本文整理了Java中org.bouncycastle.asn1.x509.KeyUsage
类的一些代码示例,展示了KeyUsage
类的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。KeyUsage
类的具体详情如下:
包路径:org.bouncycastle.asn1.x509.KeyUsage
类名称:KeyUsage
[英]The KeyUsage object.
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1),
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
[中]KeyUsage对象
id-ce-keyUsage OBJECT IDENTIFIER ::= { id-ce 15 }
KeyUsage ::= BIT STRING {
digitalSignature (0),
nonRepudiation (1),
keyEncipherment (2),
dataEncipherment (3),
keyAgreement (4),
keyCertSign (5),
cRLSign (6),
encipherOnly (7),
decipherOnly (8) }
代码示例来源:origin: jamesdbloom/mockserver
/**
* Create a certificate to use by a Certificate Authority, signed by a self signed certificate.
*/
private X509Certificate createCACert(PublicKey publicKey, PrivateKey privateKey) throws Exception {
// signers name
X500Name issuerName = new X500Name("CN=www.mockserver.com, O=MockServer, L=London, ST=England, C=UK");
// subjects name - the same as we are self signed.
X500Name subjectName = issuerName;
// serial
BigInteger serial = BigInteger.valueOf(new Random().nextInt(Integer.MAX_VALUE));
// create the certificate - version 3
X509v3CertificateBuilder builder = new JcaX509v3CertificateBuilder(issuerName, serial, NOT_BEFORE, NOT_AFTER, subjectName, publicKey);
builder.addExtension(Extension.subjectKeyIdentifier, false, createSubjectKeyIdentifier(publicKey));
builder.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
KeyUsage usage = new KeyUsage(KeyUsage.keyCertSign | KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.cRLSign);
builder.addExtension(Extension.keyUsage, false, usage);
ASN1EncodableVector purposes = new ASN1EncodableVector();
purposes.add(KeyPurposeId.id_kp_serverAuth);
purposes.add(KeyPurposeId.id_kp_clientAuth);
purposes.add(KeyPurposeId.anyExtendedKeyUsage);
builder.addExtension(Extension.extendedKeyUsage, false, new DERSequence(purposes));
X509Certificate cert = signCertificate(builder, privateKey);
cert.checkValidity(new Date());
cert.verify(publicKey);
return cert;
}
代码示例来源:origin: hyperledger/fabric-sdk-java
private X509Certificate createSelfSignedCertificate(CertType certType, KeyPair keyPair, String san) throws Exception {
X509v3CertificateBuilder certBuilder = createCertBuilder(keyPair);
// Basic constraints
BasicConstraints constraints = new BasicConstraints(false);
certBuilder.addExtension(
Extension.basicConstraints,
true,
constraints.getEncoded());
// Key usage
KeyUsage usage = new KeyUsage(KeyUsage.keyEncipherment | KeyUsage.digitalSignature);
certBuilder.addExtension(Extension.keyUsage, false, usage.getEncoded());
// Extended key usage
certBuilder.addExtension(
Extension.extendedKeyUsage,
false,
certType.keyUsage().getEncoded());
if (san != null) {
addSAN(certBuilder, san);
}
ContentSigner signer = new JcaContentSignerBuilder(signatureAlgorithm)
.build(keyPair.getPrivate());
X509CertificateHolder holder = certBuilder.build(signer);
JcaX509CertificateConverter converter = new JcaX509CertificateConverter();
converter.setProvider(new BouncyCastleProvider());
return converter.getCertificate(holder);
}
代码示例来源:origin: org.wso2.xkms/xkms
private static KeyUsage buildKeyUsage(boolean digitalSigning,
boolean dataEncryption) {
int usage = 0;
if (digitalSigning) {
usage = KeyUsage.digitalSignature;
}
if (dataEncryption) {
usage = usage | KeyUsage.dataEncipherment;
}
return new KeyUsage(usage);
}
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
public ASN1Primitive toASN1Primitive()
{
return new KeyUsage(usage).toASN1Primitive();
}
}
代码示例来源:origin: kaikramer/keystore-explorer
private void addKeyUsage(X509ExtensionSet extensionSet, int usage) throws IOException {
KeyUsage ku = new KeyUsage(usage);
byte[] kuEncoded = wrapInOctetString(ku.getEncoded());
extensionSet.addExtension(X509ExtensionType.KEY_USAGE.oid(), false, kuEncoded);
}
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
代码示例来源:origin: DirectProject/nhin-d
final KeyUsage keyUsage = new KeyUsage((DERBitString)exValue);
final byte[] data = keyUsage.getBytes();
代码示例来源:origin: coova/jradius
private void validateKeyUsage(X509CertificateStructure c, int keyUsageBits) throws IOException
{
X509Extensions exts = c.getTBSCertificate().getExtensions();
if (exts != null)
{
X509Extension ext = exts.getExtension(X509Extensions.KeyUsage);
if (ext != null)
{
KeyUsage ku = KeyUsage.getInstance(ext);
int bits = ku.getBytes()[0] & 0xff;
if ((bits & keyUsageBits) != keyUsageBits)
{
handler.failWithError(TlsProtocolHandler.AL_fatal,
TlsProtocolHandler.AP_certificate_unknown);
}
}
}
}
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
public static KeyUsage fromExtensions(Extensions extensions)
{
return KeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.keyUsage));
}
代码示例来源:origin: org.xipki.pki/ca-qa
private static Set<String> getKeyUsage(final byte[] extensionValue) {
Set<String> usages = new HashSet<>();
org.bouncycastle.asn1.x509.KeyUsage reqKeyUsage =
org.bouncycastle.asn1.x509.KeyUsage.getInstance(extensionValue);
for (KeyUsage k : KeyUsage.values()) {
if (reqKeyUsage.hasUsages(k.bcUsage())) {
usages.add(k.getName());
}
}
return usages;
}
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
static void validateKeyUsage(org.bouncycastle.asn1.x509.Certificate c, int keyUsageBits)
throws IOException
{
Extensions exts = c.getTBSCertificate().getExtensions();
if (exts != null)
{
KeyUsage ku = KeyUsage.fromExtensions(exts);
if (ku != null)
{
int bits = ku.getBytes()[0] & 0xff;
if ((bits & keyUsageBits) != keyUsageBits)
{
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
}
}
代码示例来源:origin: org.cryptacular/cryptacular
/**
* Determines whether this key usage bit is set in the given key usage value.
*
* @param keyUsage BC key usage object.
*
* @return True if bit is set, false otherwise.
*/
public boolean isSet(final KeyUsage keyUsage)
{
return isSet(keyUsage.getBytes());
}
代码示例来源:origin: org.xipki.shells/security-shell
extensions.add(new Extension(extType, false, extValue.getEncoded()));
needExtensionTypes.add(extType.getId());
代码示例来源:origin: puppetlabs/certificate-authority
private static KeyUsage setToKeyUsage(Set<String> flags) {
int usageBitString = 0;
for (String key: flags) {
Integer flagBit = keyUsageFlags.get(key);
if (flagBit == null) {
throw new IllegalArgumentException(
"The provided usage key does not exist: '" + key + "'");
}
usageBitString |= flagBit;
}
return new KeyUsage(usageBitString);
}
代码示例来源:origin: kaikramer/keystore-explorer
private void okPressed() {
if (!jcbDigitalSignature.isSelected() && !jcbNonRepudiation.isSelected() && !jcbKeyEncipherment.isSelected()
&& !jcbDataEncipherment.isSelected() && !jcbKeyAgreement.isSelected()
&& !jcbCertificateSigning.isSelected() && !jcbCrlSign.isSelected() && !jcbEncipherOnly.isSelected()
&& !jcbDecipherOnly.isSelected()) {
JOptionPane.showMessageDialog(this, res.getString("DKeyUsage.ValueReq.message"), getTitle(),
JOptionPane.WARNING_MESSAGE);
return;
}
int keyUsageIntValue = 0;
keyUsageIntValue |= jcbDigitalSignature.isSelected() ? KeyUsage.digitalSignature : 0;
keyUsageIntValue |= jcbNonRepudiation.isSelected() ? KeyUsage.nonRepudiation : 0;
keyUsageIntValue |= jcbKeyEncipherment.isSelected() ? KeyUsage.keyEncipherment : 0;
keyUsageIntValue |= jcbDataEncipherment.isSelected() ? KeyUsage.dataEncipherment : 0;
keyUsageIntValue |= jcbKeyAgreement.isSelected() ? KeyUsage.keyAgreement : 0;
keyUsageIntValue |= jcbCertificateSigning.isSelected() ? KeyUsage.keyCertSign : 0;
keyUsageIntValue |= jcbCrlSign.isSelected() ? KeyUsage.cRLSign : 0;
keyUsageIntValue |= jcbEncipherOnly.isSelected() ? KeyUsage.encipherOnly : 0;
keyUsageIntValue |= jcbDecipherOnly.isSelected() ? KeyUsage.decipherOnly : 0;
KeyUsage keyUsage = new KeyUsage(keyUsageIntValue);
try {
value = keyUsage.getEncoded(ASN1Encoding.DER);
} catch (IOException e) {
DError.displayError(this, e);
return;
}
closeDialog();
}
代码示例来源:origin: org.bouncycastle/bcprov-debug-jdk15on
buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
代码示例来源:origin: coova/jradius
private void validateKeyUsage(X509CertificateStructure c, int keyUsageBits) throws IOException
{
X509Extensions exts = c.getTBSCertificate().getExtensions();
if (exts != null)
{
X509Extension ext = exts.getExtension(X509Extensions.KeyUsage);
if (ext != null)
{
KeyUsage ku = KeyUsage.getInstance(ext);
int bits = ku.getBytes()[0] & 0xff;
if ((bits & keyUsageBits) != keyUsageBits)
{
handler.failWithError(TlsProtocolHandler.AL_fatal,
TlsProtocolHandler.AP_certificate_unknown);
}
}
}
}
代码示例来源:origin: redfish64/TinyTravelTracker
public static KeyUsage fromExtensions(Extensions extensions)
{
return KeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.keyUsage));
}
代码示例来源:origin: org.xipki/ca-server
private static void addRequestedKeyusage(Set<KeyUsage> usages, Extensions requestedExtensions,
Set<KeyUsageControl> usageOccs) {
Extension extension = requestedExtensions.getExtension(Extension.keyUsage);
if (extension == null) {
return;
}
org.bouncycastle.asn1.x509.KeyUsage reqKeyUsage =
org.bouncycastle.asn1.x509.KeyUsage.getInstance(extension.getParsedValue());
for (KeyUsageControl k : usageOccs) {
if (k.isRequired()) {
continue;
}
if (reqKeyUsage.hasUsages(k.getKeyUsage().getBcUsage())) {
usages.add(k.getKeyUsage());
}
}
} // method addRequestedKeyusage
代码示例来源:origin: redfish64/TinyTravelTracker
static void validateKeyUsage(org.bouncycastle.asn1.x509.Certificate c, int keyUsageBits)
throws IOException
{
Extensions exts = c.getTBSCertificate().getExtensions();
if (exts != null)
{
KeyUsage ku = KeyUsage.fromExtensions(exts);
if (ku != null)
{
int bits = ku.getBytes()[0] & 0xff;
if ((bits & keyUsageBits) != keyUsageBits)
{
throw new TlsFatalAlert(AlertDescription.certificate_unknown);
}
}
}
}
内容来源于网络,如有侵权,请联系作者删除!