summary refs log tree commit diff
diff options
context:
space:
mode:
authorPeter Dettman <peter.dettman@bouncycastle.org>2015-11-10 13:09:14 +0700
committerPeter Dettman <peter.dettman@bouncycastle.org>2015-11-10 13:09:14 +0700
commit077d073d23766583391b8241e8db262bc8619b5d (patch)
tree7d5c38b0b9d4b971ef4be9c8db5feab56884553c
parentImprove random prime constructor (diff)
downloadBouncyCastle.NET-ed25519-077d073d23766583391b8241e8db262bc8619b5d.tar.xz
Add more PkiFailureInfo constants
-rw-r--r--crypto/src/asn1/cmp/PKIFailureInfo.cs114
-rw-r--r--crypto/test/src/asn1/test/PKIFailureInfoTest.cs53
2 files changed, 102 insertions, 65 deletions
diff --git a/crypto/src/asn1/cmp/PKIFailureInfo.cs b/crypto/src/asn1/cmp/PKIFailureInfo.cs
index 1df0e0693..896bf0992 100644
--- a/crypto/src/asn1/cmp/PKIFailureInfo.cs
+++ b/crypto/src/asn1/cmp/PKIFailureInfo.cs
@@ -2,55 +2,79 @@ using System;
 
 namespace Org.BouncyCastle.Asn1.Cmp
 {
-	/**
-	 * <pre>
-	 * PKIFailureInfo ::= BIT STRING {
-	 * badAlg               (0),
-	 *   -- unrecognized or unsupported Algorithm Identifier
-	 * badMessageCheck      (1), -- integrity check failed (e.g., signature did not verify)
-	 * badRequest           (2),
-	 *   -- transaction not permitted or supported
-	 * badTime              (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
-	 * badCertId            (4), -- no certificate could be found matching the provided criteria
-	 * badDataFormat        (5),
-	 *   -- the data submitted has the wrong format
-	 * wrongAuthority       (6), -- the authority indicated in the request is different from the one creating the response token
-	 * incorrectData        (7), -- the requester's data is incorrect (for notary services)
-	 * missingTimeStamp     (8), -- when the timestamp is missing but should be there (by policy)
-	 * badPOP               (9)  -- the proof-of-possession failed
-	 * timeNotAvailable    (14),
-	 *   -- the TSA's time source is not available
-	 * unacceptedPolicy    (15),
-	 *   -- the requested TSA policy is not supported by the TSA
-	 * unacceptedExtension (16),
-	 *   -- the requested extension is not supported by the TSA
-	 *  addInfoNotAvailable (17)
-	 *    -- the additional information requested could not be understood
-	 *    -- or is not available
-	 *  systemFailure       (25)
-	 *    -- the request cannot be handled due to system failure
-	 * </pre>
-	 */
+    /**
+     * <pre>
+     * PKIFailureInfo ::= BIT STRING {
+     * badAlg               (0),
+     *   -- unrecognized or unsupported Algorithm Identifier
+     * badMessageCheck      (1), -- integrity check failed (e.g., signature did not verify)
+     * badRequest           (2),
+     *   -- transaction not permitted or supported
+     * badTime              (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
+     * badCertId            (4), -- no certificate could be found matching the provided criteria
+     * badDataFormat        (5),
+     *   -- the data submitted has the wrong format
+     * wrongAuthority       (6), -- the authority indicated in the request is different from the one creating the response token
+     * incorrectData        (7), -- the requester's data is incorrect (for notary services)
+     * missingTimeStamp     (8), -- when the timestamp is missing but should be there (by policy)
+     * badPOP               (9)  -- the proof-of-possession failed
+     * certRevoked         (10),
+     * certConfirmed       (11),
+     * wrongIntegrity      (12),
+     * badRecipientNonce   (13), 
+     * timeNotAvailable    (14),
+     *   -- the TSA's time source is not available
+     * unacceptedPolicy    (15),
+     *   -- the requested TSA policy is not supported by the TSA
+     * unacceptedExtension (16),
+     *   -- the requested extension is not supported by the TSA
+     * addInfoNotAvailable (17)
+     *   -- the additional information requested could not be understood
+     *   -- or is not available
+     * badSenderNonce      (18),
+     * badCertTemplate     (19),
+     * signerNotTrusted    (20),
+     * transactionIdInUse  (21),
+     * unsupportedVersion  (22),
+     * notAuthorized       (23),
+     * systemUnavail       (24),    
+     * systemFailure       (25),
+     *   -- the request cannot be handled due to system failure
+     * duplicateCertReq    (26) 
+     * </pre>
+     */
 	public class PkiFailureInfo
 		: DerBitString
 	{
-		public const int BadAlg               = (1 << 7); // unrecognized or unsupported Algorithm Identifier
-		public const int BadMessageCheck      = (1 << 6); // integrity check failed (e.g., signature did not verify)
-		public const int BadRequest           = (1 << 5);
-		public const int BadTime              = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy
-		public const int BadCertId            = (1 << 3); // no certificate could be found matching the provided criteria
-		public const int BadDataFormat        = (1 << 2);
-		public const int WrongAuthority       = (1 << 1); // the authority indicated in the request is different from the one creating the response token
-		public const int IncorrectData        = 1;        // the requester's data is incorrect (for notary services)
-		public const int MissingTimeStamp     = (1 << 15); // when the timestamp is missing but should be there (by policy)
-		public const int BadPop               = (1 << 14); // the proof-of-possession failed
-		public const int TimeNotAvailable     = (1 << 9); // the TSA's time source is not available
-		public const int UnacceptedPolicy     = (1 << 8); // the requested TSA policy is not supported by the TSA
-		public const int UnacceptedExtension  = (1 << 23); //the requested extension is not supported by the TSA
-		public const int AddInfoNotAvailable  = (1 << 22); //the additional information requested could not be understood or is not available
-		public const int SystemFailure        = (1 << 30); //the request cannot be handled due to system failure
+        public const int BadAlg               = (1 << 7); // unrecognized or unsupported Algorithm Identifier
+        public const int BadMessageCheck      = (1 << 6); // integrity check failed (e.g., signature did not verify)
+        public const int BadRequest           = (1 << 5);
+        public const int BadTime              = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy
+        public const int BadCertId            = (1 << 3); // no certificate could be found matching the provided criteria
+        public const int BadDataFormat        = (1 << 2);
+        public const int WrongAuthority       = (1 << 1); // the authority indicated in the request is different from the one creating the response token
+        public const int IncorrectData        = 1;        // the requester's data is incorrect (for notary services)
+        public const int MissingTimeStamp     = (1 << 15); // when the timestamp is missing but should be there (by policy)
+        public const int BadPop               = (1 << 14); // the proof-of-possession failed
+        public const int CertRevoked          = (1 << 13);
+        public const int CertConfirmed        = (1 << 12);
+        public const int WrongIntegrity       = (1 << 11);
+        public const int BadRecipientNonce    = (1 << 10);
+        public const int TimeNotAvailable     = (1 << 9); // the TSA's time source is not available
+        public const int UnacceptedPolicy     = (1 << 8); // the requested TSA policy is not supported by the TSA
+        public const int UnacceptedExtension  = (1 << 23); //the requested extension is not supported by the TSA
+        public const int AddInfoNotAvailable  = (1 << 22); //the additional information requested could not be understood or is not available
+        public const int BadSenderNonce       = (1 << 21);
+        public const int BadCertTemplate      = (1 << 20);
+        public const int SignerNotTrusted     = (1 << 19);
+        public const int TransactionIdInUse   = (1 << 18);
+        public const int UnsupportedVersion   = (1 << 17);
+        public const int NotAuthorized        = (1 << 16);
+        public const int SystemUnavail        = (1 << 31);
+        public const int SystemFailure        = (1 << 30); //the request cannot be handled due to system failure
+        public const int DuplicateCertReq     = (1 << 29);
 
-		/**
+        /**
 		 * Basic constructor.
 		 */
 		public PkiFailureInfo(
diff --git a/crypto/test/src/asn1/test/PKIFailureInfoTest.cs b/crypto/test/src/asn1/test/PKIFailureInfoTest.cs
index 734dbbc14..7d51dbb5f 100644
--- a/crypto/test/src/asn1/test/PKIFailureInfoTest.cs
+++ b/crypto/test/src/asn1/test/PKIFailureInfoTest.cs
@@ -11,7 +11,7 @@ using Org.BouncyCastle.Utilities.Test;
 namespace Org.BouncyCastle.Asn1.Tests
 {
 	/**
-	* PKIFailureInfoTest
+	* PkiFailureInfoTest
 	*/
 	[TestFixture]
 	public class PkiFailureInfoTest
@@ -25,12 +25,13 @@ namespace Org.BouncyCastle.Asn1.Tests
 			get { return "PkiFailureInfo"; }
 		}
 
-		private void doTestEncoding()
+        private void DoTestEncoding()
 		{
-			DerBitString bitString = (DerBitString) Asn1Object.FromByteArray(CORRECT_FAILURE_INFO);
+			DerBitString bitString = (DerBitString)Asn1Object.FromByteArray(CORRECT_FAILURE_INFO);
 			PkiFailureInfo correct = new PkiFailureInfo(bitString);
 
-			PkiFailureInfo bug = new PkiFailureInfo(PkiFailureInfo.BadRequest | PkiFailureInfo.BadTime | PkiFailureInfo.BadDataFormat | PkiFailureInfo.IncorrectData);
+			PkiFailureInfo bug = new PkiFailureInfo(
+                PkiFailureInfo.BadRequest | PkiFailureInfo.BadTime | PkiFailureInfo.BadDataFormat | PkiFailureInfo.IncorrectData);
 
 			if (!Arrays.AreEqual(correct.GetDerEncoded(), bug.GetDerEncoded()))
 			{
@@ -40,23 +41,35 @@ namespace Org.BouncyCastle.Asn1.Tests
 
 		public override void PerformTest()
 		{
-			BitStringConstantTester.testFlagValueCorrect(0, PkiFailureInfo.BadAlg);
-			BitStringConstantTester.testFlagValueCorrect(1, PkiFailureInfo.BadMessageCheck);
-			BitStringConstantTester.testFlagValueCorrect(2, PkiFailureInfo.BadRequest);
-			BitStringConstantTester.testFlagValueCorrect(3, PkiFailureInfo.BadTime);
-			BitStringConstantTester.testFlagValueCorrect(4, PkiFailureInfo.BadCertId);
-			BitStringConstantTester.testFlagValueCorrect(5, PkiFailureInfo.BadDataFormat);
-			BitStringConstantTester.testFlagValueCorrect(6, PkiFailureInfo.WrongAuthority);
-			BitStringConstantTester.testFlagValueCorrect(7, PkiFailureInfo.IncorrectData);
-			BitStringConstantTester.testFlagValueCorrect(8, PkiFailureInfo.MissingTimeStamp);
-			BitStringConstantTester.testFlagValueCorrect(9, PkiFailureInfo.BadPop);
-			BitStringConstantTester.testFlagValueCorrect(14, PkiFailureInfo.TimeNotAvailable);
-			BitStringConstantTester.testFlagValueCorrect(15, PkiFailureInfo.UnacceptedPolicy);
-			BitStringConstantTester.testFlagValueCorrect(16, PkiFailureInfo.UnacceptedExtension);
-			BitStringConstantTester.testFlagValueCorrect(17, PkiFailureInfo.AddInfoNotAvailable);
-			BitStringConstantTester.testFlagValueCorrect(25, PkiFailureInfo.SystemFailure);
+            BitStringConstantTester.testFlagValueCorrect(0, PkiFailureInfo.BadAlg);
+            BitStringConstantTester.testFlagValueCorrect(1, PkiFailureInfo.BadMessageCheck);
+            BitStringConstantTester.testFlagValueCorrect(2, PkiFailureInfo.BadRequest);
+            BitStringConstantTester.testFlagValueCorrect(3, PkiFailureInfo.BadTime);
+            BitStringConstantTester.testFlagValueCorrect(4, PkiFailureInfo.BadCertId);
+            BitStringConstantTester.testFlagValueCorrect(5, PkiFailureInfo.BadDataFormat);
+            BitStringConstantTester.testFlagValueCorrect(6, PkiFailureInfo.WrongAuthority);
+            BitStringConstantTester.testFlagValueCorrect(7, PkiFailureInfo.IncorrectData);
+            BitStringConstantTester.testFlagValueCorrect(8, PkiFailureInfo.MissingTimeStamp);
+            BitStringConstantTester.testFlagValueCorrect(9, PkiFailureInfo.BadPop);
+            BitStringConstantTester.testFlagValueCorrect(10, PkiFailureInfo.CertRevoked);
+            BitStringConstantTester.testFlagValueCorrect(11, PkiFailureInfo.CertConfirmed);
+            BitStringConstantTester.testFlagValueCorrect(12, PkiFailureInfo.WrongIntegrity);
+            BitStringConstantTester.testFlagValueCorrect(13, PkiFailureInfo.BadRecipientNonce);
+            BitStringConstantTester.testFlagValueCorrect(14, PkiFailureInfo.TimeNotAvailable);
+            BitStringConstantTester.testFlagValueCorrect(15, PkiFailureInfo.UnacceptedPolicy);
+            BitStringConstantTester.testFlagValueCorrect(16, PkiFailureInfo.UnacceptedExtension);
+            BitStringConstantTester.testFlagValueCorrect(17, PkiFailureInfo.AddInfoNotAvailable);
+            BitStringConstantTester.testFlagValueCorrect(18, PkiFailureInfo.BadSenderNonce);
+            BitStringConstantTester.testFlagValueCorrect(19, PkiFailureInfo.BadCertTemplate);
+            BitStringConstantTester.testFlagValueCorrect(20, PkiFailureInfo.SignerNotTrusted);
+            BitStringConstantTester.testFlagValueCorrect(21, PkiFailureInfo.TransactionIdInUse);
+            BitStringConstantTester.testFlagValueCorrect(22, PkiFailureInfo.UnsupportedVersion);
+            BitStringConstantTester.testFlagValueCorrect(23, PkiFailureInfo.NotAuthorized);
+            BitStringConstantTester.testFlagValueCorrect(24, PkiFailureInfo.SystemUnavail);
+            BitStringConstantTester.testFlagValueCorrect(25, PkiFailureInfo.SystemFailure);
+            BitStringConstantTester.testFlagValueCorrect(26, PkiFailureInfo.DuplicateCertReq);
 
-			doTestEncoding();
+            DoTestEncoding();
 		}
 
 		public static void Main(