下面列出了怎么用java.security.cert.CRLReason的API类实例代码及写法,或者点击链接到github查看源代码。
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
static CRLReason getCRLReason(String reason) throws OperationFailedException {
switch (reason.toUpperCase(Locale.ENGLISH)) {
case UNSPECIFIED:
return CRLReason.UNSPECIFIED;
case KEY_COMPROMISE:
return CRLReason.KEY_COMPROMISE;
case CA_COMPROMISE:
return CRLReason.CA_COMPROMISE;
case AFFILIATION_CHANGED:
return CRLReason.AFFILIATION_CHANGED;
case SUPERSEDED:
return CRLReason.SUPERSEDED;
case CESSATION_OF_OPERATION:
return CRLReason.CESSATION_OF_OPERATION;
case CERTIFICATE_HOLD:
return CRLReason.CERTIFICATE_HOLD;
case REMOVE_FROM_CRL:
return CRLReason.REMOVE_FROM_CRL;
case PRIVILEGE_WITHDRAWN:
return CRLReason.PRIVILEGE_WITHDRAWN;
case AA_COMPROMISE:
return CRLReason.AA_COMPROMISE;
default:
throw ROOT_LOGGER.invalidCertificateRevocationReason(reason);
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* Create a CertStatusInfo providing type, revocation date
* (if applicable) and revocation reason.
*
* @param statType the status for this entry.
* @param revDate if applicable, the date that revocation took place.
* A value of {@code null} indicates that current time should be used.
* If the value of {@code statType} is not {@code CERT_STATUS_REVOKED},
* then the {@code revDate} parameter is ignored.
* @param revReason the reason the certificate was revoked. A value of
* {@code null} means that no reason was provided.
*/
public CertStatusInfo(CertStatus statType, Date revDate,
CRLReason revReason) {
Objects.requireNonNull(statType, "Cert Status must be non-null");
certStatusType = statType;
switch (statType) {
case CERT_STATUS_GOOD:
case CERT_STATUS_UNKNOWN:
revocationTime = null;
break;
case CERT_STATUS_REVOKED:
revocationTime = revDate != null ? (Date)revDate.clone() :
new Date();
break;
default:
throw new IllegalArgumentException("Unknown status type: " +
statType);
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This static method is the default implementation of the
* getRevocationReason method in X509CRLEntry.
*/
public static CRLReason getRevocationReason(X509CRLEntry crlEntry) {
try {
byte[] ext = crlEntry.getExtensionValue("2.5.29.21");
if (ext == null) {
return null;
}
DerValue val = new DerValue(ext);
byte[] data = val.getOctetString();
CRLReasonCodeExtension rcExt =
new CRLReasonCodeExtension(Boolean.FALSE, data);
return rcExt.getReasonCode();
} catch (IOException ioe) {
return null;
}
}
/**
* This method is the overridden implementation of the getRevocationReason
* method in X509CRLEntry. It is better performance-wise since it returns
* cached values.
*/
@Override
public CRLReason getRevocationReason() {
Extension ext = getExtension(PKIXExtensions.ReasonCode_Id);
if (ext == null) {
return null;
}
CRLReasonCodeExtension rcExt = (CRLReasonCodeExtension) ext;
return rcExt.getReasonCode();
}
/**
* Return the reason as a CRLReason enum.
*/
public CRLReason getReasonCode() {
// if out-of-range, return UNSPECIFIED
if (reasonCode > 0 && reasonCode < values.length) {
return values[reasonCode];
} else {
return CRLReason.UNSPECIFIED;
}
}
@Parameterized.Parameters(name = "{index}: serverProvider = {0}, clientProvider = {1}, exception = {2}")
public static Collection<Object[]> data() {
List<SslProvider> serverProviders = new ArrayList<SslProvider>(2);
List<SslProvider> clientProviders = new ArrayList<SslProvider>(3);
if (OpenSsl.isAvailable()) {
serverProviders.add(SslProvider.OPENSSL);
serverProviders.add(SslProvider.OPENSSL_REFCNT);
clientProviders.add(SslProvider.OPENSSL);
clientProviders.add(SslProvider.OPENSSL_REFCNT);
}
// We not test with SslProvider.JDK on the server side as the JDK implementation currently just send the same
// alert all the time, sigh.....
clientProviders.add(SslProvider.JDK);
List<CertificateException> exceptions = new ArrayList<CertificateException>(6);
exceptions.add(new CertificateExpiredException());
exceptions.add(new CertificateNotYetValidException());
exceptions.add(new CertificateRevokedException(
new Date(), CRLReason.AA_COMPROMISE, new X500Principal(""),
Collections.<String, Extension>emptyMap()));
// Also use wrapped exceptions as this is what the JDK implementation of X509TrustManagerFactory is doing.
exceptions.add(newCertificateException(CertPathValidatorException.BasicReason.EXPIRED));
exceptions.add(newCertificateException(CertPathValidatorException.BasicReason.NOT_YET_VALID));
exceptions.add(newCertificateException(CertPathValidatorException.BasicReason.REVOKED));
List<Object[]> params = new ArrayList<Object[]>();
for (SslProvider serverProvider: serverProviders) {
for (SslProvider clientProvider: clientProviders) {
for (CertificateException exception: exceptions) {
params.add(new Object[] { serverProvider, clientProvider, exception});
}
}
}
return params;
}
/**
* This method is the overridden implementation of the getRevocationReason
* method in X509CRLEntry. It is better performance-wise since it returns
* cached values.
*/
@Override
public CRLReason getRevocationReason() {
Extension ext = getExtension(PKIXExtensions.ReasonCode_Id);
if (ext == null) {
return null;
}
CRLReasonCodeExtension rcExt = (CRLReasonCodeExtension) ext;
return rcExt.getReasonCode();
}
/**
* Return the reason as a CRLReason enum.
*/
public CRLReason getReasonCode() {
// if out-of-range, return UNSPECIFIED
if (reasonCode > 0 && reasonCode < values.length) {
return values[reasonCode];
} else {
return CRLReason.UNSPECIFIED;
}
}
/**
* This method is the overridden implementation of the getRevocationReason
* method in X509CRLEntry. It is better performance-wise since it returns
* cached values.
*/
@Override
public CRLReason getRevocationReason() {
Extension ext = getExtension(PKIXExtensions.ReasonCode_Id);
if (ext == null) {
return null;
}
CRLReasonCodeExtension rcExt = (CRLReasonCodeExtension) ext;
return rcExt.getReasonCode();
}
/**
* Return the reason as a CRLReason enum.
*/
public CRLReason getReasonCode() {
// if out-of-range, return UNSPECIFIED
if (reasonCode > 0 && reasonCode < values.length) {
return values[reasonCode];
} else {
return CRLReason.UNSPECIFIED;
}
}
private CertificateRevokedException getTestException() {
HashMap<String, Extension> extensions = new HashMap<String, Extension>();
// REASON_CODE
extensions.put("2.5.29.21", getReasonExtension());
extensions.put("2.5.29.24", getInvalidityExtension());
return new CertificateRevokedException(
new Date(1199226851000L),
CRLReason.CESSATION_OF_OPERATION,
new X500Principal("CN=test1"),
extensions);
}
/**
* Return the reason as a CRLReason enum.
*/
public CRLReason getReasonCode() {
// if out-of-range, return UNSPECIFIED
if (reasonCode > 0 && reasonCode < values.length) {
return values[reasonCode];
} else {
return CRLReason.UNSPECIFIED;
}
}
/**
* This method is the overridden implementation of the getRevocationReason
* method in X509CRLEntry. It is better performance-wise since it returns
* cached values.
*/
@Override
public CRLReason getRevocationReason() {
Extension ext = getExtension(PKIXExtensions.ReasonCode_Id);
if (ext == null) {
return null;
}
CRLReasonCodeExtension rcExt = (CRLReasonCodeExtension) ext;
return rcExt.getReasonCode();
}
/**
* Return the reason as a CRLReason enum.
*/
public CRLReason getReasonCode() {
// if out-of-range, return UNSPECIFIED
if (reasonCode > 0 && reasonCode < values.length) {
return values[reasonCode];
} else {
return CRLReason.UNSPECIFIED;
}
}
/**
* Return the reason as a CRLReason enum.
*/
public CRLReason getReasonCode() {
// if out-of-range, return UNSPECIFIED
if (reasonCode > 0 && reasonCode < values.length) {
return values[reasonCode];
} else {
return CRLReason.UNSPECIFIED;
}
}
public void testCryptoPrimitive_ordinal_ExpectedValues() throws Exception {
assertEquals("UNSPECIFIED", 0, CRLReason.UNSPECIFIED.ordinal());
assertEquals("KEY_COMPROMISE", 1, CRLReason.KEY_COMPROMISE.ordinal());
assertEquals("CA_COMPROMISE", 2, CRLReason.CA_COMPROMISE.ordinal());
assertEquals("AFFILIATION_CHANGED", 3, CRLReason.AFFILIATION_CHANGED.ordinal());
assertEquals("SUPERSEDED", 4, CRLReason.SUPERSEDED.ordinal());
assertEquals("CESSATION_OF_OPERATION", 5, CRLReason.CESSATION_OF_OPERATION.ordinal());
assertEquals("CERTIFICATE_HOLD", 6, CRLReason.CERTIFICATE_HOLD.ordinal());
assertEquals("UNUSED", 7, CRLReason.UNUSED.ordinal());
assertEquals("REMOVE_FROM_CRL", 8, CRLReason.REMOVE_FROM_CRL.ordinal());
assertEquals("PRIVILEGE_WITHDRAWN", 9, CRLReason.PRIVILEGE_WITHDRAWN.ordinal());
assertEquals("AA_COMPROMISE", 10, CRLReason.AA_COMPROMISE.ordinal());
}
/**
* This method is the overridden implementation of the getRevocationReason
* method in X509CRLEntry. It is better performance-wise since it returns
* cached values.
*/
@Override
public CRLReason getRevocationReason() {
Extension ext = getExtension(PKIXExtensions.ReasonCode_Id);
if (ext == null) {
return null;
}
CRLReasonCodeExtension rcExt = (CRLReasonCodeExtension) ext;
return rcExt.getReasonCode();
}