当前位置: 首页>>代码示例>>Java>>正文


Java CertPathValidator.getInstance方法代码示例

本文整理汇总了Java中java.security.cert.CertPathValidator.getInstance方法的典型用法代码示例。如果您正苦于以下问题:Java CertPathValidator.getInstance方法的具体用法?Java CertPathValidator.getInstance怎么用?Java CertPathValidator.getInstance使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.CertPathValidator的用法示例。


在下文中一共展示了CertPathValidator.getInstance方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: X509TrustManagerWrapper

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
 
开发者ID:bragex,项目名称:the-vigilantes,代码行数:20,代码来源:ExportControlled.java

示例2: validateNoCache

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}
 
开发者ID:jorkey,项目名称:Wiab.pro,代码行数:25,代码来源:CachedCertPathValidator.java

示例3: runTest

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private static void runTest(CertificateFactory cf,
        List<X509Certificate> certList, TrustAnchor anchor)
        throws Exception {
    CertPath path = cf.generateCertPath(certList);
    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    System.out.println(anchor);

    // Attach the OCSP responses to a PKIXParameters object
    PKIXRevocationChecker pkrev =
            (PKIXRevocationChecker)validator.getRevocationChecker();
    Map<X509Certificate, byte[]> responseMap = new HashMap<>();
    responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
    responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
    pkrev.setOcspResponses(responseMap);
    PKIXParameters params =
            new PKIXParameters(Collections.singleton(anchor));
    params.addCertPathChecker(pkrev);
    params.setDate(EVAL_DATE);

    validator.validate(path, params);
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:23,代码来源:ValWithAnchorByName.java

示例4: checkServerTrusted

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException e1) {
        try {
            X509Certificate[] ex = this.reorderCertificateChain(chain);
            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
            CertificateFactory factory = CertificateFactory.getInstance("X509");
            CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
            PKIXParameters params = new PKIXParameters(this.mTrustStore);
            params.setRevocationEnabled(false);
            validator.validate(certPath, params);
        } catch (Exception e) {
            throw e1;
        }
    }

}
 
开发者ID:pinguo-sunjianfei,项目名称:Android-Application-ZJB,代码行数:19,代码来源:GenericX509TrustManager.java

示例5: createCPVs

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private static CertPathValidator[] createCPVs() {
    if (!PKIXSupport) {
        fail(NotSupportMsg);
        return null;
    }
    try {
        CertPathValidator[] certPVs = new CertPathValidator[3];
        certPVs[0] = CertPathValidator.getInstance(defaultType);
        certPVs[1] = CertPathValidator.getInstance(defaultType,
                defaultProviderName);
        certPVs[2] = CertPathValidator.getInstance(defaultType,
                defaultProvider);
        return certPVs;
    } catch (Exception e) {
        return null;
    }
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:18,代码来源:CertPathValidator3Test.java

示例6: testCertPathValidator03

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Test for <code>getInstance(String algorithm)</code> method
 * Assertion: returns CertPathValidator object
 */
@TestTargetNew(
    level = TestLevel.PARTIAL_COMPLETE,
    notes = "Verifies positive case.",
    method = "getInstance",
    args = {java.lang.String.class}
)
public void testCertPathValidator03() throws NoSuchAlgorithmException  {
    if (!PKIXSupport) {
        fail(NotSupportMsg);
        return;
    }
    CertPathValidator certPV;
    for (int i = 0; i < validValues.length; i++) {
        certPV = CertPathValidator.getInstance(validValues[i]);
        assertEquals("Incorrect algorithm", certPV.getAlgorithm(), validValues[i]);
    }
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:22,代码来源:CertPathValidator1Test.java

示例7: testCertPathValidator05

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Test for <code>getInstance(String algorithm, String provider)</code> method
 * Assertion:
 * throws NoSuchProviderException when provider has invalid value
 */
@TestTargetNew(
    level = TestLevel.PARTIAL_COMPLETE,
    notes = "Verifies that getInstance method throws NoSuchProviderException when provider parameter has invalid value.",
    method = "getInstance",
    args = {java.lang.String.class, java.lang.String.class}
)
public void testCertPathValidator05() throws NoSuchAlgorithmException {
    if (!PKIXSupport) {
        fail(NotSupportMsg);
        return;
    }
    for (int t = 0; t < validValues.length; t++) {
        for (int i = 1; i < invalidValues.length; i++) {
            try {
                CertPathValidator.getInstance(validValues[t],
                        invalidValues[i]);
                fail("NoSuchProviderException must be thrown");
            } catch (NoSuchProviderException e1) {
            }
        }
    }
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:28,代码来源:CertPathValidator1Test.java

示例8: testCertPathValidator08

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
   * Test for <code>getInstance(String algorithm, Provider provider)</code> method
* Assertion: throws IllegalArgumentException when provider is null
   */
  public void testCertPathValidator08()
          throws NoSuchAlgorithmException  {
      if (!PKIXSupport) {
          fail(NotSupportMsg);
          return;
      }
      Provider prov = null;
      for (int t = 0; t < validValues.length; t++ ) {
          try {
              CertPathValidator.getInstance(validValues[t], prov);
              fail("IllegalArgumentException must be thrown");
          } catch (IllegalArgumentException e1) {
          }
      }        
  }
 
开发者ID:shannah,项目名称:cn1,代码行数:20,代码来源:CertPathValidator1Test.java

示例9: testCertPathValidator05

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
   * Test for <code>getInstance(String algorithm, String provider)</code> method
* Assertion: 
* throws NoSuchProviderException when provider has invalid value
   */
  public void testCertPathValidator05() throws NoSuchAlgorithmException {
      if (!PKIXSupport) {
          fail(NotSupportMsg);
          return;
      }
      for (int t = 0; t < validValues.length; t++) {
          for (int i = 1; i < invalidValues.length; i++) {
              try {
                  CertPathValidator.getInstance(validValues[t],
                          invalidValues[i]);
                  fail("NoSuchProviderException must be thrown");
              } catch (NoSuchProviderException e1) {
              }
          }
      }
  }
 
开发者ID:shannah,项目名称:cn1,代码行数:22,代码来源:CertPathValidator1Test.java

示例10: TrustManagerImpl

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Creates trust manager implementation
 * 
 * @param ks
 */
public TrustManagerImpl(KeyStore ks) {
    try {
        validator = CertPathValidator.getInstance("PKIX");
        factory = CertificateFactory.getInstance("X509");
        String alias;
        X509Certificate cert;
        byte[] nameConstrains = null;
        Set trusted = new HashSet();
        for (Enumeration en = ks.aliases(); en.hasMoreElements();) {
            alias = (String) en.nextElement();
            cert = (X509Certificate) ks.getCertificate(alias);
            if (cert != null) {
                trusted.add(new TrustAnchor(cert, nameConstrains));
            }
        }
        params = new PKIXParameters(trusted);
        params.setRevocationEnabled(false);
    } catch (Exception e) {
        err = e;
    }
}
 
开发者ID:freeVM,项目名称:freeVM,代码行数:27,代码来源:TrustManagerImpl.java

示例11: testCertPathValidator07

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
   * Test for <code>getInstance(String algorithm, String provider)</code> method
* Assertion: returns CertPathValidator object
   */
  public void testCertPathValidator07() throws NoSuchAlgorithmException,
          NoSuchProviderException {
      if (!PKIXSupport) {
          fail(NotSupportMsg);
          return;
      }
      CertPathValidator certPV;
      for (int i = 0; i < validValues.length; i++) {
          certPV = CertPathValidator.getInstance(validValues[i],
                  defaultProviderName);
          assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
                  validValues[i]);
          assertEquals("Incorrect provider name", certPV.getProvider()
                  .getName(), defaultProviderName);
      }
  }
 
开发者ID:freeVM,项目名称:freeVM,代码行数:21,代码来源:CertPathValidator1Test.java

示例12: testCertPathValidator10

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
   * Test for <code>getInstance(String algorithm, String provider)</code> method
* Assertion: returns CertPathValidator object
   */
  public void testCertPathValidator10() throws NoSuchAlgorithmException,
          NoSuchProviderException {
      if (!PKIXSupport) {
          fail(NotSupportMsg);
          return;
      }
      CertPathValidator certPV;
      for (int i = 0; i < invalidValues.length; i++) {
          certPV = CertPathValidator.getInstance(validValues[i],
                  defaultProvider);
          assertEquals("Incorrect algorithm", certPV.getAlgorithm(),
                  validValues[i]);
          assertEquals("Incorrect provider name", certPV.getProvider(),
                  defaultProvider);
      }
  }
 
开发者ID:freeVM,项目名称:freeVM,代码行数:21,代码来源:CertPathValidator1Test.java

示例13: TrustManagerImpl

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Creates trust manager implementation
 * 
 * @param ks
 */
public TrustManagerImpl(KeyStore ks) {
    try {
        validator = CertPathValidator.getInstance("PKIX");
        factory = CertificateFactory.getInstance("X509");
        byte[] nameConstrains = null;
        Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
        for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
            final String alias = en.nextElement();
            final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
            if (cert != null) {
                trusted.add(new TrustAnchor(cert, nameConstrains));
            }
        }
        params = new PKIXParameters(trusted);
        params.setRevocationEnabled(false);
    } catch (Exception e) {
        err = e;
    }
}
 
开发者ID:freeVM,项目名称:freeVM,代码行数:25,代码来源:TrustManagerImpl.java

示例14: JavaSecVerifier

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
    * Create a JavaSecVerifier and load the system keystore.
    *
    * @throws KeyStoreException Keystore type could not be instantiated.
    * @throws FileNotFoundException Keystore was not found in standard locations.
    * @throws IOException Error loading keystore from disc.
    * @throws GeneralSecurityException Error processing loaded keystore.
    */
   public JavaSecVerifier() throws IOException, GeneralSecurityException {
keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null); // initialize keystore
KeyStore tmpKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
certPathValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType());

// determine system keystore
final String fSep = File.separator;
File keyStoreFile;
// try system property
keyStoreFile = getKeystore(System.getProperty("java.home"), "lib" + fSep + "security" + fSep + "cacerts");

// load file
if (keyStoreFile != null) {
    tmpKeyStore.load(new FileInputStream(keyStoreFile), null); // system keystore has no password protection
} else {
    // TODO: this is either on android or it doesn' work at all
    throw new FileNotFoundException("Unable to find system keystore in standard locations.");
}

addKeyStore(tmpKeyStore);
   }
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:31,代码来源:JavaSecVerifier.java

示例15: testSoftFailFallback

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Test a case where client-side stapling is attempted, but does not
 * occur because OCSP responders are unreachable.  Client-side OCSP
 * checking is enabled for this, with SOFT_FAIL.
 */
static void testSoftFailFallback() throws Exception {
    ClientParameters cliParams = new ClientParameters();
    ServerParameters servParams = new ServerParameters();
    serverReady = false;

    // make OCSP responders reject connections
    intOcsp.rejectConnections();
    rootOcsp.rejectConnections();

    System.out.println("=======================================");
    System.out.println("Stapling enbled in client and server,");
    System.out.println("but OCSP responders disabled.");
    System.out.println("PKIXParameters with Revocation checking");
    System.out.println("enabled and SOFT_FAIL.");
    System.out.println("=======================================");

    Security.setProperty("ocsp.enable", "true");
    cliParams.pkixParams = new PKIXBuilderParameters(trustStore,
            new X509CertSelector());
    cliParams.pkixParams.setRevocationEnabled(true);
    CertPathValidator cpv = CertPathValidator.getInstance("PKIX");
    cliParams.revChecker =
            (PKIXRevocationChecker)cpv.getRevocationChecker();
    cliParams.revChecker.setOptions(EnumSet.of(Option.SOFT_FAIL));

    SSLSocketWithStapling sslTest = new SSLSocketWithStapling(cliParams,
            servParams);
    TestResult tr = sslTest.getResult();
    if (tr.clientExc != null) {
        throw tr.clientExc;
    } else if (tr.serverExc != null) {
        throw tr.serverExc;
    }

    // make sure getSoftFailExceptions is not empty
    if (cliParams.revChecker.getSoftFailExceptions().isEmpty()) {
        throw new Exception("No soft fail exceptions");
    }

    System.out.println("                 PASS");
    System.out.println("=======================================\n");


    // Make OCSP responders accept connections
    intOcsp.acceptConnections();
    rootOcsp.acceptConnections();

    // Wait 5 seconds for server ready
    for (int i = 0; (i < 100 && (!intOcsp.isServerReady() || !rootOcsp.isServerReady())); i++) {
        Thread.sleep(50);
    }
    if (!intOcsp.isServerReady() || !rootOcsp.isServerReady()) {
        throw new RuntimeException("Server not ready yet");
    }
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:61,代码来源:SSLSocketWithStapling.java


注:本文中的java.security.cert.CertPathValidator.getInstance方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。