本文整理汇总了Java中org.bouncycastle.cert.X509CertificateHolder.getExtension方法的典型用法代码示例。如果您正苦于以下问题:Java X509CertificateHolder.getExtension方法的具体用法?Java X509CertificateHolder.getExtension怎么用?Java X509CertificateHolder.getExtension使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.cert.X509CertificateHolder
的用法示例。
在下文中一共展示了X509CertificateHolder.getExtension方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: match
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
public boolean match(Object obj)
{
if (obj instanceof X509CertificateHolder)
{
X509CertificateHolder certHldr = (X509CertificateHolder)obj;
if (this.getSerialNumber() != null)
{
IssuerAndSerialNumber iAndS = new IssuerAndSerialNumber(certHldr.toASN1Structure());
return iAndS.getName().equals(this.issuer)
&& iAndS.getSerialNumber().getValue().equals(this.serialNumber);
}
else if (subjectKeyId != null)
{
Extension ext = certHldr.getExtension(Extension.subjectKeyIdentifier);
if (ext == null)
{
return Arrays.areEqual(subjectKeyId, MSOutlookKeyIdCalculator.calculateKeyId(certHldr.getSubjectPublicKeyInfo()));
}
byte[] subKeyID = ASN1OctetString.getInstance(ext.getParsedValue()).getOctets();
return Arrays.areEqual(subjectKeyId, subKeyID);
}
}
else if (obj instanceof byte[])
{
return Arrays.areEqual(subjectKeyId, (byte[])obj);
}
return false;
}
示例2: validateCertificate
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
/**
* Validate the passed in certificate as being of the correct type to be used
* for time stamping. To be valid it must have an ExtendedKeyUsage extension
* which has a key purpose identifier of id-kp-timeStamping.
*
* @param cert the certificate of interest.
* @throws TSPValidationException if the certicate fails on one of the check points.
*/
public static void validateCertificate(
X509CertificateHolder cert)
throws TSPValidationException
{
if (cert.toASN1Structure().getVersionNumber() != 3)
{
throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
}
Extension ext = cert.getExtension(Extension.extendedKeyUsage);
if (ext == null)
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
}
if (!ext.isCritical())
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
}
ExtendedKeyUsage extKey = ExtendedKeyUsage.getInstance(ext.getParsedValue());
if (!extKey.hasKeyPurposeId(KeyPurposeId.id_kp_timeStamping) || extKey.size() != 1)
{
throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
}
}
示例3: validateCertificate
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
/**
* Validate the passed in certificate as being of the correct type to be used
* for time stamping. To be valid it must have an ExtendedKeyUsage extension
* which has a key purpose identifier of id-kp-timeStamping.
*
* @param cert the certificate of interest.
* @throws TSPValidationException if the certificate fails on one of the check points.
*/
public static void validateCertificate(
X509CertificateHolder cert)
throws TSPValidationException
{
if (cert.toASN1Structure().getVersionNumber() != 3)
{
throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
}
Extension ext = cert.getExtension(Extension.extendedKeyUsage);
if (ext == null)
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
}
if (!ext.isCritical())
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
}
ExtendedKeyUsage extKey = ExtendedKeyUsage.getInstance(ext.getParsedValue());
if (!extKey.hasKeyPurposeId(KeyPurposeId.id_kp_timeStamping) || extKey.size() != 1)
{
throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
}
}
示例4: getEmailFromCert
import org.bouncycastle.cert.X509CertificateHolder; //导入方法依赖的package包/类
/**
* Extract email addresses from a certificate
*
* @param cert the X509 certificate holder
* @return a List of all email addresses found
* @throws CertificateException
*/
private static List<String> getEmailFromCert(X509CertificateHolder cert)
throws CertificateException {
List<String> res = new ArrayList<>();
X500Name subject = cert.getSubject();
for (RDN emails : subject.getRDNs(BCStyle.EmailAddress)) {
for (AttributeTypeAndValue emailAttr: emails.getTypesAndValues()) {
log.debug("Add email from RDN: " + IETFUtils.valueToString(emailAttr.getValue()));
res.add(IETFUtils.valueToString(emailAttr.getValue()));
}
}
Extension subjectAlternativeNames = cert
.getExtension(Extension.subjectAlternativeName);
if (subjectAlternativeNames != null) {
for (GeneralName name : GeneralNames.getInstance(
subjectAlternativeNames.getParsedValue()).getNames()) {
if (name.getTagNo() == GeneralName.rfc822Name) {
String email = IETFUtils.valueToString(name.getName());
log.debug("Add email from subjectAlternativeName: " + email);
res.add(email);
}
}
}
return res;
}