java.security.cert.X509Certificate.getExtendedKeyUsage()方法的使用及代码示例

x33g5p2x  于2022-02-02 转载在 其他  
字(8.0k)|赞(0)|评价(0)|浏览(170)

本文整理了Java中java.security.cert.X509Certificate.getExtendedKeyUsage()方法的一些代码示例,展示了X509Certificate.getExtendedKeyUsage()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。X509Certificate.getExtendedKeyUsage()方法的具体详情如下:
包路径:java.security.cert.X509Certificate
类名称:X509Certificate
方法名:getExtendedKeyUsage

X509Certificate.getExtendedKeyUsage介绍

[英]Returns a read-only list of OID strings representing the ExtKeyUsageSyntax field of the extended key usage extension.
[中]返回OID字符串的只读列表,这些字符串表示扩展密钥使用扩展的ExtKeyUsageSyntax字段。

代码示例

代码示例来源:origin: redisson/redisson

@Override
public List<String> getExtendedKeyUsage() throws CertificateParsingException {
  return unwrap().getExtendedKeyUsage();
}

代码示例来源:origin: robovm/robovm

List keyUsage = cert.getExtendedKeyUsage();
if (keyUsage != null) {
  if (!keyUsage.containsAll(extendedKeyUsage)) {

代码示例来源:origin: rhuss/jolokia

private void checkCertForClientUsage(X509Certificate clientCert) {
  try {
    // We required that the extended key usage must be present if we are using
    // client cert authentication
    if (extendedClientCheck &&
      (clientCert.getExtendedKeyUsage() == null ||
       !clientCert.getExtendedKeyUsage().contains(CLIENTAUTH_OID))) {
      throw new SecurityException("No extended key usage available");
    }
  } catch (CertificateParsingException e) {
    throw new SecurityException("Can't parse client cert");
  }
}

代码示例来源:origin: io.netty/netty-handler

@Override
public List<String> getExtendedKeyUsage() throws CertificateParsingException {
  return unwrap().getExtendedKeyUsage();
}

代码示例来源:origin: apache/pdfbox

/**
 * Log if the certificate is not valid for responding.
 *
 * @param x509Certificate 
 * @throws java.security.cert.CertificateParsingException 
 */
public static void checkResponderCertificateUsage(X509Certificate x509Certificate)
    throws CertificateParsingException
{
  List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
  // https://tools.ietf.org/html/rfc5280#section-4.2.1.12
  if (extendedKeyUsage != null &&
    !extendedKeyUsage.contains(KeyPurposeId.id_kp_OCSPSigning.toString()))
  {
    LOG.error("Certificate extended key usage does not include OCSP responding");
  }
}

代码示例来源:origin: apache/pdfbox

/**
 * Log if the certificate is not valid for timestamping.
 *
 * @param x509Certificate 
 * @throws java.security.cert.CertificateParsingException 
 */
public static void checkTimeStampCertificateUsage(X509Certificate x509Certificate)
    throws CertificateParsingException
{
  List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
  // https://tools.ietf.org/html/rfc5280#section-4.2.1.12
  if (extendedKeyUsage != null &&
    !extendedKeyUsage.contains(KeyPurposeId.id_kp_timeStamping.toString()))
  {
    LOG.error("Certificate extended key usage does not include timeStamping");
  }
}

代码示例来源:origin: apache/pdfbox

"digitalSignature nor nonRepudiation");
List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
if (extendedKeyUsage != null &&
  !extendedKeyUsage.contains(KeyPurposeId.id_kp_emailProtection.toString()) &&

代码示例来源:origin: org.nhind/agent

@Override
/**
 * {@inheritDoc}
 */	
public  List<String> getExtendedKeyUsage() throws CertificateParsingException
{
  return internalCert.getExtendedKeyUsage();
}

代码示例来源:origin: mcxiaoke/ApkSigner

@Override
public List<String> getExtendedKeyUsage() throws CertificateParsingException {
  return mDelegate.getExtendedKeyUsage();
}

代码示例来源:origin: stackoverflow.com

X509Certificate certificate =...;
certificate .getExtendedKeyUsage();

代码示例来源:origin: org.jolokia/jolokia-agent-jvm

private void checkCertForClientUsage(X509Certificate clientCert) {
  try {
    // We required that the extended key usage must be present if we are using
    // client cert authentication
    if (extendedClientCheck &&
      (clientCert.getExtendedKeyUsage() == null ||
       !clientCert.getExtendedKeyUsage().contains(CLIENTAUTH_OID))) {
      throw new SecurityException("No extended key usage available");
    }
  } catch (CertificateParsingException e) {
    throw new SecurityException("Can't parse client cert");
  }
}

代码示例来源:origin: igniterealtime/Spark

private String extendedKeyUsageExtractor(X509Certificate cert) throws CertificateParsingException {
  String value = "";
  List<String> extKeyUsage = cert.getExtendedKeyUsage();
  for (String use : extKeyUsage) {
    value += use + ": " + OIDTranslator.getDescription(use) + "\n";
  }
  return value;
}

代码示例来源:origin: oracle/oci-java-sdk

@Override
public List<String> getExtendedKeyUsage() throws CertificateParsingException {
  return delegate().getExtendedKeyUsage();
}

代码示例来源:origin: SAMLRaider/SAMLRaider

public List<String> getExtendedKeyUsage() {
  List<String> extendedKeyUsage = new LinkedList<>();
  try {
    if (certificate.getExtendedKeyUsage() == null) {
      return extendedKeyUsage;
    }
    for (String i : certificate.getExtendedKeyUsage()) {
      extendedKeyUsage.add(ObjectIdentifier.getExtendedKeyUsage(i));
    }
  } catch (CertificateParsingException e) {
    e.printStackTrace();
  }
  return extendedKeyUsage;
}

代码示例来源:origin: org.apache.pdfbox/pdfbox-examples

/**
 * Log if the certificate is not valid for responding.
 *
 * @param x509Certificate 
 * @throws java.security.cert.CertificateParsingException 
 */
public static void checkResponderCertificateUsage(X509Certificate x509Certificate)
    throws CertificateParsingException
{
  List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
  // https://tools.ietf.org/html/rfc5280#section-4.2.1.12
  if (extendedKeyUsage != null &&
    !extendedKeyUsage.contains(KeyPurposeId.id_kp_OCSPSigning.toString()))
  {
    LOG.error("Certificate extended key usage does not include OCSP responding");
  }
}

代码示例来源:origin: com.addc/addc-security

private String getExtendedKeyUsage(X509Certificate cert, Translator tr, String pad, String indent, String eol) {
  LOGGER.debug("Extract extended key usage extension");
  StringBuilder sb= new StringBuilder();
  List<String> extendedKeyUsage;
  try {
    extendedKeyUsage= cert.getExtendedKeyUsage();
    if (extendedKeyUsage != null) {
      sb.append(pad).append(tr.translate(EXT_KEY_USAGE)).append(eol);
      for (String oid : extendedKeyUsage) {
        sb.append(pad).append(indent).append(X509CertConstants.EXTENDED_KEY_USAGES.get(oid)).append(eol);
      }
    }
  } catch (CertificateParsingException e) {
    LOGGER.error("Unexpected error getting extended key usage", e);
  }
  return sb.toString();
}

代码示例来源:origin: org.apache.pdfbox/pdfbox-examples

/**
 * Log if the certificate is not valid for timestamping.
 *
 * @param x509Certificate 
 * @throws java.security.cert.CertificateParsingException 
 */
public static void checkTimeStampCertificateUsage(X509Certificate x509Certificate)
    throws CertificateParsingException
{
  List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
  // https://tools.ietf.org/html/rfc5280#section-4.2.1.12
  if (extendedKeyUsage != null &&
    !extendedKeyUsage.contains(KeyPurposeId.id_kp_timeStamping.toString()))
  {
    LOG.error("Certificate extended key usage does not include timeStamping");
  }
}

代码示例来源:origin: esig/dss

public static boolean isExtendedKeyUsagePresent(CertificateToken certToken, ASN1ObjectIdentifier oid) {
  try {
    List<String> keyPurposes = certToken.getCertificate().getExtendedKeyUsage();
    if ((keyPurposes != null) && keyPurposes.contains(oid.getId())) {
      return true;
    }
  } catch (CertificateParsingException e) {
    LOG.error("Unable to retrieve ExtendedKeyUsage from certificate", e);
  }
  return false;
}

代码示例来源:origin: esig/dss

public static List<String> getExtendedKeyUsage(CertificateToken certToken) {
  try {
    return certToken.getCertificate().getExtendedKeyUsage();
  } catch (CertificateParsingException e) {
    LOG.warn("Unable to retrieve ExtendedKeyUsage : {}", e.getMessage());
    return Collections.emptyList();
  }
}

代码示例来源:origin: arhs/sd-dss

/**
 * Indicates that a X509Certificates corresponding private key is used by an authority to sign OCSP-Responses.<br>
 * http://www.ietf.org/rfc/rfc3280.txt <br>
 * http://tools.ietf.org/pdf/rfc6960.pdf 4.2.2.2<br>
 * {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) keyPurpose(3)
 * ocspSigning(9)}<br>
 * OID: 1.3.6.1.5.5.7.3.9
 *
 * @return
 */
public boolean isOCSPSigning() {
  try {
    List<String> keyPurposes = x509Certificate.getExtendedKeyUsage();
    if (keyPurposes != null && keyPurposes.contains(OID.id_kp_OCSPSigning.getId())) {
      return true;
    }
  } catch (CertificateParsingException e) {
    LOG.warn(e.getMessage());
  }
  // Responder's certificate not valid for signing OCSP responses.
  return false;
}

内容来源于网络,如有侵权,请联系作者删除!

x509certificate

相关文章

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新文章

    更多

    X509Certificate类方法

    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com