List of usage examples for org.bouncycastle.asn1.x509 PolicyQualifierId id_qt_cps
PolicyQualifierId id_qt_cps
To view the source code for org.bouncycastle.asn1.x509 PolicyQualifierId id_qt_cps.
Click Source Link
From source file:es.gob.afirma.envelopers.cades.CAdESUtils.java
License:Open Source License
/** * Obtiene un PolicyInformation a partir de los datos de la política. * Sirve para los datos de SigningCertificate y SigningCertificateV2. Tiene que llevar algunos * datos de la política./*from w w w .jav a 2s . c om*/ * <pre> * PolicyInformation ::= SEQUENCE { * policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF * PolicyQualifierInfo OPTIONAL } * * * CertPolicyId ::= OBJECT IDENTIFIER * * PolicyQualifierInfo ::= SEQUENCE { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId } * * -- policyQualifierIds for Internet policy qualifiers * * id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } * id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } * id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } * * PolicyQualifierId ::= * OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice ) * * Qualifier ::= CHOICE { * cPSuri CPSuri, * userNotice UserNotice } * * CPSuri ::= IA5String * * UserNotice ::= SEQUENCE { * noticeRef NoticeReference OPTIONAL, * explicitText DisplayText OPTIONAL} * * NoticeReference ::= SEQUENCE { * organization DisplayText, * noticeNumbers SEQUENCE OF INTEGER } * * DisplayText ::= CHOICE { * ia5String IA5String (SIZE (1..200)), * visibleString VisibleString (SIZE (1..200)), * bmpString BMPString (SIZE (1..200)), * utf8String UTF8String (SIZE (1..200)) } * </pre> * * @param policy Política de la firma. * @return Estructura con la política preparada para insertarla en la firma. */ private static PolicyInformation[] getPolicyInformation(final AdESPolicy policy) { if (policy == null) { throw new IllegalArgumentException("La politica de firma no puede ser nula en este punto"); //$NON-NLS-1$ } /* * PolicyQualifierInfo ::= SEQUENCE { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId } */ final PolicyQualifierId pqid = PolicyQualifierId.id_qt_cps; DERIA5String uri = null; if (policy.getPolicyQualifier() != null && !policy.getPolicyQualifier().equals("")) { //$NON-NLS-1$ uri = new DERIA5String(policy.getPolicyQualifier().toString()); } final ASN1EncodableVector v = new ASN1EncodableVector(); PolicyQualifierInfo pqi = null; if (uri != null) { v.add(pqid); v.add(uri); pqi = new PolicyQualifierInfo(new DERSequence(v)); } /* * PolicyInformation ::= SEQUENCE { * policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF * PolicyQualifierInfo OPTIONAL } */ if (policy.getPolicyQualifier() == null || pqi == null) { return new PolicyInformation[] { new PolicyInformation( new ASN1ObjectIdentifier(policy.getPolicyIdentifier().toLowerCase().replace("urn:oid:", ""))) //$NON-NLS-1$ //$NON-NLS-2$ }; } return new PolicyInformation[] { new PolicyInformation( new ASN1ObjectIdentifier(policy.getPolicyIdentifier().toLowerCase().replace("urn:oid:", "")), //$NON-NLS-1$//$NON-NLS-2$ new DERSequence(pqi)) }; }
From source file:es.gob.afirma.signers.cades.CAdESUtils.java
License:Open Source License
/** Obtiene un <i>PolicyInformation</i> a partir de los datos de la política. * Sirve para los datos de SigningCertificate y SigningCertificateV2. Tiene que llevar algunos * datos de la política.//from ww w .j a v a 2 s.c o m * * <pre> * PolicyInformation ::= SEQUENCE { * policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL * } * * CertPolicyId ::= OBJECT IDENTIFIER * * PolicyQualifierInfo ::= SEQUENCE { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId * } * * -- policyQualifierIds for Internet policy qualifiers * * id-qt OBJECT IDENTIFIER ::= { id-pkix 2 } * id-qt-cps OBJECT IDENTIFIER ::= { id-qt 1 } * id-qt-unotice OBJECT IDENTIFIER ::= { id-qt 2 } * * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice ) * * Qualifier ::= CHOICE { * cPSuri CPSuri, * userNotice UserNotice * } * * CPSuri ::= IA5String * * UserNotice ::= SEQUENCE { * noticeRef NoticeReference OPTIONAL, * explicitText DisplayText OPTIONAL * } * * NoticeReference ::= SEQUENCE { * organization DisplayText, * noticeNumbers SEQUENCE OF INTEGER * } * * DisplayText ::= CHOICE { * ia5String IA5String (SIZE (1..200)), * visibleString VisibleString (SIZE (1..200)), * bmpString BMPString (SIZE (1..200)), * utf8String UTF8String (SIZE (1..200)) * } * </pre> * * @param policy Política de la firma. * @return Estructura con la política preparada para insertarla en la firma. */ private static PolicyInformation[] getPolicyInformation(final AdESPolicy policy) { if (policy == null) { throw new IllegalArgumentException("La politica de firma no puede ser nula en este punto"); //$NON-NLS-1$ } /** PolicyQualifierInfo ::= SEQUENCE { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId * } */ final PolicyQualifierId pqid = PolicyQualifierId.id_qt_cps; DERIA5String uri = null; if (policy.getPolicyQualifier() != null && !policy.getPolicyQualifier().equals("")) { //$NON-NLS-1$ uri = new DERIA5String(policy.getPolicyQualifier().toString()); } final ASN1EncodableVector v = new ASN1EncodableVector(); PolicyQualifierInfo pqi = null; if (uri != null) { v.add(pqid); v.add(uri); pqi = PolicyQualifierInfo.getInstance(new DERSequence(v)); } /** PolicyInformation ::= SEQUENCE { * policyIdentifier CertPolicyId, * policyQualifiers SEQUENCE SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL * } */ if (policy.getPolicyQualifier() == null || pqi == null) { return new PolicyInformation[] { new PolicyInformation(new ASN1ObjectIdentifier( policy.getPolicyIdentifier().toLowerCase(Locale.US).replace("urn:oid:", "") //$NON-NLS-1$ //$NON-NLS-2$ )) }; } return new PolicyInformation[] { new PolicyInformation( new ASN1ObjectIdentifier(policy.getPolicyIdentifier().toLowerCase(Locale.US).replace("urn:oid:", "") //$NON-NLS-1$ //$NON-NLS-2$ ), new DERSequence(pqi)) }; }
From source file:net.sf.portecle.crypto.X509Ext.java
License:Open Source License
/** * Get extension value for Certificate Policies as a string. * /*from w w w .ja va 2 s .co m*/ * @see <a href="http://tools.ietf.org/html/rfc3280">RFC 3280</a> * @param bValue The octet string value * @return Extension value as a string * @throws IOException If an I/O problem occurs */ private String getCertificatePoliciesStringValue(byte[] bValue) throws IOException { ASN1Sequence pSeq = (ASN1Sequence) ASN1Primitive.fromByteArray(bValue); StringBuilder sb = new StringBuilder(); for (int i = 0, len = pSeq.size(); i < len; i++) { PolicyInformation pi = PolicyInformation.getInstance(pSeq.getObjectAt(i)); String piId = pi.getPolicyIdentifier().getId(); sb.append("<ul><li>"); sb.append(RB.getString("PolicyIdentifier")); sb.append(": "); sb.append(MessageFormat.format(getRes(piId, "UnrecognisedPolicyIdentifier"), piId)); ASN1Sequence pQuals; if ((pQuals = pi.getPolicyQualifiers()) != null) { sb.append("<ul>"); for (int j = 0, plen = pQuals.size(); j < plen; j++) { ASN1Sequence pqi = (ASN1Sequence) pQuals.getObjectAt(j); ASN1Encodable pqId = pqi.getObjectAt(0); String spqId = pqId.toString(); sb.append("<li>"); sb.append(MessageFormat.format(getRes(spqId, "UnrecognisedPolicyQualifier"), spqId)); sb.append(": "); ASN1Encodable d = pqi.getObjectAt(1); sb.append("<ul>"); if (pqId.equals(PolicyQualifierId.id_qt_cps)) { // cPSuri String sUri = ((ASN1String) d).getString(); sb.append("<li>"); sb.append(RB.getString("CpsUri")); sb.append(": "); sb.append(getLink(sUri, escapeHtml(sUri), LinkClass.BROWSER)); sb.append("</li>"); } else if (pqId.equals(PolicyQualifierId.id_qt_unotice)) { // userNotice ASN1Sequence un = (ASN1Sequence) d; for (int k = 0, dlen = un.size(); k < dlen; k++) { ASN1Encodable de = un.getObjectAt(k); // TODO: is it possible to use something // smarter than instanceof here? if (de instanceof ASN1String) { // explicitText sb.append("<li>"); sb.append(RB.getString("ExplicitText")); sb.append(": "); sb.append(stringify(de)); sb.append("</li>"); } else if (de instanceof ASN1Sequence) { // noticeRef ASN1Sequence nr = (ASN1Sequence) de; String orgstr = stringify(nr.getObjectAt(0)); ASN1Sequence nrs = (ASN1Sequence) nr.getObjectAt(1); StringBuilder nrstr = new StringBuilder(); for (int m = 0, nlen = nrs.size(); m < nlen; m++) { nrstr.append(stringify(nrs.getObjectAt(m))); if (m != nlen - 1) { nrstr.append(", "); } } sb.append("<li>"); sb.append(RB.getString("NoticeRef")); sb.append(": "); sb.append(RB.getString("NoticeRefOrganization")); sb.append(": "); sb.append(orgstr); sb.append(", "); sb.append(RB.getString("NoticeRefNumber")); sb.append(": "); sb.append(nrstr); sb.append("</li>"); } // else TODO } } else { sb.append(stringify(d)); } sb.append("</ul></li>"); } sb.append("</ul></li>"); } sb.append("</ul>"); if (i != len) { sb.append("<br>"); } } return sb.toString(); }
From source file:org.cesecore.certificates.certificate.certextensions.standard.CertificatePolicies.java
License:Open Source License
/** * Obtains the Policy Qualifier Information object * /*from w ww . j ava2 s . co m*/ * @param policy, * CertificatePolicy with oid, user notice and cps uri * @param displayencoding, * the encoding used for UserNotice text, DisplayText.CONTENT_TYPE_BMPSTRING, CONTENT_TYPE_UTF8STRING, CONTENT_TYPE_IA5STRING or CONTENT_TYPE_VISIBLESTRING * * @return PolicyQualifierInfo */ private PolicyQualifierInfo getPolicyQualifierInformation(final CertificatePolicy policy, final int displayencoding) { PolicyQualifierInfo pqi = null; final String qualifierId = policy.getQualifierId(); if ((qualifierId != null) && !StringUtils.isEmpty(qualifierId.trim())) { final String qualifier = policy.getQualifier(); if ((qualifier != null) && !StringUtils.isEmpty(qualifier.trim())) { if (qualifierId.equals(PolicyQualifierId.id_qt_cps.getId())) { pqi = new PolicyQualifierInfo(qualifier); } else if (qualifierId.equals(PolicyQualifierId.id_qt_unotice.getId())) { // Normally we would just use 'DisplayText(unotice)' here. IE has problems with UTF8 though, so lets stick with BMSSTRING to satisfy Bills sick needs. final UserNotice un = new UserNotice(null, new DisplayText(displayencoding, qualifier)); pqi = new PolicyQualifierInfo(PolicyQualifierId.id_qt_unotice, un); } } } return pqi; }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionCertificatePolicies(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestExtensions, final ExtensionControl extControl) { QaCertificatePolicies conf = certificatePolicies; if (conf == null) { byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestExtensions, extControl); if (Arrays.equals(expected, extensionValue) == false) { failureMsg.append("extension valus is '" + hex(extensionValue) + "' but expected '" + (expected == null ? "not present" : hex(expected)) + "'"); failureMsg.append("; "); }/*w w w.jav a 2s .c om*/ return; } org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies .getInstance(extensionValue); PolicyInformation[] iPolicyInformations = asn1.getPolicyInformation(); for (PolicyInformation iPolicyInformation : iPolicyInformations) { ASN1ObjectIdentifier iPolicyId = iPolicyInformation.getPolicyIdentifier(); QaCertificatePolicyInformation eCp = conf.getPolicyInformation(iPolicyId.getId()); if (eCp == null) { failureMsg.append("certificate policy '" + iPolicyId + "' is not expected"); failureMsg.append("; "); continue; } QaPolicyQualifiers eCpPq = eCp.getPolicyQualifiers(); if (eCpPq == null) { continue; } ASN1Sequence iPolicyQualifiers = iPolicyInformation.getPolicyQualifiers(); List<String> iCpsUris = new LinkedList<>(); List<String> iUserNotices = new LinkedList<>(); int n = iPolicyQualifiers.size(); for (int i = 0; i < n; i++) { PolicyQualifierInfo iPolicyQualifierInfo = (PolicyQualifierInfo) iPolicyQualifiers.getObjectAt(i); ASN1ObjectIdentifier iPolicyQualifierId = iPolicyQualifierInfo.getPolicyQualifierId(); ASN1Encodable iQualifier = iPolicyQualifierInfo.getQualifier(); if (PolicyQualifierId.id_qt_cps.equals(iPolicyQualifierId)) { String iCpsUri = ((DERIA5String) iQualifier).getString(); iCpsUris.add(iCpsUri); } else if (PolicyQualifierId.id_qt_unotice.equals(iPolicyQualifierId)) { UserNotice iUserNotice = UserNotice.getInstance(iQualifier); if (iUserNotice.getExplicitText() != null) { iUserNotices.add(iUserNotice.getExplicitText().getString()); } } } List<QaPolicyQualifierInfo> qualifierInfos = eCpPq.getPolicyQualifiers(); for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) { if (qualifierInfo instanceof QaCPSUriPolicyQualifier) { String value = ((QaCPSUriPolicyQualifier) qualifierInfo).getCPSUri(); if (iCpsUris.contains(value) == false) { failureMsg.append("CPSUri '" + value + "' is absent but is required"); failureMsg.append("; "); } } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) { String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice(); if (iUserNotices.contains(value) == false) { failureMsg.append("userNotice '" + value + "' is absent but is required"); failureMsg.append("; "); } } else { throw new RuntimeException("should not reach here"); } } } for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) { boolean present = false; for (PolicyInformation iPolicyInformation : iPolicyInformations) { if (iPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) { present = true; break; } } if (present) { continue; } failureMsg.append("certificate policy '").append(cp.getPolicyId()) .append("' is absent but is required"); failureMsg.append("; "); } }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionCertificatePolicies(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestedExtensions, final ExtensionControl extControl) { QaCertificatePolicies conf = certificatePolicies; if (conf == null) { byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestedExtensions, extControl); if (!Arrays.equals(expected, extensionValue)) { addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected)); }//from w ww.j a v a 2 s. com return; } org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies .getInstance(extensionValue); PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation(); for (PolicyInformation isPolicyInformation : isPolicyInformations) { ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier(); QaCertificatePolicyInformation expCp = conf.getPolicyInformation(isPolicyId.getId()); if (expCp == null) { failureMsg.append("certificate policy '").append(isPolicyId); failureMsg.append("' is not expected; "); continue; } QaPolicyQualifiers expCpPq = expCp.getPolicyQualifiers(); if (expCpPq == null) { continue; } ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers(); List<String> isCpsUris = new LinkedList<>(); List<String> isUserNotices = new LinkedList<>(); int size = isPolicyQualifiers.size(); for (int i = 0; i < size; i++) { PolicyQualifierInfo isPolicyQualifierInfo = (PolicyQualifierInfo) isPolicyQualifiers.getObjectAt(i); ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId(); ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier(); if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) { String isCpsUri = ((DERIA5String) isQualifier).getString(); isCpsUris.add(isCpsUri); } else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) { UserNotice isUserNotice = UserNotice.getInstance(isQualifier); if (isUserNotice.getExplicitText() != null) { isUserNotices.add(isUserNotice.getExplicitText().getString()); } } } List<QaPolicyQualifierInfo> qualifierInfos = expCpPq.getPolicyQualifiers(); for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) { if (qualifierInfo instanceof QaCpsUriPolicyQualifier) { String value = ((QaCpsUriPolicyQualifier) qualifierInfo).getCpsUri(); if (!isCpsUris.contains(value)) { failureMsg.append("CPSUri '").append(value); failureMsg.append("' is absent but is required; "); } } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) { String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice(); if (!isUserNotices.contains(value)) { failureMsg.append("userNotice '").append(value); failureMsg.append("' is absent but is required; "); } } else { throw new RuntimeException("should not reach here"); } } } for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) { boolean present = false; for (PolicyInformation isPolicyInformation : isPolicyInformations) { if (isPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) { present = true; break; } } if (present) { continue; } failureMsg.append("certificate policy '").append(cp.getPolicyId()); failureMsg.append("' is absent but is required; "); } }