Java Code Examples for org.bouncycastle.asn1.x509.PolicyInformation#getPolicyQualifiers()

The following examples show how to use org.bouncycastle.asn1.x509.PolicyInformation#getPolicyQualifiers() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DPolicyInformationChooser.java    From keystore-explorer with GNU General Public License v3.0 6 votes vote down vote up
private void populate(PolicyInformation policyInformation) throws IOException {
	if (policyInformation != null) {
		joiPolicyIdentifier.setObjectId(policyInformation.getPolicyIdentifier());

		ASN1Sequence policyQualifierInfoSeq = policyInformation.getPolicyQualifiers();

		if (policyQualifierInfoSeq != null) {
			List<PolicyQualifierInfo> policyQualifierInfo = new ArrayList<PolicyQualifierInfo>();

			for (int i = 0; i < policyQualifierInfoSeq.size(); i++) {
				PolicyQualifierInfo policyQualInfo = PolicyQualifierInfo.getInstance(
						policyQualifierInfoSeq.getObjectAt(i));
				policyQualifierInfo.add(policyQualInfo);
			}

			jpqPolicyQualifiers.setPolicyQualifierInfo(policyQualifierInfo);
		}
	}
}
 
Example 2
Source File: PolicyInformationUtil.java    From keystore-explorer with GNU General Public License v3.0 5 votes vote down vote up
/**
 * Get string representation of policy information.
 *
 * @param policyInformation
 *            Policy information
 * @return String representation of policy information
 * @throws IOException
 *             If policy information is invalid
 */
public static String toString(PolicyInformation policyInformation) throws IOException {
	StringBuffer sbPolicyInformation = new StringBuffer();

	ASN1ObjectIdentifier policyIdentifier = policyInformation.getPolicyIdentifier();

	sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyIdentifier"),
			policyIdentifier.getId()));

	ASN1Sequence policyQualifiers = policyInformation.getPolicyQualifiers();

	if (policyQualifiers != null) {
		sbPolicyInformation.append(", ");

		StringBuffer sbPolicyQualifiers = new StringBuffer();

		for (int i = 0; i < policyQualifiers.size(); i++) {
			PolicyQualifierInfo policyQualifierInfo =
					PolicyQualifierInfo.getInstance(policyQualifiers.getObjectAt(i));

			sbPolicyQualifiers.append(toString(policyQualifierInfo));

			if ((i + 1) < policyQualifiers.size()) {
				sbPolicyQualifiers.append(", ");
			}
		}

		sbPolicyInformation.append(MessageFormat.format(res.getString("PolicyInformationUtil.PolicyQualifiers"),
				sbPolicyQualifiers));
	}

	return sbPolicyInformation.toString();
}
 
Example 3
Source File: DSSASN1Utils.java    From dss with GNU Lesser General Public License v2.1 5 votes vote down vote up
public static List<CertificatePolicy> getCertificatePolicies(final CertificateToken certToken) {
	List<CertificatePolicy> certificatePolicies = new ArrayList<>();
	final byte[] certificatePoliciesBinaries = certToken.getCertificate().getExtensionValue(Extension.certificatePolicies.getId());
	if (Utils.isArrayNotEmpty(certificatePoliciesBinaries)) {
		try {
			ASN1Sequence seq = getAsn1SequenceFromDerOctetString(certificatePoliciesBinaries);
			for (int ii = 0; ii < seq.size(); ii++) {
				CertificatePolicy cp = new CertificatePolicy();
				final PolicyInformation policyInfo = PolicyInformation.getInstance(seq.getObjectAt(ii));
				cp.setOid(policyInfo.getPolicyIdentifier().getId());
				ASN1Sequence policyQualifiersSeq = policyInfo.getPolicyQualifiers();
				if (policyQualifiersSeq != null) {
					for (int jj = 0; jj < policyQualifiersSeq.size(); jj++) {
						PolicyQualifierInfo pqi = PolicyQualifierInfo.getInstance(policyQualifiersSeq.getObjectAt(jj));
						if (PolicyQualifierId.id_qt_cps.equals(pqi.getPolicyQualifierId())) {
							cp.setCpsUrl(getString(pqi.getQualifier()));
						}
					}
				}
				certificatePolicies.add(cp);
			}
		} catch (Exception e) {
			LOG.warn("Unable to parse the certificatePolicies extension '{}' : {}", Utils.toBase64(certificatePoliciesBinaries), e.getMessage(), e);
		}
	}
	return certificatePolicies;
}
 
Example 4
Source File: ExtensionsChecker.java    From xipki with Apache License 2.0 4 votes vote down vote up
private void checkExtnCertificatePolicies(StringBuilder failureMsg, byte[] extensionValue,
    Extensions requestedExtns, ExtensionControl extControl) {
  CertificatePolicies conf = certificatePolicies;
  if (conf == null) {
    checkConstantExtnValue(Extension.certificatePolicies, failureMsg, extensionValue,
        requestedExtns, extControl);
    return;
  }

  Map<String, CertificatePolicyInformationType> expPoliciesMap = new HashMap<>();
  for (CertificatePolicyInformationType cp : conf.getCertificatePolicyInformations()) {
    expPoliciesMap.put(cp.getPolicyIdentifier().getOid(), cp);
  }
  Set<String> expPolicyIds = new HashSet<>(expPoliciesMap.keySet());

  org.bouncycastle.asn1.x509.CertificatePolicies asn1 =
      org.bouncycastle.asn1.x509.CertificatePolicies.getInstance(extensionValue);
  PolicyInformation[] isPolicyInformations = asn1.getPolicyInformation();

  for (PolicyInformation isPolicyInformation : isPolicyInformations) {
    ASN1ObjectIdentifier isPolicyId = isPolicyInformation.getPolicyIdentifier();
    expPolicyIds.remove(isPolicyId.getId());
    CertificatePolicyInformationType expCp = expPoliciesMap.get(isPolicyId.getId());
    if (expCp == null) {
      failureMsg.append("certificate policy '").append(isPolicyId).append("' is not expected; ");
      continue;
    }

    List<PolicyQualifier> expCpPq = expCp.getPolicyQualifiers();
    if (CollectionUtil.isEmpty(expCpPq)) {
      continue;
    }

    ASN1Sequence isPolicyQualifiers = isPolicyInformation.getPolicyQualifiers();
    List<String> isCpsUris = new LinkedList<>();
    List<String> isUserNotices = new LinkedList<>();

    int size = isPolicyQualifiers.size();
    for (int i = 0; i < size; i++) {
      PolicyQualifierInfo isPolicyQualifierInfo =
          PolicyQualifierInfo.getInstance(isPolicyQualifiers.getObjectAt(i));
      ASN1ObjectIdentifier isPolicyQualifierId = isPolicyQualifierInfo.getPolicyQualifierId();
      ASN1Encodable isQualifier = isPolicyQualifierInfo.getQualifier();
      if (PolicyQualifierId.id_qt_cps.equals(isPolicyQualifierId)) {
        String isCpsUri = DERIA5String.getInstance(isQualifier).getString();
        isCpsUris.add(isCpsUri);
      } else if (PolicyQualifierId.id_qt_unotice.equals(isPolicyQualifierId)) {
        UserNotice isUserNotice = UserNotice.getInstance(isQualifier);
        if (isUserNotice.getExplicitText() != null) {
          isUserNotices.add(isUserNotice.getExplicitText().getString());
        }
      }
    }

    for (PolicyQualifier qualifierInfo : expCpPq) {
      String value = qualifierInfo.getValue();
      switch (qualifierInfo.getType()) {
        case cpsUri:
          if (!isCpsUris.contains(value)) {
            failureMsg.append("CPSUri '").append(value).append("' is absent but is required; ");
          }
          continue;
        case userNotice:
          if (!isUserNotices.contains(value)) {
            failureMsg.append("userNotice '").append(value)
              .append("' is absent but is required; ");
          }
          continue;
        default:
          throw new IllegalStateException("should not reach here");
      }
    }
  }

  for (String policyId : expPolicyIds) {
    failureMsg.append("certificate policy '").append(policyId)
      .append("' is absent but is required; ");
  }
}