当前位置: 首页>>代码示例>>Java>>正文


Java CertPathValidator.validate方法代码示例

本文整理汇总了Java中java.security.cert.CertPathValidator.validate方法的典型用法代码示例。如果您正苦于以下问题:Java CertPathValidator.validate方法的具体用法?Java CertPathValidator.validate怎么用?Java CertPathValidator.validate使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.CertPathValidator的用法示例。


在下文中一共展示了CertPathValidator.validate方法的14个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: validateNoCache

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}
 
开发者ID:jorkey,项目名称:Wiab.pro,代码行数:25,代码来源:CachedCertPathValidator.java

示例2: runTest

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private static void runTest(CertificateFactory cf,
        List<X509Certificate> certList, TrustAnchor anchor)
        throws Exception {
    CertPath path = cf.generateCertPath(certList);
    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    System.out.println(anchor);

    // Attach the OCSP responses to a PKIXParameters object
    PKIXRevocationChecker pkrev =
            (PKIXRevocationChecker)validator.getRevocationChecker();
    Map<X509Certificate, byte[]> responseMap = new HashMap<>();
    responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
    responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
    pkrev.setOcspResponses(responseMap);
    PKIXParameters params =
            new PKIXParameters(Collections.singleton(anchor));
    params.addCertPathChecker(pkrev);
    params.setDate(EVAL_DATE);

    validator.validate(path, params);
}
 
开发者ID:AdoptOpenJDK,项目名称:openjdk-jdk10,代码行数:23,代码来源:ValWithAnchorByName.java

示例3: checkServerTrusted

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException e1) {
        try {
            X509Certificate[] ex = this.reorderCertificateChain(chain);
            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
            CertificateFactory factory = CertificateFactory.getInstance("X509");
            CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
            PKIXParameters params = new PKIXParameters(this.mTrustStore);
            params.setRevocationEnabled(false);
            validator.validate(certPath, params);
        } catch (Exception e) {
            throw e1;
        }
    }

}
 
开发者ID:pinguo-sunjianfei,项目名称:Android-Application-ZJB,代码行数:19,代码来源:GenericX509TrustManager.java

示例4: testCertPathValidator

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
@TestTargets({
    @TestTargetNew(
            level=TestLevel.ADDITIONAL,
            method="getInstance",
            args={String.class}
    ),
    @TestTargetNew(
            level=TestLevel.ADDITIONAL,
            method="validate",
            args={CertPath.class, CertPathParameters.class}
    ),
    @TestTargetNew(
            level=TestLevel.COMPLETE,
            method="method",
            args={}
    )
})
public void testCertPathValidator() throws Exception {
    CertPathValidator certPathValidator = CertPathValidator.getInstance(
            algorithmName);

    CertPathValidatorResult validatorResult = certPathValidator.validate(
            getCertPath(), getParams());

    validateResult(validatorResult);
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:27,代码来源:CertPathValidatorTest.java

示例5: validateCertPath

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private boolean validateCertPath(KeyStore ks, Certificate[] certs) throws WSSecurityException {

        try {

            // Generate cert path
            java.util.List certList = java.util.Arrays.asList(certs);
            CertPath path = this.getCertificateFactory().generateCertPath(certList);

            // Use the certificates in the keystore as TrustAnchors
            PKIXParameters param = new PKIXParameters(ks);

            // Do not check a revocation list
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings
            String provider = properties
                    .getProperty("org.apache.ws.security.crypto.merlin.cert.provider");
            CertPathValidator certPathValidator;
            if (provider == null || provider.length() == 0) {
                certPathValidator = CertPathValidator.getInstance("PKIX");
            } else {
                certPathValidator = CertPathValidator.getInstance("PKIX", provider);
            }
            certPathValidator.validate(path, param);
        } catch (NoSuchProviderException | NoSuchAlgorithmException | CertificateException |
                InvalidAlgorithmParameterException | CertPathValidatorException | KeyStoreException ex) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "certpath",
                    new Object[]{ex.getMessage()}, ex);
        }
        return true;
    }
 
开发者ID:wso2,项目名称:carbon-identity-framework,代码行数:32,代码来源:ServerCrypto.java

示例6: validateCertificate

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
boolean validateCertificate(Certificate cert) {
    boolean isValidated;

    if (cert == null) {
        return false;
    }

    try {
        KeyStore keyStore = getTrustStore();

        PKIXParameters parms = new PKIXParameters(keyStore);
        parms.setRevocationEnabled(false);

        CertPathValidator certValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType()); // PKIX

        ArrayList<Certificate> start = new ArrayList<>();
        start.add(cert);
        CertificateFactory certFactory = CertificateFactory.getInstance(CERTIFICATE_FORMAT);
        CertPath certPath = certFactory.generateCertPath(start);

        certValidator.validate(certPath, parms);
        isValidated = true;
    } catch (KeyStoreException | InvalidAlgorithmParameterException | NoSuchAlgorithmException
            | CertificateException | CertPathValidatorException | CryptoException e) {
        logger.error("Cannot validate certificate. Error is: " + e.getMessage() + "\r\nCertificate"
                + cert.toString());
        isValidated = false;
    }

    return isValidated;
}
 
开发者ID:hyperledger,项目名称:fabric-sdk-java,代码行数:32,代码来源:CryptoPrimitives.java

示例7: certPathReview

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private PKIXCertPathValidatorResult certPathReview(CertPath certPath,
		PKIXParameters params) throws NoSuchAlgorithmException,
		CertPathValidatorException, InvalidAlgorithmParameterException {

	CertPathValidator certPathValidator = CertPathValidator
			.getInstance(CertPathValidator.getDefaultType());
	CertPathValidatorResult result = certPathValidator.validate(certPath,
			params);

	PKIXCertPathValidatorResult pkixResult = (PKIXCertPathValidatorResult) result;

	return pkixResult;

}
 
开发者ID:bluecrystalsign,项目名称:signer-source,代码行数:15,代码来源:CertificateService.java

示例8: verifyCertificate

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Attempts to build a certification chain for given certificate to verify
 * it. Relies on a set of root CA certificates (trust anchors) and a set of
 * intermediate certificates (to be used as part of the chain).
 */
private PKIXCertPathBuilderResult verifyCertificate(X509Certificate certificate, Set<X509Certificate> trustedRootCerts, Set<X509Certificate> intermediateCerts)
		throws GeneralSecurityException {

	// Create the selector that specifies the starting certificate
	X509CertSelector selector = new X509CertSelector();
	selector.setBasicConstraints(-2);
	selector.setCertificate(certificate);

	// Create the trust anchors (set of root CA certificates)
	Set<TrustAnchor> trustAnchors = new HashSet<TrustAnchor>();
	for (X509Certificate trustedRootCert : trustedRootCerts) {
		trustAnchors.add(new TrustAnchor(trustedRootCert, null));
	}

	// Configure the PKIX certificate builder algorithm parameters
	PKIXBuilderParameters pkixParams = new PKIXBuilderParameters(trustAnchors, selector);

	// Turn off default revocation-checking mechanism
	pkixParams.setRevocationEnabled(false);

	// Specify a list of intermediate certificates
	CertStore intermediateCertStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(intermediateCerts));
	pkixParams.addCertStore(intermediateCertStore);

	// Build and verify the certification chain
	CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
	PKIXCertPathBuilderResult certPathBuilderResult = (PKIXCertPathBuilderResult) builder.build(pkixParams);

	// Additional check to Verify cert path
	CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
	PKIXCertPathValidatorResult certPathValidationResult = (PKIXCertPathValidatorResult) certPathValidator.validate(certPathBuilderResult.getCertPath(), pkixParams);

	return certPathBuilderResult;
}
 
开发者ID:GluuFederation,项目名称:oxAuth,代码行数:40,代码来源:PathCertificateVerifier.java

示例9: doTest

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private PKIXCertPathValidatorResult doTest(
    String      trustAnchor,
    String[]    certs,
    String[]    crls,
    Set         policies)
    throws Exception
{
    Set  trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
    List certsAndCrls = new ArrayList();
    X509Certificate endCert = loadCert(certs[certs.length - 1]);
    
    for (int i = 0; i != certs.length - 1; i++)
    {
        certsAndCrls.add(loadCert(certs[i]));
    }
    
    certsAndCrls.add(endCert);

    CertPath certPath = CertificateFactory.getInstance("X.509","BC").generateCertPath(certsAndCrls);

    for (int i = 0; i != crls.length; i++)
    {
        certsAndCrls.add(loadCrl(crls[i]));
    }

    CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
    
    CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
    PKIXParameters    params = new PKIXParameters(trustedSet);
    
    params.addCertStore(store);
    params.setRevocationEnabled(true);
    params.setDate(new GregorianCalendar(2010, 1, 1).getTime());

    if (policies != null)
    {
        params.setExplicitPolicyRequired(true);
        params.setInitialPolicies(policies);
    }
    
    return (PKIXCertPathValidatorResult)validator.validate(certPath, params);
}
 
开发者ID:NoYouShutup,项目名称:CryptMeme,代码行数:43,代码来源:NistCertPathTest.java

示例10: checkCircProcessing

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
private void checkCircProcessing()
    throws Exception
{
    CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");

    X509Certificate caCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(circCA));
    X509Certificate crlCaCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(circCRLCA));
    X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(circCRL));

    List list = new ArrayList();

    list.add(caCert);
    list.add(crlCaCert);
    list.add(crl);

    CertStoreParameters ccsp = new CollectionCertStoreParameters(list);
    CertStore store = CertStore.getInstance("Collection", ccsp);

    Calendar validDate = Calendar.getInstance();
    validDate.set(2010,0,8,2,21,10);

        //validating path
    List certchain = new ArrayList();

    certchain.add(crlCaCert);
    CertPath cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);

    Set trust = new HashSet();
    trust.add(new TrustAnchor(caCert, null));

    CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
    //PKIXParameters param = new PKIXParameters(trust);

    PKIXBuilderParameters param = new PKIXBuilderParameters(trust, null);
    X509CertSelector certSelector = new X509CertSelector();
    certSelector.setCertificate(crlCaCert);
    param.setTargetCertConstraints(certSelector);
    param.addCertStore(store);
    param.setRevocationEnabled(true);
    param.setDate(validDate.getTime());

    PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
}
 
开发者ID:credentials,项目名称:irma_future_id,代码行数:44,代码来源:CertPathValidatorTest.java

示例11: validate

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Perform a PKIX validation. On success, print the
 * CertPathValidatorResult on System.out. On failure,
 * throw an exception.
 *
 * @param path CertPath to validate
 * @param params PKIXParameters to use in validation
 * @throws Exception on error
 */
public static void validate(CertPath path, PKIXParameters params)
    throws Exception {
    CertPathValidator validator =
        CertPathValidator.getInstance("PKIX");
    CertPathValidatorResult cpvr = validator.validate(path, params);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:16,代码来源:VerifyNameConstraints.java

示例12: validate

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Perform a PKIX validation.
 *
 * @param path CertPath to validate
 * @param params PKIXParameters to use in validation
 * @throws Exception on error
 */
public static void validate(CertPath path, PKIXParameters params)
    throws Exception {
    CertPathValidator validator =
        CertPathValidator.getInstance("PKIX");
    CertPathValidatorResult cpvr = validator.validate(path, params);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:14,代码来源:ValidateTargetConstraints.java

示例13: validate

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Perform a PKIX validation.
 *
 * @param path CertPath to validate
 * @param params PKIXParameters to use in validation
 * @throws Exception on error
 */
public static void validate(CertPath path, PKIXParameters params)
    throws Exception {
    CertPathValidator validator =
        CertPathValidator.getInstance("PKIX", "SUN");
    CertPathValidatorResult cpvr = validator.validate(path, params);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:14,代码来源:ValidateNC.java

示例14: return

import java.security.cert.CertPathValidator; //导入方法依赖的package包/类
/**
 * Perform a PKIX validation. On failure, throw an exception.
 *
 * @param path CertPath to validate
 * @param params PKIXParameters to use in validation
 * @throws Exception on error
 */
public static PKIXCertPathValidatorResult validate
    (CertPath path, PKIXParameters params) throws Exception {
    CertPathValidator validator =
        CertPathValidator.getInstance("PKIX");
    return (PKIXCertPathValidatorResult) validator.validate(path, params);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:14,代码来源:CertUtils.java


注:本文中的java.security.cert.CertPathValidator.validate方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。