本文整理汇总了Java中org.globus.gsi.TrustedCertificates类的典型用法代码示例。如果您正苦于以下问题:Java TrustedCertificates类的具体用法?Java TrustedCertificates怎么用?Java TrustedCertificates使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
TrustedCertificates类属于org.globus.gsi包,在下文中一共展示了TrustedCertificates类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getCaCert
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
protected X509Certificate getCaCert(X509Certificate userCert) throws InvalidSecurityContextException {
TrustedCertificates tc = TrustedCertificates.getDefaultTrustedCertificates();
X509Certificate caCert = tc.getCertificate(userCert.getIssuerDN().getName());
if (caCert == null) {
logger.warn("Cannot find root CA certificate for proxy");
logger.warn("DNs of trusted certificates:");
X509Certificate[] roots = tc.getCertificates();
for (X509Certificate root : roots) {
logger.warn("\t" + root.getSubjectDN());
}
throw new InvalidSecurityContextException("Failed to find root CA certificate (" + userCert.getIssuerDN().getName() + ")");
}
else {
return caCert;
}
}
示例2: setCertList
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public void setCertList(String certList) {
certificates = new Vector();
if (certList == null) return;
StringTokenizer tokens = new StringTokenizer(certList, ",");
File certFile;
while(tokens.hasMoreTokens()) {
certFile = new File(tokens.nextToken().trim());
if (certFile.isDirectory()) {
File[] caCertFiles =
certFile.listFiles(TrustedCertificates.getCertFilter());
for (int i=0;i<caCertFiles.length;i++) {
loadCert(caCertFiles[i].getAbsolutePath());
}
} else {
loadCert(certFile.getAbsolutePath());
}
}
}
示例3: testNoBasicConstraintsExtension
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public void testNoBasicConstraintsExtension() throws Exception {
X509Certificate [] chain = null;
// EEC, EEC, CA - that should fail
chain = new X509Certificate[] {goodCertsArr[1], goodCertsArr[1], goodCertsArr[0]};
validateChain(chain);
TestProxyPathValidator v = new TestProxyPathValidator();
TrustedCertificates trustedCert =
new TrustedCertificates(new X509Certificate[] {goodCertsArr[1]});
// this makes the PathValidator think the chain is:
// CA, CA, CA - which is ok
try {
v.validate(chain, trustedCert);
} catch (ProxyPathValidatorException e) {
e.printStackTrace();
fail("Unexpected exception: " + e.getMessage());
}
}
示例4: setTrustedCertificates
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
protected void setTrustedCertificates(Object value)
throws GSSException {
if (!(value instanceof TrustedCertificates)) {
throw new GlobusGSSException(GSSException.FAILURE,
GlobusGSSException.BAD_OPTION_TYPE,
"badType",
new Object[] {"Trusted certificates",
TrustedCertificates.class});
}
this.tc = (TrustedCertificates)value;
}
示例5: getDefaultPureTLSTrustedCertificates
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public static synchronized PureTLSTrustedCertificates
getDefaultPureTLSTrustedCertificates() {
if (ptlsCerts == null) {
ptlsCerts = new PureTLSTrustedCertificates();
}
ptlsCerts.setTrustedCertificates(TrustedCertificates.getDefault());
return ptlsCerts;
}
示例6: testGetCertificateType3
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public void testGetCertificateType3() throws Exception {
X509Certificate cert = getCertificate(1);
int type = Integer.parseInt(ProxyPathValidatorTest.certs[1][0]);
assertEquals(GSIConstants.EEC, BouncyCastleUtil.getCertificateType(cert));
TrustedCertificates trustedCerts =
new TrustedCertificates(new X509Certificate[] {cert});
assertEquals(GSIConstants.CA, BouncyCastleUtil.getCertificateType(cert, trustedCerts));
}
示例7: loadTrustedCerts
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
private X509Certificate[] loadTrustedCerts() {
X509Certificate[] trustedCerts;
String trustStoreLocation = getTrustStorePath();
if (trustStoreLocation != null && trustStoreLocation.length() != 0) {
trustedCerts = TrustedCertificates
.loadCertificates(trustStoreLocation);
} else {
trustedCerts = TrustedCertificates.getDefaultTrustedCertificates()
.getCertificates();
}
return trustedCerts;
}
示例8: getDelegatedCredentialAndValidate
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
private GlobusCredential getDelegatedCredentialAndValidate(
DelegatedCredentialManager dcm, String gridIdentity,
DelegationIdentifier id, CertificateChain chain) throws Exception {
X509Certificate[] signingChain = org.cagrid.gaards.cds.common.Utils
.toCertificateArray(chain);
KeyPair pair = KeyUtil.generateRSAKeyPair1024();
org.cagrid.gaards.cds.common.PublicKey pKey = new org.cagrid.gaards.cds.common.PublicKey();
pKey.setKeyAsString(KeyUtil.writePublicKey(pair.getPublic()));
X509Certificate[] delegatedProxy = org.cagrid.gaards.cds.common.Utils
.toCertificateArray(dcm.getDelegatedCredential(GRID_IDENTITY,
id, pKey));
assertNotNull(delegatedProxy);
assertEquals(delegatedProxy.length, (signingChain.length + 1));
for (int i = 0; i < signingChain.length; i++) {
assertEquals(signingChain[i], delegatedProxy[i + 1]);
}
ProxyPathValidator validator = new ProxyPathValidator();
validator.validate(delegatedProxy, TrustedCertificates
.getDefaultTrustedCertificates().getCertificates(),
CertificateRevocationLists
.getDefaultCertificateRevocationLists());
DelegatedCredentialAuditRecord[] ar = dcm.searchAuditLog(Utils
.getIssuedAuditFilter(id));
assertEquals(1, ar.length);
assertEquals(id, ar[0].getDelegationIdentifier());
assertEquals(GRID_IDENTITY, ar[0].getSourceGridIdentity());
assertEquals(DelegatedCredentialEvent.DelegatedCredentialIssued, ar[0]
.getEvent());
return new GlobusCredential(pair.getPrivate(), delegatedProxy);
}
示例9: getDelegatedCredentialAndValidate
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
private GlobusCredential getDelegatedCredentialAndValidate(
DelegatedCredentialManager dcm, String gridIdentity,
DelegationIdentifier id, CertificateChain chain) throws Exception {
X509Certificate[] signingChain = org.cagrid.cds.service.impl.util.Utils
.toCertificateArray(chain);
KeyPair pair = KeyUtil.generateRSAKeyPair1024();
org.cagrid.cds.model.PublicKey pKey = new org.cagrid.cds.model.PublicKey();
pKey.setKeyAsString(KeyUtil.writePublicKey(pair.getPublic()));
X509Certificate[] delegatedProxy = org.cagrid.cds.service.impl.util.Utils
.toCertificateArray(dcm.getDelegatedCredential(GRID_IDENTITY,
id, pKey));
assertNotNull(delegatedProxy);
assertEquals(delegatedProxy.length, (signingChain.length + 1));
for (int i = 0; i < signingChain.length; i++) {
assertEquals(signingChain[i], delegatedProxy[i + 1]);
}
ProxyPathValidator validator = new ProxyPathValidator();
validator.validate(delegatedProxy, TrustedCertificates
.getDefaultTrustedCertificates().getCertificates(),
CertificateRevocationLists
.getDefaultCertificateRevocationLists());
List<DelegatedCredentialAuditRecord> ar = dcm.searchAuditLog(Utils
.getIssuedAuditFilter(id));
assertEquals(1, ar.size());
assertEquals(id, ar.get(0).getDelegationIdentifier());
assertEquals(GRID_IDENTITY, ar.get(0).getSourceGridIdentity());
assertEquals(DelegatedCredentialEvent.DELEGATED_CREDENTIAL_ISSUED, ar.get(0)
.getEvent());
return new GlobusCredential(pair.getPrivate(), delegatedProxy);
}
示例10: validateCertificateChain
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public static void validateCertificateChain(X509Certificate[] chain)
throws ProxyPathValidatorException {
ProxyPathValidator validator = new ProxyPathValidator();
validator.validate(chain, TrustedCertificates
.getDefaultTrustedCertificates().getCertificates(),
CertificateRevocationLists
.getDefaultCertificateRevocationLists());
}
示例11: getSigningPolicy
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
protected SigningPolicy getSigningPolicy(X509Certificate userCert) {
TrustedCertificates tc = TrustedCertificates.getDefaultTrustedCertificates();
return tc.getSigningPolicy('/' + userCert.getIssuerDN().getName().replace(',', '/'));
}
示例12: validate
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public void validate(X509Certificate [] certPath,
TrustedCertificates trustedCerts,
CertificateRevocationLists crlsList)
throws ProxyPathValidatorException {
super.validate(certPath, trustedCerts, crlsList);
}
示例13: PureTLSTrustedCertificates
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
public PureTLSTrustedCertificates(TrustedCertificates tc) {
this.tc = tc;
}
示例14: setTrustedCertificates
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
protected void setTrustedCertificates(TrustedCertificates tc) {
this.tc = tc;
}
示例15: getCertificateType
import org.globus.gsi.TrustedCertificates; //导入依赖的package包/类
/**
* Returns certificate type of the given certificate.
* This function calls {@link #getCertificateType(TBSCertificateStructure)
* getCertificateType} to get the certificate type. In case
* the certificate type was initially determined as
* {@link GSIConstants#EEC GSIConstants.EEC} it is checked
* against the trusted certificate list to see if it really
* is a CA certificate. If the certificate is present in the
* trusted certificate list the certificate type is changed
* to {@link GSIConstants#CA GSIConstants.CA}. Otherwise, it is
* left as it is (This is useful in cases where a valid CA
* certificate does not have a BasicConstraints extension)
*
* @param crt the certificate to get the type of.
* @param trustedCerts the trusted certificates to double check the
* {@link GSIConstants#EEC GSIConstants.EEC}
* certificate against. If null, a default
* set of trusted certificate will be loaded
* from a standard location.
* @return the certificate type. The certificate type is determined
* by rules described above.
* @exception IOException if something goes wrong.
* @exception CertificateException for proxy certificates, if
* the issuer DN of the certificate does not match
* the subject DN of the certificate without the
* last <I>CN</I> component. Also, for GSI-3 proxies
* when the <code>ProxyCertInfo</code> extension is
* not marked as critical.
*/
public static int getCertificateType(TBSCertificateStructure crt,
TrustedCertificates trustedCerts)
throws CertificateException, IOException {
int type = getCertificateType(crt);
// check subject of the cert in trusted cert list
// to make sure the cert is not a ca cert
if (type == GSIConstants.EEC) {
if (trustedCerts == null) {
trustedCerts =
TrustedCertificates.getDefaultTrustedCertificates();
}
if (trustedCerts != null &&
trustedCerts.getCertificate(crt.getSubject().toString()) != null) {
type = GSIConstants.CA;
}
}
return type;
}