本文整理汇总了Java中java.security.cert.CertificateRevokedException类的典型用法代码示例。如果您正苦于以下问题:Java CertificateRevokedException类的具体用法?Java CertificateRevokedException怎么用?Java CertificateRevokedException使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
CertificateRevokedException类属于java.security.cert包,在下文中一共展示了CertificateRevokedException类的10个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: verifyCertificate
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
/**
* Check that {@code cert} is signed by the {@code ca} and not revoked.
*
* <p>Support for certificate chains has not been implemented.
*
* @throws GeneralSecurityException for unsupported protocols, certs not signed by the TMCH,
* parsing errors, encoding errors, if the CRL is expired, or if the CRL is older than the
* one currently in memory.
*/
public static void verifyCertificate(
X509Certificate rootCert, X509CRL crl, @Tainted X509Certificate cert, Date now)
throws GeneralSecurityException {
cert.checkValidity(checkNotNull(now, "now"));
cert.verify(rootCert.getPublicKey());
if (crl.isRevoked(cert)) {
X509CRLEntry entry = crl.getRevokedCertificate(cert);
throw new CertificateRevokedException(
checkNotNull(entry.getRevocationDate(), "revocationDate"),
checkNotNull(entry.getRevocationReason(), "revocationReason"),
firstNonNull(entry.getCertificateIssuer(), crl.getIssuerX500Principal()),
ImmutableMap.of());
}
}
示例2: testFailure_verifyRevoked
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testFailure_verifyRevoked() throws Exception {
TmchCertificateAuthority tmchCertificateAuthority = new TmchCertificateAuthority(PILOT);
CertificateRevokedException thrown =
expectThrows(
CertificateRevokedException.class,
() -> tmchCertificateAuthority.verify(loadCertificate(REVOKED_TEST_CERTIFICATE)));
assertThat(thrown).hasMessageThat().contains("revoked, reason: KEY_COMPROMISE");
}
示例3: testRevokedTmvTmvrevokedCourtAgentFrenchActive
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testRevokedTmvTmvrevokedCourtAgentFrenchActive() throws Exception {
smdData = loadSmd("revoked/tmv/TMVRevoked-Court-Agent-French-Active.smd");
CertificateRevokedException e =
expectThrows(CertificateRevokedException.class, () -> tmchXmlSignature.verify(smdData));
assertThat(e).hasMessageThat().contains("KEY_COMPROMISE");
}
示例4: testRevokedTmvTmvrevokedTrademarkAgentEnglishActive
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testRevokedTmvTmvrevokedTrademarkAgentEnglishActive() throws Exception {
smdData = loadSmd("revoked/tmv/TMVRevoked-Trademark-Agent-English-Active.smd");
CertificateRevokedException e =
expectThrows(CertificateRevokedException.class, () -> tmchXmlSignature.verify(smdData));
assertThat(e).hasMessageThat().contains("KEY_COMPROMISE");
}
示例5: testRevokedTmvTmvrevokedTrademarkAgentRussianActive
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testRevokedTmvTmvrevokedTrademarkAgentRussianActive() throws Exception {
smdData = loadSmd("revoked/tmv/TMVRevoked-Trademark-Agent-Russian-Active.smd");
CertificateRevokedException e =
expectThrows(CertificateRevokedException.class, () -> tmchXmlSignature.verify(smdData));
assertThat(e).hasMessageThat().contains("KEY_COMPROMISE");
}
示例6: testRevokedTmvTmvrevokedTreatystatuteAgentChineseActive
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testRevokedTmvTmvrevokedTreatystatuteAgentChineseActive() throws Exception {
smdData = loadSmd("revoked/tmv/TMVRevoked-TreatyStatute-Agent-Chinese-Active.smd");
CertificateRevokedException e =
expectThrows(CertificateRevokedException.class, () -> tmchXmlSignature.verify(smdData));
assertThat(e).hasMessageThat().contains("KEY_COMPROMISE");
}
示例7: testRevokedTmvTmvrevokedTreatystatuteAgentEnglishActive
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testRevokedTmvTmvrevokedTreatystatuteAgentEnglishActive() throws Throwable {
smdData = loadSmd("revoked/tmv/TMVRevoked-TreatyStatute-Agent-English-Active.smd");
CertificateRevokedException e =
expectThrows(CertificateRevokedException.class, () -> tmchXmlSignature.verify(smdData));
assertThat(e).hasMessageThat().contains("KEY_COMPROMISE");
}
示例8: testStaticCRL
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testStaticCRL() throws Exception {
File staticCrl = getAbsoluteFilePathFromClassPath("crl/revoked.crl");
Collection<? extends CRL> crls = null;
try(FileInputStream crlin = new FileInputStream(staticCrl)) {
crls = CertificateFactory.getInstance("X.509").generateCRLs(crlin);
}
Assert.assertEquals(crls.size(), 1);
//trust chain incl intermediate certificates (root + intermediates)
Collection<? extends Certificate> rootCas;
final File trustedCas = getAbsoluteFilePathFromClassPath("chain-ca.pem");
try(FileInputStream trin = new FileInputStream(trustedCas)) {
rootCas = (Collection<? extends Certificate>) CertificateFactory.getInstance("X.509").generateCertificates(trin);
}
Assert.assertEquals(rootCas.size(), 2);
//certificate chain to validate (client cert + intermediates but without root)
Collection<? extends Certificate> certsToValidate;
final File certs = getAbsoluteFilePathFromClassPath("crl/revoked.crt.pem");
try(FileInputStream trin = new FileInputStream(certs)) {
certsToValidate = (Collection<? extends Certificate>) CertificateFactory.getInstance("X.509").generateCertificates(trin);
}
Assert.assertEquals(certsToValidate.size(), 2);
CertificateValidator validator = new CertificateValidator(rootCas.toArray(new X509Certificate[0]), crls);
validator.setDate(CRL_DATE);
try {
validator.validate(certsToValidate.toArray(new X509Certificate[0]));
Assert.fail();
} catch (CertificateException e) {
Assert.assertTrue(ExceptionUtils.getRootCause(e) instanceof CertificateRevokedException);
}
}
示例9: testCRLDP
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Test
public void testCRLDP() throws Exception {
//trust chain incl intermediate certificates (root + intermediates)
Collection<? extends Certificate> rootCas;
final File trustedCas = getAbsoluteFilePathFromClassPath("root-ca.pem");
try(FileInputStream trin = new FileInputStream(trustedCas)) {
rootCas = (Collection<? extends Certificate>) CertificateFactory.getInstance("X.509").generateCertificates(trin);
}
Assert.assertEquals(rootCas.size(), 1);
//certificate chain to validate (client cert + intermediates but without root)
Collection<? extends Certificate> certsToValidate;
final File certs = getAbsoluteFilePathFromClassPath("crl/revoked.crt.pem");
//final File certs = getAbsoluteFilePathFromClassPath("node-0.crt.pem");
try(FileInputStream trin = new FileInputStream(certs)) {
certsToValidate = (Collection<? extends Certificate>) CertificateFactory.getInstance("X.509").generateCertificates(trin);
}
Assert.assertEquals(certsToValidate.size(), 2);
CertificateValidator validator = new CertificateValidator(rootCas.toArray(new X509Certificate[0]), Collections.emptyList());
validator.setEnableCRLDP(true);
validator.setEnableOCSP(true);
validator.setDate(CRL_DATE);
try {
validator.validate(certsToValidate.toArray(new X509Certificate[0]));
Assert.fail();
} catch (CertificateException e) {
Assert.assertTrue(ExceptionUtils.getRootCause(e) instanceof CertificateRevokedException);
}
}
示例10: checkClientTrusted
import java.security.cert.CertificateRevokedException; //导入依赖的package包/类
@Override
public void checkClientTrusted(X509Certificate[] x509Certificates, String authType) throws CertificateException {
if (x509Certificates != null) {
for (X509Certificate cert : x509Certificates) {
if (blacklist.isBlacklisted(cert)) {
throw new CertificateRevokedException(new Date(), CRLReason.UNSPECIFIED, cert.getIssuerX500Principal(), Collections.emptyMap());
}
}
}
delegate.checkClientTrusted(x509Certificates, authType);
}