Examples of org.apache.harmony.security.x509.BasicConstraints

Package org.apache.harmony.security.x509

Examples of org.apache.harmony.security.x509.BasicConstraints

org.bouncycastle.asn1.x509.BasicConstraints

Basic Constraints Extension (OID == 2.5.29.19). The ASN.1 definitionn for Basic Constraints Extension is:

 id-ce-basicConstraints OBJECT IDENTIFIER ::=  { id-ce 19 } BasicConstraints ::= SEQUENCE { cA                      BOOLEAN DEFAULT FALSE, pathLenConstraint       INTEGER (0..MAX) OPTIONAL }

(as specified in RFC 3280)

                    buf.append("                       critical(" + ext.isCritical() + ") ");
                    try
                    {
                        if (oid.equals(X509Extensions.BasicConstraints))
                        {
                            buf.append(new BasicConstraints((ASN1Sequence)dIn.readObject()) + nl);
                        }
                        else if (oid.equals(X509Extensions.KeyUsage))
                        {
                            buf.append(new KeyUsage((DERBitString)dIn.readObject()) + nl);
                        }

View Full Code Here


        //
        // create the certificate - version 3
        //
        X509V3CertificateGenerator x509V1CertificateGenerator = new X509V3CertificateGenerator();
        x509V1CertificateGenerator.addExtension(X509Extensions.BasicConstraints, false, new BasicConstraints(true));
        x509V1CertificateGenerator.setSerialNumber(BigInteger.valueOf(System.currentTimeMillis()));
        x509V1CertificateGenerator.setIssuerDN(new X509Principal(issuer));
        x509V1CertificateGenerator.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
        x509V1CertificateGenerator.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
        x509V1CertificateGenerator.setSubjectDN(new X509Principal(subject));

View Full Code Here

            new AuthorityKeyIdentifierStructure(caCert));


        v3CertGen.addExtension(
            X509Extensions.BasicConstraints,
            true,
            new BasicConstraints(0));


        X509Certificate cert = v3CertGen.generate(caPrivKey);


        cert.checkValidity(new Date());

View Full Code Here


        _v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
                createAuthorityKeyId(_issPub));


        _v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
                new BasicConstraints(_ca));


        X509Certificate _cert = _v3CertGen.generate(_issPriv);


        _cert.checkValidity(new Date());
        _cert.verify(_issPub);

View Full Code Here

        certGen.setPublicKey(intKey);
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
    
        certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
        certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(intKey));
        certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(0));
        certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));


        return certGen.generate(caKey, "BC");
    }

View Full Code Here

        certGen.setPublicKey(entityKey);
        certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
        
        certGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
        certGen.addExtension(X509Extensions.SubjectKeyIdentifier, false, new SubjectKeyIdentifierStructure(entityKey));
        certGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(false));
        certGen.addExtension(X509Extensions.KeyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment));


        return certGen.generate(caKey, "BC");
    }

View Full Code Here

        KeyPair pair = keyGen.generateKeyPair();


        Vector oids = new Vector();
        Vector values = new Vector();
        oids.add(X509Extensions.BasicConstraints);
        values.add(new X509Extension(true, new DEROctetString(new BasicConstraints(true))));
        oids.add(X509Extensions.KeyUsage);
        values.add(new X509Extension(true, new DEROctetString(
            new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign))));
        SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifierStructure(pair.getPublic());
        X509Extension ski = new X509Extension(false, new DEROctetString(subjectKeyIdentifier));

View Full Code Here

                        throw new AnnotatedException(
                            "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
                    }
                }
            }
            BasicConstraints bc = null;
            try
            {
                bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue((X509Extension)cert,
                    BASIC_CONSTRAINTS));
            }
            catch (Exception e)
            {
                throw new AnnotatedException("Basic constraints extension could not be decoded.", e);
            }


            if (cert instanceof X509Certificate)
            {
                // (b) (2) (ii)
                if (idp.onlyContainsUserCerts() && (bc != null && bc.isCA()))
                {
                    throw new AnnotatedException("CA Cert CRL only contains user certificates.");
                }


                // (b) (2) (iii)
                if (idp.onlyContainsCACerts() && (bc == null || !bc.isCA()))
                {
                    throw new AnnotatedException("End CRL only contains CA certificates.");
                }
            }

View Full Code Here

        List certs = certPath.getCertificates();
        X509Certificate cert = (X509Certificate)certs.get(index);
        //
        // (k)
        //
        BasicConstraints bc = null;
        try
        {
            bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
                RFC3280CertPathUtilities.BASIC_CONSTRAINTS));
        }
        catch (Exception e)
        {
            throw new ExtCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
                index);
        }
        if (bc != null)
        {
            if (!(bc.isCA()))
            {
                throw new CertPathValidatorException("Not a CA certificate");
            }
        }
        else

View Full Code Here

        X509Certificate cert = (X509Certificate)certs.get(index);


        //
        // (m)
        //
        BasicConstraints bc = null;
        try
        {
            bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
                RFC3280CertPathUtilities.BASIC_CONSTRAINTS));
        }
        catch (Exception e)
        {
            throw new ExtCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
                index);
        }
        if (bc != null)
        {
            BigInteger _pathLengthConstraint = bc.getPathLenConstraint();


            if (_pathLengthConstraint != null)
            {
                int _plc = _pathLengthConstraint.intValue();

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of org.apache.harmony.security.x509.BasicConstraints

br.net.woodstock.rockframework.security.cert.impl.BouncyCastleCertificateBuilder

br.net.woodstock.rockframework.security.cert.impl.BouncyCastleCertificateGenerator

com.gitblit.utils.X509Utils

com.maverick.crypto.asn1.ASN1EncodableVector

com.maverick.crypto.asn1.DERBoolean

com.maverick.crypto.asn1.DERInteger

com.maverick.crypto.asn1.DERSequence

com.maverick.crypto.asn1.x509.X509Certificate

cybervillains.ca.CertificateCreator

org.apache.accumulo.test.util.CertUtils

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.