Package sun.security.x509

Examples of sun.security.x509.CertificateExtensions

408
409
410
411
412
413
414
415
416
417
418
    public X509Builder keyUsageNonRepudiation() { // other than CA or CRL; this applies to API clients
        try {
            v3();
             if( keyUsageExtension == null ) { keyUsageExtension = new KeyUsageExtension(); }
             keyUsageExtension.set(KeyUsageExtension.NON_REPUDIATION, true);
            if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
            certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
            info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
        }
        catch(Exception e) {
            fault(e, "keyUsageNonRepudiation");
View Full Code Here
423
424
425
426
427
428
429
430
431
432
433
    public X509Builder keyUsageKeyEncipherment() { // for encrypting and transporting other keys
        try {
            v3();
             if( keyUsageExtension == null ) { keyUsageExtension = new KeyUsageExtension(); }
             keyUsageExtension.set(KeyUsageExtension.KEY_ENCIPHERMENT, true);
            if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
            certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
            info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
        }
        catch(Exception e) {
            fault(e, "keyUsageKeyEncipherment");
View Full Code Here
438
439
440
441
442
443
444
445
446
447
448
    public X509Builder keyUsageDataEncipherment() { // for encrypting data
        try {
            v3();
             if( keyUsageExtension == null ) { keyUsageExtension = new KeyUsageExtension(); }
             keyUsageExtension.set(KeyUsageExtension.DATA_ENCIPHERMENT, true);
            if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
            certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
            info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
        }
        catch(Exception e) {
            fault(e, "keyUsageDataEncipherment");
View Full Code Here
457
458
459
460
461
462
463
464
465
466
467
            BasicConstraintsExtension constraintsExtension = new BasicConstraintsExtension(true,-1); // true indicates this is a CA;  -1 means no restriction on path length;  0 or more to set a restriction on max number of certs under this one in the chain
            // certificate signing extension
            if( keyUsageExtension == null ) { keyUsageExtension = new KeyUsageExtension(); }
            keyUsageExtension.set(KeyUsageExtension.KEY_CERTSIGN, true);
            // add both
            if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
            certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
            certificateExtensions.set(constraintsExtension.getExtensionId().toString(), constraintsExtension);
            info.set(X509CertInfo.EXTENSIONS, certificateExtensions);
        }
        catch(Exception e) {
View Full Code Here
473
474
475
476
477
478
479
480
481
482
483
    public X509Builder keyUsageCRLSign() {
        try {
            v3();
            if( keyUsageExtension == null ) { keyUsageExtension = new KeyUsageExtension(); }
            keyUsageExtension.set(KeyUsageExtension.CRL_SIGN, true);
            if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
            certificateExtensions.set(keyUsageExtension.getExtensionId().toString(), keyUsageExtension);
            info.set(X509CertInfo.EXTENSIONS, certificateExtensions);            
        }
        catch(Exception e) {
            fault(e, "keyUsageCRLSign");
View Full Code Here
489
490
491
492
493
494
495
496
497
498
499
        extendedKeyUsageExtensionIsCritical = true;
        try {
            v3();
            if( extendedKeyUsageExtensionList != null ) {
                extendedKeyUsageExtension = new ExtendedKeyUsageExtension(extendedKeyUsageExtensionIsCritical, extendedKeyUsageExtensionList);
                if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
                certificateExtensions.set(extendedKeyUsageExtension.getExtensionId().toString(), extendedKeyUsageExtension);
                info.set(X509CertInfo.EXTENSIONS, certificateExtensions);            
            }
        }
        catch(Exception e) {
View Full Code Here
526
527
528
529
530
531
532
533
534
535
536
        try {
            v3();
            if( extendedKeyUsageExtensionList == null ) { extendedKeyUsageExtensionList = new Vector<ObjectIdentifier>(); }
            extendedKeyUsageExtensionList.add(oid);
            extendedKeyUsageExtension = new ExtendedKeyUsageExtension(extendedKeyUsageExtensionIsCritical, extendedKeyUsageExtensionList);
            if( certificateExtensions == null ) { certificateExtensions = new CertificateExtensions(); }
            certificateExtensions.set(extendedKeyUsageExtension.getExtensionId().toString(), extendedKeyUsageExtension);
            info.set(X509CertInfo.EXTENSIONS, certificateExtensions);            
        }
        catch(Exception e) {
            fault(e, "extKeyUsage(%s)", oid.toString());
View Full Code Here
179
180
181
182
183
184
185
186
187
188
189
      final Date notBefore = new Date();
      final Date notAfter = new Date(notBefore.getTime() + DEFAULT_VALIDITY);
      final CertificateSigner signer = createCertificateSigner(issuer, issuerPrivateKey);
      final CertificateValidity validity = new CertificateValidity(notBefore, notAfter);
      final X509CertInfo info = createCertificateInfo(subject, subjectPublic, issuer, issuerPublicKey, validity, signer);
      final CertificateExtensions extensions = (isCaCert) ? (getCACertificateExtensions()) : (getCertificateExtensions(subjectPublic, issuerPublicKey));
      info.set(X509CertInfo.EXTENSIONS, extensions);
      final X509CertImpl cert = new X509CertImpl(info);
      cert.sign(issuerPrivateKey, SIGNATURE_ALGORITHM);
      return cert;
    } catch (Exception e) {
View Full Code Here
219
220
221
222
223
224
225
226
227
228
229
230
231
        .getSigner()));
    return info;
  }

  private static CertificateExtensions getCACertificateExtensions() throws IOException {
    CertificateExtensions ext = new CertificateExtensions();

    // Basic Constraints
    ext.set(BasicConstraintsExtension.NAME, new BasicConstraintsExtension(
        /* isCritical */true, /* isCA */true, 0));

    return ext;
  }
View Full Code Here
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
    return ext;
  }

  private static CertificateExtensions getCertificateExtensions(
      PublicKey pubKey, PublicKey caPubKey) throws IOException {
    CertificateExtensions ext = new CertificateExtensions();

    ext.set(SubjectKeyIdentifierExtension.NAME,
        new SubjectKeyIdentifierExtension(new KeyIdentifier(pubKey)
        .getIdentifier()));

    ext.set(AuthorityKeyIdentifierExtension.NAME,
        new AuthorityKeyIdentifierExtension(
            new KeyIdentifier(caPubKey), null, null));

    // Basic Constraints
    ext.set(BasicConstraintsExtension.NAME, new BasicConstraintsExtension(
        /* isCritical */true, /* isCA */false, /* pathLen */5));

    // Netscape Cert Type Extension
    boolean[] ncteOk = new boolean[8];
    ncteOk[0] = true; // SSL_CLIENT
    ncteOk[1] = true; // SSL_SERVER
    NetscapeCertTypeExtension ncte = new NetscapeCertTypeExtension(ncteOk);
    ncte = new NetscapeCertTypeExtension(false, ncte.getExtensionValue());
    ext.set(NetscapeCertTypeExtension.NAME, ncte);

    // Key Usage Extension
    boolean[] kueOk = new boolean[9];
    kueOk[0] = true;
    kueOk[2] = true;
    // "digitalSignature", // (0),
    // "nonRepudiation", // (1)
    // "keyEncipherment", // (2),
    // "dataEncipherment", // (3),
    // "keyAgreement", // (4),
    // "keyCertSign", // (5),
    // "cRLSign", // (6),
    // "encipherOnly", // (7),
    // "decipherOnly", // (8)
    // "contentCommitment" // also (1)
    KeyUsageExtension kue = new KeyUsageExtension(kueOk);
    ext.set(KeyUsageExtension.NAME, kue);

    // Extended Key Usage Extension
    int[] serverAuthOidData = { 1, 3, 6, 1, 5, 5, 7, 3, 1 };
    ObjectIdentifier serverAuthOid = new ObjectIdentifier(serverAuthOidData);
    int[] clientAuthOidData = { 1, 3, 6, 1, 5, 5, 7, 3, 2 };
    ObjectIdentifier clientAuthOid = new ObjectIdentifier(clientAuthOidData);
    Vector<ObjectIdentifier> v = new Vector<ObjectIdentifier>();
    v.add(serverAuthOid);
    v.add(clientAuthOid);
    ExtendedKeyUsageExtension ekue = new ExtendedKeyUsageExtension(false, v);
    ext.set(ExtendedKeyUsageExtension.NAME, ekue);

    return ext;
  }
View Full Code Here
TOP

Related Classes of sun.security.x509.CertificateExtensions

  • CheckCertId
  • com.android.builder.signing.SignedJarBuilder
  • com.caucho.vfs.SelfSignedCert
  • com.intel.mtwilson.crypto.X509Builder
  • com.subgraph.vega.internal.http.proxy.ssl.CertificateCreator
  • com.sun.crypto.provider.KeyProtector
  • com.sun.enterprise.iiop.security.SecClientRequestInterceptor
  • com.sun.enterprise.iiop.security.SecServerRequestInterceptor
  • com.sun.enterprise.iiop.security.SecurityMechanismSelector
  • com.sun.enterprise.security.auth.login.LoginContextDriver
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.