Examples of org.bouncycastle.x509.X509V2AttributeCertificate

org.bouncycastle.x509.X509CRLStoreSelector
An implementation of a version 2 X.509 Attribute Certificate. @deprecated use org.bouncycastle.cert.X509AttributeCertificateHolder

    }


    private void testCertWithBaseCertificateID()
        throws Exception
    {
        X509AttributeCertificate attrCert = new X509V2AttributeCertificate(certWithBaseCertificateID);
        CertificateFactory       fact = CertificateFactory.getInstance("X.509", "BC");   
        X509Certificate          cert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(holderCertWithBaseCertificateID));
        
        AttributeCertificateHolder holder = attrCert.getHolder();
        
        if (holder.getEntityNames() != null)
        {
            fail("entity names set when none expected");
        }
        
        if (!holder.getSerialNumber().equals(cert.getSerialNumber()))
        {
            fail("holder serial number doesn't match");
        }


        if (!holder.getIssuer()[0].equals(cert.getIssuerX500Principal()))
        {
            fail("holder issuer doesn't match");
        }
        
        if (!holder.match(cert))
        {
            fail("holder not matching holder certificate");
        }


        if (!holder.equals(holder.clone()))
        {
            fail("holder clone test failed");
        }


        if (!attrCert.getIssuer().equals(attrCert.getIssuer().clone()))
        {
            fail("issuer clone test failed");
        }
        
        //equalityAndHashCodeTest(attrCert, certWithBaseCertificateID);

View Full Code Here

        if (attrCert.getIssuer().equals(attrCert.getHolder()))
        {
            fail("wrong issuer equal");
        }


        X509AttributeCertificate attrCert2 = new X509V2AttributeCertificate(encoding);


        if (attrCert2.getHolder().hashCode() != attrCert.getHolder().hashCode())
        {
            fail("holder hashCode test failed");
        }


        if (!attrCert2.getHolder().equals(attrCert.getHolder()))
        {
            fail("holder equals test failed");
        }


        if (attrCert2.getIssuer().hashCode() != attrCert.getIssuer().hashCode())
        {
            fail("issuer hashCode test failed");
        }


        if (!attrCert2.getIssuer().equals(attrCert.getIssuer()))
        {
            fail("issuer equals test failed");
        }
    }

View Full Code Here

        gen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        gen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        gen.setSerialNumber(BigInteger.ONE);
        gen.setSignatureAlgorithm("SHA1WithRSAEncryption");
        
        X509AttributeCertificate aCert = gen.generate(privKey, "BC");
        
        aCert.checkValidity();
        
        aCert.verify(pubKey, "BC");
        
        AttributeCertificateHolder holder = aCert.getHolder();
        
        if (holder.getEntityNames() != null)
        {
            fail("entity names set when none expected");
        }
        
        if (!holder.getSerialNumber().equals(iCert.getSerialNumber()))
        {
            fail("holder serial number doesn't match");
        }


        if (!holder.getIssuer()[0].equals(iCert.getIssuerX500Principal()))
        {
            fail("holder issuer doesn't match");
        }
        
        if (!holder.match(iCert))
        {
            fail("generated holder not matching holder certificate");
        }
        
        X509Attribute[] attrs = aCert.getAttributes("2.5.24.72");
        
        if (attrs == null)
        {
            fail("attributes related to 2.5.24.72 not found");
        }
        
        X509Attribute attr = attrs[0];
        
        if (!attr.getOID().equals("2.5.24.72"))
        {
            fail("attribute oid mismatch");
        }
        
        ASN1Encodable[] values = attr.getValues();
        
        GeneralName role = GeneralNames.getInstance(values[0]).getNames()[0];
        
        if (role.getTagNo() != GeneralName.rfc822Name)
        {
            fail("wrong general name type found in role");
        }
        
        if (!((ASN1String)role.getName()).getString().equals("DAU123456789"))
        {
            fail("wrong general name value found in role");
        }
        
        X509Certificate             sCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(holderCertWithBaseCertificateID));
        
        if (holder.match(sCert))
        {
            fail("generated holder matching wrong certificate");
        }


        equalityAndHashCodeTest(aCert, aCert.getEncoded());
    }

View Full Code Here

        gen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
        gen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
        gen.setSerialNumber(BigInteger.ONE);
        gen.setSignatureAlgorithm("SHA1WithRSAEncryption");
        
        X509AttributeCertificate aCert = gen.generate(privKey, "BC");
        
        aCert.checkValidity();
        
        aCert.verify(pubKey, "BC");
        
        AttributeCertificateHolder holder = aCert.getHolder();
        
        if (holder.getEntityNames() == null)
        {
            fail("entity names not set when expected");
        }
        
        if (holder.getSerialNumber() != null)
        {
            fail("holder serial number found when none expected");
        }
    
        if (holder.getIssuer() != null)
        {
            fail("holder issuer found when none expected");
        }
        
        if (!holder.match(iCert))
        {
            fail("generated holder not matching holder certificate");
        }
        
        X509Certificate             sCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(holderCertWithBaseCertificateID));
        
        if (holder.match(sCert))
        {
            fail("principal generated holder matching wrong certificate");
        }


        equalityAndHashCodeTest(aCert, aCert.getEncoded());
    }

View Full Code Here

    }
    
    public void performTest()
        throws Exception
    {
        X509AttributeCertificate    aCert = new X509V2AttributeCertificate(attrCert);
        CertificateFactory          fact = CertificateFactory.getInstance("X.509","BC");
        X509Certificate             sCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(signCert));
        
        aCert.verify(sCert.getPublicKey(), "BC");
        
        //
        // search test
        //
        
        List      list = new ArrayList();
        
        list.add(sCert);
        
        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
        CertStore store = CertStore.getInstance("Collection", ccsp);
        
        Collection certs = store.getCertificates(aCert.getIssuer());
        if (certs.size() != 1 || !certs.contains(sCert))
        {
            fail("sCert not found by issuer");
        }
        
        X509Attribute[] attrs = aCert.getAttributes("1.3.6.1.4.1.6760.8.1.1");
        if (attrs == null || attrs.length != 1)
        {
            fail("attribute not found");
        }


        //
        // reencode test
        //
        aCert = new X509V2AttributeCertificate(aCert.getEncoded());
        
        aCert.verify(sCert.getPublicKey(), "BC");
        
        X509AttributeCertificate saCert = new X509V2AttributeCertificate(new ByteArrayInputStream(aCert.getEncoded()));
        
        if (!aCert.getNotAfter().equals(saCert.getNotAfter()))
        {
            fail("failed date comparison");
        }
        
        // base generator test

View Full Code Here

            throw new InvalidAlgorithmParameterException(
                "TargetConstraints must be an instance of "
                    + X509AttributeCertStoreSelector.class.getName() + " for "
                    + this.getClass().getName() + " class.");
        }
        X509AttributeCertificate attrCert = ((X509AttributeCertStoreSelector) certSelect)
            .getAttributeCert();


        CertPath holderCertPath = RFC3281CertPathUtilities.processAttrCert1(attrCert, pkixParams);
        CertPathValidatorResult result = RFC3281CertPathUtilities.processAttrCert2(certPath, pkixParams);
        X509Certificate issuerCert = (X509Certificate) certPath

View Full Code Here

    protected static Set getDeltaCRLs(Date currentDate,
                                      ExtendedPKIXParameters paramsPKIX, X509CRL completeCRL)
        throws AnnotatedException
    {


        X509CRLStoreSelector deltaSelect = new X509CRLStoreSelector();


        // 5.2.4 (a)
        try
        {
            deltaSelect.addIssuerName(CertPathValidatorUtilities
                .getIssuerPrincipal(completeCRL).getEncoded());
        }
        catch (IOException e)
        {
            throw new AnnotatedException("Cannot extract issuer from CRL.", e);
        }


        BigInteger completeCRLNumber = null;
        try
        {
            ASN1Primitive derObject = CertPathValidatorUtilities.getExtensionValue(completeCRL,
                CRL_NUMBER);
            if (derObject != null)
            {
                completeCRLNumber = ASN1Integer.getInstance(derObject).getPositiveValue();
            }
        }
        catch (Exception e)
        {
            throw new AnnotatedException(
                "CRL number extension could not be extracted from CRL.", e);
        }


        // 5.2.4 (b)
        byte[] idp = null;
        try
        {
            idp = completeCRL.getExtensionValue(ISSUING_DISTRIBUTION_POINT);
        }
        catch (Exception e)
        {
            throw new AnnotatedException(
                "Issuing distribution point extension value could not be read.",
                e);
        }


        // 5.2.4 (d)


        deltaSelect.setMinCRLNumber(completeCRLNumber == null ? null : completeCRLNumber
            .add(BigInteger.valueOf(1)));


        deltaSelect.setIssuingDistributionPoint(idp);
        deltaSelect.setIssuingDistributionPointEnabled(true);


        // 5.2.4 (c)
        deltaSelect.setMaxBaseCRLNumber(completeCRLNumber);


        // find delta CRLs
        Set temp = CRL_UTIL.findCRLs(deltaSelect, paramsPKIX, currentDate);


        Set result = new HashSet();

View Full Code Here

     */
    protected static Set getCompleteCRLs(DistributionPoint dp, Object cert,
                                         Date currentDate, ExtendedPKIXParameters paramsPKIX)
        throws AnnotatedException
    {
        X509CRLStoreSelector crlselect = new X509CRLStoreSelector();
        try
        {
            Set issuers = new HashSet();
            if (cert instanceof X509AttributeCertificate)
            {
                issuers.add(((X509AttributeCertificate)cert)
                    .getIssuer().getPrincipals()[0]);
            }
            else
            {
                issuers.add(getEncodedIssuerPrincipal(cert));
            }
            CertPathValidatorUtilities.getCRLIssuersFromDistributionPoint(dp, issuers, crlselect, paramsPKIX);
        }
        catch (AnnotatedException e)
        {
            throw new AnnotatedException(
                "Could not get issuer information from distribution point.", e);
        }
        if (cert instanceof X509Certificate)
        {
            crlselect.setCertificateChecking((X509Certificate)cert);
        }
        else if (cert instanceof X509AttributeCertificate)
        {
            crlselect.setAttrCertificateChecking((X509AttributeCertificate)cert);
        }




        crlselect.setCompleteCRLEnabled(true);


        Set crls = CRL_UTIL.findCRLs(crlselect, paramsPKIX, currentDate);


        if (crls.isEmpty())
        {

View Full Code Here

        X509Certificate cert,
        X509CRL crl)
        throws AnnotatedException
    {
        Set deltaSet = new HashSet();
        X509CRLStoreSelector crlselect = new X509CRLStoreSelector();
        crlselect.setCertificateChecking(cert);


        try
        {
            crlselect.addIssuerName(crl.getIssuerX500Principal().getEncoded());
        }
        catch (IOException e)
        {
            throw new AnnotatedException("Cannot extract issuer from CRL." + e, e);
        }


        crlselect.setCompleteCRLEnabled(true);
        Set completeSet = CRL_UTIL.findCRLs(crlselect, paramsPKIX, currentDate);


        if (paramsPKIX.isUseDeltasEnabled())
        {
            // get delta CRL(s)

View Full Code Here

    {
        if (!(selector instanceof X509CRLStoreSelector))
        {
            return Collections.EMPTY_SET;
        }
        X509CRLStoreSelector xselector = (X509CRLStoreSelector)selector;
        Set set = new HashSet();
        // test only delta CRLs should be selected
        if (xselector.isDeltaCRLIndicatorEnabled())
        {
            set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
        }
        // nothing specified
        else

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.bouncycastle.x509.X509V2AttributeCertificate

org.bouncycastle.asn1.ASN1EncodableVector

org.bouncycastle.asn1.ASN1InputStream

org.bouncycastle.asn1.ASN1Integer

org.bouncycastle.asn1.ASN1ObjectIdentifier

org.bouncycastle.asn1.ASN1Primitive

org.bouncycastle.asn1.ASN1Sequence

org.bouncycastle.asn1.DERBitString

org.bouncycastle.asn1.DERGeneralizedTime

org.bouncycastle.asn1.DERInteger

org.bouncycastle.asn1.DERObjectIdentifier

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.