本文整理汇总了Java中java.security.cert.PKIXParameters.setRevocationEnabled方法的典型用法代码示例。如果您正苦于以下问题:Java PKIXParameters.setRevocationEnabled方法的具体用法?Java PKIXParameters.setRevocationEnabled怎么用?Java PKIXParameters.setRevocationEnabled使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.PKIXParameters
的用法示例。
在下文中一共展示了PKIXParameters.setRevocationEnabled方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: validateNoCache
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private void validateNoCache(List<? extends X509Certificate> certs)
throws SignatureException {
try {
CertPathValidator validator = CertPathValidator.getInstance(
VALIDATOR_TYPE);
PKIXParameters params = new PKIXParameters(trustRoots);
params.addCertPathChecker(WAVE_OID_CHECKER);
params.setDate(timeSource.now());
// turn off default revocation-checking mechanism
params.setRevocationEnabled(false);
// TODO: add a way for clients to add certificate revocation checks,
// perhaps by letting them pass in PKIXCertPathCheckers. This can also be
// useful to check for Wave-specific certificate extensions.
CertificateFactory certFactory = CertificateFactory.getInstance(
CERTIFICATE_TYPE);
CertPath certPath = certFactory.generateCertPath(certs);
validator.validate(certPath, params);
} catch (GeneralSecurityException e) {
throw new SignatureException("Certificate validation failure", e);
}
}
示例2: createPath
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
X509CertSelector sel = new X509CertSelector();
sel.setSerialNumber(new BigInteger("1427"));
params.setTargetCertConstraints(sel);
}
示例3: createPath
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
X509Certificate anchorCert = getCertFromFile(certs[0]);
byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
if (nameConstraints != null) {
DerInputStream in = new DerInputStream(nameConstraints);
nameConstraints = in.getOctetString();
}
TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
示例4: checkServerTrusted
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
try {
this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
} catch (CertificateException e1) {
try {
X509Certificate[] ex = this.reorderCertificateChain(chain);
CertPathValidator validator = CertPathValidator.getInstance("PKIX");
CertificateFactory factory = CertificateFactory.getInstance("X509");
CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
PKIXParameters params = new PKIXParameters(this.mTrustStore);
params.setRevocationEnabled(false);
validator.validate(certPath, params);
} catch (Exception e) {
throw e1;
}
}
}
示例5: TrustManagerImpl
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
* Creates trust manager implementation
*
* @param ks
*/
public TrustManagerImpl(KeyStore ks) {
try {
validator = CertPathValidator.getInstance("PKIX");
factory = CertificateFactory.getInstance("X509");
byte[] nameConstrains = null;
Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
final String alias = en.nextElement();
final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
if (cert != null) {
trusted.add(new TrustAnchor(cert, nameConstrains));
}
}
params = new PKIXParameters(trusted);
params.setRevocationEnabled(false);
} catch (Exception e) {
err = e;
}
}
示例6: TrustManagerImpl
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
* Creates trust manager implementation
*
* @param ks
*/
public TrustManagerImpl(KeyStore ks) {
try {
validator = CertPathValidator.getInstance("PKIX");
factory = CertificateFactory.getInstance("X509");
byte[] nameConstrains = null;
Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
final String alias = en.nextElement();
final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
if (cert != null) {
trusted.add(new TrustAnchor(cert, nameConstrains));
}
}
params = new PKIXParameters(trusted);
params.setRevocationEnabled(false);
} catch (Exception e) {
err = e;
}
}
示例7: createPath
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
List list = new ArrayList();
for (int i = 1; i < certs.length; i++) {
list.add(0, getCertFromFile(certs[i]));
}
CertificateFactory cf = CertificateFactory.getInstance("X509");
path = cf.generateCertPath(list);
Set anchors = Collections.singleton(anchor);
params = new PKIXParameters(anchors);
params.setRevocationEnabled(false);
}
示例8: validateCertPath
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private boolean validateCertPath(KeyStore ks, Certificate[] certs) throws WSSecurityException {
try {
// Generate cert path
java.util.List certList = java.util.Arrays.asList(certs);
CertPath path = this.getCertificateFactory().generateCertPath(certList);
// Use the certificates in the keystore as TrustAnchors
PKIXParameters param = new PKIXParameters(ks);
// Do not check a revocation list
param.setRevocationEnabled(false);
// Verify the trust path using the above settings
String provider = properties
.getProperty("org.apache.ws.security.crypto.merlin.cert.provider");
CertPathValidator certPathValidator;
if (provider == null || provider.length() == 0) {
certPathValidator = CertPathValidator.getInstance("PKIX");
} else {
certPathValidator = CertPathValidator.getInstance("PKIX", provider);
}
certPathValidator.validate(path, param);
} catch (NoSuchProviderException | NoSuchAlgorithmException | CertificateException |
InvalidAlgorithmParameterException | CertPathValidatorException | KeyStoreException ex) {
throw new WSSecurityException(WSSecurityException.FAILURE, "certpath",
new Object[]{ex.getMessage()}, ex);
}
return true;
}
示例9: validateCertificate
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
boolean validateCertificate(Certificate cert) {
boolean isValidated;
if (cert == null) {
return false;
}
try {
KeyStore keyStore = getTrustStore();
PKIXParameters parms = new PKIXParameters(keyStore);
parms.setRevocationEnabled(false);
CertPathValidator certValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType()); // PKIX
ArrayList<Certificate> start = new ArrayList<>();
start.add(cert);
CertificateFactory certFactory = CertificateFactory.getInstance(CERTIFICATE_FORMAT);
CertPath certPath = certFactory.generateCertPath(start);
certValidator.validate(certPath, parms);
isValidated = true;
} catch (KeyStoreException | InvalidAlgorithmParameterException | NoSuchAlgorithmException
| CertificateException | CertPathValidatorException | CryptoException e) {
logger.error("Cannot validate certificate. Error is: " + e.getMessage() + "\r\nCertificate"
+ cert.toString());
isValidated = false;
}
return isValidated;
}
示例10: verificaCertPath
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private void verificaCertPath(Collection<X509Certificate> certsOnPath,
Date dtData) throws Exception {
CertPath certPath = createCertPathToValidate(certsOnPath);
PKIXParameters params = null;
params = createPKIXParms(trustAnchor, dtData);
params.setRevocationEnabled(false);
if (certPathReview(certPath, params) == null) {
throw new RuntimeException(""); //$NON-NLS-1$
}
}
示例11: setUp
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
@Override
protected void setUp() throws Exception {
super.setUp();
KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
keyStore.load(null, null);
CertificateFactory certificateFactory = CertificateFactory.getInstance(
"X509");
X509Certificate selfSignedcertificate =
(X509Certificate) certificateFactory.generateCertificate(
new ByteArrayInputStream(selfSignedCert.getBytes()));
keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);
X509CertSelector targetConstraints = new X509CertSelector();
targetConstraints.setCertificate(selfSignedcertificate);
List<Certificate> certList = new ArrayList<Certificate>();
certList.add(selfSignedcertificate);
CertStoreParameters storeParams = new CollectionCertStoreParameters(
certList);
CertStore certStore = CertStore.getInstance("Collection", storeParams);
PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore,
targetConstraints);
parameters.addCertStore(certStore);
parameters.setRevocationEnabled(false);
CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX");
CertPathBuilderResult builderResult = pathBuilder.build(parameters);
certPath = builderResult.getCertPath();
params = new PKIXParameters(keyStore);
params.setRevocationEnabled(false);
}
示例12: testSetRevocationEnabled
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
* Test for <code>isPolicyMappingInhibited()</code> method<br>
* Assertion: sets the RevocationEnabled flag
* @throws InvalidAlgorithmParameterException
*/
public final void testSetRevocationEnabled() throws Exception {
Set taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName() + ": not performed (could not create test TrustAnchor set)");
}
PKIXParameters p = new PKIXParameters(taSet);
p.setRevocationEnabled(false);
assertFalse("setFalse", p.isRevocationEnabled());
p.setRevocationEnabled(true);
assertTrue("setTrue", p.isRevocationEnabled());
}
示例13: testClone
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
* Test for <code>clone()</code> method<br>
*/
@TestTargetNew(
level = TestLevel.COMPLETE,
notes = "",
method = "clone",
args = {}
)
public final void testClone() throws InvalidAlgorithmParameterException {
Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
if (taSet == null) {
fail(getName()
+ ": not performed (could not create test TrustAnchor set)");
}
PKIXParameters cpp = new PKIXParameters(taSet);
PKIXParameters cppc = (PKIXParameters) cpp.clone();
assertEquals(cpp.getPolicyQualifiersRejected(), cppc
.getPolicyQualifiersRejected());
assertEquals(cpp.getCertPathCheckers(), cppc.getCertPathCheckers());
assertEquals(cpp.getCertStores(), cppc.getCertStores());
assertEquals(cpp.getDate(), cppc.getDate());
assertEquals(cpp.getInitialPolicies(), cppc.getInitialPolicies());
assertEquals(cpp.getSigProvider(), cppc.getSigProvider());
assertEquals(cpp.getTargetCertConstraints(), cppc
.getTargetCertConstraints());
assertEquals(cpp.getTrustAnchors(), cppc.getTrustAnchors());
assertEquals(cpp.isAnyPolicyInhibited(), cppc.isAnyPolicyInhibited());
assertEquals(cpp.isExplicitPolicyRequired(), cppc
.isExplicitPolicyRequired());
assertEquals(cpp.isPolicyMappingInhibited(), cppc
.isPolicyMappingInhibited());
assertEquals(cpp.isRevocationEnabled(), cppc.isRevocationEnabled());
cpp.setDate(Calendar.getInstance().getTime());
cpp.setPolicyQualifiersRejected(!cppc.getPolicyQualifiersRejected());
assertFalse(cpp.getDate().equals(cppc.getDate()));
assertFalse(cpp.getPolicyQualifiersRejected() == cppc
.getPolicyQualifiersRejected());
cppc.setExplicitPolicyRequired(!cpp.isExplicitPolicyRequired());
cppc.setRevocationEnabled(!cpp.isRevocationEnabled());
assertFalse(cpp.isExplicitPolicyRequired() == cppc
.isExplicitPolicyRequired());
assertFalse(cpp.isRevocationEnabled() == cppc.isRevocationEnabled());
PKIXParameters cpp1 = null;
try {
cpp1.clone();
} catch (NullPointerException e) {
// expected
}
}
示例14: testClone01
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
* Test #1 for <code>clone()</code> method<br>
* Assertion: Makes a copy of this <code>PKIXParameters</code> object
* @throws KeyStoreException
* @throws InvalidAlgorithmParameterException
* @throws NoSuchAlgorithmException
*/
public final void testClone01() throws Exception {
KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
if (ks == null) {
fail(getName() + ": not performed (could not create test KeyStore)");
}
PKIXParameters p1 = new PKIXParameters(ks);
// set to some non-default values
p1.setPolicyQualifiersRejected(false);
p1.setAnyPolicyInhibited(true);
p1.setExplicitPolicyRequired(true);
p1.setPolicyMappingInhibited(true);
p1.setRevocationEnabled(false);
String sigProviderName = "Some Provider";
p1.setSigProvider(sigProviderName);
X509CertSelector x509cs = new X509CertSelector();
p1.setTargetCertConstraints(x509cs);
p1.setCertStores(TestUtils.getCollectionCertStoresList());
PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker();
List l = new ArrayList();
assertTrue("addedOk", l.add(cpc));
p1.setCertPathCheckers(l);
p1.setDate(new Date(555L));
Set s = new HashSet();
s.add("1.2.3.4.5.6.7");
s.add("1.2.3.4.5.6.8");
p1.setInitialPolicies(s);
// TrustAnchors already set
PKIXParameters p2 = (PKIXParameters)p1.clone();
// check that objects match
assertEquals("check1", p1.getPolicyQualifiersRejected(),
p2.getPolicyQualifiersRejected());
assertEquals("check2", p1.isAnyPolicyInhibited(),
p2.isAnyPolicyInhibited());
assertEquals("check3", p1.isExplicitPolicyRequired(),
p2.isExplicitPolicyRequired());
assertEquals("check4", p1.isPolicyMappingInhibited(),
p2.isPolicyMappingInhibited());
assertEquals("check5", p1.isRevocationEnabled(),
p2.isRevocationEnabled());
assertEquals("check6", p1.getSigProvider(), p2.getSigProvider());
// just check that not null
assertNotNull("check7", p2.getTargetCertConstraints());
assertEquals("check8", p1.getCertStores(), p2.getCertStores());
// just check that not empty
assertFalse("check9", p2.getCertPathCheckers().isEmpty());
assertEquals("check10", p1.getDate(), p2.getDate());
assertEquals("check11", p1.getInitialPolicies(),
p2.getInitialPolicies());
assertEquals("check12", p1.getTrustAnchors(), p2.getTrustAnchors());
}
示例15: doTest
import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private PKIXCertPathValidatorResult doTest(
String trustAnchor,
String[] certs,
String[] crls,
Set policies)
throws Exception
{
Set trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
List certsAndCrls = new ArrayList();
X509Certificate endCert = loadCert(certs[certs.length - 1]);
for (int i = 0; i != certs.length - 1; i++)
{
certsAndCrls.add(loadCert(certs[i]));
}
certsAndCrls.add(endCert);
CertPath certPath = CertificateFactory.getInstance("X.509","BC").generateCertPath(certsAndCrls);
for (int i = 0; i != crls.length; i++)
{
certsAndCrls.add(loadCrl(crls[i]));
}
CertStore store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
PKIXParameters params = new PKIXParameters(trustedSet);
params.addCertStore(store);
params.setRevocationEnabled(true);
params.setDate(new GregorianCalendar(2010, 1, 1).getTime());
if (policies != null)
{
params.setExplicitPolicyRequired(true);
params.setInitialPolicies(policies);
}
return (PKIXCertPathValidatorResult)validator.validate(certPath, params);
}