List of usage examples for org.bouncycastle.asn1.x509 KeyPurposeId getId
public String getId()
From source file:net.sf.keystore_explorer.crypto.x509.X509Ext.java
License:Open Source License
private String getExtendedKeyUsageStringValue(byte[] value) throws IOException { // @formatter:off /*//from ww w . jav a 2s .c o m * ExtendedKeyUsage ::= ASN1Sequence SIZE (1..MAX) OF KeyPurposeId * * KeyPurposeId ::= OBJECT IDENTIFIER */ // @formatter:on StringBuilder sb = new StringBuilder(); ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.getInstance(value); for (KeyPurposeId keyPurposeId : extendedKeyUsage.getUsages()) { String oid = keyPurposeId.getId(); ExtendedKeyUsageType type = ExtendedKeyUsageType.resolveOid(oid); if (type != null) { sb.append(type.friendly()); } else { // Unrecognised key purpose ID sb.append(oid); } sb.append(NEWLINE); } return sb.toString(); }
From source file:net.sf.portecle.crypto.X509Ext.java
License:Open Source License
/** * Get Extended Key Usage (2.5.29.37) extension value as a string. * // ww w . j a va 2 s . c o m * <pre> * ExtendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId * KeyPurposeId ::= OBJECT IDENTIFIER * </pre> * * @param bValue The octet string value * @return Extension value as a string * @throws IOException If an I/O problem occurs */ private String getExtendedKeyUsageStringValue(byte[] bValue) throws IOException { StringBuilder strBuff = new StringBuilder(); ExtendedKeyUsage eku = ExtendedKeyUsage.getInstance(bValue); KeyPurposeId[] usages = eku.getUsages(); for (KeyPurposeId usage : usages) { if (strBuff.length() != 0) { strBuff.append("<br><br>"); } String sOid = usage.getId(); String sEku = getRes(sOid, "UnrecognisedExtKeyUsageString"); strBuff.append(MessageFormat.format(sEku, sOid)); } return strBuff.toString(); }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private void checkExtensionExtendedKeyUsage(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestExtensions, final ExtensionControl extControl) { Set<String> isUsages = new HashSet<>(); {/* w w w .j a v a 2 s. c om*/ org.bouncycastle.asn1.x509.ExtendedKeyUsage keyusage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extensionValue); KeyPurposeId[] usages = keyusage.getUsages(); if (usages != null) { for (KeyPurposeId usage : usages) { isUsages.add(usage.getId()); } } } Set<String> expectedUsages = new HashSet<>(); Set<ExtKeyUsageControl> requiredExtKeyusage = getExtKeyusage(true); if (requiredExtKeyusage != null) { for (ExtKeyUsageControl usage : requiredExtKeyusage) { expectedUsages.add(usage.getExtKeyUsage().getId()); } } Set<ExtKeyUsageControl> optionalExtKeyusage = getExtKeyusage(false); if (extControl.isRequest() && requestExtensions != null && CollectionUtil.isNotEmpty(optionalExtKeyusage)) { Extension extension = requestExtensions.getExtension(Extension.extendedKeyUsage); if (extension != null) { org.bouncycastle.asn1.x509.ExtendedKeyUsage reqKeyUsage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extension.getParsedValue()); for (ExtKeyUsageControl k : optionalExtKeyusage) { if (reqKeyUsage.hasKeyPurposeId(KeyPurposeId.getInstance(k.getExtKeyUsage()))) { expectedUsages.add(k.getExtKeyUsage().getId()); } } } } if (CollectionUtil.isEmpty(expectedUsages)) { byte[] constantExtValue = getConstantExtensionValue(Extension.keyUsage); if (constantExtValue != null) { expectedUsages = getExtKeyUsage(constantExtValue); } } Set<String> diffs = str_in_b_not_in_a(expectedUsages, isUsages); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("usages " + diffs.toString() + " are present but not expected"); failureMsg.append("; "); } diffs = str_in_b_not_in_a(isUsages, expectedUsages); if (CollectionUtil.isNotEmpty(diffs)) { failureMsg.append("usages " + diffs.toString() + " are absent but are required"); failureMsg.append("; "); } }
From source file:org.xipki.ca.qa.impl.X509CertprofileQAImpl.java
License:Open Source License
private static Set<String> getExtKeyUsage(final byte[] extensionValue) { Set<String> usages = new HashSet<>(); org.bouncycastle.asn1.x509.ExtendedKeyUsage reqKeyUsage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extensionValue); for (KeyPurposeId usage : reqKeyUsage.getUsages()) { usages.add(usage.getId()); }//from w ww . j ava 2 s.c o m return usages; }
From source file:org.xipki.pki.ca.qa.ExtensionsChecker.java
License:Open Source License
private void checkExtensionExtendedKeyUsage(final StringBuilder failureMsg, final byte[] extensionValue, final Extensions requestedExtensions, final ExtensionControl extControl) { Set<String> isUsages = new HashSet<>(); org.bouncycastle.asn1.x509.ExtendedKeyUsage keyusage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extensionValue); KeyPurposeId[] usages = keyusage.getUsages(); if (usages != null) { for (KeyPurposeId usage : usages) { isUsages.add(usage.getId()); }/*from w w w .j a v a2s . c o m*/ } Set<String> expectedUsages = new HashSet<>(); Set<ExtKeyUsageControl> requiredExtKeyusage = getExtKeyusage(true); if (requiredExtKeyusage != null) { for (ExtKeyUsageControl usage : requiredExtKeyusage) { expectedUsages.add(usage.getExtKeyUsage().getId()); } } Set<ExtKeyUsageControl> optionalExtKeyusage = getExtKeyusage(false); if (requestedExtensions != null && extControl.isRequest() && CollectionUtil.isNonEmpty(optionalExtKeyusage)) { Extension extension = requestedExtensions.getExtension(Extension.extendedKeyUsage); if (extension != null) { org.bouncycastle.asn1.x509.ExtendedKeyUsage reqKeyUsage = org.bouncycastle.asn1.x509.ExtendedKeyUsage .getInstance(extension.getParsedValue()); for (ExtKeyUsageControl k : optionalExtKeyusage) { if (reqKeyUsage.hasKeyPurposeId(KeyPurposeId.getInstance(k.getExtKeyUsage()))) { expectedUsages.add(k.getExtKeyUsage().getId()); } } } } if (CollectionUtil.isEmpty(expectedUsages)) { byte[] constantExtValue = getConstantExtensionValue(Extension.keyUsage); if (constantExtValue != null) { expectedUsages = getExtKeyUsage(constantExtValue); } } Set<String> diffs = strInBnotInA(expectedUsages, isUsages); if (CollectionUtil.isNonEmpty(diffs)) { failureMsg.append("usages ").append(diffs.toString()).append(" are present but not expected; "); } diffs = strInBnotInA(isUsages, expectedUsages); if (CollectionUtil.isNonEmpty(diffs)) { failureMsg.append("usages ").append(diffs.toString()).append(" are absent but are required; "); } }
From source file:org.xwiki.crypto.pkix.internal.extension.BcExtensionUtils.java
License:Open Source License
/** * Convert extended usages from Bouncy Castle. * * @param usages the bouncy castle extended key usage to convert. * @return the set of authorized usages. *//*from ww w.jav a2s . c o m*/ public static ExtendedKeyUsages getExtendedKeyUsages(ExtendedKeyUsage usages) { if (usages == null) { return null; } List<String> usageStr = new ArrayList<String>(); for (KeyPurposeId keyPurposeId : usages.getUsages()) { usageStr.add(keyPurposeId.getId()); } return new ExtendedKeyUsages(usageStr); }
From source file:se.tillvaxtverket.tsltrust.weblogic.content.CertificateInformation.java
License:Open Source License
private void addCertificateExtensionInfo(AaaCertificate cert, boolean unfold) { InfoTableSection section = certElements.addNewSection(tm, "Extensions", unfold); section.setSectionHeadingClasses(CERT_INFO); InfoTableElements extElements = section.getElements(); extFact.clear();/*www. j av a 2 s . co m*/ List<ExtensionInfo> extList = cert.getExtensionInfoList(); if (extList == null) { return; } section.setFoldedElement( "Extension summary (out of " + String.valueOf(extList.size()) + " total Extensions)"); section.setKeepFoldableElement(true); for (ExtensionInfo rawExt : extList) { //Basic Constraints if (rawExt.getExtensionType().equals(SupportedExtension.basicConstraints)) { BasicConstraints bc = BasicConstraints.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property extFact.add("cA", String.valueOf(bc.isCA())); extFact.addExtension(extElements); } //Key Usage if (rawExt.getExtensionType().equals(SupportedExtension.keyUsage)) { KeyUsage ku = KeyUsage.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); extFact.add("Usage", DisplayCert.getKeyUsageText(ku)); extFact.addExtension(extElements); } //QcStatements if (rawExt.getExtensionType().equals(SupportedExtension.qCStatements)) { QCStatementsExt qc = QCStatementsExt.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property if (qc.isQcCompliance()) { extFact.add("Qualified", "true"); } if (qc.isQcSscd()) { extFact.add("QSSCD", "true"); } extFact.addExtension(extElements); } // //EKU if (rawExt.getExtensionType().equals(SupportedExtension.extendedKeyUsage)) { ExtendedKeyUsage eku = ExtendedKeyUsage.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property KeyPurposeId[] keyPurposeIDs = eku.getUsages(); for (KeyPurposeId oid : keyPurposeIDs) { extFact.add(OidName.getName(oid.getId()), oid.getId()); } extFact.addExtension(extElements); } // //CertificatePolicies if (rawExt.getExtensionType().equals(SupportedExtension.certificatePolicies)) { CertificatePolicies cp = CertificatePolicies.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property PolicyInformation[] policyInformation = cp.getPolicyInformation(); for (PolicyInformation pi : policyInformation) { ASN1ObjectIdentifier oid = pi.getPolicyIdentifier(); extFact.add("Policy", OidName.getName(oid.getId())); } extFact.addExtension(extElements); } // //SubjectAlterantive Name // /** // * GeneralName ::= CHOICE { // * otherName [0] OtherName, // * rfc822Name [1] IA5String, // * dNSName [2] IA5String, // * x400Address [3] ORAddress, // * directoryName [4] Name, // * ediPartyName [5] EDIPartyName, // * uniformResourceIdentifier [6] IA5String, // * iPAddress [7] OCTET STRING, // * registeredID [8] OBJECT IDENTIFIER } // */ if (rawExt.getExtensionType().equals(SupportedExtension.subjectAlternativeName)) { GeneralNames san = GeneralNames.getInstance(rawExt.getExtDataASN1()); extFact.add(getExtNameAndOID(rawExt), EXT_ATTR); // set property String[] nameType = new String[] { "otherName", "rfc822Name", "dNSName", "x400Address", "directoryName", "ediPartyName", "uniformResourceIdentifier", "iPAddress", "registeredID" }; GeneralName[] generalNames = san.getNames(); for (GeneralName name : generalNames) { int type = name.getTagNo(); if (type == 1 || type == 2 || type == 6 || type == 7) { extFact.add(nameType[type], name.getName().toString()); } } extFact.addExtension(extElements); } } }