Java Code Examples for org.bouncycastle.asn1.x509.ExtendedKeyUsage#getInstance()

The following examples show how to use org.bouncycastle.asn1.x509.ExtendedKeyUsage#getInstance() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: DefaultProfile.java    From hadoop-ozone with Apache License 2.0 6 votes vote down vote up
/**
 * This function validates that the KeyUsage Bits are subset of the Bits
 * permitted by the ozone profile.
 *
 * @param ext - KeyUsage Extension.
 * @param profile - PKI Profile - In this case this profile.
 * @return True, if the request key usage is a subset, false otherwise.
 */
private static Boolean validateExtendedKeyUsage(Extension ext,
    PKIProfile profile) {
  if (ext.isCritical()) {
    // https://tools.ietf.org/html/rfc5280#section-4.2.1.12
    // Ozone profile opts to mark this extension as non-critical.
    LOG.error("Extended Key usage marked as critical.");
    return false;
  }
  ExtendedKeyUsage extendedKeyUsage =
      ExtendedKeyUsage.getInstance(ext.getParsedValue());
  for (KeyPurposeId id : extendedKeyUsage.getUsages()) {
    if (!profile.validateExtendedKeyUsage(id)) {
      return false;
    }
  }
  return true;
}
 
Example 2
Source File: X509Ext.java    From portecle with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Get Extended Key Usage (2.5.29.37) extension value as a string.
 *
 * <pre>
 * ExtendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
 * KeyPurposeId ::= OBJECT IDENTIFIER
 * </pre>
 *
 * @param bValue The octet string value
 * @return Extension value as a string
 */
private String getExtendedKeyUsageStringValue(byte[] bValue)
{
	StringBuilder strBuff = new StringBuilder();

	ExtendedKeyUsage eku = ExtendedKeyUsage.getInstance(bValue);
	KeyPurposeId[] usages = eku.getUsages();

	for (KeyPurposeId usage : usages)
	{
		if (strBuff.length() != 0)
		{
			strBuff.append("<br><br>");
		}
		String sOid = usage.getId();
		String sEku = getRes(sOid, "UnrecognisedExtKeyUsageString");
		strBuff.append(MessageFormat.format(sEku, sOid));
	}

	return strBuff.toString();
}
 
Example 3
Source File: IdentifiedCertprofile.java    From xipki with Apache License 2.0 6 votes vote down vote up
private static void addRequestedExtKeyusage(List<ASN1ObjectIdentifier> usages,
    Map<ASN1ObjectIdentifier, Extension> requestedExtensions, Set<ExtKeyUsageControl> usageOccs) {
  Extension extension = requestedExtensions.get(Extension.extendedKeyUsage);
  if (extension == null) {
    return;
  }

  ExtendedKeyUsage reqKeyUsage = ExtendedKeyUsage.getInstance(extension.getParsedValue());
  for (ExtKeyUsageControl k : usageOccs) {
    if (k.isRequired()) {
      continue;
    }

    if (reqKeyUsage.hasKeyPurposeId(KeyPurposeId.getInstance(k.getExtKeyUsage()))) {
      usages.add(k.getExtKeyUsage());
    }
  }
}
 
Example 4
Source File: X509Ext.java    From keystore-explorer with GNU General Public License v3.0 5 votes vote down vote up
private String getExtendedKeyUsageStringValue(byte[] value)  {
	// @formatter:off

	/*
	 * ExtendedKeyUsage ::= ASN1Sequence SIZE (1..MAX) OF KeyPurposeId
	 *
	 * KeyPurposeId ::= OBJECT IDENTIFIER
	 */

	// @formatter:on

	StringBuilder sb = new StringBuilder();

	ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.getInstance(value);

	for (KeyPurposeId keyPurposeId : extendedKeyUsage.getUsages()) {
		String oid = keyPurposeId.getId();

		ExtendedKeyUsageType type = ExtendedKeyUsageType.resolveOid(oid);

		if (type != null) {
			sb.append(type.friendly());
		} else {
			// Unrecognised key purpose ID
			sb.append(oid);
		}

		sb.append(NEWLINE);
	}

	return sb.toString();
}
 
Example 5
Source File: DExtendedKeyUsage.java    From keystore-explorer with GNU General Public License v3.0 4 votes vote down vote up
private void prepopulateWithValue(byte[] value) throws IOException {
	ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.getInstance(value);

	for (KeyPurposeId keyPurposeId : extendedKeyUsage.getUsages()) {
		ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) keyPurposeId.toASN1Primitive();

		ExtendedKeyUsageType type = ExtendedKeyUsageType.resolveOid(oid.getId());

		if (type == SERVER_AUTH) {
			jcbTlsWebServerAuthentication.setSelected(true);
		} else if (type == CLIENT_AUTH) {
			jcbTlsWebClientAuthentication.setSelected(true);
		} else if (type == CODE_SIGNING) {
			jcbCodeSigning.setSelected(true);
		} else if (type == DOCUMENT_SIGNING) {
			jcbDocumentSigning.setSelected(true);
		} else if (type == ADOBE_PDF_SIGNING) {
			jcbAdobePDFSigning.setSelected(true);
		} else if (type == TSL_SIGNING) {
			jcbTslSigning.setSelected(true);
		} else if (type == EMAIL_PROTECTION) {
			jcbEmailProtection.setSelected(true);
		} else if (type == ENCRYPTED_FILE_SYSTEM) {
			jcbEncryptedFileSystem.setSelected(true);
		} else if (type == IPSEC_END_SYSTEM) {
			jcbIpSecurityEndSystem.setSelected(true);
		} else if (type == IPSEC_TUNNEL) {
			jcbIpSecurityTunnelTermination.setSelected(true);
		} else if (type == IPSEC_USER) {
			jcbIpSecurityUser.setSelected(true);
		} else if (type == SMARTCARD_LOGON) {
			jcbSmartcardLogon.setSelected(true);
		} else if (type == TIME_STAMPING) {
			jcbTimeStamping.setSelected(true);
		} else if (type == OCSP_SIGNING) {
			jcbOcspStamping.setSelected(true);
		} else if (type == ANY_EXTENDED_KEY_USAGE) {
			jcbAnyExtendedKeyUsage.setSelected(true);
		} else {
			customExtKeyUsagesOids.add(oid);
		}
	}
	jcbCustomExtKeyUsage.setSelected(customExtKeyUsagesOids.size() > 0);
}