public ASN1Primitive toASN1Primitive() { return new KeyUsage(usage); } }
protected void validateKeyUsage(int keyUsageBits) throws IOException { Extensions exts = certificate.getTBSCertificate().getExtensions(); if (exts != null) { KeyUsage ku = KeyUsage.fromExtensions(exts); if (ku != null) { int bits = ku.getBytes()[0] & 0xff; if ((bits & keyUsageBits) != keyUsageBits) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } } } }
public static KeyUsage fromExtensions(Extensions extensions) { return KeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.keyUsage)); }
/** * Basic constructor. * * @param usage - the bitwise OR of the Key Usage flags giving the * allowed uses for the key. * e.g. (KeyUsage.keyEncipherment | KeyUsage.dataEncipherment) */ public KeyUsage( int usage) { super(getBytes(usage), getPadBits(usage)); }
public ASN1Primitive toASN1Primitive() { return new KeyUsage(usage).toASN1Primitive(); } }
KeyUsage keyUsage = KeyUsage.fromExtensions(cert.getExtensions()); if (keyUsage.hasUsages(KeyUsage.keyCertSign)) if (!(keyUsage.hasUsages(KeyUsage.digitalSignature) || keyUsage.hasUsages(KeyUsage.keyEncipherment)))
public void validate(CertPathValidationContext context, X509CertificateHolder certificate) throws CertPathValidationException { context.addHandledExtension(Extension.keyUsage); if (!context.isEndEntity()) { KeyUsage usage = KeyUsage.fromExtensions(certificate.getExtensions()); if (usage != null) { if (!usage.hasUsages(KeyUsage.keyCertSign)) { throw new CertPathValidationException("Issuer certificate KeyUsage extension does not permit key signing"); } } else { if (isMandatory) { throw new CertPathValidationException("KeyUsage extension not present in CA certificate"); } } } }
static void validateKeyUsage(org.spongycastle.asn1.x509.Certificate c, int keyUsageBits) throws IOException { Extensions exts = c.getTBSCertificate().getExtensions(); if (exts != null) { KeyUsage ku = KeyUsage.fromExtensions(exts); if (ku != null) { int bits = ku.getBytes()[0] & 0xff; if ((bits & keyUsageBits) != keyUsageBits) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } } } }
public static KeyUsage getInstance(Object obj) // needs to be DERBitString for other VMs { if (obj instanceof KeyUsage) { return (KeyUsage)obj; } else if (obj != null) { return new KeyUsage(DERBitString.getInstance(obj)); } return null; }
public void validate(CertPathValidationContext context, X509CertificateHolder certificate) throws CertPathValidationException { context.addHandledExtension(Extension.keyUsage); if (!context.isEndEntity()) { KeyUsage usage = KeyUsage.fromExtensions(certificate.getExtensions()); if (usage != null) { if (!usage.hasUsages(KeyUsage.keyCertSign)) { throw new CertPathValidationException("Issuer certificate KeyUsage extension does not permit key signing"); } } else { if (isMandatory) { throw new CertPathValidationException("KeyUsage extension not present in CA certificate"); } } } }
buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
private boolean isSuitableKeyUsage(int keyUsageBits, X509Certificate c) { try { Extensions exts = TBSCertificate.getInstance(c.getTBSCertificate()).getExtensions(); if (exts != null) { KeyUsage ku = KeyUsage.fromExtensions(exts); if (ku != null) { int bits = ku.getBytes()[0] & 0xff; if ((bits & keyUsageBits) != keyUsageBits) { return false; } } } } catch (Exception e) { return false; } return true; } }
public static DERBitString getInstance(Object obj) // needs to be DERBitString for other VMs { if (obj instanceof KeyUsage) { return (KeyUsage)obj; } if (obj instanceof X509Extension) { return new KeyUsage(DERBitString.getInstance(X509Extension.convertValueToObject((X509Extension)obj))); } return new KeyUsage(DERBitString.getInstance(obj)); }
buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
private boolean isSuitableKeyUsage(int keyUsageBits, X509Certificate c) { try { Extensions exts = TBSCertificate.getInstance(c.getTBSCertificate()).getExtensions(); if (exts != null) { KeyUsage ku = KeyUsage.fromExtensions(exts); if (ku != null) { int bits = ku.getBytes()[0] & 0xff; if ((bits & keyUsageBits) != keyUsageBits) { return false; } } } } catch (Exception e) { return false; } return true; }
buf.append(new KeyUsage((DERBitString)dIn.readObject())).append(nl);
static void validateKeyUsage(X509CertificateStructure c, int keyUsageBits) throws IOException { X509Extensions exts = c.getTBSCertificate().getExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(X509Extension.keyUsage); if (ext != null) { DERBitString ku = KeyUsage.getInstance(ext); int bits = ku.getBytes()[0] & 0xff; if ((bits & keyUsageBits) != keyUsageBits) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } } } }
protected void validateKeyUsage(int keyUsageBits) throws IOException { Extensions exts; try { exts = TBSCertificate.getInstance(certificate.getTBSCertificate()).getExtensions(); } catch (CertificateEncodingException e) { throw new TlsCryptoException("unable to parse certificate extensions: " + e.getMessage(), e); } if (exts != null) { KeyUsage ku = KeyUsage.fromExtensions(exts); if (ku != null) { int bits = ku.getBytes()[0] & 0xff; if ((bits & keyUsageBits) != keyUsageBits) { throw new TlsFatalAlert(AlertDescription.certificate_unknown); } } } }
Extension.keyUsage, false, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.nonRepudiation
Extension.keyUsage, false, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.nonRepudiation