当前位置: 首页>>代码示例>>Java>>正文


Java X509CertSelector类代码示例

本文整理汇总了Java中java.security.cert.X509CertSelector的典型用法代码示例。如果您正苦于以下问题:Java X509CertSelector类的具体用法?Java X509CertSelector怎么用?Java X509CertSelector使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


X509CertSelector类属于java.security.cert包,在下文中一共展示了X509CertSelector类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: getInstance

import java.security.cert.X509CertSelector; //导入依赖的package包/类
/**
 * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
 * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
 * <p>
 * This method can be used to get a copy from other
 * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
 * and <code>ExtendedPKIXParameters</code> instances.
 * 
 * @param pkixParams The PKIX parameters to create a copy of.
 * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXBuilderParameters params;
    try
    {
        params = new ExtendedPKIXBuilderParameters(pkixParams
                .getTrustAnchors(), X509CertStoreSelector
                .getInstance((X509CertSelector) pkixParams
                        .getTargetCertConstraints()));
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:30,代码来源:ExtendedPKIXBuilderParameters.java

示例2: getCertificateHolderSelector

import java.security.cert.X509CertSelector; //导入依赖的package包/类
public X509CertificateHolderSelector getCertificateHolderSelector(X509CertSelector certSelector)
{
    try
    {
        if (certSelector.getSubjectKeyIdentifier() != null)
        {
            return new X509CertificateHolderSelector(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
        }
        else
        {
            return new X509CertificateHolderSelector(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
        }
    }
    catch (IOException e)
    {
        throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:19,代码来源:JcaSelectorConverter.java

示例3: getCACertificates

import java.security.cert.X509CertSelector; //导入依赖的package包/类
private Set getCACertificates(X509CertSelector xselector)
    throws CertStoreException
{
    String[] attrs = {params.getCACertificateAttribute()};
    String attrName = params.getLdapCACertificateAttributeName();
    String subjectAttributeName = params
        .getCACertificateSubjectAttributeName();
    Set set = certSubjectSerialSearch(xselector, attrs, attrName,
        subjectAttributeName);

    if (set.isEmpty())
    {
        set.addAll(search(null, "*", attrs));
    }

    return set;
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:18,代码来源:X509LDAPCertStoreSpi.java

示例4: getCrossCertificates

import java.security.cert.X509CertSelector; //导入依赖的package包/类
private Set getCrossCertificates(X509CertSelector xselector)
    throws CertStoreException
{
    String[] attrs = {params.getCrossCertificateAttribute()};
    String attrName = params.getLdapCrossCertificateAttributeName();
    String subjectAttributeName = params
        .getCrossCertificateSubjectAttributeName();
    Set set = certSubjectSerialSearch(xselector, attrs, attrName,
        subjectAttributeName);

    if (set.isEmpty())
    {
        set.addAll(search(null, "*", attrs));
    }

    return set;
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:18,代码来源:X509LDAPCertStoreSpi.java

示例5: getSignerId

import java.security.cert.X509CertSelector; //导入依赖的package包/类
public SignerId getSignerId(X509CertSelector certSelector)
{
    try
    {
        if (certSelector.getSubjectKeyIdentifier() != null)
        {
            return new SignerId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
        }
        else
        {
            return new SignerId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
        }
    }
    catch (IOException e)
    {
        throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:19,代码来源:JcaSelectorConverter.java

示例6: getKeyTransRecipientId

import java.security.cert.X509CertSelector; //导入依赖的package包/类
public KeyTransRecipientId getKeyTransRecipientId(X509CertSelector certSelector)
{
    try
    {
        if (certSelector.getSubjectKeyIdentifier() != null)
        {
            return new KeyTransRecipientId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
        }
        else
        {
            return new KeyTransRecipientId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
        }
    }
    catch (IOException e)
    {
        throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:19,代码来源:JcaSelectorConverter.java

示例7: getParameters

import java.security.cert.X509CertSelector; //导入依赖的package包/类
/**
 * Return the initialization parameters for the TrustManager.
 * Currently, only the default <code>PKIX</code> is supported.
 * 
 * @param algorithm The algorithm to get parameters for.
 * @param crlf The path to the CRL file.
 * @param trustStore The configured TrustStore.
 * @return The parameters including the CRLs and TrustStore.
 */
protected CertPathParameters getParameters(String algorithm, 
                                            String crlf, 
                                            KeyStore trustStore)
    throws Exception {
    CertPathParameters params = null;
    if("PKIX".equalsIgnoreCase(algorithm)) {
        PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, 
                                                                 new X509CertSelector());
        Collection crls = getCRLs(crlf);
        CertStoreParameters csp = new CollectionCertStoreParameters(crls);
        CertStore store = CertStore.getInstance("Collection", csp);
        xparams.addCertStore(store);
        xparams.setRevocationEnabled(true);
        xparams.setMaxPathLength(listener.getSslTrustMaxCertLength());

        params = xparams;
    } else {
        throw new CRLException("CRLs not supported for type: "+algorithm);
    }
    return params;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:31,代码来源:JSSESocketFactory.java

示例8: getSelector

import java.security.cert.X509CertSelector; //导入依赖的package包/类
/**
 * Returns an X509CertSelector for matching on the authority key
 * identifier, or null if not applicable.
 */
private X509CertSelector getSelector(X509CertImpl previousCert)
    throws IOException {
    if (previousCert != null) {
        AuthorityKeyIdentifierExtension akidExt =
            previousCert.getAuthorityKeyIdentifierExtension();
        if (akidExt != null) {
            byte[] skid = akidExt.getEncodedKeyIdentifier();
            if (skid != null) {
                X509CertSelector selector = new X509CertSelector();
                selector.setSubjectKeyIdentifier(skid);
                return selector;
            }
        }
    }
    return null;
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:21,代码来源:ForwardBuilder.java

示例9: testPrivateKeyValid

import java.security.cert.X509CertSelector; //导入依赖的package包/类
private void testPrivateKeyValid() throws IOException, CertificateException {
    System.out.println("X.509 Certificate Match on privateKeyValid");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    Calendar cal = Calendar.getInstance();
    cal.set(1968, 12, 31);
    selector.setPrivateKeyValid(cal.getTime());
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.16"));
    byte[] encoded = in.getOctetString();
    PrivateKeyUsageExtension ext = new PrivateKeyUsageExtension(false, encoded);
    Date validDate = (Date) ext.get(PrivateKeyUsageExtension.NOT_BEFORE);
    selector.setPrivateKeyValid(validDate);
    checkMatch(selector, cert, true);

}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:19,代码来源:X509CertSelectorTest.java

示例10: testPolicy

import java.security.cert.X509CertSelector; //导入依赖的package包/类
private void testPolicy() throws IOException {
    System.out.println("X.509 Certificate Match on certificatePolicies");
    // test encoding of CertificatePoliciesExtension because we wrote the
    // code
    // bad match
    X509CertSelector selector = new X509CertSelector();
    Set<String> s = new HashSet<>();
    s.add(new String("1.2.5.7.68"));
    selector.setPolicy(s);
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.32"));
    CertificatePoliciesExtension ext = new CertificatePoliciesExtension(false, in.getOctetString());
    List<PolicyInformation> policies = ext.get(CertificatePoliciesExtension.POLICIES);
    // match on the first policy id
    PolicyInformation policyInfo = (PolicyInformation) policies.get(0);
    s.clear();
    s.add(policyInfo.getPolicyIdentifier().getIdentifier().toString());
    selector.setPolicy(s);
    checkMatch(selector, cert, true);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:23,代码来源:X509CertSelectorTest.java

示例11: createPath

import java.security.cert.X509CertSelector; //导入依赖的package包/类
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:17,代码来源:ValidateTargetConstraints.java

示例12: getParameters

import java.security.cert.X509CertSelector; //导入依赖的package包/类
/**
 * Return the initialization parameters for the TrustManager. Currently,
 * only the default <code>PKIX</code> is supported.
 *
 * @param algorithm
 *            The algorithm to get parameters for.
 * @param crlf
 *            The path to the CRL file.
 * @param trustStore
 *            The configured TrustStore.
 * @return The parameters including the CRLs and TrustStore.
 */
protected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore) throws Exception {
	CertPathParameters params = null;
	if ("PKIX".equalsIgnoreCase(algorithm)) {
		PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
		Collection<? extends CRL> crls = getCRLs(crlf);
		CertStoreParameters csp = new CollectionCertStoreParameters(crls);
		CertStore store = CertStore.getInstance("Collection", csp);
		xparams.addCertStore(store);
		xparams.setRevocationEnabled(true);
		String trustLength = endpoint.getTrustMaxCertLength();
		if (trustLength != null) {
			try {
				xparams.setMaxPathLength(Integer.parseInt(trustLength));
			} catch (Exception ex) {
				log.warn("Bad maxCertLength: " + trustLength);
			}
		}

		params = xparams;
	} else {
		throw new CRLException("CRLs not supported for type: " + algorithm);
	}
	return params;
}
 
开发者ID:how2j,项目名称:lazycat,代码行数:37,代码来源:JSSESocketFactory.java

示例13: testValidateMy

import java.security.cert.X509CertSelector; //导入依赖的package包/类
@Test
public void testValidateMy() throws Exception
{
    System.out.println("validateMy");

    FileSystemDirectoryCertStore certStore = new FileSystemDirectoryCertStore("./src/test/cert/my");
    KeyStore ks = KeyStore.getInstance("jks");
    FileInputStream fis = new FileInputStream("./src/test/cert/my/myStore");
    ks.load(fis, "mystorepass".toCharArray());
    fis.close();

    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setSubject(new X500Principal("CN = Luis Goncalves,OU = CC,O = ISEL,C = PT"));
    Collection<X509Certificate> otherCerts = Collections.emptyList();

    PKIXCertificateValidationProvider instance = new PKIXCertificateValidationProvider(ks, false, certStore.getStore());
    ValidationData result = instance.validate(certSelector, new Date(), otherCerts);
    assertEquals(result.getCerts().size(), 3);
}
 
开发者ID:luisgoncalves,项目名称:xades4j,代码行数:20,代码来源:PKIXCertificateValidationProviderTest.java

示例14: testValidateNist

import java.security.cert.X509CertSelector; //导入依赖的package包/类
@Test
public void testValidateNist() throws Exception
{
    System.out.println("validateNist");

    FileSystemDirectoryCertStore certStore = new FileSystemDirectoryCertStore("./src/test/cert/csrc.nist");
    KeyStore ks = KeyStore.getInstance("jks");
    FileInputStream fis = new FileInputStream("./src/test/cert/csrc.nist/trustAnchor");
    ks.load(fis, "password".toCharArray());
    fis.close();

    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setSubject(new X500Principal("CN = User1-CP.02.01,OU = Testing,OU = DoD,O = U.S. Government,C = US"));
    Collection<X509Certificate> otherCerts = Collections.emptyList();

    PKIXCertificateValidationProvider instance = new PKIXCertificateValidationProvider(ks, true, certStore.getStore());
    ValidationData result = instance.validate(certSelector, new Date(), otherCerts);
    assertEquals(result.getCerts().size(), 4);
    assertEquals(result.getCrls().size(), 3);
}
 
开发者ID:luisgoncalves,项目名称:xades4j,代码行数:21,代码来源:PKIXCertificateValidationProviderTest.java

示例15: testPKIXBuilderParametersSetCertSelector01

import java.security.cert.X509CertSelector; //导入依赖的package包/类
/**
 * Test #1 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
 * constructor<br>
 * Assertion: creates an instance of <code>PKIXBuilderParameters</code>
 * @throws InvalidAlgorithmParameterException
 */
@TestTargetNew(
    level = TestLevel.PARTIAL_COMPLETE,
    notes = "Verifies positive case.",
    method = "PKIXBuilderParameters",
    args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector01()
    throws InvalidAlgorithmParameterException {
    Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }
    // both parameters are valid and non-null
    PKIXParameters p =
        new PKIXBuilderParameters(taSet, new X509CertSelector());
    assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
    assertNotNull("certSelector", p.getTargetCertConstraints());
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:25,代码来源:PKIXBuilderParametersTest.java


注:本文中的java.security.cert.X509CertSelector类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。