當前位置: 首頁>>代碼示例>>Java>>正文


Java X509Certificate.getKeyUsage方法代碼示例

本文整理匯總了Java中java.security.cert.X509Certificate.getKeyUsage方法的典型用法代碼示例。如果您正苦於以下問題:Java X509Certificate.getKeyUsage方法的具體用法?Java X509Certificate.getKeyUsage怎麽用?Java X509Certificate.getKeyUsage使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在java.security.cert.X509Certificate的用法示例。


在下文中一共展示了X509Certificate.getKeyUsage方法的13個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: isValidKeyUsage

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * Checks if is valid key usage. <p>
 * KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1),
 * keyEncipherment (2), dataEncipherment (3), keyAgreement (4),
 * keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) }
 *          
 * @param certificate the certificate
 * @return true, if  valid key usage
 */
private boolean isValidKeyUsage(final X509Certificate certificate) {
    logger.debug("Checking certificate keyUsage extension");
    final boolean[] keyUsage = certificate.getKeyUsage();
    if (keyUsage == null) {
        logger.warn("Configuration specifies checkKeyUsage but keyUsage extension not found in certificate.");
        return !this.requireKeyUsage;
    }

    final boolean valid;
    if (isCritical(certificate, KEY_USAGE_OID) || this.requireKeyUsage) {
        logger.debug("KeyUsage extension is marked critical or required by configuration.");
        valid = keyUsage[0];
    } else {
        logger.debug(
           "KeyUsage digitalSignature=%s, Returning true since keyUsage validation not required by configuration.");
        valid = true;
    }
    return valid;
}
 
開發者ID:hsj-xiaokang,項目名稱:springboot-shiro-cas-mybatis,代碼行數:29,代碼來源:X509CredentialsAuthenticationHandler.java

示例2: isValidKeyUsage

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * Checks if is valid key usage. <p>
 * KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1),
 * keyEncipherment (2), dataEncipherment (3), keyAgreement (4),
 * keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) }
 *
 * @param certificate the certificate
 * @return true, if  valid key usage
 */
private boolean isValidKeyUsage(final X509Certificate certificate) {
    LOGGER.debug("Checking certificate keyUsage extension");
    final boolean[] keyUsage = certificate.getKeyUsage();
    if (keyUsage == null) {
        LOGGER.warn("Configuration specifies checkKeyUsage but keyUsage extension not found in certificate.");
        return !this.requireKeyUsage;
    }

    final boolean valid;
    if (isCritical(certificate, KEY_USAGE_OID) || this.requireKeyUsage) {
        LOGGER.debug("KeyUsage extension is marked critical or required by configuration.");
        valid = keyUsage[0];
    } else {
        LOGGER.debug(
                "KeyUsage digitalSignature=%s, Returning true since keyUsage validation not required by configuration.");
        valid = true;
    }
    return valid;
}
 
開發者ID:mrluo735,項目名稱:cas-5.1.0,代碼行數:29,代碼來源:X509CredentialsAuthenticationHandler.java

示例3: prepareNextCertN

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
protected static void prepareNextCertN(
    CertPath certPath,
    int index)
    throws CertPathValidatorException
{
    List certs = certPath.getCertificates();
    X509Certificate cert = (X509Certificate)certs.get(index);

    //
    // (n)
    //
    boolean[] _usage = cert.getKeyUsage();

    if ((_usage != null) && !_usage[RFC3280CertPathUtilities.KEY_CERT_SIGN])
    {
        throw new ExtCertPathValidatorException(
            "Issuer certificate keyusage extension is critical and does not permit key signing.", null,
            certPath, index);
    }
}
 
開發者ID:Appdome,項目名稱:ipack,代碼行數:21,代碼來源:RFC3280CertPathUtilities.java

示例4: isValidKeyUsage

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
private boolean isValidKeyUsage(final X509Certificate certificate) {
    logger.debug("Checking certificate keyUsage extension");

    /*
     * KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1),
     * keyEncipherment (2), dataEncipherment (3), keyAgreement (4),
     * keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) }
     */
    final boolean[] keyUsage = certificate.getKeyUsage();
    if (keyUsage == null) {
        logger.warn("Configuration specifies checkKeyUsage but keyUsage extension not found in certificate.");
        return !this.requireKeyUsage;
    }

    final boolean valid;
    if (isCritical(certificate, KEY_USAGE_OID) || this.requireKeyUsage) {
        logger.debug("KeyUsage extension is marked critical or required by configuration.");
        valid = keyUsage[0];
    } else {
        logger.debug(
           "KeyUsage digitalSignature=%s, Returning true since keyUsage validation not required by configuration.");
        valid = true;
    }
    return valid;
}
 
開發者ID:luotuo,項目名稱:cas4.0.x-server-wechat,代碼行數:26,代碼來源:X509CredentialsAuthenticationHandler.java

示例5: certSelect

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/**
 * Searches the specified keystore for a certificate that matches the
 * specified X509Certificate and contains a public key that is compatible
 * with the specified SignatureMethod.
 *
 * @return a KeySelectorResult containing the cert's public key if there
 *   is a match; otherwise null
 */
private KeySelectorResult certSelect(X509Certificate xcert,
    SignatureMethod sm) throws KeyStoreException {
    // skip non-signer certs
    boolean[] keyUsage = xcert.getKeyUsage();
    if (keyUsage != null && keyUsage[0] == false) {
        return null;
    }
    String alias = ks.getCertificateAlias(xcert);
    if (alias != null) {
        PublicKey pk = ks.getCertificate(alias).getPublicKey();
        // make sure algorithm is compatible with method
        if (algEquals(sm.getAlgorithm(), pk.getAlgorithm())) {
            return new SimpleKeySelectorResult(pk);
        }
    }
    return null;
}
 
開發者ID:lambdalab-mirror,項目名稱:jdk8u-jdk,代碼行數:26,代碼來源:X509KeySelector.java

示例6: KeyUsage

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
/** Construye una identificador de uso de certificados a partir de un certificado X.509.
 * @param cert Certificado de origen. */
public KeyUsage(final X509Certificate cert) {
	if (cert == null) {
		throw new IllegalArgumentException(
			"El certificado de origen no puede ser nulo" //$NON-NLS-1$
		);
	}
	final boolean[] ke = cert.getKeyUsage();
	if (ke == null) {
		this.usage = null;
		return;
	}
	if (ke.length != KEYUSAGE_NBITS) {
		throw new IllegalArgumentException(
				"El certificado de origen tiene un KeyUsage con un numero de posiciones no soportado: " + ke.length //$NON-NLS-1$
				);
	}
	this.usage = new Boolean[KEYUSAGE_NBITS];
	for (int i=0; i<KEYUSAGE_NBITS; i++) {
		this.usage[i] = Boolean.valueOf(ke[i]);
	}
}
 
開發者ID:MiFirma,項目名稱:mi-firma-android,代碼行數:24,代碼來源:KeyUsage.java

示例7: processAttrCert3

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
protected static void processAttrCert3(X509Certificate acIssuerCert,
    ExtendedPKIXParameters pkixParams) throws CertPathValidatorException
{
    if (acIssuerCert.getKeyUsage() != null
        && (!acIssuerCert.getKeyUsage()[0] && !acIssuerCert.getKeyUsage()[1]))
    {
        throw new CertPathValidatorException(
            "Attribute certificate issuer public key cannot be used to validate digital signatures.");
    }
    if (acIssuerCert.getBasicConstraints() != -1)
    {
        throw new CertPathValidatorException(
            "Attribute certificate issuer is also a public key certificate issuer.");
    }
}
 
開發者ID:Appdome,項目名稱:ipack,代碼行數:16,代碼來源:RFC3281CertPathUtilities.java

示例8: getCertificateList

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public ArrayList<CertificateData> getCertificateList(long slotID) throws Exception, Error{
    ArrayList<CertificateData> ret = new ArrayList<CertificateData>();
    
    session = getSlot(slotID).getToken().openSession(Token.SessionType.SERIAL_SESSION, Token.SessionReadWriteBehavior.RO_SESSION, null, null);
    try {
        session.findObjectsInit(new X509PublicKeyCertificate());
        iaik.pkcs.pkcs11.objects.Object[] publicKeyCertificateObjectList = session.findObjects(1024);

        for(iaik.pkcs.pkcs11.objects.Object publicKeyCertificateObject : publicKeyCertificateObjectList){
            X509PublicKeyCertificate publicKeyCertificate = (X509PublicKeyCertificate) publicKeyCertificateObject;
            byte[] id = publicKeyCertificate.getId().getByteArrayValue();
            byte[] label = publicKeyCertificate.getLabel().toString(false).getBytes();
            byte[] certBytes = publicKeyCertificate.getValue().getByteArrayValue();
            X509Certificate cert = X509Utils.getX509Certificate(certBytes);
            if(!(cert.getKeyUsage()[0] || cert.getKeyUsage()[1]))
                continue;
            
            CertificateData cd = new CertificateData();
            cd.certID = id;
            cd.certLABEL = label;
            cd.cert = cert;
            ret.add(cd);
        }
        
        return ret;
    } finally {
        session.closeSession();
        session = null;
    }
}
 
開發者ID:damianofalcioni,項目名稱:Websocket-Smart-Card-Signer,代碼行數:31,代碼來源:SmartCardAccessIaikImpl.java

示例9: getCertificateList

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public ArrayList<CertificateData> getCertificateList(long slotID) throws Exception{
    ArrayList<CertificateData> ret = new ArrayList<CertificateData>();

    long sessionID = CE.OpenSession(slotID, (CK_SESSION_INFO.CKF_RW_SESSION | CK_SESSION_INFO.CKF_SERIAL_SESSION), null, null);
    try {
        long[] objectIdList = CE.FindObjects(sessionID, new CKA[]{ new CKA(CKA.CLASS, CKO.CERTIFICATE)});
        
        for(long objectId:objectIdList){
            CKA[] ckaId = new CKA[]{ new CKA(CKA.ID, new byte[255])};
            CE.GetAttributeValue(sessionID, objectId, ckaId);
            byte[] id = StringUtils.trim(ckaId[0].getValue());
            
            CKA[] ckaLabel = new CKA[]{ new CKA(CKA.LABEL, new byte[255])};
            CE.GetAttributeValue(sessionID, objectId, ckaLabel);
            byte[] label = StringUtils.trim(ckaLabel[0].getValue());
            
            CKA[] ckaValue = new CKA[]{ new CKA(CKA.VALUE, new byte[2048])};
            CE.GetAttributeValue(sessionID, objectId, ckaValue);
            X509Certificate cert = X509Utils.getX509Certificate(ckaValue[0].getValue());
            
            if(!(cert.getKeyUsage()[0] || cert.getKeyUsage()[1]))
                continue;
            CertificateData cd = new CertificateData();
            cd.certID = id;
            cd.certLABEL = label;
            cd.cert = cert;
            ret.add(cd);
        }
        
        return ret;
    } finally {
        CE.CloseSession(sessionID);
    }
}
 
開發者ID:damianofalcioni,項目名稱:Websocket-Smart-Card-Signer,代碼行數:35,代碼來源:SmartCardAccessJnaImpl.java

示例10: hasKeyusage

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public static boolean hasKeyusage(X509Certificate cert, KeyUsage usage) {
    ParamUtil.requireNonNull("cert", cert);
    boolean[] keyusage = cert.getKeyUsage();
    if (keyusage != null && keyusage.length > usage.bit()) {
        return keyusage[usage.bit()];
    }
    return false;
}
 
開發者ID:xipki,項目名稱:xitk,代碼行數:9,代碼來源:X509Util.java

示例11: isSigningCertificate

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
private void isSigningCertificate(X509Certificate certificate)
        throws KeySelectorException {
    boolean[] keyUsage = certificate.getKeyUsage();
    if (keyUsage != null && keyUsage[0] == false) {
        throw new KeySelectorException(
                "X509 content is not a signing certificate");
    }
}
 
開發者ID:servicecatalog,項目名稱:oscm,代碼行數:9,代碼來源:X509KeySelector.java

示例12: checkIsForSigning

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public static boolean checkIsForSigning(X509Certificate cert){
    if(cert.getKeyUsage()[0])
        return true;
    return false;
}
 
開發者ID:damianofalcioni,項目名稱:Websocket-Smart-Card-Signer,代碼行數:6,代碼來源:X509Utils.java

示例13: checkIsNonRepudiation

import java.security.cert.X509Certificate; //導入方法依賴的package包/類
public static boolean checkIsNonRepudiation(X509Certificate cert){
    if(cert.getKeyUsage()[1])
        return true;
    return false;
}
 
開發者ID:damianofalcioni,項目名稱:Websocket-Smart-Card-Signer,代碼行數:6,代碼來源:X509Utils.java


注:本文中的java.security.cert.X509Certificate.getKeyUsage方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。