下面列出了java.security.cert.PKIXReason#INVALID_KEY_USAGE 实例代码,或者点击链接到github查看源代码,也可以在右侧发表评论。
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}
/**
* Verifies the key usage extension in a CA cert.
* The key usage extension, if present, must assert the keyCertSign bit.
* The extended key usage extension is not checked (see CR 4776794 for
* more information).
*/
static void verifyCAKeyUsage(X509Certificate cert)
throws CertPathValidatorException {
String msg = "CA key usage";
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() ---checking " + msg
+ "...");
}
boolean[] keyUsageBits = cert.getKeyUsage();
// getKeyUsage returns null if the KeyUsage extension is not present
// in the certificate - in which case there is nothing to check
if (keyUsageBits == null) {
return;
}
// throw an exception if the keyCertSign bit is not set
if (!keyUsageBits[KEY_CERT_SIGN]) {
throw new CertPathValidatorException
(msg + " check failed: keyCertSign bit is not set", null,
null, -1, PKIXReason.INVALID_KEY_USAGE);
}
if (debug != null) {
debug.println("KeyChecker.verifyCAKeyUsage() " + msg
+ " verified.");
}
}