本文整理匯總了Java中org.bouncycastle.cert.X509CertificateHolder.getExtension方法的典型用法代碼示例。如果您正苦於以下問題:Java X509CertificateHolder.getExtension方法的具體用法?Java X509CertificateHolder.getExtension怎麽用?Java X509CertificateHolder.getExtension使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類org.bouncycastle.cert.X509CertificateHolder的用法示例。
在下文中一共展示了X509CertificateHolder.getExtension方法的4個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。
示例1: match
import org.bouncycastle.cert.X509CertificateHolder; //導入方法依賴的package包/類
public boolean match(Object obj)
{
if (obj instanceof X509CertificateHolder)
{
X509CertificateHolder certHldr = (X509CertificateHolder)obj;
if (this.getSerialNumber() != null)
{
IssuerAndSerialNumber iAndS = new IssuerAndSerialNumber(certHldr.toASN1Structure());
return iAndS.getName().equals(this.issuer)
&& iAndS.getSerialNumber().getValue().equals(this.serialNumber);
}
else if (subjectKeyId != null)
{
Extension ext = certHldr.getExtension(Extension.subjectKeyIdentifier);
if (ext == null)
{
return Arrays.areEqual(subjectKeyId, MSOutlookKeyIdCalculator.calculateKeyId(certHldr.getSubjectPublicKeyInfo()));
}
byte[] subKeyID = ASN1OctetString.getInstance(ext.getParsedValue()).getOctets();
return Arrays.areEqual(subjectKeyId, subKeyID);
}
}
else if (obj instanceof byte[])
{
return Arrays.areEqual(subjectKeyId, (byte[])obj);
}
return false;
}
示例2: validateCertificate
import org.bouncycastle.cert.X509CertificateHolder; //導入方法依賴的package包/類
/**
* Validate the passed in certificate as being of the correct type to be used
* for time stamping. To be valid it must have an ExtendedKeyUsage extension
* which has a key purpose identifier of id-kp-timeStamping.
*
* @param cert the certificate of interest.
* @throws TSPValidationException if the certicate fails on one of the check points.
*/
public static void validateCertificate(
X509CertificateHolder cert)
throws TSPValidationException
{
if (cert.toASN1Structure().getVersionNumber() != 3)
{
throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
}
Extension ext = cert.getExtension(Extension.extendedKeyUsage);
if (ext == null)
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
}
if (!ext.isCritical())
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
}
ExtendedKeyUsage extKey = ExtendedKeyUsage.getInstance(ext.getParsedValue());
if (!extKey.hasKeyPurposeId(KeyPurposeId.id_kp_timeStamping) || extKey.size() != 1)
{
throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
}
}
示例3: validateCertificate
import org.bouncycastle.cert.X509CertificateHolder; //導入方法依賴的package包/類
/**
* Validate the passed in certificate as being of the correct type to be used
* for time stamping. To be valid it must have an ExtendedKeyUsage extension
* which has a key purpose identifier of id-kp-timeStamping.
*
* @param cert the certificate of interest.
* @throws TSPValidationException if the certificate fails on one of the check points.
*/
public static void validateCertificate(
X509CertificateHolder cert)
throws TSPValidationException
{
if (cert.toASN1Structure().getVersionNumber() != 3)
{
throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
}
Extension ext = cert.getExtension(Extension.extendedKeyUsage);
if (ext == null)
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
}
if (!ext.isCritical())
{
throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
}
ExtendedKeyUsage extKey = ExtendedKeyUsage.getInstance(ext.getParsedValue());
if (!extKey.hasKeyPurposeId(KeyPurposeId.id_kp_timeStamping) || extKey.size() != 1)
{
throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
}
}
示例4: getEmailFromCert
import org.bouncycastle.cert.X509CertificateHolder; //導入方法依賴的package包/類
/**
* Extract email addresses from a certificate
*
* @param cert the X509 certificate holder
* @return a List of all email addresses found
* @throws CertificateException
*/
private static List<String> getEmailFromCert(X509CertificateHolder cert)
throws CertificateException {
List<String> res = new ArrayList<>();
X500Name subject = cert.getSubject();
for (RDN emails : subject.getRDNs(BCStyle.EmailAddress)) {
for (AttributeTypeAndValue emailAttr: emails.getTypesAndValues()) {
log.debug("Add email from RDN: " + IETFUtils.valueToString(emailAttr.getValue()));
res.add(IETFUtils.valueToString(emailAttr.getValue()));
}
}
Extension subjectAlternativeNames = cert
.getExtension(Extension.subjectAlternativeName);
if (subjectAlternativeNames != null) {
for (GeneralName name : GeneralNames.getInstance(
subjectAlternativeNames.getParsedValue()).getNames()) {
if (name.getTagNo() == GeneralName.rfc822Name) {
String email = IETFUtils.valueToString(name.getName());
log.debug("Add email from subjectAlternativeName: " + email);
res.add(email);
}
}
}
return res;
}