本文整理汇总了Java中java.security.cert.X509Certificate类的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate类的具体用法?Java X509Certificate怎么用?Java X509Certificate使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
X509Certificate类属于java.security.cert包,在下文中一共展示了X509Certificate类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildCertAppliesToString
import java.security.cert.X509Certificate; //导入依赖的package包/类
public static String buildCertAppliesToString(X509Certificate cert) {
List<String> elements = new ArrayList<>();
try {
Collection<List<?>> altNames = cert.getSubjectAlternativeNames();
if (altNames != null) {
for (List<?> altName : altNames) {
Integer altNameType = (Integer) altName.get(0);
if (altNameType != 2 && altNameType != 7) // dns or ip
continue;
elements.add((String) altName.get(1));
}
}
} catch (CertificateParsingException ignored) {
}
if (elements.size() == 0)
return "none";
return TextUtils.join(",", elements.toArray());
}
示例2: getCommonName
import java.security.cert.X509Certificate; //导入依赖的package包/类
public static String getCommonName(X509Certificate cert)
throws InvalidNameException {
// use LDAP API to parse the certifiate Subject :)
// see http://stackoverflow.com/a/7634755/972463
LdapName ldapDN
= new LdapName(cert.getSubjectX500Principal().getName());
String cn = "";
for (Rdn rdn : ldapDN.getRdns()) {
if (rdn.getType().equals("CN")) {
cn = rdn.getValue().toString();
}
}
return cn;
}
示例3: getCertificateChain
import java.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public X509Certificate[] getCertificateChain(final String s) {
return with(new Function<X509Certificate[]>() {
@Override
public X509Certificate[] apply(X509ExtendedKeyManager delegate) {
return delegate.getCertificateChain(s);
}
});
}
开发者ID:cloudfoundry,项目名称:java-buildpack-security-provider,代码行数:12,代码来源:DelegatingX509ExtendedKeyManager.java
示例4: getCertificateThumbprint
import java.security.cert.X509Certificate; //导入依赖的package包/类
private String getCertificateThumbprint(String pfxPath, String password) {
try {
InputStream inStream = new FileInputStream(pfxPath);
KeyStore ks = KeyStore.getInstance("PKCS12");
ks.load(inStream, password.toCharArray());
String alias = ks.aliases().nextElement();
X509Certificate certificate = (X509Certificate) ks.getCertificate(alias);
inStream.close();
MessageDigest sha = MessageDigest.getInstance("SHA-1");
return BaseEncoding.base16().encode(sha.digest(certificate.getEncoded()));
} catch (KeyStoreException | CertificateException | NoSuchAlgorithmException | IOException ex) {
throw new RuntimeException(ex);
}
}
示例5: getDistributionPointUrls
import java.security.cert.X509Certificate; //导入依赖的package包/类
public static ArrayList<String> getDistributionPointUrls(X509Certificate cert){
ArrayList<String> ret = new ArrayList<String>();
try{
String data = cert.toString();
if(data.indexOf("CRLDistributionPoints") == -1)
return ret;
data = data.substring(data.indexOf("CRLDistributionPoints"));
data = data.substring(0, data.indexOf("]]") + 2);
while(data.indexOf("URIName") != -1){
data = data.substring(data.indexOf("URIName") + 9);
String url = data.substring(0, data.indexOf("]"));
if(url.contains(", URIName: ")){
String[] urlTmpList = url.split(", URIName: ");
for(String urlTmp:urlTmpList)
ret.add(urlTmp);
}else
ret.add(url);
data = data.substring(data.indexOf("]") + 1);
}
}catch(Exception ex){ex.printStackTrace();}
return ret;
}
示例6: verifyCertificate
import java.security.cert.X509Certificate; //导入依赖的package包/类
/**
* 检查证书链
*
* @param rootCerts
* 根证书
* @param cert
* 待验证的证书
* @return
*/
public static boolean verifyCertificate(X509Certificate cert) {
if ( null == cert) {
LogUtil.writeErrorLog("cert must Not null");
return false;
}
try {
cert.checkValidity();//验证有效期
// cert.verify(middleCert.getPublicKey());
if(!verifyCertificateChain(cert)){
return false;
}
} catch (Exception e) {
LogUtil.writeErrorLog("verifyCertificate fail", e);
return false;
}
if(SDKConfig.getConfig().isIfValidateCNName()){
// 验证公钥是否属于银联
if(!UNIONPAY_CNNAME.equals(CertUtil.getIdentitiesFromCertficate(cert))) {
LogUtil.writeErrorLog("cer owner is not CUP:" + CertUtil.getIdentitiesFromCertficate(cert));
return false;
}
} else {
// 验证公钥是否属于银联
if(!UNIONPAY_CNNAME.equals(CertUtil.getIdentitiesFromCertficate(cert))
&& !"00040000:SIGN".equals(CertUtil.getIdentitiesFromCertficate(cert))) {
LogUtil.writeErrorLog("cer owner is not CUP:" + CertUtil.getIdentitiesFromCertficate(cert));
return false;
}
}
return true;
}
示例7: evaluate
import java.security.cert.X509Certificate; //导入依赖的package包/类
/** {@inheritDoc} */
public Boolean evaluate(Credential target) {
if (target == null) {
log.error("Credential target was null");
return null;
}
if (!(target instanceof X509Credential)) {
log.info("Credential is not an X509Credential, can not evaluate X509CertSelector criteria");
return Boolean.FALSE;
}
X509Credential x509Cred = (X509Credential) target;
X509Certificate entityCert = x509Cred.getEntityCertificate();
if (entityCert == null) {
log.info("X509Credential did not contain an entity certificate, can not evaluate X509CertSelector criteria");
return Boolean.FALSE;
}
Boolean result = certSelector.match(entityCert);
return result;
}
示例8: checkServerTrusted
import java.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public void checkServerTrusted(X509Certificate[] chain, String authType)
throws CertificateException {
try {
sDefaultTrustManager.checkServerTrusted(chain, authType);
} catch (Exception e) {
try {
mManager.checkServerTrusted(chain, authType);
} catch (Exception e2) {
synchronized (UserOverrideTrustManager.this) {
if (mTempTrustedCertificates != null && mTempTrustedCertificates.contains(chain[0])) {
Log.i(TAG, "A temporarily trusted certificate is being used - trusting the server");
return;
}
}
Log.i(TAG, "Unrecognized certificate");
try {
X509Certificate cert = chain[0];
if (!askUser(cert, R.string.certificate_bad_cert).get())
throw new UserRejectedCertificateException();
} catch (InterruptedException | ExecutionException e3) {
throw new CertificateException("Asking user about the certificate failed");
}
}
}
}
示例9: generateCertificateChain
import java.security.cert.X509Certificate; //导入依赖的package包/类
/**
* Generates a certificate chain from the collection of
* certificates and stores the result into a key entry.
*/
private void generateCertificateChain(String alias,
Collection<? extends Certificate> certCollection)
{
try
{
X509Certificate[] certChain =
new X509Certificate[certCollection.size()];
int i = 0;
for (Iterator<? extends Certificate> iter =
certCollection.iterator(); iter.hasNext(); i++)
{
certChain[i] = (X509Certificate) iter.next();
}
storeWithUniqueAlias(alias,
new KeyEntry(alias, null, certChain));
}
catch (Throwable e)
{
// Ignore the exception and skip this entry
// TODO - throw CertificateException?
}
}
示例10: testTrustAllManager
import java.security.cert.X509Certificate; //导入依赖的package包/类
@Test
public void testTrustAllManager() throws Exception {
TrustAllManager manager = new TrustAllManager();
manager.checkClientTrusted((X509Certificate[]) null, (String) null);
manager.checkServerTrusted((X509Certificate[]) null, (String) null);
manager.checkClientTrusted((X509Certificate[]) null,
(String) null,
(Socket) null);
manager.checkClientTrusted((X509Certificate[]) null,
(String) null,
(SSLEngine) null);
manager.checkServerTrusted((X509Certificate[]) null,
(String) null,
(Socket) null);
manager.checkServerTrusted((X509Certificate[]) null,
(String) null,
(SSLEngine) null);
Assert.assertEquals(manager.getAcceptedIssuers() == null, true);
}
示例11: checkServerTrusted
import java.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public void checkServerTrusted(final X509Certificate[] chain, final String authType) throws CertificateException {
for (final X509TrustManager trustManager : trustManagers) {
try {
trustManager.checkServerTrusted(chain, authType);
return;
} catch (final CertificateException e) {
LOGGER.debug(e.getMessage(), e);
}
}
throw new CertificateException("None of the TrustManagers trust this certificate chain");
}
示例12: buildClient
import java.security.cert.X509Certificate; //导入依赖的package包/类
@SuppressWarnings("deprecation")
static CloseableHttpClient buildClient(boolean ignoreSSL) throws Exception {
SSLSocketFactory sslsf = new SSLSocketFactory(new TrustStrategy() {
public boolean isTrusted(
final X509Certificate[] chain, String authType) throws CertificateException {
// Oh, I am easy...
return true;
}
});
if (ignoreSSL) {
return HttpClients.custom().setSSLSocketFactory(sslsf).build();
} else {
return HttpClients.createDefault();
}
}
示例13: ExtendedKeyUsageImpl
import java.security.cert.X509Certificate; //导入依赖的package包/类
public ExtendedKeyUsageImpl(X509Certificate cert) throws IOException {
keyPurposeIds = new ArrayList<>();
byte[] extVal = cert.getExtensionValue(Extension.extendedKeyUsage.getId());
if (extVal == null)
return;
org.bouncycastle.asn1.x509.ExtendedKeyUsage usage = org.bouncycastle.asn1.x509.ExtendedKeyUsage
.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
KeyPurposeId[] usages = usage.getUsages();
for (int i = 0; i < usages.length; i++) {
keyPurposeIds.add(usages[i].getId());
}
}
示例14: BasicConstraintsImpl
import java.security.cert.X509Certificate; //导入依赖的package包/类
public BasicConstraintsImpl(X509Certificate cert) throws CertificateException, IOException {
byte[] extVal = cert.getExtensionValue(Extension.basicConstraints.getId());
if (extVal == null)
return;
org.bouncycastle.asn1.x509.BasicConstraints bc = org.bouncycastle.asn1.x509.BasicConstraints
.getInstance(X509ExtensionUtil.fromExtensionValue(extVal));
isCA = bc.isCA();
pathLen = bc.getPathLenConstraint();
}
示例15: resolveCertificate
import java.security.cert.X509Certificate; //导入依赖的package包/类
/**
* Retrieves a x509Certificate from the given information
* @param e
* @param baseURI
* @param storage
* @return
* @throws KeyResolverException
*/
private static X509Certificate resolveCertificate(
Element e, String baseURI, StorageResolver storage
) throws KeyResolverException {
if (log.isLoggable(java.util.logging.Level.FINE)) {
log.log(java.util.logging.Level.FINE, "Now we have a {" + e.getNamespaceURI() + "}"
+ e.getLocalName() + " Element");
}
// An element has been provided
if (e != null) {
return KeyResolver.getX509Certificate(e, baseURI, storage);
}
return null;
}