List of usage examples for org.bouncycastle.asn1.x509 ExtendedKeyUsage size
public int size()
From source file:be.fedict.trust.constraints.CodeSigningCertificateConstraint.java
License:Open Source License
@Override public void check(X509Certificate certificate) throws TrustLinkerResultException, Exception { byte[] extension = certificate.getExtensionValue(Extension.extendedKeyUsage.getId()); if (null == extension) { throw new TrustLinkerResultException(TrustLinkerResultReason.CONSTRAINT_VIOLATION, "missing ExtendedKeyUsage extension"); }/*from w ww . j av a2 s . c om*/ if (false == certificate.getCriticalExtensionOIDs().contains(Extension.extendedKeyUsage.getId())) { throw new TrustLinkerResultException(TrustLinkerResultReason.CONSTRAINT_VIOLATION, "ExtendedKeyUsage should be critical"); } ASN1InputStream asn1InputStream = new ASN1InputStream(new ByteArrayInputStream(extension)); asn1InputStream = new ASN1InputStream( new ByteArrayInputStream(((ASN1OctetString) asn1InputStream.readObject()).getOctets())); ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.getInstance(asn1InputStream.readObject()); if (false == extendedKeyUsage.hasKeyPurposeId(KeyPurposeId.id_kp_codeSigning)) { throw new TrustLinkerResultException(TrustLinkerResultReason.CONSTRAINT_VIOLATION, "missing codeSigning ExtendedKeyUsage"); } if (1 != extendedKeyUsage.size()) { throw new TrustLinkerResultException(TrustLinkerResultReason.CONSTRAINT_VIOLATION, "ExtendedKeyUsage not solely codeSigning"); } }