本文整理汇总了Java中java.security.cert.PKIXBuilderParameters类的典型用法代码示例。如果您正苦于以下问题:Java PKIXBuilderParameters类的具体用法?Java PKIXBuilderParameters怎么用?Java PKIXBuilderParameters使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
PKIXBuilderParameters类属于java.security.cert包,在下文中一共展示了PKIXBuilderParameters类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getParameters
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Return the initialization parameters for the TrustManager.
* Currently, only the default <code>PKIX</code> is supported.
*
* @param algorithm The algorithm to get parameters for.
* @param crlf The path to the CRL file.
* @param trustStore The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm,
String crlf,
KeyStore trustStore)
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore,
new X509CertSelector());
Collection crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
xparams.setMaxPathLength(listener.getSslTrustMaxCertLength());
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: "+algorithm);
}
return params;
}
示例2: getParameters
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Return the initialization parameters for the TrustManager. Currently,
* only the default <code>PKIX</code> is supported.
*
* @param algorithm
* The algorithm to get parameters for.
* @param crlf
* The path to the CRL file.
* @param trustStore
* The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore) throws Exception {
CertPathParameters params = null;
if ("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
Collection<? extends CRL> crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
String trustLength = endpoint.getTrustMaxCertLength();
if (trustLength != null) {
try {
xparams.setMaxPathLength(Integer.parseInt(trustLength));
} catch (Exception ex) {
log.warn("Bad maxCertLength: " + trustLength);
}
}
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: " + algorithm);
}
return params;
}
示例3: getCertPathParameters
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
public static CertPathParameters getCertPathParameters()
throws InvalidAlgorithmParameterException {
if ((rootCertificateSS == null) || (theCertSelector == null)
|| (builder == null)) {
throw new RuntimeException(
"Call initCertPathSSCertChain prior to buildCertPath");
}
PKIXBuilderParameters buildParams = new PKIXBuilderParameters(
Collections.singleton(new TrustAnchor(rootCertificateSS, null)),
theCertSelector);
buildParams.addCertStore(store);
buildParams.setRevocationEnabled(false);
return buildParams;
}
示例4: testPKIXBuilderParametersSetCertSelector01
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #1 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: creates an instance of <code>PKIXBuilderParameters</code>
* @throws InvalidAlgorithmParameterException
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Verifies positive case.",
method = "PKIXBuilderParameters",
args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector01()
throws InvalidAlgorithmParameterException {
Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// both parameters are valid and non-null
PKIXParameters p =
new PKIXBuilderParameters(taSet, new X509CertSelector());
assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
assertNotNull("certSelector", p.getTargetCertConstraints());
}
示例5: testPKIXBuilderParametersSetCertSelector02
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #2 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: creates an instance of <code>PKIXBuilderParameters</code>
* @throws InvalidAlgorithmParameterException
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Verifies null as a CertSelector parameter.",
method = "PKIXBuilderParameters",
args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector02()
throws InvalidAlgorithmParameterException {
Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// both parameters are valid but CertSelector is null
PKIXParameters p = new PKIXBuilderParameters(taSet, null);
assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
assertNull("certSelector", p.getTargetCertConstraints());
}
示例6: testPKIXBuilderParametersSetCertSelector06
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #6 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: <code>ClassCastException</code> -
* if any of the elements in the <code>Set</code> are not of type
* <code>java.security.cert.TrustAnchor</code>
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Verifies ClassCastException.",
method = "PKIXBuilderParameters",
args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
@SuppressWarnings("unchecked")
public final void testPKIXBuilderParametersSetCertSelector06()
throws Exception {
Set taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// add wrong object to valid set
assertTrue(taSet.add(new Object()));
try {
new PKIXBuilderParameters(taSet, null);
fail("ClassCastException expected");
} catch (ClassCastException e) {
}
}
示例7: testPKIXBuilderParametersKeyStoreCertSelector01
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #1 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
* constructor<br>
* Assertion: <code>NullPointerException</code> - if the
* <code>keystore</code> is <code>null</code>
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Veirifies null as a KeyStore parameter.",
method = "PKIXBuilderParameters",
args = {java.security.KeyStore.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersKeyStoreCertSelector01()
throws Exception {
try {
new PKIXBuilderParameters((KeyStore) null, new X509CertSelector());
fail("NullPointerException expected");
} catch (NullPointerException e) {
// expected
}
}
示例8: testPKIXBuilderParametersKeyStoreCertSelector02
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #2 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
* constructor<br>
* Assertion: <code>KeyStoreException</code> - if the
* <code>keystore</code> has not been initialized
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Veirifies null as a CertSelector parameter.",
method = "PKIXBuilderParameters",
args = {java.security.KeyStore.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersKeyStoreCertSelector02()
throws Exception {
KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
try {
new PKIXBuilderParameters(keyTest, null);
fail("KeyStoreException expected");
} catch (KeyStoreException e) {
// expected
}
}
示例9: testPKIXBuilderParametersKeyStoreCertSelector03
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #3 for <code>PKIXBuilderParameters(KeyStore, CertSelector)</code>
* constructor<br>
* Assertion: <code>InvalidAlgorithmParameterException</code> - if the
* <code>keystore</code> does not contain at least one trusted certificate
* entry
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Verifies null as parameters.",
method = "PKIXBuilderParameters",
args = {java.security.KeyStore.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersKeyStoreCertSelector03()
throws Exception {
KeyStore keyTest = KeyStore.getInstance(KeyStore.getDefaultType());
keyTest.load(null, null);
try {
new PKIXBuilderParameters(keyTest, new X509CertSelector());
fail("InvalidAlgorithmParameterException expected");
} catch (InvalidAlgorithmParameterException e) {
// expected
}
}
示例10: ReverseBuilder
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Initialize the builder with the input parameters.
*
* @param params the parameter set used to build a certification path
*/
ReverseBuilder(PKIXBuilderParameters buildParams,
X500Principal targetSubjectDN) {
super(buildParams, targetSubjectDN);
Set<String> initialPolicies = buildParams.getInitialPolicies();
initPolicies = new HashSet<String>();
if (initialPolicies.isEmpty()) {
// if no initialPolicies are specified by user, set
// initPolicies to be anyPolicy by default
initPolicies.add(PolicyChecker.ANY_POLICY);
} else {
for (String policy : initialPolicies) {
initPolicies.add(policy);
}
}
}
示例11: ForwardBuilder
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Initialize the builder with the input parameters.
*
* @param params the parameter set used to build a certification path
*/
ForwardBuilder(PKIXBuilderParameters buildParams,
X500Principal targetSubjectDN, boolean searchAllCertStores,
boolean onlyEECert)
{
super(buildParams, targetSubjectDN);
// populate sets of trusted certificates and subject DNs
trustAnchors = buildParams.getTrustAnchors();
trustedCerts = new HashSet<X509Certificate>(trustAnchors.size());
trustedSubjectDNs = new HashSet<X500Principal>(trustAnchors.size());
for (TrustAnchor anchor : trustAnchors) {
X509Certificate trustedCert = anchor.getTrustedCert();
if (trustedCert != null) {
trustedCerts.add(trustedCert);
trustedSubjectDNs.add(trustedCert.getSubjectX500Principal());
} else {
trustedSubjectDNs.add(anchor.getCA());
}
}
comparator = new PKIXCertComparator(trustedSubjectDNs);
this.searchAllCertStores = searchAllCertStores;
this.onlyEECert = onlyEECert;
}
示例12: testPKIXBuilderParametersSetCertSelector03
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #3 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: ... the <code>Set</code> is copied to protect against
* subsequent modifications
* @throws InvalidAlgorithmParameterException
*/
public final void testPKIXBuilderParametersSetCertSelector03()
throws InvalidAlgorithmParameterException {
Set taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
HashSet originalSet = (HashSet)taSet;
HashSet originalSetCopy = (HashSet)originalSet.clone();
// create test object using originalSet
PKIXBuilderParameters pp =
new PKIXBuilderParameters(originalSetCopy, null);
// modify originalSet
originalSetCopy.clear();
// check that test object's internal state
// has not been affected by the above modification
Set returnedSet = pp.getTrustAnchors();
assertEquals(originalSet, returnedSet);
}
示例13: testPKIXBuilderParametersSetCertSelector06
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #6 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: <code>ClassCastException</code> -
* if any of the elements in the <code>Set</code> are not of type
* <code>java.security.cert.TrustAnchor</code>
*/
public final void testPKIXBuilderParametersSetCertSelector06() throws Exception {
Set taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// add wrong object to valid set
assertTrue(taSet.add(new Object()));
try {
new PKIXBuilderParameters(taSet, null);
fail("ClassCastException expected");
} catch (ClassCastException e) {
}
}
示例14: testSetMaxPathLength01
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #1 for <code>setMaxPathLength(int)</code> method<br>
* Assertion: sets the maximum number of non-self-signed certificates
* in the cert path
* @throws KeyStoreException
* @throws InvalidAlgorithmParameterException
*/
public final void testSetMaxPathLength01()
throws KeyStoreException,
InvalidAlgorithmParameterException {
KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
if (ks == null) {
fail(getName() + ": not performed (could not create test KeyStore)");
}
// all these VALID maxPathLength values must be
// set (and get) without exceptions
int[] testPathLength = new int[] {-1, 0, 1, 999, Integer.MAX_VALUE};
for (int i=0; i<testPathLength.length; i++) {
PKIXBuilderParameters p = new PKIXBuilderParameters(ks, null);
p.setMaxPathLength(testPathLength[i]);
assertEquals("i="+i, testPathLength[i], p.getMaxPathLength());
}
}
示例15: testSetMaxPathLength02
import java.security.cert.PKIXBuilderParameters; //导入依赖的package包/类
/**
* Test #2 for <code>setMaxPathLength(int)</code> method<br>
* Assertion: throws InvalidParameterException if parameter is
* less than -1
* @throws InvalidAlgorithmParameterException
* @throws KeyStoreException
*/
public final void testSetMaxPathLength02()
throws KeyStoreException,
InvalidAlgorithmParameterException {
KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
if (ks == null) {
fail(getName() + ": not performed (could not create test KeyStore)");
}
PKIXBuilderParameters p = new PKIXBuilderParameters(ks, null);
try {
// pass parameter less than -1
p.setMaxPathLength(Integer.MIN_VALUE);
fail("InvalidParameterException expected");
} catch (InvalidParameterException e) {
}
}