当前位置: 首页>>代码示例>>Java>>正文

Java X509Certificate.getExtensionValue方法代码示例

本文整理汇总了Java中java.security.cert.X509Certificate.getExtensionValue方法的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate.getExtensionValue方法的具体用法?Java X509Certificate.getExtensionValue怎么用?Java X509Certificate.getExtensionValue使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.X509Certificate的用法示例。


在下文中一共展示了X509Certificate.getExtensionValue方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: matchSubjectKeyID

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private boolean matchSubjectKeyID(X509Certificate xcert) {
    if (ski == null) {
        return true;
    }
    try {
        byte[] extVal = xcert.getExtensionValue("2.5.29.14");
        if (extVal == null) {
            if (debug != null && Debug.isVerbose()) {
                debug.println("AdaptableX509CertSelector.match: "
                    + "no subject key ID extension. Subject: "
                    + xcert.getSubjectX500Principal());
            }
            return true;
        }
        DerInputStream in = new DerInputStream(extVal);
        byte[] certSubjectKeyID = in.getOctetString();
        if (certSubjectKeyID == null ||
                !Arrays.equals(ski, certSubjectKeyID)) {
            if (debug != null && Debug.isVerbose()) {
                debug.println("AdaptableX509CertSelector.match: "
                    + "subject key IDs don't match. "
                    + "Expected: " + Arrays.toString(ski) + " "
                    + "Cert's: " + Arrays.toString(certSubjectKeyID));
            }
            return false;
        }
    } catch (IOException ex) {
        if (debug != null && Debug.isVerbose()) {
            debug.println("AdaptableX509CertSelector.match: "
                + "exception in subject key ID check");
        }
        return false;
    }
    return true;
}
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:36,代码来源:AdaptableX509CertSelector.java

示例2: CRLDistributionPointsImpl

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public CRLDistributionPointsImpl(X509Certificate cert) throws CertificateException, IOException {
	URINames = new ArrayList<>();
	byte[] extVal = cert.getExtensionValue(Extension.cRLDistributionPoints.getId());
	if (extVal == null)
		return;
	CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
	DistributionPoint[] points = crlDistPoint.getDistributionPoints();
	for (DistributionPoint p : points) {
		GeneralNames tmp = p.getCRLIssuer();
		if (tmp != null) {
			GeneralName[] crlIssers = tmp.getNames();
			for (int i = 0; i < crlIssers.length; i++) {
				if (crlIssers[i].getTagNo() == GeneralName.uniformResourceIdentifier) {
					String issuerUrl = crlIssers[i].toString();
					URINames.add(issuerUrl);
				}
			}
		}
	}
}
开发者ID:Catherine22,项目名称:SecuritySample,代码行数:21,代码来源:CRLDistributionPointsImpl.java

示例3: createPath

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:21,代码来源:ValidateNC.java

示例4: getIssuerAlternativeNames

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static Collection getIssuerAlternativeNames(X509Certificate cert)
        throws CertificateParsingException
{
    byte[] extVal = cert.getExtensionValue(X509Extension.issuerAlternativeName.getId());

    return getAlternativeNames(extVal);
}
开发者ID:Appdome,项目名称:ipack,代码行数:8,代码来源:X509ExtensionUtil.java

示例5: CRLDistributionPointsExtensionTest

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private static void CRLDistributionPointsExtensionTest(String certStr)
        throws Exception {
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
    X509Certificate cert = (X509Certificate) cf.generateCertificate(is);

    // oid for CRL Distribution Points = 2.5.29.31
    byte[] CDPExtBytes = cert.getExtensionValue("2.5.29.31");
    DerValue val = new DerValue(CDPExtBytes);
    byte[] data = val.getOctetString();
    CRLDistributionPointsExtension CDPExt
            = new CRLDistributionPointsExtension(false, data);
}
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:14,代码来源:Parse.java

示例6: getSubjectKeyId

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private static byte[] getSubjectKeyId(X509Certificate cert)
{
    byte[] ext = cert.getExtensionValue(Extension.subjectKeyIdentifier.getId());

    if (ext != null)
    {
        return ASN1OctetString.getInstance(ASN1OctetString.getInstance(ext).getOctets()).getOctets();
    }
    else
    {
        return null;
    }
}
开发者ID:Appdome,项目名称:ipack,代码行数:14,代码来源:JcaX509CertificateHolderSelector.java

示例7: getSubjectKeyId

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
static byte[] getSubjectKeyId(X509Certificate cert)
{
    byte[] ext = cert.getExtensionValue(X509Extension.subjectKeyIdentifier.getId());

    if (ext != null)
    {
        return ASN1OctetString.getInstance(ASN1OctetString.getInstance(ext).getOctets()).getOctets();
    }
    else
    {
        return null;
    }
}
开发者ID:Appdome,项目名称:ipack,代码行数:14,代码来源:CMSUtils.java

示例8: getCoreExtValue

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static byte[] getCoreExtValue(X509Certificate cert, ASN1ObjectIdentifier type)
        throws CertificateEncodingException {
    ParamUtil.requireNonNull("cert", cert);
    ParamUtil.requireNonNull("type", type);
    byte[] fullExtValue = cert.getExtensionValue(type.getId());
    if (fullExtValue == null) {
        return null;
    }
    try {
        return ASN1OctetString.getInstance(fullExtValue).getOctets();
    } catch (IllegalArgumentException ex) {
        throw new CertificateEncodingException("invalid extension " + type.getId() + ": "
                + ex.getMessage());
    }
}
开发者ID:xipki,项目名称:xitk,代码行数:16,代码来源:X509Util.java

示例9: BasicConstraintsImpl

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public BasicConstraintsImpl(X509Certificate cert) throws CertificateException, IOException {
	byte[] extVal = cert.getExtensionValue(Extension.basicConstraints.getId());
	if (extVal == null)
		return;
	org.bouncycastle.asn1.x509.BasicConstraints bc = org.bouncycastle.asn1.x509.BasicConstraints
			.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
	isCA = bc.isCA();
	pathLen = bc.getPathLenConstraint();
}
开发者ID:Catherine22,项目名称:SecuritySample,代码行数:10,代码来源:BasicConstraintsImpl.java

示例10: getTimestampingURI

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Examine the certificate for a Subject Information Access extension
 * (<a href="http://tools.ietf.org/html/rfc5280">RFC 5280</a>).
 * The extension's {@code accessMethod} field should contain the object
 * identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its
 * {@code accessLocation} field should contain an HTTP or HTTPS URL.
 *
 * @param tsaCertificate An X.509 certificate for the TSA.
 * @return An HTTP or HTTPS URI or null if none was found.
 */
public static URI getTimestampingURI(X509Certificate tsaCertificate) {

    if (tsaCertificate == null) {
        return null;
    }
    // Parse the extensions
    try {
        byte[] extensionValue =
            tsaCertificate.getExtensionValue(SUBJECT_INFO_ACCESS_OID);
        if (extensionValue == null) {
            return null;
        }
        DerInputStream der = new DerInputStream(extensionValue);
        der = new DerInputStream(der.getOctetString());
        DerValue[] derValue = der.getSequence(5);
        AccessDescription description;
        GeneralName location;
        URIName uri;
        for (int i = 0; i < derValue.length; i++) {
            description = new AccessDescription(derValue[i]);
            if (description.getAccessMethod()
                    .equals(AD_TIMESTAMPING_Id)) {
                location = description.getAccessLocation();
                if (location.getType() == GeneralNameInterface.NAME_URI) {
                    uri = (URIName) location.getName();
                    if (uri.getScheme().equalsIgnoreCase("http") ||
                            uri.getScheme().equalsIgnoreCase("https")) {
                        return uri.getURI();
                    }
                }
            }
        }
    } catch (IOException ioe) {
        // ignore
    }
    return null;
}
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:48,代码来源:TimestampedSigner.java

示例11: KeyIdentifierImpl

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public KeyIdentifierImpl(X509Certificate cert) throws CertificateException, IOException {
    byte[] extVal = cert.getExtensionValue(Extension.authorityKeyIdentifier.getId());
    if (extVal == null) {
        lock = true;
        return;
    }
    AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
    keyIdentifier = aki.getKeyIdentifier();
}
开发者ID:Catherine22,项目名称:SecuritySample,代码行数:10,代码来源:KeyIdentifierImpl.java

示例12: ExtendedKeyUsageImpl

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public ExtendedKeyUsageImpl(X509Certificate cert) throws IOException {
	keyPurposeIds = new ArrayList<>();
	byte[] extVal = cert.getExtensionValue(Extension.extendedKeyUsage.getId());
	if (extVal == null)
		return;
	org.bouncycastle.asn1.x509.ExtendedKeyUsage usage = org.bouncycastle.asn1.x509.ExtendedKeyUsage
			.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
	KeyPurposeId[] usages = usage.getUsages();
	for (int i = 0; i < usages.length; i++) {
		keyPurposeIds.add(usages[i].getId());
	}
}
开发者ID:Catherine22,项目名称:SecuritySample,代码行数:13,代码来源:ExtendedKeyUsageImpl.java

示例13: getSKIBytesFromCert

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Method getSKIBytesFromCert
 *
 * @param cert
 * @return ski bytes from the given certificate
 *
 * @throws XMLSecurityException
 * @see java.security.cert.X509Extension#getExtensionValue(java.lang.String)
 */
public static byte[] getSKIBytesFromCert(X509Certificate cert)
    throws XMLSecurityException {

    if (cert.getVersion() < 3) {
        Object exArgs[] = { Integer.valueOf(cert.getVersion()) };
        throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs);
    }

    /*
     * Gets the DER-encoded OCTET string for the extension value
     * (extnValue) identified by the passed-in oid String. The oid
     * string is represented by a set of positive whole numbers
     * separated by periods.
     */
    byte[] extensionValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
    if (extensionValue == null) {
        throw new XMLSecurityException("certificate.noSki.null");
    }

    /**
     * Strip away first four bytes from the extensionValue
     * The first two bytes are the tag and length of the extensionValue
     * OCTET STRING, and the next two bytes are the tag and length of
     * the ski OCTET STRING.
     */
    byte skidValue[] = new byte[extensionValue.length - 4];

    System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);

    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue));
    }

    return skidValue;
}
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:45,代码来源:XMLX509SKI.java

示例14: SubjectKeyIdentifierImpl

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public SubjectKeyIdentifierImpl(X509Certificate cert) throws IOException {
    byte[] extVal = cert.getExtensionValue(Extension.subjectKeyIdentifier.getId());
    if (extVal == null) {
        lock = true;
        return;
    }
    org.bouncycastle.asn1.x509.SubjectKeyIdentifier identifier = org.bouncycastle.asn1.x509.SubjectKeyIdentifier
            .getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
    keyIdentifier = identifier.getKeyIdentifier();
}
开发者ID:Catherine22,项目名称:SecuritySample,代码行数:11,代码来源:SubjectKeyIdentifierImpl.java

示例15: matchSubjectKeyID

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private boolean matchSubjectKeyID(X509Certificate xcert) {
    if (ski == null) {
        return true;
    }
    try {
        byte[] extVal = xcert.getExtensionValue("2.5.29.14");
        if (extVal == null) {
            if (debug != null) {
                debug.println("AdaptableX509CertSelector.match: "
                    + "no subject key ID extension");
            }
            return true;
        }
        DerInputStream in = new DerInputStream(extVal);
        byte[] certSubjectKeyID = in.getOctetString();
        if (certSubjectKeyID == null ||
                !Arrays.equals(ski, certSubjectKeyID)) {
            if (debug != null) {
                debug.println("AdaptableX509CertSelector.match: "
                    + "subject key IDs don't match");
            }
            return false;
        }
    } catch (IOException ex) {
        if (debug != null) {
            debug.println("AdaptableX509CertSelector.match: "
                + "exception in subject key ID check");
        }
        return false;
    }
    return true;
}
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:33,代码来源:AdaptableX509CertSelector.java


注:本文中的java.security.cert.X509Certificate.getExtensionValue方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。