List of usage examples for org.bouncycastle.asn1.x509 ExtendedKeyUsage getUsages
public KeyPurposeId[] getUsages()
From source file:edu.vt.middleware.crypt.x509.ExtensionFactory.java
License:Open Source License
/** * Creates a {@link KeyPurposeIdList} object from DER data. * * @param enc DER encoded key purpose identifier data. * * @return Key purpose ID list object.//from ww w.j a v a 2s . co m */ public static KeyPurposeIdList createKeyPurposeIdList(final DEREncodable enc) { final org.bouncycastle.asn1.x509.ExtendedKeyUsage usages = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(enc); final List<KeyPurposeId> idList = new ArrayList<KeyPurposeId>(); for (Object usage : usages.getUsages()) { idList.add(KeyPurposeId.getByOid(usage.toString())); } return new KeyPurposeIdList(idList); }
From source file:net.sf.keystore_explorer.crypto.x509.X509Ext.java
License:Open Source License
private String getExtendedKeyUsageStringValue(byte[] value) throws IOException { // @formatter:off /*//ww w . j a v a 2s . c om * ExtendedKeyUsage ::= ASN1Sequence SIZE (1..MAX) OF KeyPurposeId * * KeyPurposeId ::= OBJECT IDENTIFIER */ // @formatter:on StringBuilder sb = new StringBuilder(); ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.getInstance(value); for (KeyPurposeId keyPurposeId : extendedKeyUsage.getUsages()) { String oid = keyPurposeId.getId(); ExtendedKeyUsageType type = ExtendedKeyUsageType.resolveOid(oid); if (type != null) { sb.append(type.friendly()); } else { // Unrecognised key purpose ID sb.append(oid); } sb.append(NEWLINE); } return sb.toString(); }
From source file:net.sf.keystore_explorer.gui.dialogs.extensions.DExtendedKeyUsage.java
License:Open Source License
private void prepopulateWithValue(byte[] value) throws IOException { ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.getInstance(value); for (KeyPurposeId keyPurposeId : extendedKeyUsage.getUsages()) { ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) keyPurposeId.toASN1Primitive(); ExtendedKeyUsageType type = ExtendedKeyUsageType.resolveOid(oid.getId()); if (type == SERVER_AUTH) { jcbTlsWebServerAuthentication.setSelected(true); } else if (type == CLIENT_AUTH) { jcbTlsWebClientAuthentication.setSelected(true); } else if (type == CODE_SIGNING) { jcbCodeSigning.setSelected(true); } else if (type == DOCUMENT_SIGNING) { jcbDocumentSigning.setSelected(true); } else if (type == ADOBE_PDF_SIGNING) { jcbAdobePDFSigning.setSelected(true); } else if (type == EMAIL_PROTECTION) { jcbEmailProtection.setSelected(true); } else if (type == ENCRYPTED_FILE_SYSTEM) { jcbEncryptedFileSystem.setSelected(true); } else if (type == IPSEC_END_SYSTEM) { jcbIpSecurityEndSystem.setSelected(true); } else if (type == IPSEC_TUNNEL) { jcbIpSecurityTunnelTermination.setSelected(true); } else if (type == IPSEC_USER) { jcbIpSecurityUser.setSelected(true); } else if (type == SMARTCARD_LOGON) { jcbSmartcardLogon.setSelected(true); } else if (type == TIME_STAMPING) { jcbTimeStamping.setSelected(true); } else if (type == OCSP_SIGNING) { jcbOcspStamping.setSelected(true); } else if (type == ANY_EXTENDED_KEY_USAGE) { jcbAnyExtendedKeyUsage.setSelected(true); }/*from w w w. j a v a 2 s. c o m*/ } }
From source file:net.sf.portecle.crypto.X509Ext.java
License:Open Source License
/** * Get Extended Key Usage (2.5.29.37) extension value as a string. * //from w w w. j a v a 2s. c o m * <pre> * ExtendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId * KeyPurposeId ::= OBJECT IDENTIFIER * </pre> * * @param bValue The octet string value * @return Extension value as a string * @throws IOException If an I/O problem occurs */ private String getExtendedKeyUsageStringValue(byte[] bValue) throws IOException { StringBuilder strBuff = new StringBuilder(); ExtendedKeyUsage eku = ExtendedKeyUsage.getInstance(bValue); KeyPurposeId[] usages = eku.getUsages(); for (KeyPurposeId usage : usages) { if (strBuff.length() != 0) { strBuff.append("<br><br>"); } String sOid = usage.getId(); String sEku = getRes(sOid, "UnrecognisedExtKeyUsageString"); strBuff.append(MessageFormat.format(sEku, sOid)); } return strBuff.toString(); }
From source file:net.wstech2.me.httpsclient.CertificateValidatorUtils.java
License:Apache License
private static Boolean isHostAunthenticationCertificate(Certificate cert) throws IOException { Extension extKeyUsageExtension = cert.getTBSCertificate().getExtensions() .getExtension(Extension.extendedKeyUsage); if (extKeyUsageExtension == null) { return Boolean.FALSE; }/*from w ww .j a v a2 s.c o m*/ ASN1OctetString oct = extKeyUsageExtension.getExtnValue(); ASN1InputStream extIn = new ASN1InputStream(new ByteArrayInputStream(oct.getOctets())); ExtendedKeyUsage extKeyUsages = ExtendedKeyUsage.getInstance(extIn.readObject()); extIn.close(); KeyPurposeId[] keyPurposeIds = extKeyUsages.getUsages(); for (int i = 0; i < keyPurposeIds.length; i++) { if (keyPurposeIds[i].equals(KeyPurposeId.id_kp_serverAuth)) { return Boolean.TRUE; } } return Boolean.FALSE; }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionExtendedKeyUsage(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestedExtensions, final ExtensionControl extControl) { Set<String> isUsages = new HashSet<>(); org.bouncycastle.asn1.x509.ExtendedKeyUsage keyusage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extensionValue); KeyPurposeId[] usages = keyusage.getUsages(); if (usages != null) { for (KeyPurposeId usage : usages) { isUsages.add(usage.getId()); }/*from ww w. java 2 s.co m*/ } Set<String> expectedUsages = new HashSet<>(); Set<ExtKeyUsageControl> requiredExtKeyusage = getExtKeyusage(true); if (requiredExtKeyusage != null) { for (ExtKeyUsageControl usage : requiredExtKeyusage) { expectedUsages.add(usage.getExtKeyUsage().getId()); } } Set<ExtKeyUsageControl> optionalExtKeyusage = getExtKeyusage(false); if (requestedExtensions != null && extControl.isRequest() && CollectionUtil.isNonEmpty(optionalExtKeyusage)) { Extension extension = requestedExtensions.getExtension(Extension.extendedKeyUsage); if (extension != null) { org.bouncycastle.asn1.x509.ExtendedKeyUsage reqKeyUsage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extension.getParsedValue()); for (ExtKeyUsageControl k : optionalExtKeyusage) { if (reqKeyUsage.hasKeyPurposeId(KeyPurposeId.getInstance(k.getExtKeyUsage()))) { expectedUsages.add(k.getExtKeyUsage().getId()); } } } } if (CollectionUtil.isEmpty(expectedUsages)) { byte[] constantExtValue = getConstantExtensionValue(Extension.keyUsage); if (constantExtValue != null) { expectedUsages = getExtKeyUsage(constantExtValue); } } Set<String> diffs = strInBnotInA(expectedUsages, isUsages); if (CollectionUtil.isNonEmpty(diffs)) { failureMsg.append("usages ").append(diffs.toString()).append(" are present but not expected; "); } diffs = strInBnotInA(isUsages, expectedUsages); if (CollectionUtil.isNonEmpty(diffs)) { failureMsg.append("usages ").append(diffs.toString()).append(" are absent but are required; "); } }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private static Set<String> getExtKeyUsage(final byte[] extensionValue) { Set<String> usages = new HashSet<>(); org.bouncycastle.asn1.x509.ExtendedKeyUsage reqKeyUsage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extensionValue); for (KeyPurposeId usage : reqKeyUsage.getUsages()) { usages.add(usage.getId());//from ww w .jav a2s .c o m } return usages; }
From source file:org.xwiki.crypto.pkix.internal.extension.BcExtensionUtils.java
License:Open Source License
/** * Convert extended usages from Bouncy Castle. * * @param usages the bouncy castle extended key usage to convert. * @return the set of authorized usages. *//*from w w w . j a va2 s . c o m*/ public static ExtendedKeyUsages getExtendedKeyUsages(ExtendedKeyUsage usages) { if (usages == null) { return null; } List<String> usageStr = new ArrayList<String>(); for (KeyPurposeId keyPurposeId : usages.getUsages()) { usageStr.add(keyPurposeId.getId()); } return new ExtendedKeyUsages(usageStr); }
From source file:se.tillvaxtverket.tsltrust.weblogic.content.CertificateInformation.java
License:Open Source License
private void addCertificateExtensionInfo(AaaCertificate cert, boolean unfold) { InfoTableSection section = certElements.addNewSection(tm, "Extensions", unfold); section.setSectionHeadingClasses(CERT_INFO); InfoTableElements extElements = section.getElements(); extFact.clear();/* w w w. java 2s .c o m*/ List<ExtensionInfo> extList = cert.getExtensionInfoList(); if (extList == null) { return; } section.setFoldedElement( "Extension summary (out of " + String.valueOf(extList.size()) + " total Extensions)"); section.setKeepFoldableElement(true); for (ExtensionInfo rawExt : extList) { //Basic Constraints if (rawExt.getExtensionType().equals(SupportedExtension.basicConstraints)) { BasicConstraints bc = BasicConstraints.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property extFact.add("cA", String.valueOf(bc.isCA())); extFact.addExtension(extElements); } //Key Usage if (rawExt.getExtensionType().equals(SupportedExtension.keyUsage)) { KeyUsage ku = KeyUsage.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); extFact.add("Usage", DisplayCert.getKeyUsageText(ku)); extFact.addExtension(extElements); } //QcStatements if (rawExt.getExtensionType().equals(SupportedExtension.qCStatements)) { QCStatementsExt qc = QCStatementsExt.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property if (qc.isQcCompliance()) { extFact.add("Qualified", "true"); } if (qc.isQcSscd()) { extFact.add("QSSCD", "true"); } extFact.addExtension(extElements); } // //EKU if (rawExt.getExtensionType().equals(SupportedExtension.extendedKeyUsage)) { ExtendedKeyUsage eku = ExtendedKeyUsage.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property KeyPurposeId[] keyPurposeIDs = eku.getUsages(); for (KeyPurposeId oid : keyPurposeIDs) { extFact.add(OidName.getName(oid.getId()), oid.getId()); } extFact.addExtension(extElements); } // //CertificatePolicies if (rawExt.getExtensionType().equals(SupportedExtension.certificatePolicies)) { CertificatePolicies cp = CertificatePolicies.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property PolicyInformation[] policyInformation = cp.getPolicyInformation(); for (PolicyInformation pi : policyInformation) { ASN1ObjectIdentifier oid = pi.getPolicyIdentifier(); extFact.add("Policy", OidName.getName(oid.getId())); } extFact.addExtension(extElements); } // //SubjectAlterantive Name // /** // * GeneralName ::= CHOICE { // * otherName [0] OtherName, // * rfc822Name [1] IA5String, // * dNSName [2] IA5String, // * x400Address [3] ORAddress, // * directoryName [4] Name, // * ediPartyName [5] EDIPartyName, // * uniformResourceIdentifier [6] IA5String, // * iPAddress [7] OCTET STRING, // * registeredID [8] OBJECT IDENTIFIER } // */ if (rawExt.getExtensionType().equals(SupportedExtension.subjectAlternativeName)) { GeneralNames san = GeneralNames.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property String[] nameType = new String[] { "otherName", "rfc822Name", "dNSName", "x400Address", "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID" }; GeneralName[] generalNames = san.getNames(); for (GeneralName name : generalNames) { int type = name.getTagNo(); if (type == 1 || type == 2 || type == 6 || type == 7) { extFact.add(nameType[type], name.getName().toString()); } } extFact.addExtension(extElements); } } }