org.bouncycastle.asn1.x509.ReasonFlags Java Examples

The following examples show how to use org.bouncycastle.asn1.x509.ReasonFlags. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CrlDistPointExtension.java    From java-certificate-authority with Apache License 2.0 5 votes vote down vote up 
public static CrlDistPointExtension create(final NameType distribPointNameType,
    final String distribPointName,
    final NameType crlIssuerNameType,
    final String crlIssuer,
    final ReasonFlags reasons) {
  final DistributionPointName dp = new DistributionPointName(
      distribPointNameType.generalNames(distribPointName));
  final GeneralNames crl;
  if (crlIssuerNameType != null && crlIssuer != null) {
    crl = crlIssuerNameType.generalNames(crlIssuer);
  } else {
    crl = null;
  }
  return create(dp, reasons, crl);
}
Example #2
Source File: X509Ext.java    From portecle with GNU General Public License v2.0 4 votes vote down vote up 
/**
 * Get extension value for CRL Distribution Points as a string.
 *
 * @param bValue The octet string value
 * @return Extension value as a string
 * @throws IOException If an I/O problem occurs
 */
private String getCrlDistributionPointsStringValue(byte[] bValue)
    throws IOException
{
	CRLDistPoint dps = CRLDistPoint.getInstance(bValue);
	DistributionPoint[] points = dps.getDistributionPoints();

	StringBuilder sb = new StringBuilder();
	sb.append("<ul>");

	for (DistributionPoint point : points)
	{
		DistributionPointName dpn;
		if ((dpn = point.getDistributionPoint()) != null)
		{
			sb.append("<li>");
			switch (dpn.getType())
			{
				case DistributionPointName.FULL_NAME:
					sb.append(RB.getString("CrlDistributionPoint.0.0"));
					sb.append(": ");
					sb.append(getGeneralNamesString((GeneralNames) dpn.getName(), LinkClass.CRL));
					break;
				case DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER:
					sb.append(RB.getString("CrlDistributionPoint.0.1"));
					sb.append(": ");
					// TODO: need better decode?
					sb.append(stringify(dpn.getName()));
					break;
				default:
					sb.append(RB.getString("UnknownCrlDistributionPointName"));
					sb.append(": ");
					sb.append(stringify(dpn.getName()));
					break;
			}
			sb.append("</li>");
		}

		ReasonFlags flags;
		if ((flags = point.getReasons()) != null)
		{
			sb.append("<li>");
			sb.append(RB.getString("CrlDistributionPoint.1"));
			sb.append(": ");
			// TODO: decode
			sb.append(stringify(flags));
			sb.append("</li>");
		}

		GeneralNames issuer;
		if ((issuer = point.getCRLIssuer()) != null)
		{
			sb.append("<li>");
			sb.append(RB.getString("CrlDistributionPoint.2"));
			sb.append(": ");
			sb.append(getGeneralNamesString(issuer, LinkClass.CRL));
			sb.append("</li>");
		}
	}

	sb.append("</ul>");
	return sb.toString();
}
Example #3
Source File: X509Ext.java    From keystore-explorer with GNU General Public License v3.0 4 votes vote down vote up 
private String getIssuingDistributionPointStringValue(byte[] value) throws IOException {
	// @formatter:off

	/*
	 * IssuingDistributionPoint ::= ASN1Sequence {
	 *     distributionPoint [0] DistributionPointName OPTIONAL,
	 *     onlyContainsUserCerts [1] ASN1Boolean DEFAULT FALSE,
	 *     onlyContainsCACerts [2] ASN1Boolean DEFAULT FALSE,
	 *     onlySomeReasons [3] ReasonFlags OPTIONAL,
	 *     indirectCRL [4] ASN1Boolean DEFAULT FALSE,
	 *     onlyContainsAttributeCerts [5] ASN1Boolean DEFAULT FALSE }
	 */

	// @formatter:on

	/*
	 * Getting any DEFAULTS returns a false ASN1Boolean when no value
	 * present which saves the bother of a null check
	 */

	StringBuilder sb = new StringBuilder();

	IssuingDistributionPoint issuingDistributionPoint = IssuingDistributionPoint.getInstance(value);

	DistributionPointName distributionPointName = issuingDistributionPoint.getDistributionPoint();

	if (distributionPointName != null) { // Optional
		sb.append(getDistributionPointNameString(distributionPointName, ""));
	}

	boolean onlyContainsUserCerts = issuingDistributionPoint.onlyContainsUserCerts();
	sb.append(MessageFormat.format(res.getString("OnlyContainsUserCerts"), onlyContainsUserCerts));
	sb.append(NEWLINE);

	boolean onlyContainsCaCerts = issuingDistributionPoint.onlyContainsCACerts();
	sb.append(MessageFormat.format(res.getString("OnlyContainsCaCerts"), onlyContainsCaCerts));
	sb.append(NEWLINE);

	ReasonFlags onlySomeReasons = issuingDistributionPoint.getOnlySomeReasons();
	if (onlySomeReasons != null) {// Optional
		sb.append(res.getString("OnlySomeReasons"));
		sb.append(NEWLINE);

		String[] reasonFlags = getReasonFlagsStrings(onlySomeReasons);

		for (String reasonFlag : reasonFlags) {
			sb.append(INDENT);
			sb.append(reasonFlag);
			sb.append(NEWLINE);
		}
	}

	boolean indirectCrl = issuingDistributionPoint.isIndirectCRL();
	sb.append(MessageFormat.format(res.getString("IndirectCrl"), indirectCrl));
	sb.append(NEWLINE);

	boolean onlyContainsAttributeCerts = issuingDistributionPoint.onlyContainsAttributeCerts();
	sb.append(MessageFormat.format(res.getString("OnlyContainsAttributeCerts"), onlyContainsAttributeCerts));
	sb.append(NEWLINE);

	return sb.toString();
}
Example #4
Source File: X509Ext.java    From keystore-explorer with GNU General Public License v3.0 4 votes vote down vote up 
private String getDistributionPointString(DistributionPoint distributionPoint, String baseIndent)
		throws IOException {
	// @formatter:off

	/*
	 * DistributionPoint ::= ASN1Sequence {
	 * 		distributionPoint [0] DistributionPointName OPTIONAL,
	 * 		reasons [1] ReasonFlags OPTIONAL,
	 * 		cRLIssuer [2] GeneralNames OPTIONAL
	 * }
	 *
	 * GeneralNames ::= ASN1Sequence SIZE (1..MAX) OF GeneralName
	 */

	// @formatter:on

	StringBuilder sb = new StringBuilder();

	DistributionPointName distributionPointName = distributionPoint.getDistributionPoint();
	ReasonFlags reasons = distributionPoint.getReasons();
	GeneralNames crlIssuer = distributionPoint.getCRLIssuer();

	if (distributionPointName != null) { // Optional
		sb.append(getDistributionPointNameString(distributionPointName, baseIndent));
	}

	if (reasons != null) { // Optional
		sb.append(baseIndent);
		sb.append(res.getString("DistributionPointReasons"));
		sb.append(NEWLINE);

		String[] reasonFlags = getReasonFlagsStrings(reasons);

		for (String reasonFlag : reasonFlags) {
			sb.append(baseIndent);
			sb.append(INDENT);
			sb.append(reasonFlag);
			sb.append(NEWLINE);
		}
	}

	if (crlIssuer != null) { // Optional
		sb.append(baseIndent);
		sb.append(res.getString("DistributionPointCrlIssuer"));
		sb.append(NEWLINE);

		for (GeneralName generalName : crlIssuer.getNames()) {
			sb.append(baseIndent);
			sb.append(INDENT);
			sb.append(GeneralNameUtil.toString(generalName));
			sb.append(NEWLINE);
		}
	}

	return sb.toString();
}
Example #5
Source File: X509Ext.java    From keystore-explorer with GNU General Public License v3.0 4 votes vote down vote up 
private String[] getReasonFlagsStrings(ReasonFlags reasonFlags) throws IOException {
	// @formatter:off

	/*
	 * ReasonFlags ::= BIT STRING { unused(0), keyCompromise(1),
	 * cACompromise(2), affiliationChanged(3), superseded(4),
	 * cessationOfOperation(5), certificateHold(6), privilegeWithdrawn(7),
	 * aACompromise(8)}
	 */

	// @formatter:on

	List<String> reasonFlagsList = new ArrayList<>();

	DERBitString reasonFlagsBitString = (DERBitString) reasonFlags.toASN1Primitive();

	int reasonFlagsInt = reasonFlagsBitString.intValue();

	// Go through bit string adding reason flags found to be true
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.unused)) {
		reasonFlagsList.add(res.getString("UnusedReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.keyCompromise)) {
		reasonFlagsList.add(res.getString("KeyCompromiseReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.cACompromise)) {
		reasonFlagsList.add(res.getString("CaCompromiseReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.affiliationChanged)) {
		reasonFlagsList.add(res.getString("AffiliationChangedReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.superseded)) {
		reasonFlagsList.add(res.getString("SupersededReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.cessationOfOperation)) {
		reasonFlagsList.add(res.getString("CessationOfOperationReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.certificateHold)) {
		reasonFlagsList.add(res.getString("CertificateHoldReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.privilegeWithdrawn)) {
		reasonFlagsList.add(res.getString("PrivilegeWithdrawnReasonFlag"));
	}
	if (hasReasonFlag(reasonFlagsInt, ReasonFlags.aACompromise)) {
		reasonFlagsList.add(res.getString("AaCompromiseReasonFlag"));
	}

	return reasonFlagsList.toArray(new String[reasonFlagsList.size()]);
}
Example #6
Source File: CrlDistPointExtension.java    From java-certificate-authority with Apache License 2.0 4 votes vote down vote up 
public static CrlDistPointExtension create(final DistributionPointName distributionPoint,
    final ReasonFlags reasons,
    final GeneralNames cRLIssuer) {
  final DistributionPoint p = new DistributionPoint(distributionPoint, reasons, cRLIssuer);
  return create(p);
}
Example #7
Source File: CRLValidity.java    From dss with GNU Lesser General Public License v2.1 4 votes vote down vote up 
public void setReasonFlags(ReasonFlags reasonFlags) {
	this.onlySomeReasonFlags = reasonFlags;
}