当前位置: 首页>>代码示例>>Java>>正文


Java CertPathValidatorException类代码示例

本文整理汇总了Java中java.security.cert.CertPathValidatorException的典型用法代码示例。如果您正苦于以下问题:Java CertPathValidatorException类的具体用法?Java CertPathValidatorException怎么用?Java CertPathValidatorException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


CertPathValidatorException类属于java.security.cert包,在下文中一共展示了CertPathValidatorException类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: checkClientValidationFailure

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
/**
 * Checks a validation failure to see if it failed for the reason we think
 * it should.  This comes in as an SSLException of some sort, but it
 * encapsulates a ValidatorException which in turn encapsulates the
 * CertPathValidatorException we are interested in.
 *
 * @param e the exception thrown at the top level
 * @param reason the underlying CertPathValidatorException BasicReason
 * we are expecting it to have.
 *
 * @return true if the reason matches up, false otherwise.
 */
static boolean checkClientValidationFailure(Exception e,
        BasicReason reason) {
    boolean result = false;

    if (e instanceof SSLException) {
        Throwable valExc = e.getCause();
        if (valExc instanceof sun.security.validator.ValidatorException) {
            Throwable cause = valExc.getCause();
            if (cause instanceof CertPathValidatorException) {
                CertPathValidatorException cpve =
                        (CertPathValidatorException)cause;
                if (cpve.getReason() == reason) {
                    result = true;
                }
            }
        }
    }
    return result;
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:32,代码来源:HttpsUrlConnClient.java

示例2: processCertF

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
protected static void processCertF(
    CertPath certPath,
    int index,
    PKIXPolicyNode validPolicyTree,
    int explicitPolicy)
    throws CertPathValidatorException
{
    //
    // (f)
    //
    if (explicitPolicy <= 0 && validPolicyTree == null)
    {
        throw new ExtCertPathValidatorException("No valid policy tree found when one expected.", null, certPath,
            index);
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:17,代码来源:RFC3280CertPathUtilities.java

示例3: prepareNextCertL

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
protected static int prepareNextCertL(
    CertPath certPath,
    int index,
    int maxPathLength)
    throws CertPathValidatorException
{
    List certs = certPath.getCertificates();
    X509Certificate cert = (X509Certificate)certs.get(index);
    //
    // (l)
    //
    if (!CertPathValidatorUtilities.isSelfIssued(cert))
    {
        if (maxPathLength <= 0)
        {
            throw new ExtCertPathValidatorException("Max path length not greater than zero", null, certPath, index);
        }

        return maxPathLength - 1;
    }
    return maxPathLength;
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:23,代码来源:RFC3280CertPathUtilities.java

示例4: getVerificationKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
@Test
public void getVerificationKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid() throws Exception {
    final CertificateDto certOneDto = getX509Certificate(STUB_IDP_ONE);
    when(certificatesConfigProxy.getSignatureVerificationCertificates(issuerId)).thenReturn(of(certOneDto));
    when(x509CertificateFactory.createCertificate(certOneDto.getCertificate())).thenReturn(x509Certificate);
    when(trustStoreForCertificateProvider.getTrustStoreFor(any(FederationEntityType.class))).thenReturn(trustStore);
    CertPathValidatorException underlyingException = new CertPathValidatorException("Invalid Certificate");
    when(certificateChainValidator.validate(x509Certificate, trustStore)).thenReturn(invalid(underlyingException));
    try {
        configServiceKeyStore.getVerifyingKeysForEntity(issuerId);
        Assert.fail(String.format("Expected [%s]", CertificateChainValidationException.class.getSimpleName()));
    } catch (CertificateChainValidationException success) {
        assertThat(success.getMessage()).isEqualTo("Certificate is not valid: Unable to get DN");
        assertThat(success.getCause()).isEqualTo(underlyingException);
    }
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:17,代码来源:ConfigServiceKeyStoreTest.java

示例5: getEncryptionKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
@Test
public void getEncryptionKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid() throws Exception {
    final CertificateDto certOneDto = getX509Certificate(STUB_IDP_ONE);
    when(certificatesConfigProxy.getEncryptionCertificate(issuerId)).thenReturn(certOneDto);
    when(x509CertificateFactory.createCertificate(certOneDto.getCertificate())).thenReturn(x509Certificate);
    when(trustStoreForCertificateProvider.getTrustStoreFor(any(FederationEntityType.class))).thenReturn(trustStore);
    CertPathValidatorException underlyingException = new CertPathValidatorException("Invalid Certificate");
    when(certificateChainValidator.validate(x509Certificate, trustStore)).thenReturn(invalid(underlyingException));
    try {
        configServiceKeyStore.getEncryptionKeyForEntity(issuerId);
        Assert.fail(String.format("Expected [%s]", CertificateChainValidationException.class.getSimpleName()));
    } catch (CertificateChainValidationException success) {
        assertThat(success.getMessage()).isEqualTo("Certificate is not valid: Unable to get DN");
        assertThat(success.getCause()).isEqualTo(underlyingException);
    }
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:17,代码来源:ConfigServiceKeyStoreTest.java

示例6: getVerificationKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
@Test
public void getVerificationKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid() throws Exception {
    final CertificateDto certOneDto = getX509Certificate(IDP_ENTITY_ID);
    when(certificatesConfigProxy.getSignatureVerificationCertificates(issuerId)).thenReturn(of(certOneDto));
    when(x509CertificateFactory.createCertificate(certOneDto.getCertificate())).thenReturn(x509Certificate);
    when(trustStoreForCertificateProvider.getTrustStoreFor(any(FederationEntityType.class))).thenReturn(trustStore);
    CertPathValidatorException underlyingException = new CertPathValidatorException("Invalid Certificate");
    when(certificateChainValidator.validate(x509Certificate, trustStore)).thenReturn(invalid(underlyingException));
    try {
        configServiceKeyStore.getVerifyingKeysForEntity(issuerId);
        Assert.fail(String.format("Expected [%s]", CertificateChainValidationException.class.getSimpleName()));
    } catch (CertificateChainValidationException success) {
        assertThat(success.getMessage()).isEqualTo("Certificate is not valid: Unable to get DN");
        assertThat(success.getCause()).isEqualTo(underlyingException);
    }
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:17,代码来源:ConfigServiceKeyStoreTest.java

示例7: getEncryptionKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
@Test
public void getEncryptionKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid() throws Exception {
    final CertificateDto certOneDto = getX509Certificate(IDP_ENTITY_ID);
    when(certificatesConfigProxy.getEncryptionCertificate(issuerId)).thenReturn(certOneDto);
    when(x509CertificateFactory.createCertificate(certOneDto.getCertificate())).thenReturn(x509Certificate);
    when(trustStoreForCertificateProvider.getTrustStoreFor(any(FederationEntityType.class))).thenReturn(trustStore);
    CertPathValidatorException underlyingException = new CertPathValidatorException("Invalid Certificate");
    when(certificateChainValidator.validate(x509Certificate, trustStore)).thenReturn(invalid(underlyingException));
    try {
        configServiceKeyStore.getEncryptionKeyForEntity(issuerId);
        Assert.fail(String.format("Expected [%s]", CertificateChainValidationException.class.getSimpleName()));
    } catch (CertificateChainValidationException success) {
        assertThat(success.getMessage()).isEqualTo("Certificate is not valid: Unable to get DN");
        assertThat(success.getCause()).isEqualTo(underlyingException);
    }
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:17,代码来源:ConfigServiceKeyStoreTest.java

示例8: getEncryptionKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
@Test
public void getEncryptionKeyForEntity_shouldThrowExceptionIfCertificateIsInvalid() throws Exception {
    final CertificateDto certOneDto = buildCertificateDto(IDP_ENTITY_ID, idpSigningCertPrimary);
    when(certificatesConfigProxy.getEncryptionCertificate(issuerId)).thenReturn(certOneDto);
    when(x509CertificateFactory.createCertificate(certOneDto.getCertificate())).thenReturn(x509Certificate);
    when(trustStoreForCertificateProvider.getTrustStoreFor(any(FederationEntityType.class))).thenReturn(trustStore);
    CertPathValidatorException underlyingException = new CertPathValidatorException("Invalid Certificate");
    when(certificateChainValidator.validate(x509Certificate, trustStore)).thenReturn(invalid(underlyingException));
    try {
        configServiceKeyStore.getEncryptionKeyForEntity(issuerId);
        Assert.fail(String.format("Expected [%s]", CertificateChainValidationException.class.getSimpleName()));
    } catch (CertificateChainValidationException success) {
        assertThat(success.getMessage()).isEqualTo("Certificate is not valid: Unable to get DN");
        assertThat(success.getCause()).isEqualTo(underlyingException);
    }
}
 
开发者ID:alphagov,项目名称:verify-hub,代码行数:17,代码来源:ConfigServiceKeyStoreTest.java

示例9: check

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
/**
 * Obtains the revocation status of a certificate using OCSP using the most
 * common defaults. The OCSP responder URI is retrieved from the
 * certificate's AIA extension. The OCSP responder certificate is assumed
 * to be the issuer's certificate (or issued by the issuer CA).
 *
 * @param cert the certificate to be checked
 * @param issuerCert the issuer certificate
 * @return the RevocationStatus
 * @throws IOException if there is an exception connecting to or
 *    communicating with the OCSP responder
 * @throws CertPathValidatorException if an exception occurs while
 *    encoding the OCSP Request or validating the OCSP Response
 */
public static RevocationStatus check(X509Certificate cert,
                                     X509Certificate issuerCert)
    throws IOException, CertPathValidatorException {
    CertId certId = null;
    URI responderURI = null;
    try {
        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
        responderURI = getResponderURI(certImpl);
        if (responderURI == null) {
            throw new CertPathValidatorException
                ("No OCSP Responder URI in certificate");
        }
        certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
    } catch (CertificateException | IOException e) {
        throw new CertPathValidatorException
            ("Exception while encoding OCSPRequest", e);
    }
    OCSPResponse ocspResponse = check(Collections.singletonList(certId),
        responderURI, issuerCert, null, null,
        Collections.<Extension>emptyList());
    return (RevocationStatus)ocspResponse.getSingleResponse(certId);
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:37,代码来源:OCSP.java

示例10: check

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
@Override
public void check(Certificate cert,
        Collection<String> unresolvedCritExts)
        throws CertPathValidatorException {

    X509Certificate currCert = (X509Certificate)cert;

    if (UntrustedCertificates.isUntrusted(currCert)) {
        if (debug != null) {
            debug.println("UntrustedChecker: untrusted certificate " +
                    currCert.getSubjectX500Principal());
        }

        throw new CertPathValidatorException(
            "Untrusted certificate: " + currCert.getSubjectX500Principal());
    }
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:18,代码来源:UntrustedChecker.java

示例11: check

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
/**
 * Performs the basic constraints and name constraints
 * checks on the certificate using its internal state.
 *
 * @param cert the <code>Certificate</code> to be checked
 * @param unresCritExts a <code>Collection</code> of OID strings
 *        representing the current set of unresolved critical extensions
 * @throws CertPathValidatorException if the specified certificate
 *         does not pass the check
 */
@Override
public void check(Certificate cert, Collection<String> unresCritExts)
    throws CertPathValidatorException
{
    X509Certificate currCert = (X509Certificate)cert;

    i++;
    // MUST run NC check second, since it depends on BC check to
    // update remainingCerts
    checkBasicConstraints(currCert);
    verifyNameConstraints(currCert);

    if (unresCritExts != null && !unresCritExts.isEmpty()) {
        unresCritExts.remove(BasicConstraints_Id.toString());
        unresCritExts.remove(NameConstraints_Id.toString());
    }
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:28,代码来源:ConstraintsChecker.java

示例12: updateState

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
/**
 * Internal method to manage state information at each iteration
 */
private void updateState(X509Certificate currCert)
    throws CertPathValidatorException
{
    PublicKey cKey = currCert.getPublicKey();
    if (debug != null) {
        debug.println("BasicChecker.updateState issuer: " +
            currCert.getIssuerX500Principal().toString() + "; subject: " +
            currCert.getSubjectX500Principal() + "; serial#: " +
            currCert.getSerialNumber().toString());
    }
    if (PKIX.isDSAPublicKeyWithoutParams(cKey)) {
        // cKey needs to inherit DSA parameters from prev key
        cKey = makeInheritedParamsKey(cKey, prevPubKey);
        if (debug != null) debug.println("BasicChecker.updateState Made " +
                                         "key with inherited params");
    }
    prevPubKey = cKey;
    prevSubject = currCert.getSubjectX500Principal();
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:23,代码来源:BasicChecker.java

示例13: makeInheritedParamsKey

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
/**
 * Internal method to create a new key with inherited key parameters.
 *
 * @param keyValueKey key from which to obtain key value
 * @param keyParamsKey key from which to obtain key parameters
 * @return new public key having value and parameters
 * @throws CertPathValidatorException if keys are not appropriate types
 * for this operation
 */
static PublicKey makeInheritedParamsKey(PublicKey keyValueKey,
    PublicKey keyParamsKey) throws CertPathValidatorException
{
    if (!(keyValueKey instanceof DSAPublicKey) ||
        !(keyParamsKey instanceof DSAPublicKey))
        throw new CertPathValidatorException("Input key is not " +
                                             "appropriate type for " +
                                             "inheriting parameters");
    DSAParams params = ((DSAPublicKey)keyParamsKey).getParams();
    if (params == null)
        throw new CertPathValidatorException("Key parameters missing");
    try {
        BigInteger y = ((DSAPublicKey)keyValueKey).getY();
        KeyFactory kf = KeyFactory.getInstance("DSA");
        DSAPublicKeySpec ks = new DSAPublicKeySpec(y,
                                                   params.getP(),
                                                   params.getQ(),
                                                   params.getG());
        return kf.generatePublic(ks);
    } catch (GeneralSecurityException e) {
        throw new CertPathValidatorException("Unable to generate key with" +
                                             " inherited parameters: " +
                                             e.getMessage(), e);
    }
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:35,代码来源:BasicChecker.java

示例14: check

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
public static RevocationStatus check(X509Certificate cert,
                                     X509Certificate issuerCert,
                                     URI responderURI,
                                     X509Certificate responderCert,
                                     Date date, List<Extension> extensions)
    throws IOException, CertPathValidatorException
{
    CertId certId = null;
    try {
        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
        certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
    } catch (CertificateException | IOException e) {
        throw new CertPathValidatorException
            ("Exception while encoding OCSPRequest", e);
    }
    OCSPResponse ocspResponse = check(Collections.singletonList(certId),
        responderURI, issuerCert, responderCert, date, extensions);
    return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:20,代码来源:OCSP.java

示例15: check

import java.security.cert.CertPathValidatorException; //导入依赖的package包/类
public static RevocationStatus check(X509Certificate cert,
        URI responderURI, TrustAnchor anchor, X509Certificate issuerCert,
        X509Certificate responderCert, Date date,
        List<Extension> extensions, String variant)
        throws IOException, CertPathValidatorException
{
    CertId certId;
    try {
        X509CertImpl certImpl = X509CertImpl.toImpl(cert);
        certId = new CertId(issuerCert, certImpl.getSerialNumberObject());
    } catch (CertificateException | IOException e) {
        throw new CertPathValidatorException
            ("Exception while encoding OCSPRequest", e);
    }
    OCSPResponse ocspResponse = check(Collections.singletonList(certId),
            responderURI, new OCSPResponse.IssuerInfo(anchor, issuerCert),
            responderCert, date, extensions, variant);
    return (RevocationStatus) ocspResponse.getSingleResponse(certId);
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:20,代码来源:OCSP.java


注:本文中的java.security.cert.CertPathValidatorException类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。