本文整理汇总了Java中java.security.cert.CertificateFactory.generateCertPath方法的典型用法代码示例。如果您正苦于以下问题:Java CertificateFactory.generateCertPath方法的具体用法?Java CertificateFactory.generateCertPath怎么用?Java CertificateFactory.generateCertPath使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.CertificateFactory
的用法示例。
在下文中一共展示了CertificateFactory.generateCertPath方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: tryParsePKIPathChain
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private Certificate[] tryParsePKIPathChain(File chainFile)
throws IOException, FileNotFoundException, CertificateException {
Certificate[] internalCertificateChain = null;
CertificateFactory cf = CertificateFactory.getInstance("X.509");
try (FileInputStream inputStream = new FileInputStream(chainFile)) {
CertPath certPath = cf.generateCertPath(inputStream);
List<? extends Certificate> certList = certPath.getCertificates();
internalCertificateChain = certList.toArray(new Certificate[]{});
} catch (CertificateException e){
LOG.info("Tried and failed to parse file as a PKI :" + chainFile.getName(), e);
}
return internalCertificateChain;
}
示例2: main
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void main(String[] args) throws Exception {
// Make the CertPath whose encoded form has already been stored
CertificateFactory certFac = CertificateFactory.getInstance("X509");
final List<Certificate> certs = new ArrayList<>();
certs.add(certFac.generateCertificate(new ByteArrayInputStream(cert1.getBytes())));
certs.add(certFac.generateCertificate(new ByteArrayInputStream(cert2.getBytes())));
CertPath cp = certFac.generateCertPath(certs);
// Get the encoded form of the CertPath we made
byte[] encoded = cp.getEncoded("PKCS7");
// check if it matches the encoded value
if (!Arrays.equals(encoded, Base64.getMimeDecoder().decode(pkcs7path.getBytes()))) {
throw new RuntimeException("PKCS#7 encoding doesn't match stored value");
}
// Generate a CertPath from the encoded value and check if it equals
// the CertPath generated from the certificates
CertPath decodedCP = certFac.generateCertPath(new ByteArrayInputStream(encoded), "PKCS7");
if (!decodedCP.equals(cp)) {
throw new RuntimeException("CertPath decoded from PKCS#7 isn't equal to original");
}
}
示例3: createPath
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
X509CertSelector sel = new X509CertSelector();
sel.setSerialNumber(new BigInteger("1427"));
params.setTargetCertConstraints(sel);
}
示例4: createPath
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
示例5: runTest
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
private static void runTest(CertificateFactory cf,
List<X509Certificate> certList, TrustAnchor anchor)
throws Exception {
CertPath path = cf.generateCertPath(certList);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
System.out.println(anchor);
// Attach the OCSP responses to a PKIXParameters object
PKIXRevocationChecker pkrev =
(PKIXRevocationChecker)validator.getRevocationChecker();
Map<X509Certificate, byte[]> responseMap = new HashMap<>();
responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
pkrev.setOcspResponses(responseMap);
PKIXParameters params =
new PKIXParameters(Collections.singleton(anchor));
params.addCertPathChecker(pkrev);
params.setDate(EVAL_DATE);
validator.validate(path, params);
}
示例6: getTimestamp
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public Timestamp getTimestamp()
throws IOException, NoSuchAlgorithmException, SignatureException,
CertificateException
{
if (timestamp != null || !hasTimestamp)
return timestamp;
if (unauthenticatedAttributes == null) {
hasTimestamp = false;
return null;
}
PKCS9Attribute tsTokenAttr =
unauthenticatedAttributes.getAttribute(
PKCS9Attribute.SIGNATURE_TIMESTAMP_TOKEN_OID);
if (tsTokenAttr == null) {
hasTimestamp = false;
return null;
}
PKCS7 tsToken = new PKCS7((byte[])tsTokenAttr.getValue());
// Extract the content (an encoded timestamp token info)
byte[] encTsTokenInfo = tsToken.getContentInfo().getData();
// Extract the signer (the Timestamping Authority)
// while verifying the content
SignerInfo[] tsa = tsToken.verify(encTsTokenInfo);
// Expect only one signer
ArrayList<X509Certificate> chain = tsa[0].getCertificateChain(tsToken);
CertificateFactory cf = CertificateFactory.getInstance("X.509");
CertPath tsaChain = cf.generateCertPath(chain);
// Create a timestamp token info object
TimestampToken tsTokenInfo = new TimestampToken(encTsTokenInfo);
// Check that the signature timestamp applies to this signature
verifyTimestamp(tsTokenInfo);
// Create a timestamp object
timestamp = new Timestamp(tsTokenInfo.getDate(), tsaChain);
return timestamp;
}
示例7: createPath
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
示例8: buildPath
import java.security.cert.CertificateFactory; //导入方法依赖的package包/类
/**
* Read a bunch of certs from files and create a CertPath from them.
*
* @param relPath relative path containing certs (must end in
* file.separator)
* @param fileNames an array of <code>String</code>s that are file names
* @throws Exception on error
*/
public static CertPath buildPath(String relPath, String [] fileNames)
throws Exception {
List<X509Certificate> list = new ArrayList<X509Certificate>();
for (int i = 0; i < fileNames.length; i++) {
list.add(0, getCertFromFile(relPath + fileNames[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
return(cf.generateCertPath(list));
}