List of usage examples for org.bouncycastle.asn1.x509 UserNotice getInstance
public static UserNotice getInstance(Object obj)
From source file:com.otterca.common.crypto.SimplePolicyGeneratorTest.java
License:Apache License
/** * Test behavior when user notice is set. * //from w ww . j a v a 2 s.c o m * @throws IOException */ @Test @edu.umd.cs.findbugs.annotations.SuppressWarnings("NP_NONNULL_PARAM_VIOLATION") public void testUserNoticePolicy() throws IOException { SimplePolicyGeneratorImpl generator = new SimplePolicyGeneratorImpl(null, ORGANIZATION, USER_NOTICE, Integer.valueOf(1)); // get policy extensions byte[] policyBytes = generator.getExtension(SUBJECT, ISSUER); assertNotNull(policyBytes); X509Extensions exts = X509Extensions.getInstance(DLSequence.fromByteArray(policyBytes)); ASN1Encodable asn1 = exts.getExtension(X509Extensions.CertificatePolicies).getParsedValue(); CertificatePolicies policies = CertificatePolicies.getInstance(asn1); assertNotNull(policies, "unable to find CertificatePolicies extension"); for (PolicyInformation info : policies.getPolicyInformation()) { if (id_qt_unotice.equals(info.getPolicyIdentifier())) { DLSequence dls = (DLSequence) info.getPolicyQualifiers(); for (int i = 0; i < dls.size(); i++) { UserNotice userNotice = UserNotice.getInstance((DLSequence) dls.getObjectAt(i)); assertEquals(userNotice.getNoticeRef().getOrganization().getString(), ORGANIZATION); assertEquals(userNotice.getNoticeRef().getNoticeNumbers()[0].getValue(), BigInteger.ONE); assertEquals(userNotice.getExplicitText().getString(), USER_NOTICE); } } else { fail("unknown policy identifier: " + info.getPolicyIdentifier()); } } }
From source file:net.sf.keystore_explorer.crypto.x509.PolicyInformationUtil.java
License:Open Source License
/** * Get string representation of policy qualifier info. * * @param policyQualifierInfo//from w w w.j av a2 s.c o m * Policy qualifier info * @return String representation of policy qualifier info * @throws IOException * If policy qualifier info is invalid */ public static String toString(PolicyQualifierInfo policyQualifierInfo) throws IOException { StringBuffer sbPolicyQualifier = new StringBuffer(); ASN1ObjectIdentifier policyQualifierId = policyQualifierInfo.getPolicyQualifierId(); CertificatePolicyQualifierType certificatePolicyQualifierType = CertificatePolicyQualifierType .resolveOid(policyQualifierId.getId()); if (certificatePolicyQualifierType == PKIX_CPS_POINTER_QUALIFIER) { DERIA5String cpsPointer = ((DERIA5String) policyQualifierInfo.getQualifier()); sbPolicyQualifier .append(MessageFormat.format(res.getString("PolicyInformationUtil.CpsPointer"), cpsPointer)); } else if (certificatePolicyQualifierType == PKIX_USER_NOTICE_QUALIFIER) { ASN1Encodable userNoticeObj = policyQualifierInfo.getQualifier(); UserNotice userNotice = UserNotice.getInstance(userNoticeObj); sbPolicyQualifier.append( MessageFormat.format(res.getString("PolicyInformationUtil.UserNotice"), toString(userNotice))); } return sbPolicyQualifier.toString(); }
From source file:net.sf.keystore_explorer.crypto.x509.X509Ext.java
License:Open Source License
private String getCertificatePoliciesStringValue(byte[] value) throws IOException { // @formatter:off /*/* w w w . j a va2s. c o m*/ * CertificatePolicies ::= ASN1Sequence SIZE (1..MAX) OF PolicyInformation * * PolicyInformation ::= ASN1Sequence * { * policyIdentifier CertPolicyId, * policyQualifiers ASN1Sequence SIZE (1..MAX) OF PolicyQualifierInfo OPTIONAL * } * * CertPolicyId ::= OBJECT IDENTIFIER * * PolicyQualifierInfo ::= ASN1Sequence * { * policyQualifierId PolicyQualifierId, * qualifier ANY DEFINED BY policyQualifierId * } * * PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice ) * * Qualifier ::= CHOICE * { * cPSuri CPSuri, * userNotice UserNotice * } * * CPSuri ::= DERIA5String * * UserNotice ::= ASN1Sequence * { * noticeRef NoticeReference OPTIONAL, * explicitText DisplayText OPTIONAL * } * * NoticeReference ::= ASN1Sequence * { * organization DisplayText, * noticeNumbers ASN1Sequence OF ASN1Integer * } * * DisplayText ::= CHOICE * { * ia5String DERIA5String (SIZE (1..200)), * visibleString VisibleString (SIZE (1..200)), * bmpString BMPString (SIZE (1..200)), * utf8String UTF8String (SIZE (1..200)) * } */ // @formatter:on StringBuilder sb = new StringBuilder(); CertificatePolicies certificatePolicies = CertificatePolicies.getInstance(value); int certPolicy = 0; for (PolicyInformation policyInformation : certificatePolicies.getPolicyInformation()) { certPolicy++; sb.append(MessageFormat.format(res.getString("CertificatePolicy"), certPolicy)); sb.append(NEWLINE); ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier(); String policyIdentifierStr = ObjectIdUtil.toString(policyIdentifier); sb.append(INDENT); sb.append(MessageFormat.format(res.getString("PolicyIdentifier"), policyIdentifierStr)); sb.append(NEWLINE); ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers(); if (policyQualifiers != null) { // Optional int policyQual = 0; for (ASN1Encodable policyQualifier : policyQualifiers.toArray()) { ASN1Sequence policyQualifierInfo = (ASN1Sequence) policyQualifier; sb.append(INDENT.toString(1)); sb.append(MessageFormat.format(res.getString("PolicyQualifierInformation"), certPolicy, ++policyQual)); sb.append(NEWLINE); ASN1ObjectIdentifier policyQualifierId = (ASN1ObjectIdentifier) policyQualifierInfo .getObjectAt(0); CertificatePolicyQualifierType certificatePolicyQualifierType = CertificatePolicyQualifierType .resolveOid(policyQualifierId.getId()); if (certificatePolicyQualifierType != null) { sb.append(INDENT.toString(2)); sb.append(certificatePolicyQualifierType.friendly()); sb.append(NEWLINE); if (certificatePolicyQualifierType == PKIX_CPS_POINTER_QUALIFIER) { DERIA5String cpsPointer = (DERIA5String) policyQualifierInfo.getObjectAt(1); sb.append(INDENT.toString(2)); sb.append(MessageFormat.format(res.getString("CpsPointer"), "<a href=\"" + cpsPointer + "\">" + cpsPointer + "</a>")); sb.append(NEWLINE); } else if (certificatePolicyQualifierType == PKIX_USER_NOTICE_QUALIFIER) { ASN1Encodable userNoticeObj = policyQualifierInfo.getObjectAt(1); UserNotice userNotice = UserNotice.getInstance(userNoticeObj); sb.append(INDENT.toString(2)); sb.append(res.getString("UserNotice")); sb.append(NEWLINE); NoticeReference noticeReference = userNotice.getNoticeRef(); DisplayText explicitText = userNotice.getExplicitText(); if (noticeReference != null) { // Optional sb.append(INDENT.toString(3)); sb.append(res.getString("NoticeReference")); sb.append(NEWLINE); DisplayText organization = noticeReference.getOrganization(); String organizationString = organization.getString(); sb.append(INDENT.toString(4)); sb.append(MessageFormat.format(res.getString("Organization"), organizationString)); sb.append(NEWLINE); ASN1Integer[] noticeNumbers = noticeReference.getNoticeNumbers(); StringBuilder sbNoticeNumbers = new StringBuilder(); for (ASN1Integer noticeNumber : noticeNumbers) { sbNoticeNumbers.append(noticeNumber.getValue().intValue()); sbNoticeNumbers.append(", "); } sbNoticeNumbers.setLength(sbNoticeNumbers.length() - 2); sb.append(INDENT.toString(4)); sb.append(MessageFormat.format(res.getString("NoticeNumbers"), sbNoticeNumbers.toString())); sb.append(NEWLINE); } if (explicitText != null) { // Optional String explicitTextString = explicitText.getString(); sb.append(INDENT.toString(3)); sb.append(MessageFormat.format(res.getString("ExplicitText"), explicitTextString)); sb.append(NEWLINE); } } } } } } return sb.toString(); }
From source file:net.sf.keystore_explorer.gui.crypto.policyinformation.DPolicyQualifierInfoChooser.java
License:Open Source License
private void populate(PolicyQualifierInfo policyQualifierInfo) throws IOException { if (policyQualifierInfo == null) { jrbCps.setSelected(true);/*www. ja v a 2 s . c o m*/ } else { ASN1ObjectIdentifier policyQualifierId = policyQualifierInfo.getPolicyQualifierId(); if (policyQualifierId.equals(new ASN1ObjectIdentifier(PKIX_CPS_POINTER_QUALIFIER.oid()))) { jrbCps.setSelected(true); jtfCps.setText(((DERIA5String) policyQualifierInfo.getQualifier()).getString()); jtfCps.setCaretPosition(0); } else if (policyQualifierId.equals(new ASN1ObjectIdentifier(PKIX_USER_NOTICE_QUALIFIER.oid()))) { jrbUserNotice.setSelected(true); ASN1Encodable userNoticeObj = policyQualifierInfo.getQualifier(); UserNotice userNotice = UserNotice.getInstance(userNoticeObj); junUserNotice.setUserNotice(userNotice); } else { jrbCps.setSelected(true); } } }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionCertificatePolicies(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestExtensions, final ExtensionControl extControl) { QaCertificatePolicies conf = certificatePolicies; if (conf == null) { byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestExtensions, extControl); if (Arrays.equals(expected, extensionValue) == false) { failureMsg.append("extension valus is '" + hex(extensionValue) + "' but expected '" + (expected == null ? "not present" : hex(expected)) + "'"); failureMsg.append("; "); }/*from w w w . j av a 2 s . c om*/ return; } org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies .getInstance(extensionValue); PolicyInformation[] iPolicyInformations = asn1.getPolicyInformation(); for (PolicyInformation iPolicyInformation : iPolicyInformations) { ASN1ObjectIdentifier iPolicyId = iPolicyInformation.getPolicyIdentifier(); QaCertificatePolicyInformation eCp = conf.getPolicyInformation(iPolicyId.getId()); if (eCp == null) { failureMsg.append("certificate policy '" + iPolicyId + "' is not expected"); failureMsg.append("; "); continue; } QaPolicyQualifiers eCpPq = eCp.getPolicyQualifiers(); if (eCpPq == null) { continue; } ASN1Sequence iPolicyQualifiers = iPolicyInformation.getPolicyQualifiers(); List<String> iCpsUris = new LinkedList<>(); List<String> iUserNotices = new LinkedList<>(); int n = iPolicyQualifiers.size(); for (int i = 0; i < n; i++) { PolicyQualifierInfo iPolicyQualifierInfo = (PolicyQualifierInfo) iPolicyQualifiers.getObjectAt(i); ASN1ObjectIdentifier iPolicyQualifierId = iPolicyQualifierInfo.getPolicyQualifierId(); ASN1Encodable iQualifier = iPolicyQualifierInfo.getQualifier(); if (PolicyQualifierId.id_qt_cps.equals(iPolicyQualifierId)) { String iCpsUri = ((DERIA5String) iQualifier).getString(); iCpsUris.add(iCpsUri); } else if (PolicyQualifierId.id_qt_unotice.equals(iPolicyQualifierId)) { UserNotice iUserNotice = UserNotice.getInstance(iQualifier); if (iUserNotice.getExplicitText() != null) { iUserNotices.add(iUserNotice.getExplicitText().getString()); } } } List<QaPolicyQualifierInfo> qualifierInfos = eCpPq.getPolicyQualifiers(); for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) { if (qualifierInfo instanceof QaCPSUriPolicyQualifier) { String value = ((QaCPSUriPolicyQualifier) qualifierInfo).getCPSUri(); if (iCpsUris.contains(value) == false) { failureMsg.append("CPSUri '" + value + "' is absent but is required"); failureMsg.append("; "); } } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) { String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice(); if (iUserNotices.contains(value) == false) { failureMsg.append("userNotice '" + value + "' is absent but is required"); failureMsg.append("; "); } } else { throw new RuntimeException("should not reach here"); } } } for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) { boolean present = false; for (PolicyInformation iPolicyInformation : iPolicyInformations) { if (iPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) { present = true; break; } } if (present) { continue; } failureMsg.append("certificate policy '").append(cp.getPolicyId()) .append("' is absent but is required"); failureMsg.append("; "); } }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionCertificatePolicies(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestedExtensions, final ExtensionControl extControl) { QaCertificatePolicies conf = certificatePolicies; if (conf == null) { byte[] expected = getExpectedExtValue(Extension.certificatePolicies, requestedExtensions, extControl); if (!Arrays.equals(expected, extensionValue)) { addViolation(failureMsg, "extension values", hex(extensionValue), (expected == null) ? "not present" : hex(expected)); }/*from w w w . ja va 2s.c om*/ return; } org.bouncycastle.asn1.x509.CertificatePolicies asn1 = org.bouncycastle.asn1.x509.CertificatePolicies .getInstance(extensionValue); PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation(); for (PolicyInformation isPolicyInformation : isPolicyInformations) { ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier(); QaCertificatePolicyInformation expCp = conf.getPolicyInformation(isPolicyId.getId()); if (expCp == null) { failureMsg.append("certificate policy '").append(isPolicyId); failureMsg.append("' is not expected; "); continue; } QaPolicyQualifiers expCpPq = expCp.getPolicyQualifiers(); if (expCpPq == null) { continue; } ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers(); List<String> isCpsUris = new LinkedList<>(); List<String> isUserNotices = new LinkedList<>(); int size = isPolicyQualifiers.size(); for (int i = 0; i < size; i++) { PolicyQualifierInfo isPolicyQualifierInfo = (PolicyQualifierInfo) isPolicyQualifiers.getObjectAt(i); ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId(); ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier(); if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) { String isCpsUri = ((DERIA5String) isQualifier).getString(); isCpsUris.add(isCpsUri); } else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) { UserNotice isUserNotice = UserNotice.getInstance(isQualifier); if (isUserNotice.getExplicitText() != null) { isUserNotices.add(isUserNotice.getExplicitText().getString()); } } } List<QaPolicyQualifierInfo> qualifierInfos = expCpPq.getPolicyQualifiers(); for (QaPolicyQualifierInfo qualifierInfo : qualifierInfos) { if (qualifierInfo instanceof QaCpsUriPolicyQualifier) { String value = ((QaCpsUriPolicyQualifier) qualifierInfo).getCpsUri(); if (!isCpsUris.contains(value)) { failureMsg.append("CPSUri '").append(value); failureMsg.append("' is absent but is required; "); } } else if (qualifierInfo instanceof QaUserNoticePolicyQualifierInfo) { String value = ((QaUserNoticePolicyQualifierInfo) qualifierInfo).getUserNotice(); if (!isUserNotices.contains(value)) { failureMsg.append("userNotice '").append(value); failureMsg.append("' is absent but is required; "); } } else { throw new RuntimeException("should not reach here"); } } } for (QaCertificatePolicyInformation cp : conf.getPolicyInformations()) { boolean present = false; for (PolicyInformation isPolicyInformation : isPolicyInformations) { if (isPolicyInformation.getPolicyIdentifier().getId().equals(cp.getPolicyId())) { present = true; break; } } if (present) { continue; } failureMsg.append("certificate policy '").append(cp.getPolicyId()); failureMsg.append("' is absent but is required; "); } }