMethod.equals(certAccessMethod); if (!bo) { addViolation(failureMsg, "accessMethod", (certAccessMethod == null) ? "null" : certAccessMethod.getId(), (accessMethod == null) ? "null" : accessMethod.getId()); continue; } GeneralName accessLocation; try { accessLocation = createGeneralName(ad.getAccessLocation(), generalNameModes); } catch (BadCertTemplateException ex) { failureMsg.append("invalid requestedExtension: ").append(ex.getMessage()); failureMsg.append("; "); continue; } GeneralName certAccessLocation = certAccessDesc.getAccessLocation(); if (!certAccessLocation.equals(accessLocation)) { failureMsg.append("accessLocation does not match the requested one; "); } } }