本文整理汇总了Java中java.security.cert.PKIXBuilderParameters.setExplicitPolicyRequired方法的典型用法代码示例。如果您正苦于以下问题:Java PKIXBuilderParameters.setExplicitPolicyRequired方法的具体用法?Java PKIXBuilderParameters.setExplicitPolicyRequired怎么用?Java PKIXBuilderParameters.setExplicitPolicyRequired使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.PKIXBuilderParameters的用法示例。
在下文中一共展示了PKIXBuilderParameters.setExplicitPolicyRequired方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getPKIXBuilderParameters
import java.security.cert.PKIXBuilderParameters; //导入方法依赖的package包/类
/**
* Creates the set of PKIX builder parameters to use when building the cert path builder.
*
* @param validationInfo PKIX validation information
* @param untrustedCredential credential to be validated
*
* @return PKIX builder params
*
* @throws GeneralSecurityException thrown if the parameters can not be created
*/
protected PKIXBuilderParameters getPKIXBuilderParameters(PKIXValidationInformation validationInfo,
X509Credential untrustedCredential) throws GeneralSecurityException {
Set<TrustAnchor> trustAnchors = getTrustAnchors(validationInfo);
if (trustAnchors == null || trustAnchors.isEmpty()) {
throw new GeneralSecurityException(
"Unable to validate X509 certificate, no trust anchors found in the PKIX validation information");
}
X509CertSelector selector = new X509CertSelector();
selector.setCertificate(untrustedCredential.getEntityCertificate());
log.trace("Adding trust anchors to PKIX validator parameters");
PKIXBuilderParameters params = new PKIXBuilderParameters(trustAnchors, selector);
Integer effectiveVerifyDepth = getEffectiveVerificationDepth(validationInfo);
log.trace("Setting max verification depth to: {} ", effectiveVerifyDepth);
params.setMaxPathLength(effectiveVerifyDepth);
CertStore certStore = buildCertStore(validationInfo, untrustedCredential);
params.addCertStore(certStore);
boolean isForceRevocationEnabled = false;
boolean forcedRevocation = false;
boolean policyMappingInhibited = false;
boolean anyPolicyInhibited = false;
Set<String> initialPolicies = null;
if (options instanceof CertPathPKIXValidationOptions) {
CertPathPKIXValidationOptions certpathOptions = (CertPathPKIXValidationOptions) options;
isForceRevocationEnabled = certpathOptions.isForceRevocationEnabled();
forcedRevocation = certpathOptions.isRevocationEnabled();
policyMappingInhibited = certpathOptions.isPolicyMappingInhibited();
anyPolicyInhibited = certpathOptions.isAnyPolicyInhibited();
initialPolicies = certpathOptions.getInitialPolicies();
}
if (isForceRevocationEnabled) {
log.trace("PKIXBuilderParameters#setRevocationEnabled is being forced to: {}", forcedRevocation);
params.setRevocationEnabled(forcedRevocation);
} else {
if (storeContainsCRLs(certStore)) {
log.trace("At least one CRL was present in cert store, enabling revocation checking");
params.setRevocationEnabled(true);
} else {
log.trace("No CRLs present in cert store, disabling revocation checking");
params.setRevocationEnabled(false);
}
}
params.setPolicyMappingInhibited(policyMappingInhibited);
params.setAnyPolicyInhibited(anyPolicyInhibited);
if (initialPolicies != null && !initialPolicies.isEmpty()) {
log.debug("PKIXBuilderParameters#setInitialPolicies is being set to: {}", initialPolicies.toString());
params.setInitialPolicies(initialPolicies);
params.setExplicitPolicyRequired(true);
}
log.trace("PKIXBuilderParameters successfully created: {}", params.toString());
return params;
}
示例2: test
import java.security.cert.PKIXBuilderParameters; //导入方法依赖的package包/类
private void test(String _name, String[] _data, Set _ipolset,
boolean _explicit, boolean _accept, boolean _debug)
{
testCount++;
boolean _pass = true;
try
{
CertPathBuilder _cpb = CertPathBuilder.getInstance("PKIX", "BC");
X509Certificate _ee = decodeCertificate(_data[_data.length - 1]);
X509CertSelector _select = new X509CertSelector();
_select.setSubject(_ee.getSubjectX500Principal().getEncoded());
PKIXBuilderParameters _param = new PKIXBuilderParameters(
trustedSet, _select);
_param.setExplicitPolicyRequired(_explicit);
_param.addCertStore(makeCertStore(_data));
_param.setRevocationEnabled(true);
if (_ipolset != null)
{
_param.setInitialPolicies(_ipolset);
}
CertPathBuilderResult _result = _cpb.build(_param);
if (!_accept)
{
System.out.println("Accept when it should reject");
_pass = false;
testFail.addElement(_name);
}
}
catch (Exception ex)
{
if (_accept)
{
System.out.println("Reject when it should accept");
_pass = false;
testFail.addElement(_name);
}
}
resultBuf.append("NISTCertPathTest -- ").append(_name).append(": ")
.append(_pass ? "\n" : "Failed.\n");
}
示例3: doBuilderTest
import java.security.cert.PKIXBuilderParameters; //导入方法依赖的package包/类
private PKIXCertPathBuilderResult doBuilderTest(
String trustAnchor,
String[] certs,
String[] crls,
Set initialPolicies,
boolean policyMappingInhibited,
boolean anyPolicyInhibited)
throws Exception
{
Set trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
List certsAndCrls = new ArrayList();
X509Certificate endCert = loadCert(certs[certs.length - 1]);
for (int i = 0; i != certs.length - 1; i++)
{
certsAndCrls.add(loadCert(certs[i]));
}
certsAndCrls.add(endCert);
for (int i = 0; i != crls.length; i++)
{
certsAndCrls.add(loadCrl(crls[i]));
}
CertStore store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
X509CertSelector endSelector = new X509CertSelector();
endSelector.setCertificate(endCert);
PKIXBuilderParameters builderParams = new PKIXBuilderParameters(trustedSet, endSelector);
if (initialPolicies != null)
{
builderParams.setInitialPolicies(initialPolicies);
builderParams.setExplicitPolicyRequired(true);
}
if (policyMappingInhibited)
{
builderParams.setPolicyMappingInhibited(policyMappingInhibited);
}
if (anyPolicyInhibited)
{
builderParams.setAnyPolicyInhibited(anyPolicyInhibited);
}
builderParams.addCertStore(store);
builderParams.setDate(new GregorianCalendar(2010, 1, 1).getTime());
try
{
return (PKIXCertPathBuilderResult)builder.build(builderParams);
}
catch (CertPathBuilderException e)
{
throw (Exception)e.getCause();
}
}