本文整理汇总了Java中java.security.cert.PKIXParameters类的典型用法代码示例。如果您正苦于以下问题:Java PKIXParameters类的具体用法?Java PKIXParameters怎么用?Java PKIXParameters使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
PKIXParameters类属于java.security.cert包,在下文中一共展示了PKIXParameters类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: X509TrustManagerWrapper
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
this.origTm = tm;
this.verifyServerCert = verifyServerCertificate;
if (verifyServerCertificate) {
try {
Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
for (X509Certificate cert : tm.getAcceptedIssuers()) {
anch.add(new TrustAnchor(cert, null));
}
this.validatorParams = new PKIXParameters(anch);
this.validatorParams.setRevocationEnabled(false);
this.validator = CertPathValidator.getInstance("PKIX");
this.certFactory = CertificateFactory.getInstance("X.509");
} catch (Exception e) {
throw new CertificateException(e);
}
}
}
示例2: validateNoCache
import java.security.cert.PKIXParameters; //导入依赖的package包/类
private void validateNoCache(List<? extends X509Certificate> certs)
throws SignatureException {
try {
CertPathValidator validator = CertPathValidator.getInstance(
VALIDATOR_TYPE);
PKIXParameters params = new PKIXParameters(trustRoots);
params.addCertPathChecker(WAVE_OID_CHECKER);
params.setDate(timeSource.now());
// turn off default revocation-checking mechanism
params.setRevocationEnabled(false);
// TODO: add a way for clients to add certificate revocation checks,
// perhaps by letting them pass in PKIXCertPathCheckers. This can also be
// useful to check for Wave-specific certificate extensions.
CertificateFactory certFactory = CertificateFactory.getInstance(
CERTIFICATE_TYPE);
CertPath certPath = certFactory.generateCertPath(certs);
validator.validate(certPath, params);
} catch (GeneralSecurityException e) {
throw new SignatureException("Certificate validation failure", e);
}
}
示例3: getInstance
import java.security.cert.PKIXParameters; //导入依赖的package包/类
/**
* Returns an instance with the parameters of a given
* <code>PKIXParameters</code> object.
*
* @param pkixParams The given <code>PKIXParameters</code>
* @return an extended PKIX params object
*/
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
ExtendedPKIXParameters params;
try
{
params = new ExtendedPKIXParameters(pkixParams.getTrustAnchors());
}
catch (Exception e)
{
// cannot happen
throw new RuntimeException(e.getMessage());
}
params.setParams(pkixParams);
return params;
}
示例4: getInstance
import java.security.cert.PKIXParameters; //导入依赖的package包/类
/**
* Returns an instance of <code>ExtendedPKIXParameters</code> which can be
* safely casted to <code>ExtendedPKIXBuilderParameters</code>.
* <p>
* This method can be used to get a copy from other
* <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
* and <code>ExtendedPKIXParameters</code> instances.
*
* @param pkixParams The PKIX parameters to create a copy of.
* @return An <code>ExtendedPKIXBuilderParameters</code> instance.
*/
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
ExtendedPKIXBuilderParameters params;
try
{
params = new ExtendedPKIXBuilderParameters(pkixParams
.getTrustAnchors(), X509CertStoreSelector
.getInstance((X509CertSelector) pkixParams
.getTargetCertConstraints()));
}
catch (Exception e)
{
// cannot happen
throw new RuntimeException(e.getMessage());
}
params.setParams(pkixParams);
return params;
}
示例5: findCRLs
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public Set findCRLs(X509CRLStoreSelector crlselect, PKIXParameters paramsPKIX)
throws AnnotatedException
{
Set completeSet = new HashSet();
// get complete CRL(s)
try
{
completeSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
}
catch (AnnotatedException e)
{
throw new AnnotatedException("Exception obtaining complete CRLs.", e);
}
return completeSet;
}
示例6: createPath
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
X509CertSelector sel = new X509CertSelector();
sel.setSerialNumber(new BigInteger("1427"));
params.setTargetCertConstraints(sel);
}
示例7: createPath
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
示例8: runTest
import java.security.cert.PKIXParameters; //导入依赖的package包/类
private static void runTest(CertificateFactory cf,
List<X509Certificate> certList, TrustAnchor anchor)
throws Exception {
CertPath path = cf.generateCertPath(certList);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
System.out.println(anchor);
// Attach the OCSP responses to a PKIXParameters object
PKIXRevocationChecker pkrev =
(PKIXRevocationChecker)validator.getRevocationChecker();
Map<X509Certificate, byte[]> responseMap = new HashMap<>();
responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
pkrev.setOcspResponses(responseMap);
PKIXParameters params =
new PKIXParameters(Collections.singleton(anchor));
params.addCertPathChecker(pkrev);
params.setDate(EVAL_DATE);
validator.validate(path, params);
}
示例9: checkServerTrusted
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
try {
this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
} catch (CertificateException e1) {
try {
X509Certificate[] ex = this.reorderCertificateChain(chain);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
CertificateFactory factory = CertificateFactory.getInstance("X509");
CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
PKIXParameters params = new PKIXParameters(this.mTrustStore);
params.setRevocationEnabled(false);
validator.validate(certPath, params);
} catch (Exception e) {
throw e1;
}
}
}
示例10: createPKIXParms
import java.security.cert.PKIXParameters; //导入依赖的package包/类
private PKIXParameters createPKIXParms(
Collection<X509Certificate> trustAnchorColl, Date dtDate)
throws InvalidAlgorithmParameterException {
// TODO Auto-generated method stub
Set tmpTA = new HashSet();
Iterator<X509Certificate> itLast = trustAnchorColl.iterator();
while (itLast.hasNext()) {
X509Certificate certOnPath = itLast.next();
TrustAnchor trustAnchor = new TrustAnchor(certOnPath, null);
tmpTA.add(trustAnchor);
}
PKIXParameters params = new PKIXParameters(tmpTA);
params.setDate(dtDate);
return params;
}
示例11: validate
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public RuleCheckResult validate(CACCertAuthParamParser pp) {
CertPath cp = getCertPath(pp);
if (cp == null) {
logger.printToConsole("Can't load user certificate, please check " + pp.getUserCert());
return RuleCheckResult.FALSE;
}
// Load the root CA certificate
Set<TrustAnchor> trustedCerts = getTrustedCerts(pp);
if (trustedCerts == null) {
logger.printToConsole("Can't parse the trusted CA certificates, please check " + pp.getRootCerts());
return RuleCheckResult.FALSE;
}
PKIXParameters params = initPKIXParams(trustedCerts, new ArrayList(), pp);
RuleCheckResult result = validate(cp, params);
return result;
}
示例12: TrustManagerImpl
import java.security.cert.PKIXParameters; //导入依赖的package包/类
/**
* Creates trust manager implementation
*
* @param ks
*/
public TrustManagerImpl(KeyStore ks) {
try {
validator = CertPathValidator.getInstance("PKIX");
factory = CertificateFactory.getInstance("X509");
byte[] nameConstrains = null;
Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
final String alias = en.nextElement();
final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
if (cert != null) {
trusted.add(new TrustAnchor(cert, nameConstrains));
}
}
params = new PKIXParameters(trusted);
params.setRevocationEnabled(false);
} catch (Exception e) {
err = e;
}
}
示例13: testPKIXBuilderParametersSetCertSelector01
import java.security.cert.PKIXParameters; //导入依赖的package包/类
/**
* Test #1 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: creates an instance of <code>PKIXBuilderParameters</code>
* @throws InvalidAlgorithmParameterException
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Verifies positive case.",
method = "PKIXBuilderParameters",
args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector01()
throws InvalidAlgorithmParameterException {
Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// both parameters are valid and non-null
PKIXParameters p =
new PKIXBuilderParameters(taSet, new X509CertSelector());
assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
assertNotNull("certSelector", p.getTargetCertConstraints());
}
示例14: testPKIXBuilderParametersSetCertSelector02
import java.security.cert.PKIXParameters; //导入依赖的package包/类
/**
* Test #2 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
* constructor<br>
* Assertion: creates an instance of <code>PKIXBuilderParameters</code>
* @throws InvalidAlgorithmParameterException
*/
@TestTargetNew(
level = TestLevel.PARTIAL_COMPLETE,
notes = "Verifies null as a CertSelector parameter.",
method = "PKIXBuilderParameters",
args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector02()
throws InvalidAlgorithmParameterException {
Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
// both parameters are valid but CertSelector is null
PKIXParameters p = new PKIXBuilderParameters(taSet, null);
assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
assertNull("certSelector", p.getTargetCertConstraints());
}
示例15: getInstance
import java.security.cert.PKIXParameters; //导入依赖的package包/类
public static CertFilesTrustManager getInstance(String pathToCertsFiles) throws Exception {
certificateFactory = CertificateFactory.getInstance("X.509");
Set<TrustAnchor> trustAnchors = new HashSet<TrustAnchor>();
File[] files = new File(pathToCertsFiles).listFiles();
for (File file : files) {
if (!file.isFile()) {
continue;
}
try {
X509Certificate cert = loadCertificate(file);
TrustAnchor ta = new TrustAnchor(cert, null);
trustAnchors.add(ta);
} catch (CertificateParsingException e) {}
}
CertPathValidator val = CertPathValidator.getInstance(CertPathValidator.getDefaultType());
PKIXParameters cpp = new PKIXParameters(trustAnchors);
cpp.setRevocationEnabled(false);
CertFilesTrustManager tm = new CertFilesTrustManager(val, cpp);
return tm;
}