本文整理汇总了Java中java.security.cert.CertStore.getInstance方法的典型用法代码示例。如果您正苦于以下问题:Java CertStore.getInstance方法的具体用法?Java CertStore.getInstance怎么用?Java CertStore.getInstance使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.CertStore
的用法示例。
在下文中一共展示了CertStore.getInstance方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getParameters
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Return the initialization parameters for the TrustManager.
* Currently, only the default <code>PKIX</code> is supported.
*
* @param algorithm The algorithm to get parameters for.
* @param crlf The path to the CRL file.
* @param trustStore The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm,
String crlf,
KeyStore trustStore)
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore,
new X509CertSelector());
Collection crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
xparams.setMaxPathLength(listener.getSslTrustMaxCertLength());
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: "+algorithm);
}
return params;
}
示例2: URICertStore
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Creates a URICertStore.
*
* @param parameters specifying the URI
*/
URICertStore(CertStoreParameters params)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
super(params);
if (!(params instanceof URICertStoreParameters)) {
throw new InvalidAlgorithmParameterException
("params must be instanceof URICertStoreParameters");
}
this.uri = ((URICertStoreParameters) params).getURI();
// if ldap URI, use an LDAPCertStore to fetch certs and CRLs
if (uri.getScheme().toLowerCase(Locale.ENGLISH).equals("ldap")) {
ldap = true;
ldapCertStore = CertStore.getInstance("LDAP", params);
}
try {
factory = CertificateFactory.getInstance("X.509");
} catch (CertificateException e) {
throw new RuntimeException();
}
}
示例3: getParameters
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Return the initialization parameters for the TrustManager. Currently,
* only the default <code>PKIX</code> is supported.
*
* @param algorithm
* The algorithm to get parameters for.
* @param crlf
* The path to the CRL file.
* @param trustStore
* The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm, String crlf, KeyStore trustStore) throws Exception {
CertPathParameters params = null;
if ("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore, new X509CertSelector());
Collection<? extends CRL> crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
String trustLength = endpoint.getTrustMaxCertLength();
if (trustLength != null) {
try {
xparams.setMaxPathLength(Integer.parseInt(trustLength));
} catch (Exception ex) {
log.warn("Bad maxCertLength: " + trustLength);
}
}
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: " + algorithm);
}
return params;
}
示例4: build
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Build the CertStore from the current inputs.
*
* @return a CertStore.
* @throws GeneralSecurityException
*/
public CertStore build()
throws GeneralSecurityException
{
CollectionCertStoreParameters params = convertHolders(certificateConverter, crlConverter);
if (provider instanceof String)
{
return CertStore.getInstance(type, params, (String)provider);
}
if (provider instanceof Provider)
{
return CertStore.getInstance(type, params, (Provider)provider);
}
return CertStore.getInstance(type, params);
}
示例5: testCertStore05
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Test for <code>getInstance(String type, CertStoreParameters params)</code> method
* Assertion: return CertStore object
*/
@TestTargetNew(
level = TestLevel.PARTIAL,
notes = "InvalidAlgorithmParameterException checking missed",
method = "getInstance",
args = {java.lang.String.class, java.security.cert.CertStoreParameters.class}
)
public void testCertStore05()
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
if (!initParams()) {
return;
}
CertStore certS;
for (int i = 0; i < dValid.length; i++) {
certS = CertStore.getInstance(dValid[i], dParams);
assertEquals("Incorrect type", certS.getType(), dValid[i]);
certS.getCertStoreParameters();
}
}
示例6: testCertStore07
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Test for method
* <code>getInstance(String type, CertStoreParameters params, String provider)</code>
* Assertion: throws NoSuchProviderException when provider has invalid value
*/
@TestTargetNew(
level = TestLevel.PARTIAL,
notes = "Verifies NoSuchProviderException. InvalidAlgorithmParameterException checking missed.",
method = "getInstance",
args = {java.lang.String.class, java.security.cert.CertStoreParameters.class, java.lang.String.class}
)
public void testCertStore07()
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException {
if (!initParams()) {
return;
}
for (int i = 0; i < dValid.length; i++) {
for (int j = 1; j < invalidValues.length; j++ ) {
try {
CertStore.getInstance(dValid[i], dParams, invalidValues[j]);
fail("NoSuchProviderException must be thrown");
} catch (NoSuchProviderException e) {
}
}
}
}
示例7: ClientTrustManager
import java.security.cert.CertStore; //导入方法依赖的package包/类
public ClientTrustManager(KeyStore trustTrust) {
super();
this.trustStore = trustTrust;
//Note: A reference of the Collection is used in the CertStore, so we can add CRL's
// after creating the CertStore.
crls = new ArrayList<>();
CollectionCertStoreParameters params = new CollectionCertStoreParameters(crls);
try {
crlStore = CertStore.getInstance("Collection", params);
}
catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException ex) {
Log.warn("ClientTrustManager: ",ex);
}
loadCRL();
}
示例8: createCertStoreInstance
import java.security.cert.CertStore; //导入方法依赖的package包/类
static CertStore createCertStoreInstance(String type, CertStoreParameters params, String provider)
throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException
{
if (provider == null)
{
return CertStore.getInstance(type, params);
}
return CertStore.getInstance(type, params, provider);
}
示例9: getParameters
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Return the initialization parameters for the TrustManager.
* Currently, only the default <code>PKIX</code> is supported.
*
* @param algorithm The algorithm to get parameters for.
* @param crlf The path to the CRL file.
* @param trustStore The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm,
String crlf,
KeyStore trustStore)
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams =
new PKIXBuilderParameters(trustStore, new X509CertSelector());
Collection<? extends CRL> crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
String trustLength = endpoint.getTrustMaxCertLength();
if(trustLength != null) {
try {
xparams.setMaxPathLength(Integer.parseInt(trustLength));
} catch(Exception ex) {
log.warn("Bad maxCertLength: "+trustLength);
}
}
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: "+algorithm);
}
return params;
}
示例10: buildCertStore
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Creates the certificate store that will be used during validation.
*
* @param validationInfo PKIX validation information
* @param untrustedCredential credential to be validated
*
* @return certificate store used during validation
*
* @throws GeneralSecurityException thrown if the certificate store can not be created from the cert and CRL
* material
*/
protected CertStore buildCertStore(PKIXValidationInformation validationInfo, X509Credential untrustedCredential)
throws GeneralSecurityException {
log.trace("Creating cert store to use during path validation");
log.trace("Adding entity certificate chain to cert store");
List<Object> storeMaterial = new ArrayList<Object>(untrustedCredential.getEntityCertificateChain());
if (log.isTraceEnabled()) {
for (X509Certificate cert : untrustedCredential.getEntityCertificateChain()) {
log.trace(String.format("Added X509Certificate from entity cert chain to cert store "
+ "with subject name '%s' issued by '%s' with serial number '%s'",
x500DNHandler.getName(cert.getSubjectX500Principal()),
x500DNHandler.getName(cert.getIssuerX500Principal()),
cert.getSerialNumber().toString()));
}
}
Date now = new Date();
if (validationInfo.getCRLs() != null && !validationInfo.getCRLs().isEmpty()) {
log.trace("Processing CRL's from PKIX info set");
addCRLsToStoreMaterial(storeMaterial, validationInfo.getCRLs(), now);
}
if (untrustedCredential.getCRLs() != null && !untrustedCredential.getCRLs().isEmpty()
&& options.isProcessCredentialCRLs()) {
log.trace("Processing CRL's from untrusted credential");
addCRLsToStoreMaterial(storeMaterial, untrustedCredential.getCRLs(), now);
}
return CertStore.getInstance("Collection", new CollectionCertStoreParameters(storeMaterial));
}
示例11: getParameters
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Return the initialization parameters for the TrustManager.
* Currently, only the default <code>PKIX</code> is supported.
*
* @param algorithm The algorithm to get parameters for.
* @param crlf The path to the CRL file.
* @param trustStore The configured TrustStore.
* @return The parameters including the CRLs and TrustStore.
*/
protected CertPathParameters getParameters(String algorithm,
String crlf,
KeyStore trustStore)
throws Exception {
CertPathParameters params = null;
if("PKIX".equalsIgnoreCase(algorithm)) {
PKIXBuilderParameters xparams = new PKIXBuilderParameters(trustStore,
new X509CertSelector());
Collection crls = getCRLs(crlf);
CertStoreParameters csp = new CollectionCertStoreParameters(crls);
CertStore store = CertStore.getInstance("Collection", csp);
xparams.addCertStore(store);
xparams.setRevocationEnabled(true);
String trustLength = (String)attributes.get("trustMaxCertLength");
if(trustLength != null) {
try {
xparams.setMaxPathLength(Integer.parseInt(trustLength));
} catch(Exception ex) {
log.warn("Bad maxCertLength: "+trustLength);
}
}
params = xparams;
} else {
throw new CRLException("CRLs not supported for type: "+algorithm);
}
return params;
}
示例12: doBuild
import java.security.cert.CertStore; //导入方法依赖的package包/类
private void doBuild(X509Certificate userCert) throws Exception {
// get the set of trusted CA certificates (only one in this instance)
HashSet trustAnchors = new HashSet();
X509Certificate trustedCert = getTrustedCertificate();
trustAnchors.add(new TrustAnchor(trustedCert, null));
// put together a CertStore (repository of the certificates and CRLs)
ArrayList certs = new ArrayList();
certs.add(trustedCert);
certs.add(userCert);
CollectionCertStoreParameters certStoreParams = new CollectionCertStoreParameters(certs);
CertStore certStore = CertStore.getInstance("Collection", certStoreParams);
// specify the target certificate via a CertSelector
X509CertSelector certSelector = new X509CertSelector();
certSelector.setCertificate(userCert);
certSelector.setSubject(userCert.getSubjectDN().getName()); // seems to be required
// build a valid cerificate path
CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", "SUN");
PKIXBuilderParameters certPathBuilderParams = new PKIXBuilderParameters(trustAnchors, certSelector);
certPathBuilderParams.addCertStore(certStore);
certPathBuilderParams.setRevocationEnabled(false);
CertPathBuilderResult result = certPathBuilder.build(certPathBuilderParams);
// get and show cert path
CertPath certPath = result.getCertPath();
// System.out.println(certPath.toString());
}
示例13: main
import java.security.cert.CertStore; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
// reset the security property to make sure that the algorithms
// and keys used in this test are not disabled.
Security.setProperty("jdk.certpath.disabledAlgorithms", "MD2");
X509Certificate rootCert = CertUtils.getCertFromFile("anchor.cer");
TrustAnchor anchor = new TrustAnchor
(rootCert.getSubjectX500Principal(), rootCert.getPublicKey(), null);
X509CertSelector sel = new X509CertSelector();
sel.setBasicConstraints(-2);
PKIXBuilderParameters params = new PKIXBuilderParameters
(Collections.singleton(anchor), sel);
params.setRevocationEnabled(false);
X509Certificate eeCert = CertUtils.getCertFromFile("ee.cer");
X509Certificate caCert = CertUtils.getCertFromFile("ca.cer");
ArrayList<X509Certificate> certs = new ArrayList<X509Certificate>();
certs.add(caCert);
certs.add(eeCert);
CollectionCertStoreParameters ccsp =
new CollectionCertStoreParameters(certs);
CertStore cs = CertStore.getInstance("Collection", ccsp);
params.addCertStore(cs);
PKIXCertPathBuilderResult res = CertUtils.build(params);
CertPath cp = res.getCertPath();
// check that first certificate is an EE cert
List<? extends Certificate> certList = cp.getCertificates();
X509Certificate cert = (X509Certificate) certList.get(0);
if (cert.getBasicConstraints() != -1) {
throw new Exception("Target certificate is not an EE certificate");
}
}
示例14: main
import java.security.cert.CertStore; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
try {
Class.forName("javax.naming.ldap.LdapName");
System.out.println("LDAP is present, test skipped");
return;
} catch (ClassNotFoundException ignore) { }
try {
CertStore.getInstance("LDAP", new LDAPCertStoreParameters());
throw new RuntimeException("NoSuchAlgorithmException expected");
} catch (NoSuchAlgorithmException x) {
System.out.println("NoSuchAlgorithmException thrown as expected");
}
}
示例15: createStore
import java.security.cert.CertStore; //导入方法依赖的package包/类
/**
* Read a bunch of certs from files and create a CertStore from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @return the <code>CertStore</code> created
* @throws Exception on error
*/
public static CertStore createStore(String relPath, String [] fileNames)
throws Exception {
Set<X509Certificate> certs = new HashSet<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
certs.add(getCertFromFile(relPath + fileNames[i]));
}
return CertStore.getInstance("Collection",
new CollectionCertStoreParameters(certs));
}