本文整理汇总了Java中javax.security.cert.X509Certificate类的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate类的具体用法?Java X509Certificate怎么用?Java X509Certificate使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。
X509Certificate类属于javax.security.cert包,在下文中一共展示了X509Certificate类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getPeerCertificateChain
import javax.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public Object[] getPeerCertificateChain(boolean force)
throws IOException {
// Look up the current SSLSession
if (session == null)
return null;
// Convert JSSE's certificate format to the ones we need
X509Certificate [] jsseCerts = null;
try {
jsseCerts = session.getPeerCertificateChain();
} catch(Exception bex) {
// ignore.
}
if (jsseCerts == null)
jsseCerts = new X509Certificate[0];
if(jsseCerts.length <= 0 && force && ssl != null) {
session.invalidate();
handShake();
session = ssl.getSession();
}
return getX509Certificates(session);
}
示例2: processX509CertConnect
import javax.security.cert.X509Certificate; //导入依赖的package包/类
private void processX509CertConnect(ChannelHandlerContext ctx, X509Certificate cert, String clientIdentifier) {
try {
String strCert = SslUtil.getX509CertificateString(cert);
String sha3Hash = EncryptionUtil.getSha3Hash(strCert);
boolean login = deviceSessionCtx.login(new DeviceX509Credentials(sha3Hash));
if (login) {
MemoryMetaPool.registerClienId(clientIdentifier, ctx.channel());
ctx.writeAndFlush(createMqttConnAckMsg(CONNECTION_ACCEPTED));
connected = true;
checkGatewaySession();
} else {
ctx.writeAndFlush(createMqttConnAckMsg(CONNECTION_REFUSED_NOT_AUTHORIZED));
ctx.close();
}
} catch (Exception e) {
ctx.writeAndFlush(createMqttConnAckMsg(CONNECTION_REFUSED_NOT_AUTHORIZED));
ctx.close();
}
}
示例3: getPeerCertificateChain
import javax.security.cert.X509Certificate; //导入依赖的package包/类
public Object[] getPeerCertificateChain(boolean force)
throws IOException {
// Look up the current SSLSession
if (session == null)
return null;
// Convert JSSE's certificate format to the ones we need
X509Certificate [] jsseCerts = null;
try {
jsseCerts = session.getPeerCertificateChain();
} catch(Exception bex) {
// ignore.
}
if (jsseCerts == null)
jsseCerts = new X509Certificate[0];
if(jsseCerts.length <= 0 && force) {
session.invalidate();
handShake();
session = ssl.getSession();
}
return getX509Certificates(session);
}
示例4: getPeerCertificateChain
import javax.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException, RenegotiationRequiredException {
try {
return channel.getSslSession().getPeerCertificateChain();
} catch (SSLPeerUnverifiedException e) {
try {
SslClientAuthMode sslClientAuthMode = channel.getOption(Options.SSL_CLIENT_AUTH_MODE);
if (sslClientAuthMode == SslClientAuthMode.NOT_REQUESTED) {
throw new RenegotiationRequiredException();
}
} catch (IOException e1) {
//ignore, will not actually happen
}
throw e;
}
}
示例5: BasicSSLSessionInfo
import javax.security.cert.X509Certificate; //导入依赖的package包/类
/**
*
* @param sessionId The SSL session ID
* @param cypherSuite The cypher suite name
* @param certificate A string representation of the client certificate
* @throws java.security.cert.CertificateException If the client cert could not be decoded
* @throws CertificateException If the client cert could not be decoded
*/
public BasicSSLSessionInfo(byte[] sessionId, String cypherSuite, String certificate) throws java.security.cert.CertificateException, CertificateException {
this.sessionId = sessionId;
this.cypherSuite = cypherSuite;
if (certificate != null) {
java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");
byte[] certificateBytes = certificate.getBytes(US_ASCII);
ByteArrayInputStream stream = new ByteArrayInputStream(certificateBytes);
peerCertificate = cf.generateCertificate(stream);
this.certificate = X509Certificate.getInstance(certificateBytes);
} else {
this.peerCertificate = null;
this.certificate = null;
}
}
示例6: toPem
import javax.security.cert.X509Certificate; //导入依赖的package包/类
public static String toPem(final X509Certificate certificate) throws CertificateEncodingException {
final StringBuilder builder = new StringBuilder();
builder.append(BEGIN_CERT);
builder.append('\n');
builder.append(FlexBase64.encodeString(certificate.getEncoded(), true));
builder.append('\n');
builder.append(END_CERT);
return builder.toString();
}
示例7: getPeerCertificateChain
import javax.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public Object[] getPeerCertificateChain(boolean force) throws IOException {
// Look up the current SSLSession
if (session == null)
return null;
// Convert JSSE's certificate format to the ones we need
X509Certificate[] jsseCerts = null;
try {
jsseCerts = session.getPeerCertificateChain();
} catch (Exception bex) {
// ignore.
}
if (jsseCerts == null)
jsseCerts = new X509Certificate[0];
if (jsseCerts.length <= 0 && force && ssl != null) {
session.invalidate();
handShake();
session = ssl.getSession();
}
return getX509Certificates(session);
}
示例8: processX509CertConnect
import javax.security.cert.X509Certificate; //导入依赖的package包/类
private void processX509CertConnect(ChannelHandlerContext ctx, X509Certificate cert) {
try {
String strCert = SslUtil.getX509CertificateString(cert);
String sha3Hash = EncryptionUtil.getSha3Hash(strCert);
if (deviceSessionCtx.login(new DeviceX509Credentials(sha3Hash))) {
ctx.writeAndFlush(createMqttConnAckMsg(CONNECTION_ACCEPTED));
connected = true;
checkGatewaySession();
} else {
ctx.writeAndFlush(createMqttConnAckMsg(CONNECTION_REFUSED_NOT_AUTHORIZED));
ctx.close();
}
} catch (Exception e) {
ctx.writeAndFlush(createMqttConnAckMsg(CONNECTION_REFUSED_NOT_AUTHORIZED));
ctx.close();
}
}
示例9: populateUserAndRolesFromCert
import javax.security.cert.X509Certificate; //导入依赖的package包/类
private boolean populateUserAndRolesFromCert(X509Certificate certificate) throws InvalidNameException {
LdapName ldapName = new LdapName(certificate.getSubjectDN().getName());
// Find the first CN that maps to a valid user as supplied in the config
Optional<String> validCN = ldapName.getRdns().stream()
.filter(rdn -> rdn.getType().equalsIgnoreCase("CN"))
.map(rdn -> String.valueOf(rdn.getValue()))
.filter(n -> validCertUsers.containsKey(n)).findFirst();
if(validCN.isPresent()) {
String name = validCN.get();
user = name; roles.addAll(validCertUsers.get(name));
return true;
} else {
return false;
}
}
示例10: enrichWithClientCertInformation
import javax.security.cert.X509Certificate; //导入依赖的package包/类
/**
* Enriches the message with client certificate details such as subject name, serial number etc.
* <p/>
* If the certificate is unverified then the headers is not enriched.
*
* @param sslSession the SSL session
* @param message the message to enrich
*/
protected void enrichWithClientCertInformation(SSLSession sslSession, Message message) {
try {
X509Certificate[] certificates = sslSession.getPeerCertificateChain();
if (certificates != null && certificates.length > 0) {
X509Certificate cert = certificates[0];
Principal subject = cert.getSubjectDN();
if (subject != null) {
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_SUBJECT_NAME, subject.getName());
}
Principal issuer = cert.getIssuerDN();
if (issuer != null) {
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_ISSUER_NAME, issuer.getName());
}
BigInteger serial = cert.getSerialNumber();
if (serial != null) {
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_SERIAL_NO, serial.toString());
}
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_NOT_BEFORE, cert.getNotBefore());
message.setHeader(NettyConstants.NETTY_SSL_CLIENT_CERT_NOT_AFTER, cert.getNotAfter());
}
} catch (SSLPeerUnverifiedException e) {
// ignore
}
}
示例11: testHandleSuccessRequestMutualAuthHeader
import javax.security.cert.X509Certificate; //导入依赖的package包/类
@Test(description = "Handle request with device type URI with Mutual Auth Header",
dependsOnMethods = "testHandleSuccessRequestProxyMutualAuthHeader")
public void testHandleSuccessRequestMutualAuthHeader() throws Exception {
HashMap<String, String> transportHeaders = new HashMap<>();
transportHeaders.put(AuthConstants.MUTUAL_AUTH_HEADER, "Test Header");
setMockClient();
this.mockClient.setResponse(getAccessTokenReponse());
this.mockClient.setResponse(getValidationResponse());
MessageContext messageContext = createSynapseMessageContext("<empty/>", this.synapseConfiguration,
transportHeaders, "https://test.com/testservice/api/testdevice");
org.apache.axis2.context.MessageContext axisMC = ((Axis2MessageContext) messageContext).getAxis2MessageContext();
String certStr = getContent(TestUtils.getAbsolutePathOfConfig("ra_cert.pem"));
X509Certificate cert = X509Certificate.getInstance(new ByteArrayInputStream(certStr.
getBytes(StandardCharsets.UTF_8.name())));
axisMC.setProperty(AuthConstants.CLIENT_CERTIFICATE, new X509Certificate[]{cert});
boolean response = this.handler.handleRequest(messageContext);
Assert.assertTrue(response);
this.mockClient.reset();
}
示例12: checkCertificates
import javax.security.cert.X509Certificate; //导入依赖的package包/类
/**
* Checks whether any active users' certificates are beyond the expiration threshold.
*/
@TransactionAttribute
public void checkCertificates() {
List<UserAuthentication> auths = userAuthDao.findAll();
Calendar cal = Calendar.getInstance();
cal.add(Calendar.DATE, configuration.getCertificateCheckThreshold());
Date cutoff = cal.getTime();
for (UserAuthentication auth : auths) {
if (auth.getActive() && auth.getCertificate() != null) {
try {
X509Certificate certificate = X509Certificate
.getInstance(Base64.decodeBase64(auth.getCertificate()));
if (cutoff.after(certificate.getNotAfter())) {
notifyExpirationCheckFail(auth.getUser().getUsername());
}
} catch (CertificateException e) {
logger.warn("Certificate could not be read", e);
}
}
}
}
示例13: getPeerCertificateChain
import javax.security.cert.X509Certificate; //导入依赖的package包/类
@Override
public X509Certificate[] getPeerCertificateChain() throws SSLPeerUnverifiedException {
// these are lazy created to reduce memory overhead
X509Certificate[] c = x509PeerCerts;
if (c == null) {
if (SSL.isInInit(ssl) != 0) {
throw new SSLPeerUnverifiedException("peer not verified");
}
byte[][] chain = SSL.getPeerCertChain(ssl);
if (chain == null) {
throw new SSLPeerUnverifiedException("peer not verified");
}
X509Certificate[] peerCerts = new X509Certificate[chain.length];
for (int i = 0; i < peerCerts.length; i++) {
try {
peerCerts[i] = X509Certificate.getInstance(chain[i]);
} catch (CertificateException e) {
throw new IllegalStateException(e);
}
}
c = x509PeerCerts = peerCerts;
}
return c;
}
示例14: parse
import javax.security.cert.X509Certificate; //导入依赖的package包/类
public CertificateMeta parse() throws IOException, CertificateException {
X509Certificate certificate = X509Certificate.getInstance(Utils.toByteArray(in));
CertificateMeta.Builder builder = CertificateMeta.newCertificateMeta();
byte[] bytes = certificate.getEncoded();
String certMd5 = md5Digest(bytes);
String publicKeyString = byteToHexString(bytes);
String certBase64Md5 = md5Digest(publicKeyString);
builder.data(bytes);
builder.certBase64Md5(certBase64Md5);
builder.certMd5(certMd5);
builder.startDate(certificate.getNotBefore());
builder.endDate(certificate.getNotAfter());
builder.signAlgorithm(certificate.getSigAlgName());
builder.signAlgorithmOID(certificate.getSigAlgOID());
return builder.build();
}
示例15: getJaasCertificateCallbackHandler
import javax.security.cert.X509Certificate; //导入依赖的package包/类
private JaasCallbackHandler getJaasCertificateCallbackHandler(String user) {
JMXPrincipal principal = new JMXPrincipal(user);
X509Certificate cert = new StubX509Certificate(principal);
return new JaasCallbackHandler(null, null, null) {
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (Callback callback : callbacks) {
if (callback instanceof CertificateCallback) {
CertificateCallback certCallback = (CertificateCallback) callback;
certCallback.setCertificates(new X509Certificate[]{cert});
} else {
throw new UnsupportedCallbackException(callback);
}
}
}
};
}