本文整理汇总了Java中sun.security.x509.KeyIdentifier类的典型用法代码示例。如果您正苦于以下问题:Java KeyIdentifier类的具体用法?Java KeyIdentifier怎么用?Java KeyIdentifier使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
KeyIdentifier类属于sun.security.x509包,在下文中一共展示了KeyIdentifier类的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: setSkiAndSerialNumber
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Sets the subjectKeyIdentifier and serialNumber criteria from the
* authority key identifier extension.
*
* The subjectKeyIdentifier criterion is set to the keyIdentifier field
* of the extension, or null if it is empty. The serialNumber criterion
* is set to the authorityCertSerialNumber field, or null if it is empty.
*
* Note that we do not set the subject criterion to the
* authorityCertIssuer field of the extension. The caller MUST set
* the subject criterion before calling match().
*
* @param ext the authorityKeyIdentifier extension
* @throws IOException if there is an error parsing the extension
*/
void setSkiAndSerialNumber(AuthorityKeyIdentifierExtension ext)
throws IOException {
ski = null;
serial = null;
if (ext != null) {
KeyIdentifier akid = (KeyIdentifier)ext.get(
AuthorityKeyIdentifierExtension.KEY_ID);
if (akid != null) {
DerOutputStream derout = new DerOutputStream();
derout.putOctetString(akid.getIdentifier());
ski = derout.toByteArray();
}
SerialNumber asn = (SerialNumber)ext.get(
AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
if (asn != null) {
serial = asn.getNumber();
}
// the subject criterion should be set by the caller
}
}
示例2: ResponderId
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Constructs a {@code ResponderId} object from its DER-encoding.
*
* @param encodedData the DER-encoded bytes
*
* @throws IOException if the encodedData is not properly DER encoded
*/
public ResponderId(byte[] encodedData) throws IOException {
DerValue outer = new DerValue(encodedData);
if (outer.isContextSpecific((byte)Type.BY_NAME.value())
&& outer.isConstructed()) {
// Use the X500Principal constructor as a way to sanity
// check the incoming data.
responderName = new X500Principal(outer.getDataBytes());
encodedRid = principalToBytes();
type = Type.BY_NAME;
} else if (outer.isContextSpecific((byte)Type.BY_KEY.value())
&& outer.isConstructed()) {
// Use the KeyIdentifier constructor as a way to sanity
// check the incoming data.
responderKeyId =
new KeyIdentifier(new DerValue(outer.getDataBytes()));
encodedRid = keyIdToBytes();
type = Type.BY_KEY;
} else {
throw new IOException("Invalid ResponderId content");
}
}
示例3: testAuthorityKeyIdentifier
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
private void testAuthorityKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on authorityKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
AuthorityKeyIdentifierExtension a = new AuthorityKeyIdentifierExtension(new KeyIdentifier(b), null, null);
selector.setAuthorityKeyIdentifier(a.getExtensionValue());
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.35"));
byte[] encoded = in.getOctetString();
selector.setAuthorityKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
示例4: runTest
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
@Override
public Map.Entry<Boolean, String> runTest() {
Boolean pass = Boolean.FALSE;
String message = null;
try {
// Test methods for pulling out the underlying
// KeyIdentifier object. Note: There is a minute chance that
// an RSA public key, once hashed into a key ID might collide
// with the one extracted from the certificate used to create
// respByKeyId. This is so unlikely to happen it is considered
// virtually impossible.
KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048);
KeyPair rsaKey = kpg.generateKeyPair();
KeyIdentifier testKeyId = new KeyIdentifier(rsaKey.getPublic());
if (respByKeyId.getKeyIdentifier().equals(testKeyId)) {
message = "Unexpected match in ResponderId Key ID";
} else if (respByName.getKeyIdentifier() != null) {
message = "Non-null key ID returned from " +
"ResponderId constructed byName";
} else {
pass = Boolean.TRUE;
}
} catch (Exception e) {
e.printStackTrace(System.out);
message = e.getClass().getName();
}
return new AbstractMap.SimpleEntry<>(pass, message);
}
示例5: parseAuthorityKeyIdentifierExtension
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Parse the authority key identifier extension.
*
* If the keyIdentifier field of the extension is non-null, set the
* subjectKeyIdentifier criterion. If the authorityCertSerialNumber
* field is non-null, set the serialNumber criterion.
*
* Note that we will not set the subject criterion according to the
* authorityCertIssuer field of the extension. The caller MUST set
* the subject criterion before call match().
*
* @param akidext the authorityKeyIdentifier extension
*/
void parseAuthorityKeyIdentifierExtension(
AuthorityKeyIdentifierExtension akidext) throws IOException {
if (akidext != null) {
KeyIdentifier akid = (KeyIdentifier)akidext.get(akidext.KEY_ID);
if (akid != null) {
// Do not override the previous setting for initial selection.
if (isSKIDSensitive || getSubjectKeyIdentifier() == null) {
DerOutputStream derout = new DerOutputStream();
derout.putOctetString(akid.getIdentifier());
super.setSubjectKeyIdentifier(derout.toByteArray());
isSKIDSensitive = true;
}
}
SerialNumber asn =
(SerialNumber)akidext.get(akidext.SERIAL_NUMBER);
if (asn != null) {
// Do not override the previous setting for initial selection.
if (isSNSensitive || getSerialNumber() == null) {
super.setSerialNumber(asn.getNumber());
isSNSensitive = true;
}
}
// the subject criterion should be set by the caller.
}
}
示例6: parseAuthorityKeyIdentifierExtension
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Parse the authority key identifier extension.
*
* If the keyIdentifier field of the extension is non-null, set the
* subjectKeyIdentifier criterion. If the authorityCertSerialNumber
* field is non-null, set the serialNumber criterion.
*
* Note that we will not set the subject criterion according to the
* authorityCertIssuer field of the extension. The caller MUST set
* the subject criterion before call match().
*
* @param akidext the authorityKeyIdentifier extension
*/
void parseAuthorityKeyIdentifierExtension(
AuthorityKeyIdentifierExtension akidext) throws IOException {
if (akidext != null) {
KeyIdentifier akid = (KeyIdentifier)akidext.get(
AuthorityKeyIdentifierExtension.KEY_ID);
if (akid != null) {
// Do not override the previous setting for initial selection.
if (isSKIDSensitive || getSubjectKeyIdentifier() == null) {
DerOutputStream derout = new DerOutputStream();
derout.putOctetString(akid.getIdentifier());
super.setSubjectKeyIdentifier(derout.toByteArray());
isSKIDSensitive = true;
}
}
SerialNumber asn = (SerialNumber)akidext.get(
AuthorityKeyIdentifierExtension.SERIAL_NUMBER);
if (asn != null) {
// Do not override the previous setting for initial selection.
if (isSNSensitive || getSerialNumber() == null) {
super.setSerialNumber(asn.getNumber());
isSNSensitive = true;
}
}
// the subject criterion should be set by the caller.
}
}
示例7: getKeyIdentifier
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Obtain the underlying key identifier from a {@code ResponderId}
*
* @return the {@code KeyIdentifier} for this {@code ResponderId} if it
* is a BY_KEY variant. If the {@code ResponderId} is a BY_NAME
* variant, this routine will return {@code null}.
*/
public KeyIdentifier getKeyIdentifier() {
return responderKeyId;
}
示例8: addAuthorityKeyIdExt
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Add the Authority Key Identifier extension.
*
* @param authorityKey The public key of the issuing authority.
*
* @throws IOException if an encoding error occurs.
*/
public void addAuthorityKeyIdExt(PublicKey authorityKey) throws IOException {
KeyIdentifier kid = new KeyIdentifier(authorityKey);
addExtension(new AuthorityKeyIdentifierExtension(kid, null, null));
}
示例9: addSubjectKeyIdExt
import sun.security.x509.KeyIdentifier; //导入依赖的package包/类
/**
* Add the Subject Key Identifier extension.
*
* @param subjectKey The public key to be used in the resulting certificate
*
* @throws IOException if an encoding error occurs.
*/
public void addSubjectKeyIdExt(PublicKey subjectKey) throws IOException {
byte[] keyIdBytes = new KeyIdentifier(subjectKey).getIdentifier();
addExtension(new SubjectKeyIdentifierExtension(keyIdBytes));
}