sun.security.util.ObjectIdentifier Java Examples

The following examples show how to use sun.security.util.ObjectIdentifier. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: CRLDistributionPointsExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates the extension (also called by the subclass).
 */
protected CRLDistributionPointsExtension(ObjectIdentifier extensionId,
    Boolean critical, Object value, String extensionName)
        throws IOException {

    this.extensionId = extensionId;
    this.critical = critical.booleanValue();

    if (!(value instanceof byte[])) {
        throw new IOException("Illegal argument type");
    }

    extensionValue = (byte[])value;
    DerValue val = new DerValue(extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " + extensionName +
                              " extension.");
    }
    distributionPoints = new ArrayList<DistributionPoint>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        DistributionPoint point = new DistributionPoint(seq);
        distributionPoints.add(point);
    }
    this.extensionName = extensionName;
}
 
Example #2
Source Project: dragonwell8_jdk   Author: alibaba   File: X509CertSelector.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Sets the policy constraint. The {@code X509Certificate} must
 * include at least one of the specified policies in its certificate
 * policies extension. If {@code certPolicySet} is empty, then the
 * {@code X509Certificate} must include at least some specified policy
 * in its certificate policies extension. If {@code certPolicySet} is
 * {@code null}, no policy check will be performed.
 * <p>
 * Note that the {@code Set} is cloned to protect against
 * subsequent modifications.
 *
 * @param certPolicySet a {@code Set} of certificate policy OIDs in
 *                      string format (or {@code null}). Each OID is
 *                      represented by a set of nonnegative integers
 *                    separated by periods.
 * @throws IOException if a parsing error occurs on the OID such as
 * the first component is not 0, 1 or 2 or the second component is
 * greater than 39.
 * @see #getPolicy
 */
public void setPolicy(Set<String> certPolicySet) throws IOException {
    if (certPolicySet == null) {
        policySet = null;
        policy = null;
    } else {
        // Snapshot set and parse it
        Set<String> tempSet = Collections.unmodifiableSet
                                    (new HashSet<String>(certPolicySet));
        /* Convert to Vector of ObjectIdentifiers */
        Iterator<String> i = tempSet.iterator();
        Vector<CertificatePolicyId> polIdVector = new Vector<CertificatePolicyId>();
        while (i.hasNext()) {
            Object o = i.next();
            if (!(o instanceof String)) {
                throw new IOException("non String in certPolicySet");
            }
            polIdVector.add(new CertificatePolicyId(new ObjectIdentifier(
              (String)o)));
        }
        // If everything went OK, make the changes
        policySet = tempSet;
        policy = new CertificatePolicySet(polIdVector);
    }
}
 
Example #3
Source Project: dragonwell8_jdk   Author: alibaba   File: CRLDistributionPointsExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Creates the extension (also called by the subclass).
 */
protected CRLDistributionPointsExtension(ObjectIdentifier extensionId,
    Boolean critical, Object value, String extensionName)
        throws IOException {

    this.extensionId = extensionId;
    this.critical = critical.booleanValue();

    if (!(value instanceof byte[])) {
        throw new IOException("Illegal argument type");
    }

    extensionValue = (byte[])value;
    DerValue val = new DerValue(extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " + extensionName +
                              " extension.");
    }
    distributionPoints = new ArrayList<DistributionPoint>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        DistributionPoint point = new DistributionPoint(seq);
        distributionPoints.add(point);
    }
    this.extensionName = extensionName;
}
 
Example #4
Source Project: openjdk-jdk8u-backup   Author: AdoptOpenJDK   File: NamedCurve.java    License: GNU General Public License v2.0 6 votes vote down vote up
NamedCurve(String name, String oid, EllipticCurve curve,
        ECPoint g, BigInteger n, int h) {
    super(curve, g, n, h);
    this.name = name;
    this.oid = oid;

    DerOutputStream out = new DerOutputStream();

    try {
        out.putOID(new ObjectIdentifier(oid));
    } catch (IOException e) {
        throw new RuntimeException("Internal error", e);
    }

    encoded = out.toByteArray();
}
 
Example #5
Source Project: dragonwell8_jdk   Author: alibaba   File: NamedCurve.java    License: GNU General Public License v2.0 6 votes vote down vote up
NamedCurve(String name, String oid, EllipticCurve curve,
        ECPoint g, BigInteger n, int h) {
    super(curve, g, n, h);
    this.name = name;
    this.oid = oid;

    DerOutputStream out = new DerOutputStream();

    try {
        out.putOID(new ObjectIdentifier(oid));
    } catch (IOException e) {
        throw new RuntimeException("Internal error", e);
    }

    encoded = out.toByteArray();
}
 
Example #6
Source Project: Bytecoder   Author: mirkosertic   File: X509CertSelector.java    License: Apache License 2.0 6 votes vote down vote up
/**
 * Sets the policy constraint. The {@code X509Certificate} must
 * include at least one of the specified policies in its certificate
 * policies extension. If {@code certPolicySet} is empty, then the
 * {@code X509Certificate} must include at least some specified policy
 * in its certificate policies extension. If {@code certPolicySet} is
 * {@code null}, no policy check will be performed.
 * <p>
 * Note that the {@code Set} is cloned to protect against
 * subsequent modifications.
 *
 * @param certPolicySet a {@code Set} of certificate policy OIDs in
 *                      string format (or {@code null}). Each OID is
 *                      represented by a set of nonnegative integers
 *                    separated by periods.
 * @throws IOException if a parsing error occurs on the OID such as
 * the first component is not 0, 1 or 2 or the second component is
 * greater than 39.
 * @see #getPolicy
 */
public void setPolicy(Set<String> certPolicySet) throws IOException {
    if (certPolicySet == null) {
        policySet = null;
        policy = null;
    } else {
        // Snapshot set and parse it
        Set<String> tempSet = Collections.unmodifiableSet
                                    (new HashSet<>(certPolicySet));
        /* Convert to Vector of ObjectIdentifiers */
        Iterator<String> i = tempSet.iterator();
        Vector<CertificatePolicyId> polIdVector = new Vector<>();
        while (i.hasNext()) {
            Object o = i.next();
            if (!(o instanceof String)) {
                throw new IOException("non String in certPolicySet");
            }
            polIdVector.add(new CertificatePolicyId(new ObjectIdentifier(
              (String)o)));
        }
        // If everything went OK, make the changes
        policySet = tempSet;
        policy = new CertificatePolicySet(polIdVector);
    }
}
 
Example #7
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: ExtendedKeyUsageExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the extension as user readable string.
 */
public String toString() {
    if (keyUsages == null) return "";
    String usage = "  ";
    boolean first = true;
    for (ObjectIdentifier oid: keyUsages) {
        if(!first) {
            usage += "\n  ";
        }

        String result = map.get(oid);
        if (result != null) {
            usage += result;
        } else {
            usage += oid.toString();
        }
        first = false;
    }
    return super.toString() + "ExtendedKeyUsages [\n"
           + usage + "\n]\n";
}
 
Example #8
Source Project: jdk8u60   Author: chenghanpeng   File: NamedCurve.java    License: GNU General Public License v2.0 6 votes vote down vote up
NamedCurve(String name, String oid, EllipticCurve curve,
        ECPoint g, BigInteger n, int h) {
    super(curve, g, n, h);
    this.name = name;
    this.oid = oid;

    DerOutputStream out = new DerOutputStream();

    try {
        out.putOID(new ObjectIdentifier(oid));
    } catch (IOException e) {
        throw new RuntimeException("Internal error", e);
    }

    encoded = out.toByteArray();
}
 
Example #9
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: PKCS9Attribute.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void init(ObjectIdentifier oid, Object value)
    throws IllegalArgumentException {

    this.oid = oid;
    index = indexOf(oid, PKCS9_OIDS, 1);
    Class<?> clazz = index == -1 ? BYTE_ARRAY_CLASS: VALUE_CLASSES[index];
    if (!clazz.isInstance(value)) {
            throw new IllegalArgumentException(
                       "Wrong value class " +
                       " for attribute " + oid +
                       " constructing PKCS9Attribute; was " +
                       value.getClass().toString() + ", should be " +
                       clazz.toString());
    }
    this.value = value;
}
 
Example #10
Source Project: jdk8u_jdk   Author: JetBrains   File: ExtendedKeyUsageExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Create the extension from its DER encoded value and criticality.
 *
 * @param critical true if the extension is to be treated as critical.
 * @param value an array of DER encoded bytes of the actual value.
 * @exception ClassCastException if value is not an array of bytes
 * @exception IOException on error.
 */
public ExtendedKeyUsageExtension(Boolean critical, Object value)
throws IOException {
    this.extensionId = PKIXExtensions.ExtendedKeyUsage_Id;
    this.critical = critical.booleanValue();
    this.extensionValue = (byte[]) value;
    DerValue val = new DerValue(this.extensionValue);
    if (val.tag != DerValue.tag_Sequence) {
        throw new IOException("Invalid encoding for " +
                               "ExtendedKeyUsageExtension.");
    }
    keyUsages = new Vector<ObjectIdentifier>();
    while (val.data.available() != 0) {
        DerValue seq = val.data.getDerValue();
        ObjectIdentifier usage = seq.getOID();
        keyUsages.addElement(usage);
    }
}
 
Example #11
Source Project: openjdk-8-source   Author: keerath   File: X509CertSelector.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Sets the policy constraint. The {@code X509Certificate} must
 * include at least one of the specified policies in its certificate
 * policies extension. If {@code certPolicySet} is empty, then the
 * {@code X509Certificate} must include at least some specified policy
 * in its certificate policies extension. If {@code certPolicySet} is
 * {@code null}, no policy check will be performed.
 * <p>
 * Note that the {@code Set} is cloned to protect against
 * subsequent modifications.
 *
 * @param certPolicySet a {@code Set} of certificate policy OIDs in
 *                      string format (or {@code null}). Each OID is
 *                      represented by a set of nonnegative integers
 *                    separated by periods.
 * @throws IOException if a parsing error occurs on the OID such as
 * the first component is not 0, 1 or 2 or the second component is
 * greater than 39.
 * @see #getPolicy
 */
public void setPolicy(Set<String> certPolicySet) throws IOException {
    if (certPolicySet == null) {
        policySet = null;
        policy = null;
    } else {
        // Snapshot set and parse it
        Set<String> tempSet = Collections.unmodifiableSet
                                    (new HashSet<String>(certPolicySet));
        /* Convert to Vector of ObjectIdentifiers */
        Iterator<String> i = tempSet.iterator();
        Vector<CertificatePolicyId> polIdVector = new Vector<CertificatePolicyId>();
        while (i.hasNext()) {
            Object o = i.next();
            if (!(o instanceof String)) {
                throw new IOException("non String in certPolicySet");
            }
            polIdVector.add(new CertificatePolicyId(new ObjectIdentifier(
              (String)o)));
        }
        // If everything went OK, make the changes
        policySet = tempSet;
        policy = new CertificatePolicySet(polIdVector);
    }
}
 
Example #12
Source Project: jdk8u-jdk   Author: lambdalab-mirror   File: PKCS9Attributes.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Construct a set of PKCS9 Attributes from the given array of
 * PKCS9 attributes.
 * DER encoding on a DerInputStream.  All attributes in
 * <code>attribs</code> must be
 * supported by class PKCS9Attribute.
 *
 * @exception IOException
 * on i/o error, encoding syntax error, or unsupported or
 * duplicate attribute.
 *
 * @see PKCS9Attribute
 */
public PKCS9Attributes(PKCS9Attribute[] attribs)
throws IllegalArgumentException, IOException {
    ObjectIdentifier oid;
    for (int i=0; i < attribs.length; i++) {
        oid = attribs[i].getOID();
        if (attributes.containsKey(oid))
            throw new IllegalArgumentException(
                      "PKCSAttribute " + attribs[i].getOID() +
                      " duplicated while constructing " +
                      "PKCS9Attributes.");

        attributes.put(oid, attribs[i]);
    }
    derEncoding = generateDerEncoding();
    permittedAttributes = null;
}
 
Example #13
Source Project: hottub   Author: dsrg-uoft   File: PKCS9Attribute.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void init(ObjectIdentifier oid, Object value)
    throws IllegalArgumentException {

    this.oid = oid;
    index = indexOf(oid, PKCS9_OIDS, 1);
    Class<?> clazz = index == -1 ? BYTE_ARRAY_CLASS: VALUE_CLASSES[index];
    if (!clazz.isInstance(value)) {
            throw new IllegalArgumentException(
                       "Wrong value class " +
                       " for attribute " + oid +
                       " constructing PKCS9Attribute; was " +
                       value.getClass().toString() + ", should be " +
                       clazz.toString());
    }
    this.value = value;
}
 
Example #14
Source Project: hottub   Author: dsrg-uoft   File: ExtendedKeyUsageExtension.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Return the extension as user readable string.
 */
public String toString() {
    if (keyUsages == null) return "";
    String usage = "  ";
    boolean first = true;
    for (ObjectIdentifier oid: keyUsages) {
        if(!first) {
            usage += "\n  ";
        }

        String result = map.get(oid);
        if (result != null) {
            usage += result;
        } else {
            usage += oid.toString();
        }
        first = false;
    }
    return super.toString() + "ExtendedKeyUsages [\n"
           + usage + "\n]\n";
}
 
Example #15
Source Project: openjdk-8   Author: bpupadhyaya   File: PKCS9Attribute.java    License: GNU General Public License v2.0 6 votes vote down vote up
private void init(ObjectIdentifier oid, Object value)
    throws IllegalArgumentException {

    this.oid = oid;
    index = indexOf(oid, PKCS9_OIDS, 1);
    Class<?> clazz = index == -1 ? BYTE_ARRAY_CLASS: VALUE_CLASSES[index];
    if (!clazz.isInstance(value)) {
            throw new IllegalArgumentException(
                       "Wrong value class " +
                       " for attribute " + oid +
                       " constructing PKCS9Attribute; was " +
                       value.getClass().toString() + ", should be " +
                       clazz.toString());
    }
    this.value = value;
}
 
Example #16
Source Project: openjdk-8   Author: bpupadhyaya   File: PKCS9Attributes.java    License: GNU General Public License v2.0 6 votes vote down vote up
/**
 * Construct a set of PKCS9 Attributes from the given array of
 * PKCS9 attributes.
 * DER encoding on a DerInputStream.  All attributes in
 * <code>attribs</code> must be
 * supported by class PKCS9Attribute.
 *
 * @exception IOException
 * on i/o error, encoding syntax error, or unsupported or
 * duplicate attribute.
 *
 * @see PKCS9Attribute
 */
public PKCS9Attributes(PKCS9Attribute[] attribs)
throws IllegalArgumentException, IOException {
    ObjectIdentifier oid;
    for (int i=0; i < attribs.length; i++) {
        oid = attribs[i].getOID();
        if (attributes.containsKey(oid))
            throw new IllegalArgumentException(
                      "PKCSAttribute " + attribs[i].getOID() +
                      " duplicated while constructing " +
                      "PKCS9Attributes.");

        attributes.put(oid, attribs[i]);
    }
    derEncoding = generateDerEncoding();
    permittedAttributes = null;
}
 
Example #17
Source Project: openjdk-jdk9   Author: AdoptOpenJDK   File: PKCS12KeyStore.java    License: GNU General Public License v2.0 5 votes vote down vote up
private Set<KeyStore.Entry.Attribute> getAttributes(Entry entry) {

        if (entry.attributes == null) {
            entry.attributes = new HashSet<>();
        }

        // friendlyName
        entry.attributes.add(new PKCS12Attribute(
            PKCS9FriendlyName_OID.toString(), entry.alias));

        // localKeyID
        byte[] keyIdValue = entry.keyId;
        if (keyIdValue != null) {
            entry.attributes.add(new PKCS12Attribute(
                PKCS9LocalKeyId_OID.toString(), Debug.toString(keyIdValue)));
        }

        // trustedKeyUsage
        if (entry instanceof CertEntry) {
            ObjectIdentifier[] trustedKeyUsageValue =
                ((CertEntry) entry).trustedKeyUsage;
            if (trustedKeyUsageValue != null) {
                if (trustedKeyUsageValue.length == 1) { // omit brackets
                    entry.attributes.add(new PKCS12Attribute(
                        TrustedKeyUsage_OID.toString(),
                        trustedKeyUsageValue[0].toString()));
                } else { // multi-valued
                    entry.attributes.add(new PKCS12Attribute(
                        TrustedKeyUsage_OID.toString(),
                        Arrays.toString(trustedKeyUsageValue)));
                }
            }
        }

        return entry.attributes;
    }
 
Example #18
Source Project: jdk8u60   Author: chenghanpeng   File: PKCS12KeyStore.java    License: GNU General Public License v2.0 5 votes vote down vote up
private static String mapPBEParamsToAlgorithm(ObjectIdentifier algorithm,
    AlgorithmParameters algParams) throws NoSuchAlgorithmException {
    // Check for PBES2 algorithms
    if (algorithm.equals((Object)pbes2_OID) && algParams != null) {
        return algParams.toString();
    }
    return algorithm.toString();
}
 
Example #19
Source Project: Java8CN   Author: Java8-CNAPI-Team   File: CertificateRevokedException.java    License: Apache License 2.0 5 votes vote down vote up
/**
 * Deserialize the {@code CertificateRevokedException} instance.
 */
private void readObject(ObjectInputStream ois)
    throws IOException, ClassNotFoundException {
    // Read in the non-transient fields
    // (revocationDate, reason, authority)
    ois.defaultReadObject();

    // Defensively copy the revocation date
    revocationDate = new Date(revocationDate.getTime());

    // Read in the size (number of mappings) of the extensions map
    // and create the extensions map
    int size = ois.readInt();
    if (size == 0) {
        extensions = Collections.emptyMap();
    } else {
        extensions = new HashMap<String, Extension>(size);
    }

    // Read in the extensions and put the mappings in the extensions map
    for (int i = 0; i < size; i++) {
        String oid = (String) ois.readObject();
        boolean critical = ois.readBoolean();
        int length = ois.readInt();
        byte[] extVal = new byte[length];
        ois.readFully(extVal);
        Extension ext = sun.security.x509.Extension.newExtension
            (new ObjectIdentifier(oid), critical, extVal);
        extensions.put(oid, ext);
    }
}
 
Example #20
Source Project: openjdk-8-source   Author: keerath   File: CertificateRevokedException.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Deserialize the {@code CertificateRevokedException} instance.
 */
private void readObject(ObjectInputStream ois)
    throws IOException, ClassNotFoundException {
    // Read in the non-transient fields
    // (revocationDate, reason, authority)
    ois.defaultReadObject();

    // Defensively copy the revocation date
    revocationDate = new Date(revocationDate.getTime());

    // Read in the size (number of mappings) of the extensions map
    // and create the extensions map
    int size = ois.readInt();
    if (size == 0) {
        extensions = Collections.emptyMap();
    } else {
        extensions = new HashMap<String, Extension>(size);
    }

    // Read in the extensions and put the mappings in the extensions map
    for (int i = 0; i < size; i++) {
        String oid = (String) ois.readObject();
        boolean critical = ois.readBoolean();
        int length = ois.readInt();
        byte[] extVal = new byte[length];
        ois.readFully(extVal);
        Extension ext = sun.security.x509.Extension.newExtension
            (new ObjectIdentifier(oid), critical, extVal);
        extensions.put(oid, ext);
    }
}
 
Example #21
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: ExtendedKeyUsageExtension.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Get the attribute value.
 */
public Vector<ObjectIdentifier> get(String name) throws IOException {
    if (name.equalsIgnoreCase(USAGES)) {
        //XXXX May want to consider cloning this
        return keyUsages;
    } else {
      throw new IOException("Attribute name [" + name +
                            "] not recognized by " +
                            "CertAttrSet:ExtendedKeyUsageExtension.");
    }
}
 
Example #22
Source Project: dragonwell8_jdk   Author: alibaba   File: CertificateRevokedException.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Deserialize the {@code CertificateRevokedException} instance.
 */
private void readObject(ObjectInputStream ois)
    throws IOException, ClassNotFoundException {
    // Read in the non-transient fields
    // (revocationDate, reason, authority)
    ois.defaultReadObject();

    // Defensively copy the revocation date
    revocationDate = new Date(revocationDate.getTime());

    // Read in the size (number of mappings) of the extensions map
    // and create the extensions map
    int size = ois.readInt();
    if (size == 0) {
        extensions = Collections.emptyMap();
    } else if (size < 0) {
        throw new IOException("size cannot be negative");
    } else {
        extensions = new HashMap<>(size > 20 ? 20 : size);
    }

    // Read in the extensions and put the mappings in the extensions map
    for (int i = 0; i < size; i++) {
        String oid = (String) ois.readObject();
        boolean critical = ois.readBoolean();
        byte[] extVal = IOUtils.readExactlyNBytes(ois, ois.readInt());
        Extension ext = sun.security.x509.Extension.newExtension
            (new ObjectIdentifier(oid), critical, extVal);
        extensions.put(oid, ext);
    }
}
 
Example #23
Source Project: dragonwell8_jdk   Author: alibaba   File: X509CertSelector.java    License: GNU General Public License v2.0 5 votes vote down vote up
private boolean matchExtendedKeyUsage(X509Certificate xcert) {
    if ((keyPurposeSet == null) || keyPurposeSet.isEmpty()) {
        return true;
    }
    try {
        ExtendedKeyUsageExtension ext =
            (ExtendedKeyUsageExtension)getExtensionObject(xcert,
                                            EXTENDED_KEY_USAGE_ID);
        if (ext != null) {
            Vector<ObjectIdentifier> certKeyPurposeVector =
                ext.get(ExtendedKeyUsageExtension.USAGES);
            if (!certKeyPurposeVector.contains(ANY_EXTENDED_KEY_USAGE)
                    && !certKeyPurposeVector.containsAll(keyPurposeOIDSet)) {
                if (debug != null) {
                    debug.println("X509CertSelector.match: cert failed "
                        + "extendedKeyUsage criterion");
                }
                return false;
            }
        }
    } catch (IOException ex) {
        if (debug != null) {
            debug.println("X509CertSelector.match: "
                + "IOException in extended key usage check");
        }
        return false;
    }
    return true;
}
 
Example #24
Source Project: openjdk-jdk8u-backup   Author: AdoptOpenJDK   File: X509CertSelector.java    License: GNU General Public License v2.0 5 votes vote down vote up
private boolean matchExtendedKeyUsage(X509Certificate xcert) {
    if ((keyPurposeSet == null) || keyPurposeSet.isEmpty()) {
        return true;
    }
    try {
        ExtendedKeyUsageExtension ext =
            (ExtendedKeyUsageExtension)getExtensionObject(xcert,
                                            EXTENDED_KEY_USAGE_ID);
        if (ext != null) {
            Vector<ObjectIdentifier> certKeyPurposeVector =
                ext.get(ExtendedKeyUsageExtension.USAGES);
            if (!certKeyPurposeVector.contains(ANY_EXTENDED_KEY_USAGE)
                    && !certKeyPurposeVector.containsAll(keyPurposeOIDSet)) {
                if (debug != null) {
                    debug.println("X509CertSelector.match: cert failed "
                        + "extendedKeyUsage criterion");
                }
                return false;
            }
        }
    } catch (IOException ex) {
        if (debug != null) {
            debug.println("X509CertSelector.match: "
                + "IOException in extended key usage check");
        }
        return false;
    }
    return true;
}
 
Example #25
Source Project: openjdk-jdk8u   Author: AdoptOpenJDK   File: X509CertSelectorTest.java    License: GNU General Public License v2.0 5 votes vote down vote up
private ObjectIdentifier getCertPubKeyAlgOID(X509Certificate xcert) throws IOException {
    byte[] encodedKey = xcert.getPublicKey().getEncoded();
    DerValue val = new DerValue(encodedKey);
    if (val.tag != DerValue.tag_Sequence) {
        throw new RuntimeException("invalid key format");
    }

    return AlgorithmId.parse(val.data.getDerValue()).getOID();
}
 
Example #26
Source Project: openjdk-8-source   Author: keerath   File: PKCS12KeyStore.java    License: GNU General Public License v2.0 5 votes vote down vote up
private static String mapPBEParamsToAlgorithm(ObjectIdentifier algorithm,
    AlgorithmParameters algParams) throws NoSuchAlgorithmException {
    // Check for PBES2 algorithms
    if (algorithm.equals((Object)pbes2_OID) && algParams != null) {
        return algParams.toString();
    }
    return algorithm.toString();
}
 
Example #27
Source Project: dragonwell8_jdk   Author: alibaba   File: ExtendedKeyUsageExtension.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Set the attribute value.
 */
@SuppressWarnings("unchecked") // Checked with instanceof
public void set(String name, Object obj) throws IOException {
    if (name.equalsIgnoreCase(USAGES)) {
        if (!(obj instanceof Vector)) {
            throw new IOException("Attribute value should be of type Vector.");
        }
        this.keyUsages = (Vector<ObjectIdentifier>)obj;
    } else {
      throw new IOException("Attribute name [" + name +
                            "] not recognized by " +
                            "CertAttrSet:ExtendedKeyUsageExtension.");
    }
    encodeThis();
}
 
Example #28
Source Project: openjdk-8-source   Author: keerath   File: CRLDistributionPointsExtension.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Write the extension to the DerOutputStream.
 * (Also called by the subclass)
 */
protected void encode(OutputStream out, ObjectIdentifier extensionId,
    boolean isCritical) throws IOException {

    DerOutputStream tmp = new DerOutputStream();
    if (this.extensionValue == null) {
        this.extensionId = extensionId;
        this.critical = isCritical;
        encodeThis();
    }
    super.encode(tmp);
    out.write(tmp.toByteArray());
}
 
Example #29
Source Project: dragonwell8_jdk   Author: alibaba   File: CRLDistributionPointsExtension.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Creates the extension (also called by the subclass).
 */
protected CRLDistributionPointsExtension(ObjectIdentifier extensionId,
    boolean isCritical, List<DistributionPoint> distributionPoints,
        String extensionName) throws IOException {

    this.extensionId = extensionId;
    this.critical = isCritical;
    this.distributionPoints = distributionPoints;
    encodeThis();
    this.extensionName = extensionName;
}
 
Example #30
Source Project: dragonwell8_jdk   Author: alibaba   File: CRLDistributionPointsExtension.java    License: GNU General Public License v2.0 5 votes vote down vote up
/**
 * Write the extension to the DerOutputStream.
 * (Also called by the subclass)
 */
protected void encode(OutputStream out, ObjectIdentifier extensionId,
    boolean isCritical) throws IOException {

    DerOutputStream tmp = new DerOutputStream();
    if (this.extensionValue == null) {
        this.extensionId = extensionId;
        this.critical = isCritical;
        encodeThis();
    }
    super.encode(tmp);
    out.write(tmp.toByteArray());
}