本文整理汇总了Java中java.security.cert.X509CertSelector.setSubjectKeyIdentifier方法的典型用法代码示例。如果您正苦于以下问题:Java X509CertSelector.setSubjectKeyIdentifier方法的具体用法?Java X509CertSelector.setSubjectKeyIdentifier怎么用?Java X509CertSelector.setSubjectKeyIdentifier使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.X509CertSelector
的用法示例。
在下文中一共展示了X509CertSelector.setSubjectKeyIdentifier方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getSelector
import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
* Returns an X509CertSelector for matching on the authority key
* identifier, or null if not applicable.
*/
private X509CertSelector getSelector(X509CertImpl previousCert)
throws IOException {
if (previousCert != null) {
AuthorityKeyIdentifierExtension akidExt =
previousCert.getAuthorityKeyIdentifierExtension();
if (akidExt != null) {
byte[] skid = akidExt.getEncodedKeyIdentifier();
if (skid != null) {
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(skid);
return selector;
}
}
}
return null;
}
示例2: test_getSubjectKeyIdentifier
import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
* @tests java.security.cert.X509CertSelector#getSubjectKeyIdentifier()
*/
@TestTargetNew(
level = TestLevel.COMPLETE,
notes = "",
method = "getSubjectKeyIdentifier",
args = {}
)
public void test_getSubjectKeyIdentifier() {
byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value
byte[] skid2 = new byte[] { 4, 5, 5, 4, 3, 2, 1 }; // random value
X509CertSelector selector = new X509CertSelector();
assertNull("Selector should return null", selector
.getSubjectKeyIdentifier());
selector.setSubjectKeyIdentifier(skid1);
assertTrue("The returned keyID should be equal to specified", Arrays
.equals(skid1, selector.getSubjectKeyIdentifier()));
selector.getSubjectKeyIdentifier()[0]++;
assertTrue("The returned keyID should be equal to specified", Arrays
.equals(skid1, selector.getSubjectKeyIdentifier()));
assertFalse("The returned keyID should differ", Arrays.equals(skid2,
selector.getSubjectKeyIdentifier()));
}
示例3: testSubjectKeyIdentifier
import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
private void testSubjectKeyIdentifier() throws IOException {
System.out.println("X.509 Certificate Match on subjectKeyIdentifier");
// bad match
X509CertSelector selector = new X509CertSelector();
byte[] b = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 };
selector.setSubjectKeyIdentifier(b);
checkMatch(selector, cert, false);
// good match
DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.14"));
byte[] encoded = in.getOctetString();
selector.setSubjectKeyIdentifier(encoded);
checkMatch(selector, cert, true);
}
示例4: testGetSKIBytesFromCert
import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
@org.junit.Test
public void testGetSKIBytesFromCert() throws Exception {
File f = null;
if (BASEDIR != null && !"".equals(BASEDIR)) {
f = new File(BASEDIR + SEP +
"src/test/resources/ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/lugh.crt");
} else {
f = new File(
"src/test/resources/ie/baltimore/merlin-examples/merlin-xmldsig-twenty-three/certs/lugh.crt");
}
FileInputStream fis = new FileInputStream(f);
X509Certificate cert = (X509Certificate) cf.generateCertificate(fis);
// Get subject key identifier from certificate
byte[] skid = XMLX509SKI.getSKIBytesFromCert(cert);
// Use X509CertSelector to match on certificate using the skid,
// thereby testing that the returned skid was correct
X509CertSelector xcs = new X509CertSelector();
// DER-encode skid - required by X509CertSelector
byte[] encodedSkid = new byte[skid.length+2];
encodedSkid[0] = 0x04; // OCTET STRING tag value
encodedSkid[1] = (byte) skid.length; // length
System.arraycopy(skid, 0, encodedSkid, 2, skid.length);
xcs.setSubjectKeyIdentifier(encodedSkid);
CertStore cs = CertStore.getInstance(
"Collection",
new CollectionCertStoreParameters(Collections.singleton(cert)));
Collection<?> certs = cs.getCertificates(xcs);
assertTrue(!certs.isEmpty());
}
示例5: TestCert
import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
/**
* @tests java.security.cert.X509CertSelector#setSubjectKeyIdentifier(byte[])
*/
@TestTargetNew(
level = TestLevel.COMPLETE,
notes = "",
method = "setSubjectKeyIdentifier",
args = {byte[].class}
)
public void test_setSubjectKeyIdentifierLB$() throws CertificateException {
byte[] skid1 = new byte[] { 1, 2, 3, 4, 5 }; // random value
byte[] skid2 = new byte[] { 5, 4, 3, 2, 1 }; // random value
TestCert cert1 = new TestCert(skid1);
TestCert cert2 = new TestCert(skid2);
X509CertSelector selector = new X509CertSelector();
selector.setSubjectKeyIdentifier(null);
assertTrue("Any certificate should match in the case of null "
+ "serialNumber criteria.", selector.match(cert1)
&& selector.match(cert2));
selector.setSubjectKeyIdentifier(skid1);
assertTrue("The certificate should match the selection criteria.",
selector.match(cert1));
assertFalse("The certificate should not match the selection criteria.",
selector.match(cert2));
selector.setSubjectKeyIdentifier(skid2);
skid2[0]++;
assertTrue("The certificate should match the selection criteria.",
selector.match(cert2));
}
示例6: getTrustAnchors
import java.security.cert.X509CertSelector; //导入方法依赖的package包/类
protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
{
Collection trustColl = new ArrayList();
Iterator it = trustanchors.iterator();
X509CertSelector certSelectX509 = new X509CertSelector();
try
{
certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (ext != null)
{
ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));
certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
byte[] keyID = authID.getKeyIdentifier();
if (keyID != null)
{
certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
}
}
}
catch (IOException ex)
{
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
throw new CertPathReviewerException(msg);
}
while (it.hasNext())
{
TrustAnchor trust = (TrustAnchor) it.next();
if (trust.getTrustedCert() != null)
{
if (certSelectX509.match(trust.getTrustedCert()))
{
trustColl.add(trust);
}
}
else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
{
X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
X500Principal caName = new X500Principal(trust.getCAName());
if (certIssuer.equals(caName))
{
trustColl.add(trust);
}
}
}
return trustColl;
}