下面列出了java.security.cert.X509CRLEntry#hasExtensions() 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
private void crlEntrySelection() {
int row = jtRevokedCerts.getSelectedRow();
if (row != -1) {
BigInteger serialNumber = (BigInteger) jtRevokedCerts.getValueAt(row, 0);
Set<?> revokedCertsSet = crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (Iterator<?> itr = revokedCertsSet.iterator(); itr.hasNext();) {
X509CRLEntry entry = (X509CRLEntry) itr.next();
if (serialNumber.equals(entry.getSerialNumber())) {
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry.hasExtensions()) {
jbCrlEntryExtensions.setEnabled(true);
return;
}
}
jbCrlEntryExtensions.setEnabled(false);
}
private void displayCrlEntryExtensions() {
int row = jtRevokedCerts.getSelectedRow();
if (row != -1) {
BigInteger serialNumber = (BigInteger) jtRevokedCerts.getValueAt(row, 0);
Set<?> revokedCertsSet = crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (Iterator<?> itr = revokedCertsSet.iterator(); itr.hasNext();) {
X509CRLEntry entry = (X509CRLEntry) itr.next();
if (serialNumber.equals(entry.getSerialNumber())) {
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry.hasExtensions()) {
DViewExtensions dViewExtensions = new DViewExtensions(this,
res.getString("DViewCrl.EntryExtensions.Title"), x509CrlEntry);
dViewExtensions.setLocationRelativeTo(this);
dViewExtensions.setVisible(true);
}
}
}
/**
* Get reason from the x509 entry.
* @param entry the entry
* @return reason or null
*/
private static Reason getReasonFromX509Entry(final X509CRLEntry entry) {
if (entry.hasExtensions()) {
try {
final int code = Integer.parseInt(
new String(entry.getExtensionValue(CRL_REASON_OID), "ASCII"));
if (code < Reason.values().length) {
return Reason.fromCode(code);
}
} catch (final Exception e) {
LOGGER.trace("An exception occurred when resolving extension value: {}", e.getMessage());
}
}
return null;
}
public RevokedCertificateException(final X509CRLEntry entry) {
this.revocationDate = entry.getRevocationDate();
this.serial = entry.getSerialNumber();
if (entry.hasExtensions()) {
try {
final int code = Integer.parseInt(
new String(entry.getExtensionValue(CRL_REASON_OID), "ASCII"));
if (code < Reason.values().length) {
this.reason = Reason.fromCode(code);
}
} catch (final Exception e) {
logger.trace("An exception occurred when resolving extension value: {}", e.getMessage());
}
}
}
/**
* CRL entry selected or deselected. Enable/disable the "CRL Extensions" button accordingly (i.e. enable it if only
* one extension is selected and it has extensions.
*/
private void crlEntrySelection()
{
ListSelectionModel listSelectionModel = m_jtRevokedCerts.getSelectionModel();
if (!listSelectionModel.isSelectionEmpty()) // Entry must be selected
{
// Only one entry though
// TODO: probably no longer necessary?
if (listSelectionModel.getMinSelectionIndex() == listSelectionModel.getMaxSelectionIndex())
{
// Get serial number of entry
int iRow = listSelectionModel.getMinSelectionIndex();
BigInteger serialNumber = (BigInteger) m_jtRevokedCerts.getValueAt(iRow, 0);
// Find CRL entry using serial number
Set<? extends X509CRLEntry> revokedCertsSet = m_crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (X509CRLEntry entry : revokedCertsSet)
{
if (serialNumber.equals(entry.getSerialNumber()))
{
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry != null && x509CrlEntry.hasExtensions())
{
m_jbCrlEntryExtensions.setEnabled(true);
return;
}
}
}
// Disable "CRL Extensions" button
m_jbCrlEntryExtensions.setEnabled(false);
}
/**
* CRL entry extensions button pressed or otherwise activated. Show the extensions of the selected CRL entry.
*/
private void crlEntryExtensionsPressed()
{
ListSelectionModel listSelectionModel = m_jtRevokedCerts.getSelectionModel();
if (!listSelectionModel.isSelectionEmpty()) // Entry must be selected
{
// Only one entry though
// TODO: probably no longer necessary?
if (listSelectionModel.getMinSelectionIndex() == listSelectionModel.getMaxSelectionIndex())
{
// Get serial number of entry
int iRow = listSelectionModel.getMinSelectionIndex();
BigInteger serialNumber = (BigInteger) m_jtRevokedCerts.getValueAt(iRow, 0);
// Find CRL entry using serial number
Set<? extends X509CRLEntry> revokedCertsSet = m_crl.getRevokedCertificates();
X509CRLEntry x509CrlEntry = null;
for (X509CRLEntry entry : revokedCertsSet)
{
if (serialNumber.equals(entry.getSerialNumber()))
{
x509CrlEntry = entry;
break;
}
}
if (x509CrlEntry != null && x509CrlEntry.hasExtensions())
{
DViewExtensions dViewExtensions =
new DViewExtensions(this, RB.getString("DViewCRL.EntryExtensions.Title"), true, x509CrlEntry);
dViewExtensions.setLocationRelativeTo(this);
SwingHelper.showAndWait(dViewExtensions);
}
}
}
}
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Principal certIssuer = crl_entry.getCertificateIssuer();
if (certIssuer == null)
{
certIssuer = getIssuerPrincipal(crl);
}
if (!getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (!getEncodedIssuerPrincipal(cert).equals(getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
X509Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = X509CRLObject.isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
if (certIssuer == null)
{
certIssuer = PrincipalUtils.getIssuerPrincipal(crl);
}
if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(PrincipalUtils.getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Principal certIssuer = crl_entry.getCertificateIssuer();
if (certIssuer == null)
{
certIssuer = getIssuerPrincipal(crl);
}
if (!getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (!getEncodedIssuerPrincipal(cert).equals(getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
X509Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}
protected static void getCertStatus(
Date validDate,
X509CRL crl,
Object cert,
CertStatus certStatus)
throws AnnotatedException
{
X509CRLEntry crl_entry = null;
boolean isIndirect;
try
{
isIndirect = X509CRLObject.isIndirectCRL(crl);
}
catch (CRLException exception)
{
throw new AnnotatedException("Failed check for indirect CRL.", exception);
}
if (isIndirect)
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
X500Name certIssuer = X500Name.getInstance(crl_entry.getCertificateIssuer().getEncoded());
if (certIssuer == null)
{
certIssuer = PrincipalUtils.getIssuerPrincipal(crl);
}
if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(certIssuer))
{
return;
}
}
else if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(PrincipalUtils.getIssuerPrincipal(crl)))
{
return; // not for our issuer, ignore
}
else
{
crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
if (crl_entry == null)
{
return;
}
}
ASN1Enumerated reasonCode = null;
if (crl_entry.hasExtensions())
{
try
{
reasonCode = ASN1Enumerated
.getInstance(CertPathValidatorUtilities
.getExtensionValue(crl_entry,
Extension.reasonCode.getId()));
}
catch (Exception e)
{
throw new AnnotatedException(
"Reason code CRL entry extension could not be decoded.",
e);
}
}
// for reason keyCompromise, caCompromise, aACompromise or
// unspecified
if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
|| reasonCode == null
|| reasonCode.getValue().intValue() == 0
|| reasonCode.getValue().intValue() == 1
|| reasonCode.getValue().intValue() == 2
|| reasonCode.getValue().intValue() == 8)
{
// (i) or (j) (1)
if (reasonCode != null)
{
certStatus.setCertStatus(reasonCode.getValue().intValue());
}
// (i) or (j) (2)
else
{
certStatus.setCertStatus(CRLReason.unspecified);
}
certStatus.setRevocationDate(crl_entry.getRevocationDate());
}
}