本文整理汇总了Java中org.bouncycastle.x509.extension.X509ExtensionUtil.fromExtensionValue方法的典型用法代码示例。如果您正苦于以下问题:Java X509ExtensionUtil.fromExtensionValue方法的具体用法?Java X509ExtensionUtil.fromExtensionValue怎么用?Java X509ExtensionUtil.fromExtensionValue使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类org.bouncycastle.x509.extension.X509ExtensionUtil的用法示例。
在下文中一共展示了X509ExtensionUtil.fromExtensionValue方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSki
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
/**
* This method returns SKI bytes from certificate.
*
* @param certificateToken
* {@code CertificateToken}
* @param computeIfMissing
* if the extension is missing and computeIfMissing = true, it will compute the SKI value from the Public
* Key
* @return ski bytes from the given certificate
* @throws DSSException
*/
public static byte[] getSki(final CertificateToken certificateToken, boolean computeIfMissing) throws DSSException {
try {
byte[] sKI = certificateToken.getCertificate().getExtensionValue(Extension.subjectKeyIdentifier.getId());
if (Utils.isArrayNotEmpty(sKI)) {
ASN1Primitive extension = X509ExtensionUtil.fromExtensionValue(sKI);
SubjectKeyIdentifier skiBC = SubjectKeyIdentifier.getInstance(extension);
return skiBC.getKeyIdentifier();
} else if (computeIfMissing) {
// If extension not present, we compute it from the certificate public key
DLSequence seq = (DLSequence) DERSequence.fromByteArray(certificateToken.getPublicKey().getEncoded());
DERBitString item = (DERBitString) seq.getObjectAt(1);
return DSSUtils.digest(DigestAlgorithm.SHA1, item.getOctets());
}
return null;
} catch (Exception e) {
throw new DSSException(e);
}
}
示例2: copyAndAddExtension
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
/**
* add a given extension field for the standard extensions tag (tag 3)
* copying the extension value from another certificate.
* @throws CertificateParsingException if the extension cannot be extracted.
*/
public void copyAndAddExtension(
String oid,
boolean critical,
X509Certificate cert)
throws CertificateParsingException
{
byte[] extValue = cert.getExtensionValue(oid);
if (extValue == null)
{
throw new CertificateParsingException("extension " + oid + " not present");
}
try
{
ASN1Encodable value = X509ExtensionUtil.fromExtensionValue(extValue);
this.addExtension(oid, critical, value);
}
catch (IOException e)
{
throw new CertificateParsingException(e.toString());
}
}
示例3: loadTrustAnchor
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
protected static TrustAnchor loadTrustAnchor(String trustCertFileName)
throws Exception
{
X509Certificate cert = CertificateUtilities.loadCertificate(trustCertFileName);
if (cert != null)
{
byte[] ncBytes = cert
.getExtensionValue(X509Extensions.NameConstraints.getId());
if (ncBytes != null)
{
ASN1Encodable extValue = X509ExtensionUtil
.fromExtensionValue(ncBytes);
return new TrustAnchor(cert, extValue.getDEREncoded());
}
return new TrustAnchor(cert, null);
}
return null;
}
示例4: getTrustAnchor
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
protected static TrustAnchor getTrustAnchor(String trustcert)
throws Exception
{
X509Certificate cert = loadCert(trustcert);
if (cert != null)
{
byte[] ncBytes = cert
.getExtensionValue(X509Extension.nameConstraints.getId());
if (ncBytes != null)
{
ASN1Encodable extValue = X509ExtensionUtil
.fromExtensionValue(ncBytes);
return new TrustAnchor(cert, extValue.toASN1Primitive().getEncoded(ASN1Encoding.DER));
}
return new TrustAnchor(cert, null);
}
return null;
}
示例5: getTrustAnchor
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
private TrustAnchor getTrustAnchor(String trustcert) throws Exception
{
X509Certificate cert = loadCert(trustcert);
if (cert != null)
{
byte[] ncBytes = cert
.getExtensionValue(X509Extension.nameConstraints.getId());
if (ncBytes != null)
{
ASN1Encodable extValue = X509ExtensionUtil
.fromExtensionValue(ncBytes);
return new TrustAnchor(cert, extValue.toASN1Primitive().getEncoded(ASN1Encoding.DER));
}
return new TrustAnchor(cert, null);
}
return null;
}
示例6: getInhabitAnyPolicyExtension
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
static String getInhabitAnyPolicyExtension(X509Certificate certificate) throws IOException {
byte[] inhabitAnyPolicyBytes = certificate.getExtensionValue(Extension.inhibitAnyPolicy.toString());
if (inhabitAnyPolicyBytes != null) {
ASN1Integer skipCertsInteger = (ASN1Integer) X509ExtensionUtil.fromExtensionValue(inhabitAnyPolicyBytes);
return skipCertsInteger.getValue().toString();
}
return "";
}
示例7: getTrustAnchor
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
private TrustAnchor getTrustAnchor(String trustAnchorName)
throws Exception
{
X509Certificate cert = loadCert(trustAnchorName);
byte[] extBytes = cert.getExtensionValue(X509Extension.nameConstraints.getId());
if (extBytes != null)
{
ASN1Encodable extValue = X509ExtensionUtil.fromExtensionValue(extBytes);
return new TrustAnchor(cert, extValue.toASN1Primitive().getEncoded(ASN1Encoding.DER));
}
return new TrustAnchor(cert, null);
}
示例8: getTrustAnchor
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
private TrustAnchor getTrustAnchor(String trustAnchorName)
throws Exception
{
X509Certificate cert = loadCert(trustAnchorName);
byte[] extBytes = cert.getExtensionValue(X509Extension.nameConstraints.getId());
if (extBytes != null)
{
ASN1Primitive extValue = X509ExtensionUtil.fromExtensionValue(extBytes);
return new TrustAnchor(cert, extValue.getEncoded(ASN1Encoding.DER));
}
return new TrustAnchor(cert, null);
}
示例9: getCrlNumber
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
public static BigInteger getCrlNumber(X509CRL crl) throws IOException
{
byte[] crlNumEnc = crl.getExtensionValue(X509Extension.cRLNumber.getId());
BigInteger crlNum = null;
// XAdES 7.4.2: "The 'number' element is an optional hint ..."
if (crlNumEnc != null)
{
ASN1Object derCrlNum = X509ExtensionUtil.fromExtensionValue(crlNumEnc);
crlNum = CRLNumber.getInstance(derCrlNum).getCRLNumber();
}
return crlNum;
}
示例10: checkCRLCreation1
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
public void checkCRLCreation1()
throws Exception
{
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
Date now = new Date();
KeyPair pair = kpGen.generateKeyPair();
crlGen.setIssuerDN(new X500Principal("CN=Test CA"));
crlGen.setThisUpdate(now);
crlGen.setNextUpdate(new Date(now.getTime() + 100000));
crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
X509CRL crl = crlGen.generate(pair.getPrivate(), "BC");
if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
{
fail("failed CRL issuer test");
}
byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (authExt == null)
{
fail("failed to find CRL extension");
}
AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
if (entry == null)
{
fail("failed to find CRL entry");
}
if (!entry.getSerialNumber().equals(BigInteger.ONE))
{
fail("CRL cert serial number does not match");
}
if (!entry.hasExtensions())
{
fail("CRL entry extension not found");
}
byte[] ext = entry.getExtensionValue(X509Extensions.ReasonCode.getId());
if (ext != null)
{
DEREnumerated reasonCode = (DEREnumerated)X509ExtensionUtil.fromExtensionValue(ext);
if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
{
fail("CRL entry reasonCode wrong");
}
}
else
{
fail("CRL entry reasonCode not found");
}
}
示例11: initSigner
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
public void initSigner(SecurityFactory securityFactory)
throws XiSecurityException, OperationException, InvalidConfException {
ParamUtil.requireNonNull("securityFactory", securityFactory);
if (signer != null) {
return;
}
if (dbEntry == null) {
throw new XiSecurityException("dbEntry is null");
}
if ("CA".equals(dbEntry.type())) {
return;
}
dbEntry.setConfFaulty(true);
X509Certificate responderCert = dbEntry.certificate();
try {
signer = securityFactory.createSigner(dbEntry.type(),
new SignerConf(dbEntry.conf()), responderCert);
} catch (ObjectCreationException ex1) {
throw new XiSecurityException("signer without certificate is not allowed");
}
X509Certificate signerCert = signer.getCertificate();
if (signerCert == null) {
throw new XiSecurityException("signer without certificate is not allowed");
}
if (dbEntry.base64Cert() == null) {
dbEntry.setCertificate(signerCert);
}
byte[] encodedSkiValue = signerCert.getExtensionValue(
Extension.subjectKeyIdentifier.getId());
if (encodedSkiValue == null) {
throw new OperationException(ErrorCode.INVALID_EXTENSION,
"CA certificate does not have required extension SubjectKeyIdentifier");
}
ASN1OctetString ski;
try {
ski = (ASN1OctetString) X509ExtensionUtil.fromExtensionValue(encodedSkiValue);
} catch (IOException ex) {
throw new OperationException(ErrorCode.INVALID_EXTENSION, ex);
}
this.subjectKeyIdentifier = ski.getOctets();
if (!X509Util.hasKeyusage(signerCert, KeyUsage.cRLSign)) {
throw new OperationException(ErrorCode.SYSTEM_FAILURE,
"CRL signer does not have keyusage cRLSign");
}
dbEntry.setConfFaulty(false);
}
示例12: checkCRLCreation1
import org.bouncycastle.x509.extension.X509ExtensionUtil; //导入方法依赖的package包/类
public void checkCRLCreation1()
throws Exception
{
KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
Date now = new Date();
KeyPair pair = kpGen.generateKeyPair();
crlGen.setIssuerDN(new X509Principal("CN=Test CA"));
crlGen.setThisUpdate(now);
crlGen.setNextUpdate(new Date(now.getTime() + 100000));
crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
crlGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(pair.getPublic()));
X509CRL crl = crlGen.generate(pair.getPrivate(), "BC");
if (!crl.getIssuerDN().equals(new X509Principal("CN=Test CA")))
{
fail("failed CRL issuer test");
}
byte[] authExt = crl.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (authExt == null)
{
fail("failed to find CRL extension");
}
AuthorityKeyIdentifier authId = new AuthorityKeyIdentifierStructure(authExt);
X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
if (entry == null)
{
fail("failed to find CRL entry");
}
if (!entry.getSerialNumber().equals(BigInteger.ONE))
{
fail("CRL cert serial number does not match");
}
if (!entry.hasExtensions())
{
fail("CRL entry extension not found");
}
byte[] ext = entry.getExtensionValue(X509Extensions.ReasonCode.getId());
if (ext != null)
{
DEREnumerated reasonCode = (DEREnumerated)X509ExtensionUtil.fromExtensionValue(ext);
if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
{
fail("CRL entry reasonCode wrong");
}
}
else
{
fail("CRL entry reasonCode not found");
}
}