当前位置: 首页>>代码示例>>Java>>正文


Java X509CertSelector.setIssuer方法代码示例

本文整理汇总了Java中java.security.cert.X509CertSelector.setIssuer方法的典型用法代码示例。如果您正苦于以下问题:Java X509CertSelector.setIssuer方法的具体用法?Java X509CertSelector.setIssuer怎么用?Java X509CertSelector.setIssuer使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.X509CertSelector的用法示例。


在下文中一共展示了X509CertSelector.setIssuer方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: test_getIssuer

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * @tests java.security.cert.X509CertSelector#getIssuer()
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "getIssuer",
    args = {}
)
public void test_getIssuer() {
    X500Principal iss1 = new X500Principal("O=First Org.");
    X500Principal iss2 = new X500Principal("O=Second Org.");
    X509CertSelector selector = new X509CertSelector();

    assertNull("Selector should return null", selector.getIssuer());
    selector.setIssuer(iss1);
    assertEquals("The returned issuer should be equal to specified", iss1,
            selector.getIssuer());
    assertFalse("The returned issuer should differ", iss2.equals(selector
            .getIssuer()));
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:22,代码来源:X509CertSelectorTest.java

示例2: test_getIssuerAsString

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * @tests java.security.cert.X509CertSelector#getIssuerAsString()
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "getIssuerAsString",
    args = {}
)
public void test_getIssuerAsString() {
    String name1 = "O=First Org.";
    String name2 = "O=Second Org.";
    X500Principal iss1 = new X500Principal(name1);
    X500Principal iss2 = new X500Principal(name2);
    X509CertSelector selector = new X509CertSelector();

    assertNull("Selector should return null", selector.getIssuerAsString());
    selector.setIssuer(iss1);
    assertEquals("The returned issuer should be equal to specified", name1,
            selector.getIssuerAsString());
    assertFalse("The returned issuer should differ", name2.equals(selector
            .getIssuerAsString()));
    selector.setIssuer(iss2);
    assertEquals("The returned issuer should be equal to specified", name2,
            selector.getIssuerAsString());
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:27,代码来源:X509CertSelectorTest.java

示例3: testGetTargetCertConstraints02

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * Test #2 for <code>getTargetCertConstraints()</code> method<br>
 * Assertion: note that the <code>CertSelector</code> returned
 * is cloned to protect against subsequent modifications
 * @throws InvalidAlgorithmParameterException
 * @throws IOException
 */
public final void testGetTargetCertConstraints02() throws Exception {
    Set taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }

    X509CertSelector x509cs = new X509CertSelector();
    PKIXParameters p = new PKIXParameters(taSet);
    p.setTargetCertConstraints(x509cs);
    // get cert selector
    X509CertSelector cs1 = (X509CertSelector)p.getTargetCertConstraints();
    // modify returned selector
    cs1.setIssuer(testIssuer);
    // get cert selector again
    X509CertSelector cs2 = (X509CertSelector)p.getTargetCertConstraints();
    // check that selector is not the same
    assertNotSame("notTheSame", cs1, cs2);
    // check that selector's internal state has
    // not been changed by above modification
    assertFalse("stateNotChanged", testIssuer.equals(cs2.getIssuerAsString()));
}
 
开发者ID:shannah,项目名称:cn1,代码行数:29,代码来源:PKIXParametersTest.java

示例4: testSetTargetCertConstraints01

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * Test for <code>setTargetCertConstraints(CertSelector)</code> method<br>
 * Assertion: sets the required constraints on the target certificate.
 * The constraints are specified as an instance of CertSelector<br>
 * Assertion: ... If <code>null</code>, no constraints are defined
 * @throws IOException
 * @throws InvalidAlgorithmParameterException
 */
public final void testSetTargetCertConstraints01() throws Exception {
    Set taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }

    X509CertSelector x509cs = new X509CertSelector();
    x509cs.setIssuer(testIssuer);
    PKIXParameters p = new PKIXParameters(taSet);
    p.setTargetCertConstraints(x509cs);
    assertEquals("set",
      testIssuer,
      ((X509CertSelector)p.getTargetCertConstraints()).getIssuerAsString());
    p.setTargetCertConstraints(null);
    assertNull("unset", p.getTargetCertConstraints());
}
 
开发者ID:shannah,项目名称:cn1,代码行数:25,代码来源:PKIXParametersTest.java

示例5: testSetTargetCertConstraints02

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * Test #2 for <code>setTargetCertConstraints(CertSelector)</code> method<br>
 * Assertion: ... the CertSelector specified is cloned to protect against
 * subsequent modifications
 * @throws IOException
 * @throws InvalidAlgorithmParameterException
 */
public final void testSetTargetCertConstraints02() throws Exception {
    Set taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }

    X509CertSelector x509cs = new X509CertSelector();
    PKIXParameters p = new PKIXParameters(taSet);
    p.setTargetCertConstraints(x509cs);
    // modify selector
    x509cs.setIssuer(testIssuer);
    // get selector
    X509CertSelector x509cs1 = (X509CertSelector)p.getTargetCertConstraints();
    // check that selector's internal state has
    // not been changed by above modification
    assertFalse(testIssuer.equals(x509cs1.getIssuerAsString()));
}
 
开发者ID:shannah,项目名称:cn1,代码行数:25,代码来源:PKIXParametersTest.java

示例6: checkCertPath

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private PKIXCertPathBuilderResult checkCertPath(SignerId signerId, Store certs)
    throws IOException, GeneralSecurityException
{
    CertStore store = new JcaCertStoreBuilder().setProvider("BC").addCertificates(certs).build();

    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX","BC");
    X509CertSelector targetConstraints = new X509CertSelector();

    targetConstraints.setIssuer(signerId.getIssuer().getEncoded());
    targetConstraints.setSerialNumber(signerId.getSerialNumber());

    PKIXBuilderParameters params = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(trustAnchor, null)), targetConstraints);

    params.addCertStore(store);
    params.setRevocationEnabled(false);            // TODO: CRLs?

    return (PKIXCertPathBuilderResult)pathBuilder.build(params);
}
 
开发者ID:cwgit,项目名称:ximix,代码行数:19,代码来源:SignedDataVerifier.java

示例7: testIssuer

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private void testIssuer() throws IOException {
    System.out.println("X.509 Certificate Match on issuer");
    // bad match
    X509CertSelector selector = new X509CertSelector();
    selector.setIssuer("ou=bogus,ou=east,o=sun,c=us");
    checkMatch(selector, cert, false);

    // good match
    selector.setIssuer((cert.getIssuerX500Principal()).getName("RFC2253"));
    checkMatch(selector, cert, true);
}
 
开发者ID:lambdalab-mirror,项目名称:jdk8u-jdk,代码行数:12,代码来源:X509CertSelectorTest.java

示例8: initCertPathSSCertChain

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
public static void initCertPathSSCertChain() throws CertificateException,
            InvalidAlgorithmParameterException, NoSuchAlgorithmException,
            IOException {
        // create certificates and CRLs
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream bi = new ByteArrayInputStream(rootCert.getBytes());
        rootCertificateSS = (X509Certificate) cf.generateCertificate(bi);
        bi = new ByteArrayInputStream(endCert.getBytes());
        endCertificate = (X509Certificate) cf.generateCertificate(bi);
        BigInteger revokedSerialNumber = BigInteger.valueOf(1);
        crl = new MyCRL("X.509");
//        X509CRL rootCRL = X509CRL;
//        X509CRL interCRL = X509CRLExample.createCRL(interCert, interPair
//                .getPrivate(), revokedSerialNumber);

        // create CertStore to support path building
        List<Object> list = new ArrayList<Object>();

        list.add(rootCertificateSS);
        list.add(endCertificate);

        CollectionCertStoreParameters params = new CollectionCertStoreParameters(
                list);
        store = CertStore.getInstance("Collection", params);

        theCertSelector = new X509CertSelector();
        theCertSelector.setCertificate(endCertificate);
        theCertSelector.setIssuer(endCertificate.getIssuerX500Principal()
                .getEncoded());

        // build the path
        builder = CertPathBuilder.getInstance("PKIX");

    }
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:35,代码来源:TestUtils.java

示例9: test_getIssuerAsBytes

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * @tests java.security.cert.X509CertSelector#getIssuerAsBytes()
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "getIssuerAsBytes",
    args = {}
)
public void test_getIssuerAsBytes() {
    byte[] name1 = new byte[]
    // manually obtained DER encoding of "O=First Org." issuer name;
    { 48, 21, 49, 19, 48, 17, 6, 3, 85, 4, 10, 19, 10, 70, 105, 114, 115,
            116, 32, 79, 114, 103, 46 };

    byte[] name2 = new byte[]
    // manually obtained DER encoding of "O=Second Org." issuer name;
    { 48, 22, 49, 20, 48, 18, 6, 3, 85, 4, 10, 19, 11, 83, 101, 99, 111,
            110, 100, 32, 79, 114, 103, 46 };
    X500Principal iss1 = new X500Principal(name1);
    X500Principal iss2 = new X500Principal(name2);
    X509CertSelector selector = new X509CertSelector();

    try {
        assertNull("Selector should return null", selector
                .getIssuerAsBytes());
        selector.setIssuer(iss1);
        assertTrue("The returned issuer should be equal to specified",
                Arrays.equals(name1, selector.getIssuerAsBytes()));
        assertFalse("The returned issuer should differ", name2
                .equals(selector.getIssuerAsBytes()));
        selector.setIssuer(iss2);
        assertTrue("The returned issuer should be equal to specified",
                Arrays.equals(name2, selector.getIssuerAsBytes()));
    } catch (IOException e) {
        fail("Unexpected IOException was thrown.");
    }
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:39,代码来源:X509CertSelectorTest.java

示例10: test_setIssuerLjavax_security_auth_x500_X500Principal

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
 * @tests java.security.cert.X509CertSelector#setIssuer(javax.security.auth.x500.X500Principal)
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "setIssuer",
    args = {javax.security.auth.x500.X500Principal.class}
)
public void test_setIssuerLjavax_security_auth_x500_X500Principal()
        throws CertificateException {
    X500Principal iss1 = new X500Principal("O=First Org.");
    X500Principal iss2 = new X500Principal("O=Second Org.");
    TestCert cert1 = new TestCert(iss1);
    TestCert cert2 = new TestCert(iss2);
    X509CertSelector selector = new X509CertSelector();

    selector.setIssuer((X500Principal) null);
    assertTrue("Any certificates should match "
            + "in the case of null issuer criteria.", selector.match(cert1)
            && selector.match(cert2));
    selector.setIssuer(iss1);
    assertTrue("The certificate should match the selection criteria.",
            selector.match(cert1));
    assertFalse("The certificate should not match the selection criteria.",
            selector.match(cert2));
    selector.setIssuer(iss2);
    assertTrue("The certificate should match the selection criteria.",
            selector.match(cert2));
}
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:31,代码来源:X509CertSelectorTest.java

示例11: setupEnvironment

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private void setupEnvironment() throws Exception {
        // create certificates and CRLs
        CertificateFactory cf = CertificateFactory.getInstance("X.509");
        ByteArrayInputStream bi = new ByteArrayInputStream(TestUtils.rootCert.getBytes());
        rootCertificate = (X509Certificate) cf.generateCertificate(bi);
        bi = new ByteArrayInputStream(TestUtils.endCert.getBytes());
        endCertificate = (X509Certificate) cf.generateCertificate(bi);

        BigInteger revokedSerialNumber = BigInteger.valueOf(1);
        crl = new MyCRL("X.509");
//        X509CRL rootCRL = X509CRL;
//        X509CRL interCRL = X509CRLExample.createCRL(interCert, interPair
//                .getPrivate(), revokedSerialNumber);

        // create CertStore to support path building
        List<Object> list = new ArrayList<Object>();

        list.add(rootCertificate);
        list.add(endCertificate);

//        CollectionCertStoreParameters params = new CollectionCertStoreParameters(
//                list);
//        CertStore store = CertStore.getInstance("Collection", params);
//
        theCertSelector = new X509CertSelector();
        theCertSelector.setCertificate(endCertificate);
        theCertSelector.setIssuer(endCertificate.getIssuerX500Principal()
                .getEncoded());

     // build the path
        builder = CertPathBuilder.getInstance("PKIX");

    }
 
开发者ID:keplersj,项目名称:In-the-Box-Fork,代码行数:34,代码来源:X509CertSelectorTest.java

示例12: if

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private Collection<X509Certificate> getMatchingEECerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertStoreException, CertificateException, IOException {

    /*
     * Compose a CertSelector to filter out
     * certs which do not satisfy requirements.
     *
     * First, retrieve clone of current target cert constraints, and
     * then add more selection criteria based on current validation state.
     */
    X509CertSelector sel = (X509CertSelector) targetCertConstraints.clone();

    /*
     * Match on issuer (subject of previous cert)
     */
    sel.setIssuer(currentState.subjectDN);

    /*
     * Match on certificate validity date.
     */
    sel.setCertificateValid(buildParams.date());

    /*
     * Policy processing optimizations
     */
    if (currentState.explicitPolicy == 0)
        sel.setPolicy(getMatchingPolicies());

    /*
     * If previous cert has a subject key identifier extension,
     * use it to match on authority key identifier extension.
     */
    /*if (currentState.subjKeyId != null) {
      AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
            null, null);
    sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
    }*/

    /*
     * Require EE certs
     */
    sel.setBasicConstraints(-2);

    /* Retrieve matching certs from CertStores */
    HashSet<X509Certificate> eeCerts = new HashSet<>();
    addMatchingCerts(sel, certStores, eeCerts, true);

    if (debug != null) {
        debug.println("ReverseBuilder.getMatchingEECerts got "
                      + eeCerts.size() + " certs.");
    }
    return eeCerts;
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:56,代码来源:ReverseBuilder.java

示例13: X509CertSelector

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private Collection<X509Certificate> getMatchingCACerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertificateException, CertStoreException, IOException {

    /*
     * Compose a CertSelector to filter out
     * certs which do not satisfy requirements.
     */
    X509CertSelector sel = new X509CertSelector();

    /*
     * Match on issuer (subject of previous cert)
     */
    sel.setIssuer(currentState.subjectDN);

    /*
     * Match on certificate validity date.
     */
    sel.setCertificateValid(buildParams.date());

    /*
     * Match on target subject name (checks that current cert's
     * name constraints permit it to certify target).
     * (4 is the integer type for DIRECTORY name).
     */
    byte[] subject = targetCertConstraints.getSubjectAsBytes();
    if (subject != null) {
        sel.addPathToName(4, subject);
    } else {
        X509Certificate cert = targetCertConstraints.getCertificate();
        if (cert != null) {
            sel.addPathToName(4,
                              cert.getSubjectX500Principal().getEncoded());
        }
    }

    /*
     * Policy processing optimizations
     */
    if (currentState.explicitPolicy == 0)
        sel.setPolicy(getMatchingPolicies());

    /*
     * If previous cert has a subject key identifier extension,
     * use it to match on authority key identifier extension.
     */
    /*if (currentState.subjKeyId != null) {
      AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
                            null, null);
      sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
    }*/

    /*
     * Require CA certs
     */
    sel.setBasicConstraints(0);

    /* Retrieve matching certs from CertStores */
    ArrayList<X509Certificate> reverseCerts = new ArrayList<>();
    addMatchingCerts(sel, certStores, reverseCerts, true);

    /* Sort remaining certs using name constraints */
    Collections.sort(reverseCerts, new PKIXCertComparator());

    if (debug != null)
        debug.println("ReverseBuilder.getMatchingCACerts got " +
                      reverseCerts.size() + " certs.");
    return reverseCerts;
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:71,代码来源:ReverseBuilder.java

示例14: processKeyInfo

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
static KeyInfoRes processKeyInfo(
        KeyInfo keyInfo) throws CertificateValidationException
{
    if (null == keyInfo || !keyInfo.containsX509Data())
    {
        throw new InvalidKeyInfoDataException("No X509Data to identify the leaf certificate");
    }

    List<X509Certificate> keyInfoCerts = new ArrayList<X509Certificate>(1);
    XMLX509IssuerSerial issuerSerial = null;
    X509CertSelector certSelector = new X509CertSelector();

    // XML-DSIG 4.4.4: "Any X509IssuerSerial, X509SKI, and X509SubjectName elements
    // that appear MUST refer to the certificate or certificates containing the
    // validation key."
    // "All certificates appearing in an X509Data element MUST relate to the
    // validation key by either containing it or being part of a certification
    // chain that terminates in a certificate containing the validation key".

    // Scan ds:X509Data to find ds:IssuerSerial or ds:SubjectName elements. The
    // first to be found is used to select the leaf certificate. If none of those
    // elements is present, the first ds:X509Certificate is assumed as the signing
    // certificate.
    boolean hasSelectionCriteria = false;

    try
    {
        for (int i = 0; i < keyInfo.lengthX509Data(); ++i)
        {
            X509Data x509Data = keyInfo.itemX509Data(i);

            if(!hasSelectionCriteria)
            {
                if (x509Data.containsIssuerSerial())
                {
                    issuerSerial = x509Data.itemIssuerSerial(0);
                    certSelector.setIssuer(new X500Principal(issuerSerial.getIssuerName()));
                    certSelector.setSerialNumber(issuerSerial.getSerialNumber());
                    hasSelectionCriteria = true;
                }
                else if (x509Data.containsSubjectName())
                {
                    certSelector.setSubject(new X500Principal(x509Data.itemSubjectName(0).getSubjectName()));
                    hasSelectionCriteria = true;
                }
            }

            // Collect all certificates as they may be needed to build the cert path.
            if (x509Data.containsCertificate())
            {
                for (int j = 0; j < x509Data.lengthCertificate(); ++j)
                {
                    keyInfoCerts.add(x509Data.itemCertificate(j).getX509Certificate());
                }
            }
        }

        if(!hasSelectionCriteria)
        {
            if(keyInfoCerts.isEmpty())
            {
                // No criteria to select the leaf certificate.
                // Improvement: search the SigningCertiticate property and try to
                // find the "bottom" certificate.
                throw new InvalidKeyInfoDataException("No criteria to select the leaf certificate");
            }
            certSelector.setCertificate(keyInfoCerts.get(0));
        }
    }
    catch (XMLSecurityException ex)
    {
        throw new InvalidKeyInfoDataException("Cannot process X509Data", ex);
    }

    return new KeyInfoRes(keyInfoCerts, certSelector, issuerSerial);
}
 
开发者ID:luisgoncalves,项目名称:xades4j,代码行数:77,代码来源:SignatureUtils.java

示例15: if

import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private Collection<X509Certificate> getMatchingEECerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertStoreException, CertificateException, IOException {

  /*
   * Compose a CertSelector to filter out
   * certs which do not satisfy requirements.
   *
   * First, retrieve clone of current target cert constraints,
   * and then add more selection criteria based on current validation state.
   */
  X509CertSelector sel = (X509CertSelector) targetCertConstraints.clone();

  /*
   * Match on issuer (subject of previous cert)
   */
  sel.setIssuer(currentState.subjectDN);

  /*
   * Match on certificate validity date.
   */
  sel.setCertificateValid(date);

  /*
   * Policy processing optimizations
   */
  if (currentState.explicitPolicy == 0)
      sel.setPolicy(getMatchingPolicies());

  /*
   * If previous cert has a subject key identifier extension,
   * use it to match on authority key identifier extension.
   */
  /*if (currentState.subjKeyId != null) {
    AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
            null, null);
    sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
  }*/

  /*
   * Require EE certs
   */
  sel.setBasicConstraints(-2);

  /* Retrieve matching certs from CertStores */
  HashSet<X509Certificate> eeCerts = new HashSet<X509Certificate>();
  addMatchingCerts(sel, certStores, eeCerts, true);

  if (debug != null) {
    debug.println("ReverseBuilder.getMatchingEECerts got " + eeCerts.size()
                + " certs.");
  }
  return eeCerts;
}
 
开发者ID:openjdk,项目名称:jdk7-jdk,代码行数:56,代码来源:ReverseBuilder.java


注:本文中的java.security.cert.X509CertSelector.setIssuer方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。