当前位置: 首页>>代码示例>>Java>>正文


Java PKIXParameters.setRevocationEnabled方法代码示例

本文整理汇总了Java中java.security.cert.PKIXParameters.setRevocationEnabled方法的典型用法代码示例。如果您正苦于以下问题:Java PKIXParameters.setRevocationEnabled方法的具体用法?Java PKIXParameters.setRevocationEnabled怎么用?Java PKIXParameters.setRevocationEnabled使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.PKIXParameters的用法示例。


在下文中一共展示了PKIXParameters.setRevocationEnabled方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: validateNoCache

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}
 
开发者ID:jorkey,项目名称:Wiab.pro,代码行数:25,代码来源:CachedCertPathValidator.java

示例2: createPath

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:17,代码来源:ValidateTargetConstraints.java

示例3: createPath

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:21,代码来源:ValidateNC.java

示例4: checkServerTrusted

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException e1) {
        try {
            X509Certificate[] ex = this.reorderCertificateChain(chain);
            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
            CertificateFactory factory = CertificateFactory.getInstance("X509");
            CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
            PKIXParameters params = new PKIXParameters(this.mTrustStore);
            params.setRevocationEnabled(false);
            validator.validate(certPath, params);
        } catch (Exception e) {
            throw e1;
        }
    }

}
 
开发者ID:pinguo-sunjianfei,项目名称:Android-Application-ZJB,代码行数:19,代码来源:GenericX509TrustManager.java

示例5: TrustManagerImpl

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
 * Creates trust manager implementation
 *
 * @param ks
 */
public TrustManagerImpl(KeyStore ks) {
    try {
        validator = CertPathValidator.getInstance("PKIX");
        factory = CertificateFactory.getInstance("X509");
        byte[] nameConstrains = null;
        Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
        for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
            final String alias = en.nextElement();
            final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
            if (cert != null) {
                trusted.add(new TrustAnchor(cert, nameConstrains));
            }
        }
        params = new PKIXParameters(trusted);
        params.setRevocationEnabled(false);
    } catch (Exception e) {
        err = e;
    }
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:25,代码来源:TrustManagerImpl.java

示例6: TrustManagerImpl

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
 * Creates trust manager implementation
 * 
 * @param ks
 */
public TrustManagerImpl(KeyStore ks) {
    try {
        validator = CertPathValidator.getInstance("PKIX");
        factory = CertificateFactory.getInstance("X509");
        byte[] nameConstrains = null;
        Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
        for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
            final String alias = en.nextElement();
            final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
            if (cert != null) {
                trusted.add(new TrustAnchor(cert, nameConstrains));
            }
        }
        params = new PKIXParameters(trusted);
        params.setRevocationEnabled(false);
    } catch (Exception e) {
        err = e;
    }
}
 
开发者ID:shannah,项目名称:cn1,代码行数:25,代码来源:TrustManagerImpl.java

示例7: createPath

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:14,代码来源:VerifyNameConstraints.java

示例8: validateCertPath

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private boolean validateCertPath(KeyStore ks, Certificate[] certs) throws WSSecurityException {

        try {

            // Generate cert path
            java.util.List certList = java.util.Arrays.asList(certs);
            CertPath path = this.getCertificateFactory().generateCertPath(certList);

            // Use the certificates in the keystore as TrustAnchors
            PKIXParameters param = new PKIXParameters(ks);

            // Do not check a revocation list
            param.setRevocationEnabled(false);

            // Verify the trust path using the above settings
            String provider = properties
                    .getProperty("org.apache.ws.security.crypto.merlin.cert.provider");
            CertPathValidator certPathValidator;
            if (provider == null || provider.length() == 0) {
                certPathValidator = CertPathValidator.getInstance("PKIX");
            } else {
                certPathValidator = CertPathValidator.getInstance("PKIX", provider);
            }
            certPathValidator.validate(path, param);
        } catch (NoSuchProviderException | NoSuchAlgorithmException | CertificateException |
                InvalidAlgorithmParameterException | CertPathValidatorException | KeyStoreException ex) {
            throw new WSSecurityException(WSSecurityException.FAILURE, "certpath",
                    new Object[]{ex.getMessage()}, ex);
        }
        return true;
    }
 
开发者ID:wso2,项目名称:carbon-identity-framework,代码行数:32,代码来源:ServerCrypto.java

示例9: validateCertificate

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
boolean validateCertificate(Certificate cert) {
    boolean isValidated;

    if (cert == null) {
        return false;
    }

    try {
        KeyStore keyStore = getTrustStore();

        PKIXParameters parms = new PKIXParameters(keyStore);
        parms.setRevocationEnabled(false);

        CertPathValidator certValidator = CertPathValidator.getInstance(CertPathValidator.getDefaultType()); // PKIX

        ArrayList<Certificate> start = new ArrayList<>();
        start.add(cert);
        CertificateFactory certFactory = CertificateFactory.getInstance(CERTIFICATE_FORMAT);
        CertPath certPath = certFactory.generateCertPath(start);

        certValidator.validate(certPath, parms);
        isValidated = true;
    } catch (KeyStoreException | InvalidAlgorithmParameterException | NoSuchAlgorithmException
            | CertificateException | CertPathValidatorException | CryptoException e) {
        logger.error("Cannot validate certificate. Error is: " + e.getMessage() + "\r\nCertificate"
                + cert.toString());
        isValidated = false;
    }

    return isValidated;
}
 
开发者ID:hyperledger,项目名称:fabric-sdk-java,代码行数:32,代码来源:CryptoPrimitives.java

示例10: verificaCertPath

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private void verificaCertPath(Collection<X509Certificate> certsOnPath,
		Date dtData) throws Exception {

	CertPath certPath = createCertPathToValidate(certsOnPath);

	PKIXParameters params = null;
	params = createPKIXParms(trustAnchor, dtData);

	params.setRevocationEnabled(false);
	if (certPathReview(certPath, params) == null) {
		throw new RuntimeException(""); //$NON-NLS-1$
	}
}
 
开发者ID:bluecrystalsign,项目名称:signer-source,代码行数:14,代码来源:CertificateService.java

示例11: setUp

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
@Override
protected void setUp() throws Exception {
    super.setUp();
    KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
    keyStore.load(null, null);

    CertificateFactory certificateFactory = CertificateFactory.getInstance(
            "X509");

    X509Certificate selfSignedcertificate =
            (X509Certificate) certificateFactory.generateCertificate(
                    new ByteArrayInputStream(selfSignedCert.getBytes()));

    keyStore.setCertificateEntry("selfSignedCert", selfSignedcertificate);

    X509CertSelector targetConstraints = new X509CertSelector();
    targetConstraints.setCertificate(selfSignedcertificate);

    List<Certificate> certList = new ArrayList<Certificate>();
    certList.add(selfSignedcertificate);
    CertStoreParameters storeParams = new CollectionCertStoreParameters(
            certList);

    CertStore certStore = CertStore.getInstance("Collection", storeParams);

    PKIXBuilderParameters parameters = new PKIXBuilderParameters(keyStore,
            targetConstraints);
    parameters.addCertStore(certStore);
    parameters.setRevocationEnabled(false);

    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX");

    CertPathBuilderResult builderResult = pathBuilder.build(parameters);

    certPath = builderResult.getCertPath();

    params = new PKIXParameters(keyStore);
    params.setRevocationEnabled(false);
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:40,代码来源:CertPathValidatorTestPKIX.java

示例12: testSetRevocationEnabled

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
 * Test for <code>isPolicyMappingInhibited()</code> method<br>
 * Assertion: sets the RevocationEnabled flag
 * @throws InvalidAlgorithmParameterException
 */
public final void testSetRevocationEnabled() throws Exception {
    Set taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }

    PKIXParameters p = new PKIXParameters(taSet);
    p.setRevocationEnabled(false);
    assertFalse("setFalse", p.isRevocationEnabled());
    p.setRevocationEnabled(true);
    assertTrue("setTrue", p.isRevocationEnabled());
}
 
开发者ID:shannah,项目名称:cn1,代码行数:18,代码来源:PKIXParametersTest.java

示例13: testClone

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
 * Test for <code>clone()</code> method<br>
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "clone",
    args = {}
)
public final void testClone() throws InvalidAlgorithmParameterException {
    Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName()
                + ": not performed (could not create test TrustAnchor set)");
    }

    PKIXParameters cpp = new PKIXParameters(taSet);
    PKIXParameters cppc = (PKIXParameters) cpp.clone();

    assertEquals(cpp.getPolicyQualifiersRejected(), cppc
            .getPolicyQualifiersRejected());
    assertEquals(cpp.getCertPathCheckers(), cppc.getCertPathCheckers());
    assertEquals(cpp.getCertStores(), cppc.getCertStores());
    assertEquals(cpp.getDate(), cppc.getDate());
    assertEquals(cpp.getInitialPolicies(), cppc.getInitialPolicies());
    assertEquals(cpp.getSigProvider(), cppc.getSigProvider());
    assertEquals(cpp.getTargetCertConstraints(), cppc
            .getTargetCertConstraints());
    assertEquals(cpp.getTrustAnchors(), cppc.getTrustAnchors());

    assertEquals(cpp.isAnyPolicyInhibited(), cppc.isAnyPolicyInhibited());
    assertEquals(cpp.isExplicitPolicyRequired(), cppc
            .isExplicitPolicyRequired());
    assertEquals(cpp.isPolicyMappingInhibited(), cppc
            .isPolicyMappingInhibited());
    assertEquals(cpp.isRevocationEnabled(), cppc.isRevocationEnabled());

    cpp.setDate(Calendar.getInstance().getTime());
    cpp.setPolicyQualifiersRejected(!cppc.getPolicyQualifiersRejected());
    assertFalse(cpp.getDate().equals(cppc.getDate()));
    assertFalse(cpp.getPolicyQualifiersRejected() == cppc
            .getPolicyQualifiersRejected());

    cppc.setExplicitPolicyRequired(!cpp.isExplicitPolicyRequired());
    cppc.setRevocationEnabled(!cpp.isRevocationEnabled());

    assertFalse(cpp.isExplicitPolicyRequired() == cppc
            .isExplicitPolicyRequired());
    assertFalse(cpp.isRevocationEnabled() == cppc.isRevocationEnabled());

    PKIXParameters cpp1 = null;
    try {
        cpp1.clone();
    } catch (NullPointerException e) {
        // expected
    }
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:58,代码来源:OldPKIXParametersTest.java

示例14: testClone01

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
/**
 * Test #1 for <code>clone()</code> method<br>
 * Assertion: Makes a copy of this <code>PKIXParameters</code> object
 * @throws KeyStoreException
 * @throws InvalidAlgorithmParameterException
 * @throws NoSuchAlgorithmException
 */
public final void testClone01() throws Exception {
    KeyStore ks = TestUtils.getKeyStore(true, TestUtils.TRUSTED);
    if (ks == null) {
        fail(getName() + ": not performed (could not create test KeyStore)");
    }
    
    PKIXParameters p1 = new PKIXParameters(ks);
    // set to some non-default values
    p1.setPolicyQualifiersRejected(false);
    p1.setAnyPolicyInhibited(true);
    p1.setExplicitPolicyRequired(true);
    p1.setPolicyMappingInhibited(true);
    p1.setRevocationEnabled(false);

    String sigProviderName = "Some Provider";
    p1.setSigProvider(sigProviderName);

    X509CertSelector x509cs = new X509CertSelector();
    p1.setTargetCertConstraints(x509cs);

    p1.setCertStores(TestUtils.getCollectionCertStoresList());

    PKIXCertPathChecker cpc = TestUtils.getTestCertPathChecker();
    List l = new ArrayList();
    assertTrue("addedOk", l.add(cpc));
    p1.setCertPathCheckers(l);

    p1.setDate(new Date(555L));

    Set s = new HashSet();
    s.add("1.2.3.4.5.6.7");
    s.add("1.2.3.4.5.6.8");
    p1.setInitialPolicies(s);

    // TrustAnchors already set

    PKIXParameters p2 = (PKIXParameters)p1.clone();

    // check that objects match
    assertEquals("check1", p1.getPolicyQualifiersRejected(),
            p2.getPolicyQualifiersRejected());
    assertEquals("check2", p1.isAnyPolicyInhibited(),
            p2.isAnyPolicyInhibited());
    assertEquals("check3", p1.isExplicitPolicyRequired(),
            p2.isExplicitPolicyRequired());
    assertEquals("check4", p1.isPolicyMappingInhibited(),
            p2.isPolicyMappingInhibited());
    assertEquals("check5", p1.isRevocationEnabled(),
            p2.isRevocationEnabled());
    assertEquals("check6", p1.getSigProvider(), p2.getSigProvider());

    // just check that not null
    assertNotNull("check7", p2.getTargetCertConstraints());

    assertEquals("check8", p1.getCertStores(), p2.getCertStores());

    // just check that not empty
    assertFalse("check9", p2.getCertPathCheckers().isEmpty());

    assertEquals("check10", p1.getDate(), p2.getDate());
    assertEquals("check11", p1.getInitialPolicies(),
            p2.getInitialPolicies());
    assertEquals("check12", p1.getTrustAnchors(), p2.getTrustAnchors());
}
 
开发者ID:shannah,项目名称:cn1,代码行数:72,代码来源:PKIXParameters_ImplTest.java

示例15: doTest

import java.security.cert.PKIXParameters; //导入方法依赖的package包/类
private PKIXCertPathValidatorResult doTest(
    String      trustAnchor,
    String[]    certs,
    String[]    crls,
    Set         policies)
    throws Exception
{
    Set  trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
    List certsAndCrls = new ArrayList();
    X509Certificate endCert = loadCert(certs[certs.length - 1]);
    
    for (int i = 0; i != certs.length - 1; i++)
    {
        certsAndCrls.add(loadCert(certs[i]));
    }
    
    certsAndCrls.add(endCert);

    CertPath certPath = CertificateFactory.getInstance("X.509","BC").generateCertPath(certsAndCrls);

    for (int i = 0; i != crls.length; i++)
    {
        certsAndCrls.add(loadCrl(crls[i]));
    }

    CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
    
    CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
    PKIXParameters    params = new PKIXParameters(trustedSet);
    
    params.addCertStore(store);
    params.setRevocationEnabled(true);
    params.setDate(new GregorianCalendar(2010, 1, 1).getTime());

    if (policies != null)
    {
        params.setExplicitPolicyRequired(true);
        params.setInitialPolicies(policies);
    }
    
    return (PKIXCertPathValidatorResult)validator.validate(certPath, params);
}
 
开发者ID:NoYouShutup,项目名称:CryptMeme,代码行数:43,代码来源:NistCertPathTest.java


注:本文中的java.security.cert.PKIXParameters.setRevocationEnabled方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。