📄 extendedx509certificateobject.java.15
字号:
} else { return -1; } } } catch (Exception e) { throw new RuntimeException("error processing key usage extension"); } } return -1; } public Set getCriticalExtensionOIDs() { if (this.getVersion() == 3) { HashSet set = new HashSet(); X509Extensions extensions = c.getTBSCertificate().getExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (ext.isCritical()) { set.add(oid.getId()); } } return set; } } return null; } private byte[] getExtensionBytes(String oid) { X509Extensions exts = c.getTBSCertificate().getExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { return ext.getValue().getOctets(); } } return null; } public byte[] getExtensionValue(String oid) { X509Extensions exts = c.getTBSCertificate().getExtensions(); if (exts != null) { X509Extension ext = exts.getExtension(new DERObjectIdentifier(oid)); if (ext != null) { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); try { dOut.writeObject(ext.getValue()); return bOut.toByteArray(); } catch (Exception e) { throw new RuntimeException("error encoding " + e.toString()); } } } return null; } public Set getNonCriticalExtensionOIDs() { if (this.getVersion() == 3) { HashSet set = new HashSet(); X509Extensions extensions = c.getTBSCertificate().getExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (!ext.isCritical()) { set.add(oid.getId()); } } return set; } } return null; } public boolean hasUnsupportedCriticalExtension() { if (this.getVersion() == 3) { X509Extensions extensions = c.getTBSCertificate().getExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); if (oid.getId().equals("2.5.29.15") || oid.getId().equals("2.5.29.19")) { continue; } X509Extension ext = extensions.getExtension(oid); if (ext.isCritical()) { return true; } } } } return false; } static PublicKey createPublicKeyFromPublicKeyInfo( SubjectPublicKeyInfo info) { AlgorithmIdentifier algId = info.getAlgorithmId(); if (algId.getObjectId().equals(PKCSObjectIdentifiers.rsaEncryption) || algId.getObjectId().equals(X509ObjectIdentifiers.id_ea_rsa)) { return new ExtendedJCERSAPublicKey(info); } else { throw new RuntimeException("algorithm identifier in key not recognised"); } } public PublicKey getPublicKey() { return createPublicKeyFromPublicKeyInfo(c.getSubjectPublicKeyInfo()); } public byte[] getEncoded() throws CertificateEncodingException { ByteArrayOutputStream bOut = new ByteArrayOutputStream(); DEROutputStream dOut = new DEROutputStream(bOut); try { dOut.writeObject(c); return bOut.toByteArray(); } catch (IOException e) { throw new CertificateEncodingException(e.toString()); } } public void setBagAttribute( DERObjectIdentifier oid, DEREncodable attribute) { pkcs12Attributes.put(oid, attribute); pkcs12Ordering.addElement(oid); } public DEREncodable getBagAttribute( DERObjectIdentifier oid) { return (DEREncodable)pkcs12Attributes.get(oid); } public Enumeration getBagAttributeKeys() { return pkcs12Ordering.elements(); } public String toString() { StringBuffer buf = new StringBuffer(); String nl = System.getProperty("line.separator"); buf.append(" [0] Version: " + this.getVersion() + nl); buf.append(" SerialNumber: " + this.getSerialNumber() + nl); buf.append(" IssuerDN: " + this.getIssuerDN() + nl); buf.append(" Start Date: " + this.getNotBefore() + nl); buf.append(" Final Date: " + this.getNotAfter() + nl); buf.append(" SubjectDN: " + this.getSubjectDN() + nl); buf.append(" Public Key: " + this.getPublicKey() + nl); buf.append(" Signature Algorithm: " + this.getSigAlgName() + nl); byte[] sig = this.getSignature(); buf.append(" Signature: " + new String(Hex.encode(sig, 0, 20)) + nl); for (int i = 20; i < sig.length; i += 20) { if (i < sig.length - 20) { buf.append(" " + new String(Hex.encode(sig, i, 20)) + nl); } else { buf.append(" " + new String(Hex.encode(sig, i, sig.length - i)) + nl); } } X509Extensions extensions = c.getTBSCertificate().getExtensions(); if (extensions != null) { Enumeration e = extensions.oids(); if (e.hasMoreElements()) { buf.append(" Extensions: \n"); } while (e.hasMoreElements()) { DERObjectIdentifier oid = (DERObjectIdentifier)e.nextElement(); X509Extension ext = extensions.getExtension(oid); if (ext.getValue() != null) { byte[] octs = ext.getValue().getOctets(); ByteArrayInputStream bIn = new ByteArrayInputStream(octs); ASN1InputStream dIn = new ASN1InputStream(bIn); buf.append(" critical(" + ext.isCritical() + ") "); try { if (oid.equals(X509Extensions.BasicConstraints)) { buf.append(new BasicConstraints((ASN1Sequence)dIn.readObject()) + nl); } else if (oid.equals(X509Extensions.KeyUsage)) { buf.append(new KeyUsage((DERBitString)dIn.readObject()) + nl); } else if (oid.equals(MiscObjectIdentifiers.netscapeCertType)) { buf.append(new NetscapeCertType((DERBitString)dIn.readObject()) + nl); } else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL)) { buf.append(new NetscapeRevocationURL((DERIA5String)dIn.readObject()) + nl); } else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension)) { buf.append(new VerisignCzagExtension((DERIA5String)dIn.readObject()) + nl); } else { buf.append(oid.getId()); buf.append(" value = " + ASN1Dump.dumpAsString(dIn.readObject()) + nl); //buf.append(" value = " + "*****" + nl); } } catch (Exception ex) { buf.append(oid.getId()); // buf.append(" value = " + new String(Hex.encode(ext.getValue().getOctets())) + nl); buf.append(" value = " + "*****" + nl); } } else { buf.append(nl); } } } return buf.toString(); } public final void verify( PublicKey key) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature = null; if (!c.getSignatureAlgorithm().equals(c.getTBSCertificate().getSignature())) { throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); } try { signature = ExtendedX509V3CertificateGenerator.getSignature( c.getSignatureAlgorithm(), "BC" ); } catch (Exception e2) { try { signature = ExtendedX509V3CertificateGenerator.getSignature( c.getSignatureAlgorithm(), null ); } catch (InvalidParameterSpecException e) { throw new NoSuchAlgorithmException(e); } catch (InvalidAlgorithmParameterException e) { throw new NoSuchAlgorithmException(e); } catch (IOException e) { throw new NoSuchAlgorithmException(e); } } signature.initVerify(key); signature.update(this.getTBSCertificate()); if (!signature.verify(this.getSignature())) { throw new InvalidKeyException("Public key presented not for certificate signature"); } } public final void verify( PublicKey key, String sigProvider) throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException { Signature signature; try { signature = ExtendedX509V3CertificateGenerator.getSignature( c.getSignatureAlgorithm(), sigProvider ); } catch (InvalidParameterSpecException e) { throw new NoSuchAlgorithmException(e); } catch (InvalidAlgorithmParameterException e) { throw new NoSuchAlgorithmException(e); } catch (IOException e) { throw new NoSuchAlgorithmException(e); } if (!c.getSignatureAlgorithm().equals(c.getTBSCertificate().getSignature())) { throw new CertificateException("signature algorithm in TBS cert not same as outer cert"); } signature.initVerify(key); signature.update(this.getTBSCertificate()); if (!signature.verify(this.getSignature())) { throw new InvalidKeyException("Public key presented not for certificate signature"); } }}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -