Package org.bouncycastle.asn1.x509

Examples of org.bouncycastle.asn1.x509.PolicyInformation


    byte[] policiesBytes = certificate.getExtensionValue(X509Extension.certificatePolicies.getId());
    if (policiesBytes != null) {
      DEROctetString string = (DEROctetString) BouncyCastleProviderHelper.toASN1Primitive(policiesBytes);
      byte[] octets = string.getOctets();
      ASN1Sequence sequence = BouncyCastleProviderHelper.toASN1Sequence(octets);
      PolicyInformation information = PolicyInformation.getInstance(sequence.getObjectAt(0));
      DERObjectIdentifier identifier = information.getPolicyIdentifier();
      String oid = identifier.getId();
      if (oid.startsWith(ConstantesICPBrasil.PREFIX_OID_A1)) {
        tipoFormato = TipoFormato.A1;
      } else if (oid.startsWith(ConstantesICPBrasil.PREFIX_OID_A2)) {
        tipoFormato = TipoFormato.A2;
View Full Code Here


    }
  }

  protected void addV3CertificatePolicies(final JcaX509v3CertificateBuilder builder, final BouncyCastleCertificateRequest request) throws CertIOException {
    ASN1EncodableVector vector = new ASN1EncodableVector();
    vector.add(new PolicyInformation(BouncyCastleCertificateGenerator.ANY_POLICY));

    DERSequence sequence = new DERSequence(vector);

    builder.addExtension(X509Extension.certificatePolicies, false, sequence);

    if (ConditionUtils.isNotEmpty(request.getCertificatePolicies())) {
      vector = new ASN1EncodableVector();
      for (Entry<String, String> entry : request.getCertificatePolicies().entrySet()) {
        String oid = entry.getKey();
        String value = entry.getValue();
        ASN1ObjectIdentifier policyIdentifier = new ASN1ObjectIdentifier(oid);
        PolicyQualifierInfo policyQualifierInfo = new PolicyQualifierInfo(policyIdentifier, new DERIA5String(value));
        DERSequence policyQualifiers = new DERSequence(new ASN1Encodable[] { policyQualifierInfo });
        PolicyInformation policyInformation = new PolicyInformation(policyIdentifier, policyQualifiers);
        vector.add(policyInformation);
      }

      sequence = new DERSequence(vector);
      builder.addExtension(X509Extension.policyMappings, false, sequence);
View Full Code Here

        String value = entry.getValue();
        ASN1ObjectIdentifier policyIdentifier = new ASN1ObjectIdentifier(oid);
        PolicyQualifierInfo policyQualifierInfo = new PolicyQualifierInfo(X509Extension.cRLDistributionPoints, new DERIA5String(value.getBytes()));
        DERSequence policyQualifiers = new DERSequence(new ASN1Encodable[] { policyQualifierInfo });
        DERSequence sequence = new DERSequence(new ASN1Encodable[] { policyIdentifier, policyQualifiers });
        PolicyInformation policyInformation = new PolicyInformation(sequence);
        vector.add(policyInformation);
      }

      DERSequence sequence = new DERSequence(vector);
      builder.addExtension(X509Extension.certificatePolicies, false, sequence);
View Full Code Here

                    Enumeration e = certPolicies.getObjects();
                    Set         pols = new HashSet();
                       
                    while (e.hasMoreElements())
                    {
                        PolicyInformation   pInfo = PolicyInformation.getInstance(e.nextElement());
                        DERObjectIdentifier pOid = pInfo.getPolicyIdentifier();
                       
                        pols.add(pOid.getId());
   
                        if (!ANY_POLICY.equals(pOid.getId()))
                        {
                            Set pq = CertPathValidatorUtilities.getQualifierSet(pInfo.getPolicyQualifiers());
                           
                            boolean match = CertPathValidatorUtilities.processCertD1i(i, policyNodes, pOid, pq);
                           
                            if (!match)
                            {
                                CertPathValidatorUtilities.processCertD1ii(i, policyNodes, pOid, pq);
                            }
                        }
                    }
   
                    if (acceptablePolicies == null || acceptablePolicies.contains(ANY_POLICY))
                    {
                        acceptablePolicies = pols;
                    }
                    else
                    {
                        Iterator    it = acceptablePolicies.iterator();
                        Set         t1 = new HashSet();
   
                        while (it.hasNext())
                        {
                            Object  o = it.next();
   
                            if (pols.contains(o))
                            {
                                t1.add(o);
                            }
                        }
   
                        acceptablePolicies = t1;
                    }
   
                    //
                    // (d) (2)
                    //
                    if ((inhibitAnyPolicy > 0) || ((i < n) && CertPathValidatorUtilities.isSelfIssued(cert)))
                    {
                        e = certPolicies.getObjects();
   
                        while (e.hasMoreElements())
                        {
                            PolicyInformation   pInfo = PolicyInformation.getInstance(e.nextElement());
   
                            if (ANY_POLICY.equals(pInfo.getPolicyIdentifier().getId()))
                            {
                                Set    _apq   = CertPathValidatorUtilities.getQualifierSet(pInfo.getPolicyQualifiers());
                                List      _nodes = policyNodes[i - 1];
                               
                                for (int k = 0; k < _nodes.size(); k++)
                                {
                                    PKIXPolicyNode _node = (PKIXPolicyNode)_nodes.get(k);
                                   
                                    Iterator _policySetIter = _node.getExpectedPolicies().iterator();
                                    while (_policySetIter.hasNext())
                                    {
                                        Object _tmp = _policySetIter.next();
                                       
                                        String _policy;
                                        if (_tmp instanceof String)
                                        {
                                            _policy = (String)_tmp;
                                        }
                                        else if (_tmp instanceof DERObjectIdentifier)
                                        {
                                            _policy = ((DERObjectIdentifier)_tmp).getId();
                                        }
                                        else
                                        {
                                            continue;
                                        }
                                       
                                        boolean  _found        = false;
                                        Iterator _childrenIter = _node.getChildren();
   
                                        while (_childrenIter.hasNext())
                                        {
                                            PKIXPolicyNode _child = (PKIXPolicyNode)_childrenIter.next();
   
                                            if (_policy.equals(_child.getValidPolicy()))
                                            {
                                                _found = true;
                                            }
                                        }
   
                                        if (!_found)
                                        {
                                            Set _newChildExpectedPolicies = new HashSet();
                                            _newChildExpectedPolicies.add(_policy);
   
                                            PKIXPolicyNode _newChild = new PKIXPolicyNode(new ArrayList(),
                                                                                          i,
                                                                                          _newChildExpectedPolicies,
                                                                                          _node,
                                                                                          _apq,
                                                                                          _policy,
                                                                                          false);
                                            _node.addChild(_newChild);
                                            policyNodes[i].add(_newChild);
                                        }
                                    }
                                }
                                break;
                            }
                        }
                    }
               
                    //
                    // (d) (3)
                    //
                    for (int j = (i - 1); j >= 0; j--)
                    {
                        List      nodes = policyNodes[j];
                       
                        for (int k = 0; k < nodes.size(); k++)
                        {
                            PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(k);
                            if (!node.hasChildren())
                            {
                                validPolicyTree = CertPathValidatorUtilities.removePolicyNode(validPolicyTree, policyNodes, node);
                                if (validPolicyTree == null)
                                {
                                    break;
                                }
                            }
                        }
                    }
               
                    //
                    // d (4)
                    //
                    Set criticalExtensionOids = cert.getCriticalExtensionOIDs();
                   
                    if (criticalExtensionOids != null)
                    {
                        boolean critical = criticalExtensionOids.contains(CERTIFICATE_POLICIES);
                   
                        List      nodes = policyNodes[i];
                        for (int j = 0; j < nodes.size(); j++)
                        {
                            PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(j);
                            node.setCritical(critical);
                        }
                    }
                }
   
                //
                // (e)
                //
                if (certPolicies == null)
                {
                    validPolicyTree = null;
                }
   
                //
                // (f)
                //
                if (explicitPolicy <= 0 && validPolicyTree == null)
                {
                    throw new CertPathValidatorException("No valid policy tree found when one expected.");
                }
   
                //
                // 6.1.4
                //
   
                if (i != n)
                {
                    if (cert != null && cert.getVersion() == 1)
                    {
                        throw new CertPathValidatorException(
                                "Version 1 certs can't be used as CA ones");
                    }
   
                    //
                    //
                    // (a) check the policy mappings
                    //
                    DERObject   pm = CertPathValidatorUtilities.getExtensionValue(cert, POLICY_MAPPINGS);
                    if (pm != null)
                    {
                        ASN1Sequence mappings = (ASN1Sequence)pm;
                   
                        for (int j = 0; j < mappings.size(); j++)
                        {
                            ASN1Sequence    mapping = (ASN1Sequence)mappings.getObjectAt(j);
   
                            DERObjectIdentifier issuerDomainPolicy = (DERObjectIdentifier)mapping.getObjectAt(0);
                            DERObjectIdentifier subjectDomainPolicy = (DERObjectIdentifier)mapping.getObjectAt(1);
   
                            if (ANY_POLICY.equals(issuerDomainPolicy.getId()))
                            {
                           
                                throw new CertPathValidatorException("IssuerDomainPolicy is anyPolicy");
                            }
                       
                            if (ANY_POLICY.equals(subjectDomainPolicy.getId()))
                            {
                           
                                throw new CertPathValidatorException("SubjectDomainPolicy is anyPolicy");
                            }
                        }
                    }
                 
                    // (b)
                    //
                    if (pm != null)
                    {
                        ASN1Sequence mappings = (ASN1Sequence)pm;
                        Map m_idp = new HashMap();
                        Set s_idp = new HashSet();
                       
                        for (int j = 0; j < mappings.size(); j++)
                        {
                            ASN1Sequence mapping = (ASN1Sequence)mappings.getObjectAt(j);
                            String id_p = ((DERObjectIdentifier)mapping.getObjectAt(0)).getId();
                            String sd_p = ((DERObjectIdentifier)mapping.getObjectAt(1)).getId();
                            Set tmp;
                           
                            if (!m_idp.containsKey(id_p))
                            {
                                tmp = new HashSet();
                                tmp.add(sd_p);
                                m_idp.put(id_p, tmp);
                                s_idp.add(id_p);
                            }
                            else
                            {
                                tmp = (Set)m_idp.get(id_p);
                                tmp.add(sd_p);
                            }
                        }
   
                        Iterator it_idp = s_idp.iterator();
                        while (it_idp.hasNext())
                        {
                            String id_p = (String)it_idp.next();
   
                            //
                            // (1)
                            //
                            if (policyMapping > 0)
                            {
                                boolean idp_found = false;
                                Iterator nodes_i = policyNodes[i].iterator();
                                while (nodes_i.hasNext())
                                {
                                    PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
                                    if (node.getValidPolicy().equals(id_p))
                                    {
                                        idp_found = true;
                                        node.expectedPolicies = (Set)m_idp.get(id_p);
                                        break;
                                    }
                                }
   
                                if (!idp_found)
                                {
                                    nodes_i = policyNodes[i].iterator();
                                    while (nodes_i.hasNext())
                                    {
                                        PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
                                        if (ANY_POLICY.equals(node.getValidPolicy()))
                                        {
                                            Set pq = null;
                                            ASN1Sequence policies = (ASN1Sequence)CertPathValidatorUtilities.getExtensionValue(
                                                    cert, CERTIFICATE_POLICIES);
                                            Enumeration e = policies.getObjects();
                                            while (e.hasMoreElements())
                                            {
                                                PolicyInformation pinfo = PolicyInformation.getInstance(e.nextElement());
                                                if (ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId()))
                                                {
                                                    pq = CertPathValidatorUtilities.getQualifierSet(pinfo.getPolicyQualifiers());
                                                    break;
                                                }
                                            }
                                            boolean ci = false;
                                            if (cert.getCriticalExtensionOIDs() != null)
View Full Code Here

                    Set pq = null;
                    ASN1Sequence policies = (ASN1Sequence)getExtensionValue(cert, CERTIFICATE_POLICIES);
                    Enumeration e = policies.getObjects();
                    while (e.hasMoreElements())
                    {
                        PolicyInformation pinfo = PolicyInformation.getInstance(e.nextElement());
                        if (ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId()))
                        {
                            pq = getQualifierSet(pinfo.getPolicyQualifiers());
                            break;
                        }
                    }
                    boolean ci = false;
                    if (cert.getCriticalExtensionOIDs() != null)
View Full Code Here

    byte[] policiesBytes = certificate.getExtensionValue(X509Extension.certificatePolicies.getId());
    if (policiesBytes != null) {
      DEROctetString string = (DEROctetString) BouncyCastleProviderHelper.toDERObject(policiesBytes);
      byte[] octets = string.getOctets();
      DERSequence sequence = ICPBrasilHelper.toDerSequence(octets);
      PolicyInformation information = PolicyInformation.getInstance(sequence.getObjectAt(0));
      DERObjectIdentifier identifier = information.getPolicyIdentifier();
      String oid = identifier.getId();
      if (oid.startsWith(ConstantesICPBrasil.PREFIX_OID_A1)) {
        tipoFormato = TipoFormato.A1;
      } else if (oid.startsWith(ConstantesICPBrasil.PREFIX_OID_A2)) {
        tipoFormato = TipoFormato.A2;
View Full Code Here

    JCERSAPublicKey(
        SubjectPublicKeyInfo    info)
    {
        try
        {
            RSAPublicKeyStructure   pubKey = new RSAPublicKeyStructure((ASN1Sequence)info.getPublicKey());

            this.modulus = pubKey.getModulus();
            this.publicExponent = pubKey.getPublicExponent();
    }
        catch (IOException e)
        {
      throw new IllegalArgumentException("invalid info structure in RSA public key");
        }
View Full Code Here

    public byte[] getEncoded()
    {
        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
        DEROutputStream         dOut = new DEROutputStream(bOut);
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPublicKeyStructure(getModulus(), getPublicExponent()).getDERObject());

        try
        {
            dOut.writeObject(info);
            dOut.close();
View Full Code Here

            params = new X962Parameters(ecP);
        }

        ASN1OctetString    p = (ASN1OctetString)(new X9ECPoint(this.getQ()).getDERObject());

        SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.getDERObject()), p.getOctets());

        try
        {
            dOut.writeObject(info);
            dOut.close();
View Full Code Here

    public void setPublicKey(
        PublicKey       key)
    {
        try
        {
            tbsGen.setSubjectPublicKeyInfo(new SubjectPublicKeyInfo((ASN1Sequence)new DERInputStream(
                                new ByteArrayInputStream(key.getEncoded())).readObject()));
        }
        catch (Exception e)
        {
            throw new IllegalArgumentException("unable to process key - " + e.toString());
View Full Code Here

TOP

Related Classes of org.bouncycastle.asn1.x509.PolicyInformation

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.