当前位置: 首页>>代码示例>>Java>>正文


Java X509Certificate.getVersion方法代码示例

本文整理汇总了Java中java.security.cert.X509Certificate.getVersion方法的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate.getVersion方法的具体用法?Java X509Certificate.getVersion怎么用?Java X509Certificate.getVersion使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.X509Certificate的用法示例。


在下文中一共展示了X509Certificate.getVersion方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: getSKIBytesFromCert

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Method getSKIBytesFromCert
 *
 * @param cert
 * @return ski bytes from the given certificate
 *
 * @throws XMLSecurityException
 * @see java.security.cert.X509Extension#getExtensionValue(java.lang.String)
 */
public static byte[] getSKIBytesFromCert(X509Certificate cert)
    throws XMLSecurityException {

    if (cert.getVersion() < 3) {
        Object exArgs[] = { Integer.valueOf(cert.getVersion()) };
        throw new XMLSecurityException("certificate.noSki.lowVersion", exArgs);
    }

    /*
     * Gets the DER-encoded OCTET string for the extension value
     * (extnValue) identified by the passed-in oid String. The oid
     * string is represented by a set of positive whole numbers
     * separated by periods.
     */
    byte[] extensionValue = cert.getExtensionValue(XMLX509SKI.SKI_OID);
    if (extensionValue == null) {
        throw new XMLSecurityException("certificate.noSki.null");
    }

    /**
     * Strip away first four bytes from the extensionValue
     * The first two bytes are the tag and length of the extensionValue
     * OCTET STRING, and the next two bytes are the tag and length of
     * the ski OCTET STRING.
     */
    byte skidValue[] = new byte[extensionValue.length - 4];

    System.arraycopy(extensionValue, 4, skidValue, 0, skidValue.length);

    if (log.isLoggable(java.util.logging.Level.FINE)) {
        log.log(java.util.logging.Level.FINE, "Base64 of SKI is " + Base64.encode(skidValue));
    }

    return skidValue;
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:45,代码来源:XMLX509SKI.java

示例2: printX509Cert

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Prints a certificate in a human readable format.
 */
private void printX509Cert(X509Certificate cert, PrintStream out)
    throws Exception
{

    MessageFormat form = new MessageFormat
            (rb.getString(".PATTERN.printX509Cert.with.weak"));
    PublicKey pkey = cert.getPublicKey();
    String sigName = cert.getSigAlgName();
    // No need to warn about sigalg of a trust anchor
    if (!isTrustedCert(cert)) {
        sigName = withWeak(sigName);
    }
    Object[] source = {cert.getSubjectDN().toString(),
                    cert.getIssuerDN().toString(),
                    cert.getSerialNumber().toString(16),
                    cert.getNotBefore().toString(),
                    cert.getNotAfter().toString(),
                    getCertFingerPrint("SHA-1", cert),
                    getCertFingerPrint("SHA-256", cert),
                    sigName,
                    withWeak(pkey),
                    cert.getVersion()
                    };
    out.println(form.format(source));

    if (cert instanceof X509CertImpl) {
        X509CertImpl impl = (X509CertImpl)cert;
        X509CertInfo certInfo = (X509CertInfo)impl.get(X509CertImpl.NAME
                                                       + "." +
                                                       X509CertImpl.INFO);
        CertificateExtensions exts = (CertificateExtensions)
                certInfo.get(X509CertInfo.EXTENSIONS);
        if (exts != null) {
            printExtensions(rb.getString("Extensions."), exts, out);
        }
    }
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:41,代码来源:Main.java

示例3: checkBasicConstraints

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Internal method to check that a given cert meets basic constraints.
 */
private void checkBasicConstraints(X509Certificate currCert)
    throws CertPathValidatorException
{
    String msg = "basic constraints";
    if (debug != null) {
        debug.println("---checking " + msg + "...");
        debug.println("i = " + i);
        debug.println("maxPathLength = " + maxPathLength);
    }

    /* check if intermediate cert */
    if (i < certPathLength) {
        // RFC5280: If certificate i is a version 3 certificate, verify
        // that the basicConstraints extension is present and that cA is
        // set to TRUE.  (If certificate i is a version 1 or version 2
        // certificate, then the application MUST either verify that
        // certificate i is a CA certificate through out-of-band means
        // or reject the certificate.  Conforming implementations may
        // choose to reject all version 1 and version 2 intermediate
        // certificates.)
        //
        // We choose to reject all version 1 and version 2 intermediate
        // certificates except that it is self issued by the trust
        // anchor in order to support key rollover or changes in
        // certificate policies.
        int pathLenConstraint = -1;
        if (currCert.getVersion() < 3) {    // version 1 or version 2
            if (i == 1) {                   // issued by a trust anchor
                if (X509CertImpl.isSelfIssued(currCert)) {
                    pathLenConstraint = Integer.MAX_VALUE;
                }
            }
        } else {
            pathLenConstraint = currCert.getBasicConstraints();
        }

        if (pathLenConstraint == -1) {
            throw new CertPathValidatorException
                (msg + " check failed: this is not a CA certificate",
                 null, null, -1, PKIXReason.NOT_CA_CERT);
        }

        if (!X509CertImpl.isSelfIssued(currCert)) {
            if (maxPathLength <= 0) {
               throw new CertPathValidatorException
                    (msg + " check failed: pathLenConstraint violated - "
                     + "this cert must be the last cert in the "
                     + "certification path", null, null, -1,
                     PKIXReason.PATH_TOO_LONG);
            }
            maxPathLength--;
        }
        if (pathLenConstraint < maxPathLength)
            maxPathLength = pathLenConstraint;
    }

    if (debug != null) {
        debug.println("after processing, maxPathLength = " + maxPathLength);
        debug.println(msg + " verified.");
    }
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:65,代码来源:ConstraintsChecker.java

示例4: printX509Cert

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Prints a certificate in a human readable format.
 */
private void printX509Cert(X509Certificate cert, PrintStream out)
    throws Exception
{
    /*
    out.println("Owner: "
                + cert.getSubjectDN().toString()
                + "\n"
                + "Issuer: "
                + cert.getIssuerDN().toString()
                + "\n"
                + "Serial number: " + cert.getSerialNumber().toString(16)
                + "\n"
                + "Valid from: " + cert.getNotBefore().toString()
                + " until: " + cert.getNotAfter().toString()
                + "\n"
                + "Certificate fingerprints:\n"
                + "\t MD5:  " + getCertFingerPrint("MD5", cert)
                + "\n"
                + "\t SHA1: " + getCertFingerPrint("SHA1", cert));
    */

    MessageFormat form = new MessageFormat
            (rb.getString(".PATTERN.printX509Cert"));
    Object[] source = {cert.getSubjectDN().toString(),
                    cert.getIssuerDN().toString(),
                    cert.getSerialNumber().toString(16),
                    cert.getNotBefore().toString(),
                    cert.getNotAfter().toString(),
                    getCertFingerPrint("MD5", cert),
                    getCertFingerPrint("SHA1", cert),
                    getCertFingerPrint("SHA-256", cert),
                    cert.getSigAlgName(),
                    cert.getVersion()
                    };
    out.println(form.format(source));

    if (cert instanceof X509CertImpl) {
        X509CertImpl impl = (X509CertImpl)cert;
        X509CertInfo certInfo = (X509CertInfo)impl.get(X509CertImpl.NAME
                                                       + "." +
                                                       X509CertImpl.INFO);
        CertificateExtensions exts = (CertificateExtensions)
                certInfo.get(X509CertInfo.EXTENSIONS);
        if (exts != null) {
            printExtensions(rb.getString("Extensions."), exts, out);
        }
    }
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:52,代码来源:Main.java

示例5: checkBasicConstraints

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Internal method to check that a given cert meets basic constraints.
 */
private void checkBasicConstraints(X509Certificate currCert)
    throws CertPathValidatorException
{
    String msg = "basic constraints";
    if (debug != null) {
        debug.println("---checking " + msg + "...");
        debug.println("i = " + i +
                    ", maxPathLength = " + maxPathLength);
    }

    /* check if intermediate cert */
    if (i < certPathLength) {
        // RFC5280: If certificate i is a version 3 certificate, verify
        // that the basicConstraints extension is present and that cA is
        // set to TRUE.  (If certificate i is a version 1 or version 2
        // certificate, then the application MUST either verify that
        // certificate i is a CA certificate through out-of-band means
        // or reject the certificate.  Conforming implementations may
        // choose to reject all version 1 and version 2 intermediate
        // certificates.)
        //
        // We choose to reject all version 1 and version 2 intermediate
        // certificates except that it is self issued by the trust
        // anchor in order to support key rollover or changes in
        // certificate policies.
        int pathLenConstraint = -1;
        if (currCert.getVersion() < 3) {    // version 1 or version 2
            if (i == 1) {                   // issued by a trust anchor
                if (X509CertImpl.isSelfIssued(currCert)) {
                    pathLenConstraint = Integer.MAX_VALUE;
                }
            }
        } else {
            pathLenConstraint = currCert.getBasicConstraints();
        }

        if (pathLenConstraint == -1) {
            throw new CertPathValidatorException
                (msg + " check failed: this is not a CA certificate",
                 null, null, -1, PKIXReason.NOT_CA_CERT);
        }

        if (!X509CertImpl.isSelfIssued(currCert)) {
            if (maxPathLength <= 0) {
               throw new CertPathValidatorException
                    (msg + " check failed: pathLenConstraint violated - "
                     + "this cert must be the last cert in the "
                     + "certification path", null, null, -1,
                     PKIXReason.PATH_TOO_LONG);
            }
            maxPathLength--;
        }
        if (pathLenConstraint < maxPathLength)
            maxPathLength = pathLenConstraint;
    }

    if (debug != null) {
        debug.println("after processing, maxPathLength = " + maxPathLength);
        debug.println(msg + " verified.");
    }
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:65,代码来源:ConstraintsChecker.java


注:本文中的java.security.cert.X509Certificate.getVersion方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。