/**
* returns the ICP-BRASIL Level Certificate(A1, A2, A3, A4, S1, S2, S3, S4).<br>
* DOC-ICP-04 Returns the <b>null</b> value if the CertificatePolicies is NOT present.
*
* @return String
*/
public String getNivelCertificado() {
try {
DERSequence seq = (DERSequence) getExtensionValue(X509Extensions.CertificatePolicies.getId());
if (seq == null) {
return null;
}
for (int pos = 0; pos < seq.size(); pos++) {
ASN1ObjectIdentifier o = (ASN1ObjectIdentifier) seq.getObjectAt(pos);
PolicyInformation pol = new PolicyInformation(o);
// new PolicyInformation(
// PolicyInformation pol = new PolicyInformation((DERSequence)
// seq.getObjectAt(pos));
String id = pol.getPolicyIdentifier().getId();
if (id == null) {
continue;
}
if (id.startsWith(OID_A1_CERTIFICATE)) {
return "A1";
}
if (id.startsWith(OID_A2_CERTIFICATE)) {
return "A2";
}
if (id.startsWith(OID_A3_CERTIFICATE)) {
return "A3";
}
if (id.startsWith(OID_A4_CERTIFICATE)) {
return "A4";
}
if (id.startsWith(OID_S1_CERTIFICATE)) {
return "S1";
}
if (id.startsWith(OID_S2_CERTIFICATE)) {
return "S2";
}
if (id.startsWith(OID_S3_CERTIFICATE)) {
return "S3";
}
if (id.startsWith(OID_S4_CERTIFICATE)) {
return "S4";
}
}
return null;
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
private void selectPolicyInformationInTable(PolicyInformation policyInfo) {
for (int i = 0; i < jtPolicyInformation.getRowCount(); i++) {
if (policyInfo.equals(jtPolicyInformation.getValueAt(i, 0))) {
jtPolicyInformation.changeSelection(i, 0, false, false);
return;
}
}
}
protected static void prepareNextCertB1(
int i, List[] policyNodes, String id_p, Map m_idp, X509Certificate cert)
throws AnnotatedException, CertPathValidatorException {
boolean idp_found = false;
Iterator nodes_i = policyNodes[i].iterator();
while (nodes_i.hasNext()) {
PKIXPolicyNode node = (PKIXPolicyNode) nodes_i.next();
if (node.getValidPolicy().equals(id_p)) {
idp_found = true;
node.expectedPolicies = (Set) m_idp.get(id_p);
break;
}
}
if (!idp_found) {
nodes_i = policyNodes[i].iterator();
while (nodes_i.hasNext()) {
PKIXPolicyNode node = (PKIXPolicyNode) nodes_i.next();
if (ANY_POLICY.equals(node.getValidPolicy())) {
Set pq = null;
ASN1Sequence policies = (ASN1Sequence) getExtensionValue(cert, CERTIFICATE_POLICIES);
Enumeration e = policies.getObjects();
while (e.hasMoreElements()) {
PolicyInformation pinfo = PolicyInformation.getInstance(e.nextElement());
if (ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId())) {
pq = getQualifierSet(pinfo.getPolicyQualifiers());
break;
}
}
boolean ci = false;
if (cert.getCriticalExtensionOIDs() != null) {
ci = cert.getCriticalExtensionOIDs().contains(CERTIFICATE_POLICIES);
}
PKIXPolicyNode p_node = (PKIXPolicyNode) node.getParent();
if (ANY_POLICY.equals(p_node.getValidPolicy())) {
PKIXPolicyNode c_node =
new PKIXPolicyNode(new ArrayList(), i, (Set) m_idp.get(id_p), p_node, pq, id_p, ci);
p_node.addChild(c_node);
policyNodes[i].add(c_node);
}
break;
}
}
}
}
/**
* Reads the value of the <code>CertificatePolicies</code> extension field of the certificate.
*
* @return List of certificate policies defined on certificate or null if the certificate does not
* define the field.
*/
public List<PolicyInformation> readCertificatePolicies() {
final ASN1Encodable data = read(ExtensionType.CertificatePolicies);
if (data == null) {
return null;
}
final ASN1Sequence sequence = ASN1Sequence.getInstance(data);
final List<PolicyInformation> list = new ArrayList<>(sequence.size());
for (int i = 0; i < sequence.size(); i++) {
list.add(PolicyInformation.getInstance(sequence.getObjectAt(i)));
}
return list;
}
private static boolean certHasPolicy(X509Certificate cert, String sOid) {
try {
if (m_logger.isDebugEnabled())
m_logger.debug("Read cert policies: " + cert.getSerialNumber().toString());
ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
ASN1InputStream aIn = new ASN1InputStream(bIn);
ASN1Sequence seq = (ASN1Sequence) aIn.readObject();
X509CertificateStructure obj = new X509CertificateStructure(seq);
TBSCertificateStructure tbsCert = obj.getTBSCertificate();
if (tbsCert.getVersion() == 3) {
X509Extensions ext = tbsCert.getExtensions();
if (ext != null) {
Enumeration en = ext.oids();
while (en.hasMoreElements()) {
DERObjectIdentifier oid = (DERObjectIdentifier) en.nextElement();
X509Extension extVal = ext.getExtension(oid);
ASN1OctetString oct = extVal.getValue();
ASN1InputStream extIn = new ASN1InputStream(new ByteArrayInputStream(oct.getOctets()));
// if (oid.equals(X509Extensions.CertificatePolicies)) { // bc 146 ja jdk 1.6 puhul -
// X509Extension.certificatePolicies
if (oid.equals(X509Extension.certificatePolicies)) { // bc 146 ja jdk 1.6 puhul -
// X509Extension.certificatePolicies
ASN1Sequence cp = (ASN1Sequence) extIn.readObject();
for (int i = 0; i != cp.size(); i++) {
PolicyInformation pol = PolicyInformation.getInstance(cp.getObjectAt(i));
DERObjectIdentifier dOid = pol.getPolicyIdentifier();
String soid2 = dOid.getId();
if (m_logger.isDebugEnabled()) m_logger.debug("Policy: " + soid2);
if (soid2.startsWith(sOid)) return true;
}
}
}
}
}
} catch (Exception ex) {
m_logger.error("Error reading cert policies: " + ex);
}
return false;
}
