本文整理汇总了Java中java.security.cert.X509Certificate.getExtensionValue方法的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate.getExtensionValue方法的具体用法?Java X509Certificate.getExtensionValue怎么用?Java X509Certificate.getExtensionValue使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.X509Certificate
的用法示例。
在下文中一共展示了X509Certificate.getExtensionValue方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: matchSubjectKeyID
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private boolean matchSubjectKeyID(X509Certificate xcert) {
if (ski == null) {
return true;
}
try {
byte[] extVal = xcert.getExtensionValue("2.5.29.14");
if (extVal == null) {
if (debug != null && Debug.isVerbose()) {
debug.println("AdaptableX509CertSelector.match: "
+ "no subject key ID extension. Subject: "
+ xcert.getSubjectX500Principal());
}
return true;
}
DerInputStream in = new DerInputStream(extVal);
byte[] certSubjectKeyID = in.getOctetString();
if (certSubjectKeyID == null ||
!Arrays.equals(ski, certSubjectKeyID)) {
if (debug != null && Debug.isVerbose()) {
debug.println("AdaptableX509CertSelector.match: "
+ "subject key IDs don't match. "
+ "Expected: " + Arrays.toString(ski) + " "
+ "Cert's: " + Arrays.toString(certSubjectKeyID));
}
return false;
}
} catch (IOException ex) {
if (debug != null && Debug.isVerbose()) {
debug.println("AdaptableX509CertSelector.match: "
+ "exception in subject key ID check");
}
return false;
}
return true;
}
示例2: CRLDistributionPointsImpl
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public CRLDistributionPointsImpl(X509Certificate cert) throws CertificateException, IOException {
URINames = new ArrayList<>();
byte[] extVal = cert.getExtensionValue(Extension.cRLDistributionPoints.getId());
if (extVal == null)
return;
CRLDistPoint crlDistPoint = CRLDistPoint.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
DistributionPoint[] points = crlDistPoint.getDistributionPoints();
for (DistributionPoint p : points) {
GeneralNames tmp = p.getCRLIssuer();
if (tmp != null) {
GeneralName[] crlIssers = tmp.getNames();
for (int i = 0; i < crlIssers.length; i++) {
if (crlIssers[i].getTagNo() == GeneralName.uniformResourceIdentifier) {
String issuerUrl = crlIssers[i].toString();
URINames.add(issuerUrl);
}
}
}
}
}
示例3: createPath
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
示例4: getIssuerAlternativeNames
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static Collection getIssuerAlternativeNames(X509Certificate cert)
throws CertificateParsingException
{
byte[] extVal = cert.getExtensionValue(X509Extension.issuerAlternativeName.getId());
return getAlternativeNames(extVal);
}
示例5: CRLDistributionPointsExtensionTest
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private static void CRLDistributionPointsExtensionTest(String certStr)
throws Exception {
CertificateFactory cf = CertificateFactory.getInstance("X.509");
ByteArrayInputStream is = new ByteArrayInputStream(certStr.getBytes());
X509Certificate cert = (X509Certificate) cf.generateCertificate(is);
// oid for CRL Distribution Points = 2.5.29.31
byte[] CDPExtBytes = cert.getExtensionValue("2.5.29.31");
DerValue val = new DerValue(CDPExtBytes);
byte[] data = val.getOctetString();
CRLDistributionPointsExtension CDPExt
= new CRLDistributionPointsExtension(false, data);
}
示例6: getSubjectKeyId
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private static byte[] getSubjectKeyId(X509Certificate cert)
{
byte[] ext = cert.getExtensionValue(Extension.subjectKeyIdentifier.getId());
if (ext != null)
{
return ASN1OctetString.getInstance(ASN1OctetString.getInstance(ext).getOctets()).getOctets();
}
else
{
return null;
}
}
示例7: getSubjectKeyId
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
static byte[] getSubjectKeyId(X509Certificate cert)
{
byte[] ext = cert.getExtensionValue(X509Extension.subjectKeyIdentifier.getId());
if (ext != null)
{
return ASN1OctetString.getInstance(ASN1OctetString.getInstance(ext).getOctets()).getOctets();
}
else
{
return null;
}
}
示例8: getCoreExtValue
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static byte[] getCoreExtValue(X509Certificate cert, ASN1ObjectIdentifier type)
throws CertificateEncodingException {
ParamUtil.requireNonNull("cert", cert);
ParamUtil.requireNonNull("type", type);
byte[] fullExtValue = cert.getExtensionValue(type.getId());
if (fullExtValue == null) {
return null;
}
try {
return ASN1OctetString.getInstance(fullExtValue).getOctets();
} catch (IllegalArgumentException ex) {
throw new CertificateEncodingException("invalid extension " + type.getId() + ": "
+ ex.getMessage());
}
}
示例9: BasicConstraintsImpl
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public BasicConstraintsImpl(X509Certificate cert) throws CertificateException, IOException {
byte[] extVal = cert.getExtensionValue(Extension.basicConstraints.getId());
if (extVal == null)
return;
org.bouncycastle.asn1.x509.BasicConstraints bc = org.bouncycastle.asn1.x509.BasicConstraints
.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
isCA = bc.isCA();
pathLen = bc.getPathLenConstraint();
}
示例10: getTimestampingURI
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
* Examine the certificate for a Subject Information Access extension
* (<a href="http://tools.ietf.org/html/rfc5280">RFC 5280</a>).
* The extension's {@code accessMethod} field should contain the object
* identifier defined for timestamping: 1.3.6.1.5.5.7.48.3 and its
* {@code accessLocation} field should contain an HTTP or HTTPS URL.
*
* @param tsaCertificate An X.509 certificate for the TSA.
* @return An HTTP or HTTPS URI or null if none was found.
*/
public static URI getTimestampingURI(X509Certificate tsaCertificate) {
if (tsaCertificate == null) {
return null;
}
// Parse the extensions
try {
byte[] extensionValue =
tsaCertificate.getExtensionValue(SUBJECT_INFO_ACCESS_OID);
if (extensionValue == null) {
return null;
}
DerInputStream der = new DerInputStream(extensionValue);
der = new DerInputStream(der.getOctetString());
DerValue[] derValue = der.getSequence(5);
AccessDescription description;
GeneralName location;
URIName uri;
for (int i = 0; i < derValue.length; i++) {
description = new AccessDescription(derValue[i]);
if (description.getAccessMethod()
.equals(AD_TIMESTAMPING_Id)) {
location = description.getAccessLocation();
if (location.getType() == GeneralNameInterface.NAME_URI) {
uri = (URIName) location.getName();
if (uri.getScheme().equalsIgnoreCase("http") ||
uri.getScheme().equalsIgnoreCase("https")) {
return uri.getURI();
}
}
}
}
} catch (IOException ioe) {
// ignore
}
return null;
}
示例11: KeyIdentifierImpl
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public KeyIdentifierImpl(X509Certificate cert) throws CertificateException, IOException {
byte[] extVal = cert.getExtensionValue(Extension.authorityKeyIdentifier.getId());
if (extVal == null) {
lock = true;
return;
}
AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
keyIdentifier = aki.getKeyIdentifier();
}
示例12: ExtendedKeyUsageImpl
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public ExtendedKeyUsageImpl(X509Certificate cert) throws IOException {
keyPurposeIds = new ArrayList<>();
byte[] extVal = cert.getExtensionValue(Extension.extendedKeyUsage.getId());
if (extVal == null)
return;
org.bouncycastle.asn1.x509.ExtendedKeyUsage usage = org.bouncycastle.asn1.x509.ExtendedKeyUsage
.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
KeyPurposeId[] usages = usage.getUsages();
for (int i = 0; i < usages.length; i++) {
keyPurposeIds.add(usages[i].getId());
}
}
示例13: getSKIBytesFromCert
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
* Method getSKIBytesFromCert
*
* @param cert
* @return ski bytes from the given certificate
*
* @throws XMLSecurityException
* @see java.security.cert.X509Extension#getExtensionValue(java.lang.String)
*/
public static byte[] getSKIBytesFromCert(X509Certificate cert)
throws XMLSecurityException {
if (cert.getVersion() < 3) {
Object exArgs[] = { Integer.valueOf(cert.getVersion()) };
throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs);
}
/*
* Gets the DER-encoded OCTET string for the extension value
* (extnValue) identified by the passed-in oid String. The oid
* string is represented by a set of positive whole numbers
* separated by periods.
*/
byte[] extensionValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
if (extensionValue == null) {
throw new XMLSecurityException("certificate.noSki.null");
}
/**
* Strip away first four bytes from the extensionValue
* The first two bytes are the tag and length of the extensionValue
* OCTET STRING, and the next two bytes are the tag and length of
* the ski OCTET STRING.
*/
byte skidValue[] = new byte[extensionValue.length - 4];
System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue));
}
return skidValue;
}
示例14: SubjectKeyIdentifierImpl
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public SubjectKeyIdentifierImpl(X509Certificate cert) throws IOException {
byte[] extVal = cert.getExtensionValue(Extension.subjectKeyIdentifier.getId());
if (extVal == null) {
lock = true;
return;
}
org.bouncycastle.asn1.x509.SubjectKeyIdentifier identifier = org.bouncycastle.asn1.x509.SubjectKeyIdentifier
.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
keyIdentifier = identifier.getKeyIdentifier();
}
示例15: matchSubjectKeyID
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private boolean matchSubjectKeyID(X509Certificate xcert) {
if (ski == null) {
return true;
}
try {
byte[] extVal = xcert.getExtensionValue("2.5.29.14");
if (extVal == null) {
if (debug != null) {
debug.println("AdaptableX509CertSelector.match: "
+ "no subject key ID extension");
}
return true;
}
DerInputStream in = new DerInputStream(extVal);
byte[] certSubjectKeyID = in.getOctetString();
if (certSubjectKeyID == null ||
!Arrays.equals(ski, certSubjectKeyID)) {
if (debug != null) {
debug.println("AdaptableX509CertSelector.match: "
+ "subject key IDs don't match");
}
return false;
}
} catch (IOException ex) {
if (debug != null) {
debug.println("AdaptableX509CertSelector.match: "
+ "exception in subject key ID check");
}
return false;
}
return true;
}