Package org.bouncycastle.asn1.x509

Examples of org.bouncycastle.asn1.x509.IssuingDistributionPoint

2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
                }
            }

            if (idp != null)
            {
                IssuingDistributionPoint    p = IssuingDistributionPoint.getInstance(idp);
                BasicConstraints bc = null;
                try
                {
                    bc = BasicConstraints.getInstance(getExtensionValue(cert, BASIC_CONSTRAINTS));
                }
                catch (AnnotatedException ae)
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlBCExtError");
                    throw new CertPathReviewerException(msg,ae);
                }
               
                if (p.onlyContainsUserCerts() && (bc != null && bc.isCA()))
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyUserCert");
                    throw new CertPathReviewerException(msg);
                }
               
                if (p.onlyContainsCACerts() && (bc == null || !bc.isCA()))
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyCaCert");
                    throw new CertPathReviewerException(msg);
                }
               
                if (p.onlyContainsAttributeCerts())
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyAttrCert");
                    throw new CertPathReviewerException(msg);
                }
            }
View Full Code Here
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
                }
            }

            if (idp != null)
            {
                IssuingDistributionPoint    p = IssuingDistributionPoint.getInstance(idp);
                BasicConstraints bc = null;
                try
                {
                    bc = BasicConstraints.getInstance(getExtensionValue(cert, BASIC_CONSTRAINTS));
                }
                catch (AnnotatedException ae)
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlBCExtError");
                    throw new CertPathReviewerException(msg,ae);
                }
               
                if (p.onlyContainsUserCerts() && (bc != null && bc.isCA()))
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyUserCert");
                    throw new CertPathReviewerException(msg);
                }
               
                if (p.onlyContainsCACerts() && (bc == null || !bc.isCA()))
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyCaCert");
                    throw new CertPathReviewerException(msg);
                }
               
                if (p.onlyContainsAttributeCerts())
                {
                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyAttrCert");
                    throw new CertPathReviewerException(msg);
                }
            }
View Full Code Here
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
                    }
                }
   
                if (idp != null)
                {
                    IssuingDistributionPoint    p = IssuingDistributionPoint.getInstance(idp);
                    BasicConstraints    bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue(cert, BASIC_CONSTRAINTS));
                   
                    if (p.onlyContainsUserCerts() && (bc != null && bc.isCA()))
                    {
                        throw new AnnotatedException("CA Cert CRL only contains user certificates");
                    }
                   
                    if (p.onlyContainsCACerts() && (bc == null || !bc.isCA()))
                    {
                        throw new AnnotatedException("End CRL only contains CA certificates");
                    }
                   
                    if (p.onlyContainsAttributeCerts())
                    {
                        throw new AnnotatedException("onlyContainsAttributeCerts boolean is asserted");
                    }
                }
            }
View Full Code Here
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
    }

    protected static void processCRLB2(DistributionPoint dp,
            Object cert, X509CRL crl) throws AnnotatedException
        {
            IssuingDistributionPoint idp = null;
            try
            {
                idp = IssuingDistributionPoint
                    .getInstance(CertPathValidatorUtilities.getExtensionValue(crl,
                        ISSUING_DISTRIBUTION_POINT));
            }
            catch (Exception e)
            {
                throw new AnnotatedException(
                    "Issuing distribution point extension could not be decoded.", e);
            }
            // distribution point name is present
            if (idp != null && idp.getDistributionPoint() != null)
            {
                // make list of names
                DistributionPointName dpName = IssuingDistributionPoint
                    .getInstance(idp).getDistributionPoint();
                List names = new ArrayList();
                if (dpName.getType() == DistributionPointName.FULL_NAME)
                {
                    GeneralName[] genNames = GeneralNames.getInstance(
                        dpName.getName()).getNames();
                    for (int j = 0; j < genNames.length; j++)
                    {
                        names.add(genNames[j].getDEREncoded());
                    }
                }
                boolean matches = false;
                // verify that one of the names in the IDP matches one
                // of the names in the DP.
                if (dp.getDistributionPoint() != null)
                {
                    dpName = dp.getDistributionPoint();
                    if (dpName.getType() == DistributionPointName.FULL_NAME)
                    {
                        GeneralName[] genNames = GeneralNames.getInstance(
                            dpName.getName()).getNames();
                        for (int j = 0; j < genNames.length; j++)
                        {
                            if (names.contains(genNames[j]))
                            {
                                matches = true;
                                break;
                            }
                        }
                    }
                    if (!matches)
                    {
                        throw new AnnotatedException(
                            "None of the names in the CRL issuing distribution point matches one "
                                + "of the names in a distributionPoint field of the certificate CRL distribution point.");
                    }
                }
                // verify that one of the names in
                // the IDP matches one of the names in the cRLIssuer field of
                // the DP
                else
                {
                    if (dp.getCRLIssuer() == null)
                    {
                        throw new AnnotatedException(
                            "Either the cRLIssuer or the distributionPoint field must "
                                + "be contained in DistributionPoint.");
                    }
                    GeneralName[] genNames = dp.getCRLIssuer().getNames();
                    for (int j = 0; j < genNames.length; j++)
                    {
                        if (names.contains(genNames[j]))
                        {
                            matches = true;
                            break;
                        }
                    }
                    if (!matches)
                    {
                        throw new AnnotatedException(
                            "None of the names in the CRL issuing distribution point matches one "
                                + "of the names in a cRLIssuer field of the certificate CRL distribution point.");
                    }
                }
                BasicConstraints bc = null;
                try
                {
                    bc = BasicConstraints.getInstance(CertPathValidatorUtilities
                        .getExtensionValue((java.security.cert.X509Extension)cert, BASIC_CONSTRAINTS));
                }
                catch (Exception e)
                {
                    throw new AnnotatedException(
                                "Basic constraints extension could not be decoded.",
                                e);
                }

                if (cert instanceof X509Certificate)
                {
                    // (b) (ii)
                    if (idp.onlyContainsUserCerts() && (bc != null && bc.isCA()))
                    {
                        throw new AnnotatedException(
                            "CA Cert CRL only contains user certificates.");
                    }

                    // (b) (iii)
                    if (idp.onlyContainsCACerts() && (bc == null || !bc.isCA()))
                    {
                        throw new AnnotatedException(
                            "End CRL only contains CA certificates.");
                    }
                }

                // (b) (iv)
                if (idp.onlyContainsAttributeCerts())
                {
                    throw new AnnotatedException(
                        "onlyContainsAttributeCerts boolean is asserted.");
                }
            }
View Full Code Here
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
        }

        protected static ReasonsMask processCRLD(X509CRL crl, DistributionPoint dp)
            throws AnnotatedException
        {
            IssuingDistributionPoint idp = null;
            try
            {
                idp = IssuingDistributionPoint
                    .getInstance(CertPathValidatorUtilities.getExtensionValue(crl,
                        ISSUING_DISTRIBUTION_POINT));
            }
            catch (Exception e)
            {
                throw new AnnotatedException(
                    "Issuing distribution point extension could not be decoded.", e);
            }
            // (d) (1)
            if (idp != null && idp.getOnlySomeReasons() != null
                && dp.getReasons() != null)
            {
                return new ReasonsMask(dp.getReasons().intValue())
                    .intersect(new ReasonsMask(idp.getOnlySomeReasons().intValue()));
            }
            // (d) (4)
            if ((idp == null || idp.getOnlySomeReasons() == null)
                && dp.getReasons() == null)
            {
                return ReasonsMask.allReasons;
            }
            // (d) (2) and (d)(3)
            return (dp.getReasons() == null ? ReasonsMask.allReasons
                : new ReasonsMask(dp.getReasons().intValue()))
                .intersect(idp == null ? ReasonsMask.allReasons : new ReasonsMask(
                    idp.getOnlySomeReasons().intValue()));

        }
View Full Code Here
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
         * @throws AnnotatedException if an exception occurs.
         */
        protected static void processCRLC(X509CRL deltaCRL, X509CRL completeCRL,
            ExtendedPKIXParameters pkixParams) throws AnnotatedException
        {
            IssuingDistributionPoint completeidp = null;
            try
            {
                completeidp = IssuingDistributionPoint
                    .getInstance(CertPathValidatorUtilities.getExtensionValue(
                        completeCRL,
                        ISSUING_DISTRIBUTION_POINT));
            }
            catch (Exception e)
            {
                throw new AnnotatedException(
                    "Issuing distribution point extension could not be decoded.", e);
            }

            if (pkixParams.isUseDeltasEnabled())
            {

                // (c) (1)
                if (!deltaCRL.getIssuerX500Principal().equals(
                    completeCRL.getIssuerX500Principal()))
                {
                    throw new AnnotatedException(
                        "Complete CRL issuer does not match delta CRL issuer.");
                }

                // (c) (2)
                if (completeidp != null)
                {

                    IssuingDistributionPoint deltaidp = null;
                    try
                    {
                        deltaidp = IssuingDistributionPoint
                            .getInstance(CertPathValidatorUtilities
                                .getExtensionValue(deltaCRL,
View Full Code Here
50
51
52
53
54
55
56
        this.usage = usage;
    }

    public DERObject getDERObject()
    {
        return new KeyUsage(usage);
    }
View Full Code Here
588
589
590
591
592
593
594
595
596
597
598
                        {
                            buf.append(new BasicConstraints((ASN1Sequence)dIn.readObject()) + nl);
                        }
                        else if (oid.equals(X509Extensions.KeyUsage))
                        {
                            buf.append(new KeyUsage((DERBitString)dIn.readObject()) + nl);
                        }
                        else if (oid.equals(MiscObjectIdentifiers.netscapeCertType))
                        {
                            buf.append(new NetscapeCertType((DERBitString)dIn.readObject()) + nl);
                        }
View Full Code Here
45
46
47
48
49
50
51
52
53
54
55
56
57
58
    JCERSAPublicKey(
        SubjectPublicKeyInfo    info)
    {
        try
        {
            RSAPublicKeyStructure   pubKey = new RSAPublicKeyStructure((ASN1Sequence)info.getPublicKey());

            this.modulus = pubKey.getModulus();
            this.publicExponent = pubKey.getPublicExponent();
    }
        catch (IOException e)
        {
      throw new IllegalArgumentException("invalid info structure in RSA public key");
        }
View Full Code Here
90
91
92
93
94
95
96
97
98
99
100
    public byte[] getEncoded()
    {
        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
        DEROutputStream         dOut = new DEROutputStream(bOut);
        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, new DERNull()), new RSAPublicKeyStructure(getModulus(), getPublicExponent()).getDERObject());

        try
        {
            dOut.writeObject(info);
            dOut.close();
View Full Code Here
TOP

Related Classes of org.bouncycastle.asn1.x509.IssuingDistributionPoint

  • net.sf.libpdfsign.CRLDownloader
  • net.sf.libpdfsign.OCSPClient
  • org.apache.geronimo.util.asn1.ASN1TaggedObject
  • org.bouncycastle.asn1.ASN1Encodable
  • org.bouncycastle.asn1.ASN1EncodableVector
  • org.bouncycastle.asn1.ASN1Enumerated
  • org.bouncycastle.asn1.ASN1InputStream
  • org.bouncycastle.asn1.ASN1Integer
  • org.bouncycastle.asn1.ASN1ObjectIdentifier
  • org.bouncycastle.asn1.ASN1Primitive
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.