Java Code Examples for java.security.cert.X509CRLEntry#hasExtensions()
The following examples show how to use
java.security.cert.X509CRLEntry#hasExtensions() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: DViewCrl.java From keystore-explorer with GNU General Public License v3.0 | 6 votes |
|
private void crlEntrySelection() {
int row = jtRevokedCerts.getSelectedRow();
if (row != -1) {
BigInteger serialNumber = (BigInteger) jtRevokedCerts.getValueAt(row, 0);
Set<?> revokedCertsSet = crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (Iterator<?> itr = revokedCertsSet.iterator(); itr.hasNext();) {
X509CRLEntry entry = (X509CRLEntry) itr.next();
if (serialNumber.equals(entry.getSerialNumber())) {
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry.hasExtensions()) {
jbCrlEntryExtensions.setEnabled(true);
return;
}
}
jbCrlEntryExtensions.setEnabled(false);
}
Example 2
| Source File: DViewCrl.java From keystore-explorer with GNU General Public License v3.0 | 6 votes |
|
private void displayCrlEntryExtensions() {
int row = jtRevokedCerts.getSelectedRow();
if (row != -1) {
BigInteger serialNumber = (BigInteger) jtRevokedCerts.getValueAt(row, 0);
Set<?> revokedCertsSet = crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (Iterator<?> itr = revokedCertsSet.iterator(); itr.hasNext();) {
X509CRLEntry entry = (X509CRLEntry) itr.next();
if (serialNumber.equals(entry.getSerialNumber())) {
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry.hasExtensions()) {
DViewExtensions dViewExtensions = new DViewExtensions(this,
res.getString("DViewCrl.EntryExtensions.Title"), x509CrlEntry);
dViewExtensions.setLocationRelativeTo(this);
dViewExtensions.setVisible(true);
}
}
}
Example 3
| Source File: RevokedCertificateException.java From springboot-shiro-cas-mybatis with MIT License | 5 votes |
|
/**
* Get reason from the x509 entry.
* @param entry the entry
* @return reason or null
*/
private static Reason getReasonFromX509Entry(final X509CRLEntry entry) {
if (entry.hasExtensions()) {
try {
final int code = Integer.parseInt(
new String(entry.getExtensionValue(CRL_REASON_OID), "ASCII"));
if (code < Reason.values().length) {
return Reason.fromCode(code);
}
} catch (final Exception e) {
LOGGER.trace("An exception occurred when resolving extension value: {}", e.getMessage());
}
}
return null;
}
Example 4
| Source File: RevokedCertificateException.java From cas4.0.x-server-wechat with Apache License 2.0 | 5 votes |
|
public RevokedCertificateException(final X509CRLEntry entry) {
this.revocationDate = entry.getRevocationDate();
this.serial = entry.getSerialNumber();
if (entry.hasExtensions()) {
try {
final int code = Integer.parseInt(
new String(entry.getExtensionValue(CRL_REASON_OID), "ASCII"));
if (code < Reason.values().length) {
this.reason = Reason.fromCode(code);
}
} catch (final Exception e) {
logger.trace("An exception occurred when resolving extension value: {}", e.getMessage());
}
}
}
Example 5
| Source File: DViewCRL.java From portecle with GNU General Public License v2.0 | 5 votes |
|
/**
* CRL entry selected or deselected. Enable/disable the "CRL Extensions" button accordingly (i.e. enable it if only
* one extension is selected and it has extensions.
*/
private void crlEntrySelection()
{
ListSelectionModel listSelectionModel = m_jtRevokedCerts.getSelectionModel();
if (!listSelectionModel.isSelectionEmpty()) // Entry must be selected
{
// Only one entry though
// TODO: probably no longer necessary?
if (listSelectionModel.getMinSelectionIndex() == listSelectionModel.getMaxSelectionIndex())
{
// Get serial number of entry
int iRow = listSelectionModel.getMinSelectionIndex();
BigInteger serialNumber = (BigInteger) m_jtRevokedCerts.getValueAt(iRow, 0);
// Find CRL entry using serial number
Set<? extends X509CRLEntry> revokedCertsSet = m_crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (X509CRLEntry entry : revokedCertsSet)
{
if (serialNumber.equals(entry.getSerialNumber()))
{
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry != null && x509CrlEntry.hasExtensions())
{
m_jbCrlEntryExtensions.setEnabled(true);
return;
}
}
}
// Disable "CRL Extensions" button
m_jbCrlEntryExtensions.setEnabled(false);
}
Example 6
| Source File: DViewCRL.java From portecle with GNU General Public License v2.0 | 5 votes |
|
/**
* CRL entry extensions button pressed or otherwise activated. Show the extensions of the selected CRL entry.
*/
private void crlEntryExtensionsPressed()
{
ListSelectionModel listSelectionModel = m_jtRevokedCerts.getSelectionModel();
if (!listSelectionModel.isSelectionEmpty()) // Entry must be selected
{
// Only one entry though
// TODO: probably no longer necessary?
if (listSelectionModel.getMinSelectionIndex() == listSelectionModel.getMaxSelectionIndex())
{
// Get serial number of entry
int iRow = listSelectionModel.getMinSelectionIndex();
BigInteger serialNumber = (BigInteger) m_jtRevokedCerts.getValueAt(iRow, 0);
// Find CRL entry using serial number
Set<? extends X509CRLEntry> revokedCertsSet = m_crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (X509CRLEntry entry : revokedCertsSet)
{
if (serialNumber.equals(entry.getSerialNumber()))
{
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry != null && x509CrlEntry.hasExtensions())
{
DViewExtensions dViewExtensions =
new DViewExtensions(this, RB.getString("DViewCRL.EntryExtensions.Title"), true, x509CrlEntry);
dViewExtensions.setLocationRelativeTo(this);
SwingHelper.showAndWait(dViewExtensions);
}
}
}
}
Example 7
| Source File: CertPathValidatorUtilities.java From RipplePower with Apache License 2.0 | 4 votes |
|
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Principal certIssuer = crl_entry.getCertificateIssuer();
if (certIssuer == null)
{
certIssuer = getIssuerPrincipal(crl);
}
if (!getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (!getEncodedIssuerPrincipal(cert).equals(getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
X509Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
Example 8
| Source File: CertPathValidatorUtilities.java From RipplePower with Apache License 2.0 | 4 votes |
|
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = X509CRLObject.isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
if (certIssuer == null)
{
certIssuer = PrincipalUtils.getIssuerPrincipal(crl);
}
if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(PrincipalUtils.getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
Example 9
| Source File: CertPathValidatorUtilities.java From ripple-lib-java with ISC License | 4 votes |
|
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Principal certIssuer = crl_entry.getCertificateIssuer();
if (certIssuer == null)
{
certIssuer = getIssuerPrincipal(crl);
}
if (!getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (!getEncodedIssuerPrincipal(cert).equals(getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
X509Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
Example 10
| Source File: CertPathValidatorUtilities.java From ripple-lib-java with ISC License | 4 votes |
|
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = X509CRLObject.isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
if (certIssuer == null)
{
certIssuer = PrincipalUtils.getIssuerPrincipal(crl);
}
if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(PrincipalUtils.getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
