sun.security.x509.KeyUsageExtension Java Examples

The following examples show how to use sun.security.x509.KeyUsageExtension. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: Util.java    From julongchain with Apache License 2.0 4 votes vote down vote up
public static KeyUsageExtension parseKeyUsage(int keyUsage) throws JulongChainException {
    KeyUsageExtension keyUsageExtension = new KeyUsageExtension();
    String keyUsageBinary = Integer.toBinaryString(keyUsage);
    int len = keyUsageBinary.length();
    for (int i = 0; i < len; i++) {
        try {
            switch (i) {
                case 0:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.ENCIPHER_ONLY, true);
                    }
                    break;
                case 1:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.CRL_SIGN, true);
                    }
                    break;
                case 2:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.KEY_CERTSIGN, true);
                    }
                    break;
                case 3:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.KEY_AGREEMENT, true);
                    }
                    break;
                case 4:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.DATA_ENCIPHERMENT, true);
                    }
                    break;
                case 5:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.KEY_ENCIPHERMENT, true);
                    }
                    break;
                case 6:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.NON_REPUDIATION, true);
                    }
                    break;
                case 7:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.DIGITAL_SIGNATURE, true);
                    }
                    break;
                case 15:
                    if (keyUsageBinary.charAt(len - 1 - i) == '1') {
                        keyUsageExtension.set(KeyUsageExtension.DECIPHER_ONLY, true);
                    }
                    break;
                default:
                    break;

            }
        } catch (Exception e) {
            throw new JulongChainException("An error occurred on parseKeyUsage:" + e.getMessage());
        }
    }
    return keyUsageExtension;
}
 
Example #2
Source File: CaHelperTest.java    From julongchain with Apache License 2.0 4 votes vote down vote up
@Test
public void loadCertificateSM2() throws Exception {

    String caDir = Paths.get(testDir, "ca").toString();
    String certDir = Paths.get(testDir, "certs").toString();

    IKey priv = CspHelper.generatePrivateKey(certDir);

    ECPublicKey ecPubKey = CspHelper.getSM2PublicKey(priv);
    Assert.assertNotNull(ecPubKey);

    CaHelper rootCA = CaHelper.newCA(caDir,
            testCA3Name,
            testCA3Name,
            testCountry,
            testProvince,
            testLocality,
            testOrganizationalUnit,
            testStreetAddress,
            testPostalCode);

    X509Certificate cert = rootCA.signCertificate(certDir,
            testName3,
            null,
            null,
            ecPubKey,
            KeyUsage.digitalSignature | KeyUsage.keyEncipherment,
            new int[]{Util.EXT_KEY_USAGE_ANY});

    try {
        KeyUsageExtension keyUsageExt = (KeyUsageExtension) X509CertImpl.toImpl(cert).getExtension(new ObjectIdentifier(new int[]{2,5,29,15}));
        Assert.assertEquals(KeyUsage.digitalSignature | KeyUsage.keyEncipherment,
                parseKeyUsage(keyUsageExt.getBits()));
    } catch (Exception e) {
        Assert.fail();
    }

    if (!certDir.endsWith(File.separator)) {
        certDir += File.separator;
    }
    Certificate bcCert = Certificate.getInstance(cert.getEncoded());
    Certificate loadedCert = CaHelper.loadCertificateSM2(certDir);
    Assert.assertNotNull(loadedCert);
    Assert.assertEquals(bcCert.getSerialNumber(), loadedCert.getSerialNumber());
    Assert.assertEquals(X509CertificateUtil.getSubject(cert.getSubjectDN().getName()).getCommonName(),
            X509CertificateUtil.getSubject(loadedCert.getSubject().toString()).getCommonName());

    FileUtil.removeAll(testDir);
}
 
Example #3
Source File: CertificateBuilder.java    From openjdk-jdk9 with GNU General Public License v2.0 2 votes vote down vote up
/**
 * Set a Key Usage extension for the certificate.  The extension will
 * be marked critical.
 *
 * @param bitSettings Boolean array for all nine bit settings in the order
 * documented in RFC 5280 section 4.2.1.3.
 *
 * @throws IOException if an encoding error occurs.
 */
public void addKeyUsageExt(boolean[] bitSettings) throws IOException {
    addExtension(new KeyUsageExtension(bitSettings));
}