List of usage examples for org.bouncycastle.asn1.x509 PolicyQualifierId id_qt_unotice
PolicyQualifierId id_qt_unotice
To view the source code for org.bouncycastle.asn1.x509 PolicyQualifierId id_qt_unotice.
Click Source Link
From source file:net.sf.portecle.crypto.X509Ext.java
License:Open Source License
/** * Get extension value for Certificate Policies as a string. * // ww w .j a va2s .co m * @see <a href="http://tools.ietf.org/html/rfc3280">RFC 3280</a> * @param bValue The octet string value * @return Extension value as a string * @throws IOException If an I/O problem occurs */ private String getCertificatePoliciesStringValue(byte[] bValue) throws IOException { ASN1Sequence pSeq = (ASN1Sequence) ASN1Primitive.fromByteArray(bValue); StringBuilder sb = new StringBuilder(); for (int i = 0, len = pSeq.size(); i < len; i++) { PolicyInformation pi = PolicyInformation.getInstance(pSeq.getObjectAt(i)); String piId = pi.getPolicyIdentifier().getId(); sb.append("<ul><li>"); sb.append(RB.getString("PolicyIdentifier")); sb.append(": "); sb.append(MessageFormat.format(getRes(piId, "UnrecognisedPolicyIdentifier"), piId)); ASN1Sequence pQuals; if ((pQuals = pi.getPolicyQualifiers()) != null) { sb.append("<ul>"); for (int j = 0, plen = pQuals.size(); j < plen; j++) { ASN1Sequence pqi = (ASN1Sequence) pQuals.getObjectAt(j); ASN1Encodable pqId = pqi.getObjectAt(0); String spqId = pqId.toString(); sb.append("<li>"); sb.append(MessageFormat.format(getRes(spqId, "UnrecognisedPolicyQualifier"), spqId)); sb.append(": "); ASN1Encodable d = pqi.getObjectAt(1); sb.append("<ul>"); if (pqId.equals(PolicyQualifierId.id_qt_cps)) { // cPSuri String sUri = ((ASN1String) d).getString(); sb.append("<li>"); sb.append(RB.getString("CpsUri")); sb.append(": "); sb.append(getLink(sUri, escapeHtml(sUri), LinkClass.BROWSER)); sb.append("</li>"); } else if (pqId.equals(PolicyQualifierId.id_qt_unotice)) { // userNotice ASN1Sequence un = (ASN1Sequence) d; for (int k = 0, dlen = un.size(); k < dlen; k++) { ASN1Encodable de = un.getObjectAt(k); // TODO: is it possible to use something // smarter than instanceof here? if (de instanceof ASN1String) { // explicitText sb.append("<li>"); sb.append(RB.getString("ExplicitText")); sb.append(": "); sb.append(stringify(de)); sb.append("</li>"); } else if (de instanceof ASN1Sequence) { // noticeRef ASN1Sequence nr = (ASN1Sequence) de; String orgstr = stringify(nr.getObjectAt(0)); ASN1Sequence nrs = (ASN1Sequence) nr.getObjectAt(1); StringBuilder nrstr = new StringBuilder(); for (int m = 0, nlen = nrs.size(); m < nlen; m++) { nrstr.append(stringify(nrs.getObjectAt(m))); if (m != nlen - 1) { nrstr.append(", "); } } sb.append("<li>"); sb.append(RB.getString("NoticeRef")); sb.append(": "); sb.append(RB.getString("NoticeRefOrganization")); sb.append(": "); sb.append(orgstr); sb.append(", "); sb.append(RB.getString("NoticeRefNumber")); sb.append(": "); sb.append(nrstr); sb.append("</li>"); } // else TODO } } else { sb.append(stringify(d)); } sb.append("</ul></li>"); } sb.append("</ul></li>"); } sb.append("</ul>"); if (i != len) { sb.append("<br>"); } } return sb.toString(); }
From source file:org.cesecore.certificates.certificate.certextensions.standard.CertificatePolicies.java
License:Open Source License
/** * Obtains the Policy Qualifier Information object * /* w w w.j a va2 s. co m*/ * @param policy, * CertificatePolicy with oid, user notice and cps uri * @param displayencoding, * the encoding used for UserNotice text, DisplayText.CONTENT_TYPE_BMPSTRING, CONTENT_TYPE_UTF8STRING, CONTENT_TYPE_IA5STRING or CONTENT_TYPE_VISIBLESTRING * * @return PolicyQualifierInfo */ private PolicyQualifierInfo getPolicyQualifierInformation(final CertificatePolicy policy, final int displayencoding) { PolicyQualifierInfo pqi = null; final String qualifierId = policy.getQualifierId(); if ((qualifierId != null) && !StringUtils.isEmpty(qualifierId.trim())) { final String qualifier = policy.getQualifier(); if ((qualifier != null) && !StringUtils.isEmpty(qualifier.trim())) { if (qualifierId.equals(PolicyQualifierId.id_qt_cps.getId())) { pqi = new PolicyQualifierInfo(qualifier); } else if (qualifierId.equals(PolicyQualifierId.id_qt_unotice.getId())) { // Normally we would just use 'DisplayText(unotice)' here. IE has problems with UTF8 though, so lets stick with BMSSTRING to satisfy Bills sick needs. final UserNotice un = new UserNotice(null, new DisplayText(displayencoding, qualifier)); pqi = new PolicyQualifierInfo(PolicyQualifierId.id_qt_unotice, un); } } } return pqi; }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionCertificatePolicies(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestExtensions, final ExtensionControl extControl) { QaCertificatePolicies conf = certificatePolicies; if (conf == null) { byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestExtensions, extControl); if (Arrays.equals(expected, extensionValue) == false) { failureMsg.append("extension valus is '" + hex(extensionValue) + "' but expected '" + (expected == null ? "not present" : hex(expected)) + "'"); failureMsg.append("; "); }//from ww w .j a v a 2 s . c om return; } org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies .getInstance(extensionValue); PolicyInformation[] iPolicyInformations = asn1.getPolicyInformation(); for (PolicyInformation iPolicyInformation : iPolicyInformations) { ASN1ObjectIdentifier iPolicyId = iPolicyInformation.getPolicyIdentifier(); QaCertificatePolicyInformation eCp = conf.getPolicyInformation(iPolicyId.getId()); if (eCp == null) { failureMsg.append("certificate policy '" + iPolicyId + "' is not expected"); failureMsg.append("; "); continue; } QaPolicyQualifiers eCpPq = eCp.getPolicyQualifiers(); if (eCpPq == null) { continue; } ASN1Sequence iPolicyQualifiers = iPolicyInformation.getPolicyQualifiers(); List<String> iCpsUris = new LinkedList<>(); List<String> iUserNotices = new LinkedList<>(); int n = iPolicyQualifiers.size(); for (int i = 0; i < n; i++) { PolicyQualifierInfo iPolicyQualifierInfo = (PolicyQualifierInfo) iPolicyQualifiers.getObjectAt(i); ASN1ObjectIdentifier iPolicyQualifierId = iPolicyQualifierInfo.getPolicyQualifierId(); ASN1Encodable iQualifier = iPolicyQualifierInfo.getQualifier(); if (PolicyQualifierId.id_qt_cps.equals(iPolicyQualifierId)) { String iCpsUri = ((DERIA5String) iQualifier).getString(); iCpsUris.add(iCpsUri); } else if (PolicyQualifierId.id_qt_unotice.equals(iPolicyQualifierId)) { UserNotice iUserNotice = UserNotice.getInstance(iQualifier); if (iUserNotice.getExplicitText() != null) { iUserNotices.add(iUserNotice.getExplicitText().getString()); } } } List<QaPolicyQualifierInfo> qualifierInfos = eCpPq.getPolicyQualifiers(); for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) { if (qualifierInfo instanceof QaCPSUriPolicyQualifier) { String value = ((QaCPSUriPolicyQualifier) qualifierInfo).getCPSUri(); if (iCpsUris.contains(value) == false) { failureMsg.append("CPSUri '" + value + "' is absent but is required"); failureMsg.append("; "); } } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) { String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice(); if (iUserNotices.contains(value) == false) { failureMsg.append("userNotice '" + value + "' is absent but is required"); failureMsg.append("; "); } } else { throw new RuntimeException("should not reach here"); } } } for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) { boolean present = false; for (PolicyInformation iPolicyInformation : iPolicyInformations) { if (iPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) { present = true; break; } } if (present) { continue; } failureMsg.append("certificate policy '").append(cp.getPolicyId()) .append("' is absent but is required"); failureMsg.append("; "); } }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionCertificatePolicies(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestedExtensions, final ExtensionControl extControl) { QaCertificatePolicies conf = certificatePolicies; if (conf == null) { byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestedExtensions, extControl); if (!Arrays.equals(expected, extensionValue)) { addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected)); }/*from www. ja va 2 s . c o m*/ return; } org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies .getInstance(extensionValue); PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation(); for (PolicyInformation isPolicyInformation : isPolicyInformations) { ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier(); QaCertificatePolicyInformation expCp = conf.getPolicyInformation(isPolicyId.getId()); if (expCp == null) { failureMsg.append("certificate policy '").append(isPolicyId); failureMsg.append("' is not expected; "); continue; } QaPolicyQualifiers expCpPq = expCp.getPolicyQualifiers(); if (expCpPq == null) { continue; } ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers(); List<String> isCpsUris = new LinkedList<>(); List<String> isUserNotices = new LinkedList<>(); int size = isPolicyQualifiers.size(); for (int i = 0; i < size; i++) { PolicyQualifierInfo isPolicyQualifierInfo = (PolicyQualifierInfo) isPolicyQualifiers.getObjectAt(i); ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId(); ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier(); if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) { String isCpsUri = ((DERIA5String) isQualifier).getString(); isCpsUris.add(isCpsUri); } else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) { UserNotice isUserNotice = UserNotice.getInstance(isQualifier); if (isUserNotice.getExplicitText() != null) { isUserNotices.add(isUserNotice.getExplicitText().getString()); } } } List<QaPolicyQualifierInfo> qualifierInfos = expCpPq.getPolicyQualifiers(); for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) { if (qualifierInfo instanceof QaCpsUriPolicyQualifier) { String value = ((QaCpsUriPolicyQualifier) qualifierInfo).getCpsUri(); if (!isCpsUris.contains(value)) { failureMsg.append("CPSUri '").append(value); failureMsg.append("' is absent but is required; "); } } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) { String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice(); if (!isUserNotices.contains(value)) { failureMsg.append("userNotice '").append(value); failureMsg.append("' is absent but is required; "); } } else { throw new RuntimeException("should not reach here"); } } } for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) { boolean present = false; for (PolicyInformation isPolicyInformation : isPolicyInformations) { if (isPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) { present = true; break; } } if (present) { continue; } failureMsg.append("certificate policy '").append(cp.getPolicyId()); failureMsg.append("' is absent but is required; "); } }