@Override public Set<String> getCriticalExtensionOIDs() { return mDelegate.getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
/** * 设置{@link Certificate} 为PublicKey<br> * 如果Certificate是X509Certificate,我们需要检查是否有密钥扩展 * * @param certificate {@link Certificate} * @return this */ public Sign setCertificate(Certificate certificate) { // If the certificate is of type X509Certificate, // we should check whether it has a Key Usage // extension marked as critical. if (certificate instanceof java.security.cert.X509Certificate) { // Check whether the cert has a key usage extension // marked as a critical extension. // The OID for KeyUsage extension is 2.5.29.15. final X509Certificate cert = (X509Certificate) certificate; final Set<String> critSet = cert.getCriticalExtensionOIDs(); if (CollUtil.isNotEmpty(critSet) && critSet.contains("2.5.29.15")) { final boolean[] keyUsageInfo = cert.getKeyUsage(); // keyUsageInfo[0] is for digitalSignature. if ((keyUsageInfo != null) && (keyUsageInfo[0] == false)) { throw new CryptoException("Wrong key usage"); } } } this.publicKey = certificate.getPublicKey(); return this; } }
/** * 设置{@link Certificate} 为PublicKey<br> * 如果Certificate是X509Certificate,我们需要检查是否有密钥扩展 * * @param certificate {@link Certificate} * @return this */ public Sign setCertificate(Certificate certificate) { // If the certificate is of type X509Certificate, // we should check whether it has a Key Usage // extension marked as critical. if (certificate instanceof java.security.cert.X509Certificate) { // Check whether the cert has a key usage extension // marked as a critical extension. // The OID for KeyUsage extension is 2.5.29.15. final X509Certificate cert = (X509Certificate) certificate; final Set<String> critSet = cert.getCriticalExtensionOIDs(); if (CollUtil.isNotEmpty(critSet) && critSet.contains("2.5.29.15")) { final boolean[] keyUsageInfo = cert.getKeyUsage(); // keyUsageInfo[0] is for digitalSignature. if ((keyUsageInfo != null) && (keyUsageInfo[0] == false)) { throw new CryptoException("Wrong key usage"); } } } this.publicKey = certificate.getPublicKey(); return this; } }
throws InvalidKeyException { if (certificate instanceof X509Certificate) { Set ce = ((X509Certificate) certificate).getCriticalExtensionOIDs(); boolean critical = false; if (ce != null && !ce.isEmpty()) {
checkMode(opmode); if (certificate instanceof X509Certificate) { Set<String> ce = ((X509Certificate) certificate).getCriticalExtensionOIDs(); boolean critical = false; if (ce != null && !ce.isEmpty()) {
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
/** * {@inheritDoc} */ public Set<String> getCriticalExtensionOIDs() { return internalCert.getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
@Override public Set<String> getCriticalExtensionOIDs() { return unwrap().getCriticalExtensionOIDs(); }
/** * {@inheritDoc} */ @Override public boolean isCritical() { if (this.certificate == null) throw new IllegalStateException("Certificate value is null"); final Set<String> criticalOIDs = certificate.getCriticalExtensionOIDs(); return criticalOIDs.contains(getExtentionIdentifier().getId()); }
protected void copyExtension(final ASN1ObjectIdentifier extensionType, X509Certificate issuerCertificate, List<Extension> extensions) { final byte[] encodedAttribute = issuerCertificate.getExtensionValue(extensionType.getId()); ASN1OctetString data = ASN1OctetString.getInstance(encodedAttribute); boolean isCritical = issuerCertificate.getCriticalExtensionOIDs().contains(extensionType.getId()); if (encodedAttribute != null) { extensions.add(new Extension(extensionType, isCritical, data)); } }
public void testIsCritical_extensionPresent_notCritical_assertFalse() throws Exception { X509Certificate cert = TestUtils.loadCertificate("umesh.der"); assertFalse(cert.getCriticalExtensionOIDs().contains(ExtensionIdentifier.SUBJECT_KEY_IDENTIFIER.getId())); final SubjectKeyIdentifierExtensionField field = new SubjectKeyIdentifierExtensionField(false); field.injectReferenceValue(cert); assertFalse(field.isCritical()); }
public void testIsCritical_extensionPresent_isCritical_assertTrue() throws Exception { X509Certificate cert = TestUtils.loadCertificate("CernerDirect DevCert Provider CA.der"); assertTrue(cert.getCriticalExtensionOIDs().contains(ExtensionIdentifier.BASIC_CONSTRAINTS.getId())); final BasicContraintsExtensionField field = new BasicContraintsExtensionField(false); field.injectReferenceValue(cert); assertTrue(field.isCritical()); }
public void testIsCritical_extensionNotPresent_assertFalse() throws Exception { X509Certificate cert = TestUtils.loadCertificate("umesh.der"); assertFalse(cert.getCriticalExtensionOIDs().contains(ExtensionIdentifier.EXTENDED_KEY_USAGE.getId())); final ExtendedKeyUsageExtensionField field = new ExtendedKeyUsageExtensionField(false); field.injectReferenceValue(cert); assertFalse(field.isCritical()); }