当前位置: 首页>>代码示例>>Java>>正文


Java X509Certificate.equals方法代码示例

本文整理汇总了Java中java.security.cert.X509Certificate.equals方法的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate.equals方法的具体用法?Java X509Certificate.equals怎么用?Java X509Certificate.equals使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在java.security.cert.X509Certificate的用法示例。


在下文中一共展示了X509Certificate.equals方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: processAttrCert4

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
protected static void processAttrCert4(X509Certificate acIssuerCert,
    ExtendedPKIXParameters pkixParams) throws CertPathValidatorException
{
    Set set = pkixParams.getTrustedACIssuers();
    boolean trusted = false;
    for (Iterator it = set.iterator(); it.hasNext();)
    {
        TrustAnchor anchor = (TrustAnchor) it.next();
        if (acIssuerCert.getSubjectX500Principal().getName("RFC2253")
            .equals(anchor.getCAName())
            || acIssuerCert.equals(anchor.getTrustedCert()))
        {
            trusted = true;
        }
    }
    if (!trusted)
    {
        throw new CertPathValidatorException(
            "Attribute certificate issuer is not directly trusted.");
    }
}
 
开发者ID:Appdome,项目名称:ipack,代码行数:22,代码来源:RFC3281CertPathUtilities.java

示例2: validate

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Evaluate trust.
 * 
 * @param untrustedCertificate the untrusted certificate to evaluate
 * @param trustedCertificates basis for trust
 * @return true if trust can be established, false otherwise
 */
public boolean validate(X509Certificate untrustedCertificate, Iterable<X509Certificate> trustedCertificates) {
    for (X509Certificate trustedCertificate : trustedCertificates) {
        if (untrustedCertificate.equals(trustedCertificate)) {
            return true;
        }
    }
    return false;
}
 
开发者ID:lamsfoundation,项目名称:lams,代码行数:16,代码来源:ExplicitX509CertificateTrustEvaluator.java

示例3: isIdentityEquivalent

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
private static boolean isIdentityEquivalent(X509Certificate thisCert,
        X509Certificate prevCert) {
    if (thisCert.equals(prevCert)) {
        return true;
    }

    // check the iPAddress field in subjectAltName extension
    Object thisIPAddress = getSubjectAltName(thisCert, 7);  // 7: iPAddress
    Object prevIPAddress = getSubjectAltName(prevCert, 7);
    if (thisIPAddress != null && prevIPAddress!= null) {
        // only allow the exactly match
        return Objects.equals(thisIPAddress, prevIPAddress);
    }

    // check the dNSName field in subjectAltName extension
    Object thisDNSName = getSubjectAltName(thisCert, 2);    // 2: dNSName
    Object prevDNSName = getSubjectAltName(prevCert, 2);
    if (thisDNSName != null && prevDNSName!= null) {
        // only allow the exactly match
        return Objects.equals(thisDNSName, prevDNSName);
    }

    // check the certificate subject and issuer
    X500Principal thisSubject = thisCert.getSubjectX500Principal();
    X500Principal prevSubject = prevCert.getSubjectX500Principal();
    X500Principal thisIssuer = thisCert.getIssuerX500Principal();
    X500Principal prevIssuer = prevCert.getIssuerX500Principal();
    if (!thisSubject.getName().isEmpty() &&
            !prevSubject.getName().isEmpty() &&
            thisSubject.equals(prevSubject) &&
            thisIssuer.equals(prevIssuer)) {
        return true;
    }

    return false;
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:37,代码来源:ClientHandshaker.java

示例4: isPathCompleted

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Verifies whether the input certificate completes the path.
 * Checks the cert against each trust anchor that was specified, in order,
 * and returns true as soon as it finds a valid anchor.
 * Returns true if the cert matches a trust anchor specified as a
 * certificate or if the cert verifies with a trust anchor that
 * was specified as a trusted {pubkey, caname} pair. Returns false if none
 * of the trust anchors are valid for this cert.
 *
 * @param cert the certificate to test
 * @return a boolean value indicating whether the cert completes the path.
 */
@Override
boolean isPathCompleted(X509Certificate cert) {
    for (TrustAnchor anchor : trustAnchors) {
        if (anchor.getTrustedCert() != null) {
            if (cert.equals(anchor.getTrustedCert())) {
                this.trustAnchor = anchor;
                return true;
            } else {
                continue;
            }
        }
        X500Principal principal = anchor.getCA();
        PublicKey publicKey = anchor.getCAPublicKey();

        if (principal != null && publicKey != null &&
                principal.equals(cert.getSubjectX500Principal())) {
            if (publicKey.equals(cert.getPublicKey())) {
                // the cert itself is a trust anchor
                this.trustAnchor = anchor;
                return true;
            }
            // else, it is a self-issued certificate of the anchor
        }

        // Check subject/issuer name chaining
        if (principal == null ||
                !principal.equals(cert.getIssuerX500Principal())) {
            continue;
        }

        // skip anchor if it contains a DSA key with no DSA params
        if (PKIX.isDSAPublicKeyWithoutParams(publicKey)) {
            continue;
        }

        /*
         * Check signature
         */
        try {
            cert.verify(publicKey, buildParams.sigProvider());
        } catch (InvalidKeyException ike) {
            if (debug != null) {
                debug.println("ForwardBuilder.isPathCompleted() invalid "
                              + "DSA key found");
            }
            continue;
        } catch (GeneralSecurityException e){
            if (debug != null) {
                debug.println("ForwardBuilder.isPathCompleted() " +
                              "unexpected exception");
                e.printStackTrace();
            }
            continue;
        }

        this.trustAnchor = anchor;
        return true;
    }

    return false;
}
 
开发者ID:SunburstApps,项目名称:OpenJSharp,代码行数:74,代码来源:ForwardBuilder.java

示例5: clean

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public List<Certificate> clean(List<Certificate> chain) throws SSLPeerUnverifiedException {
    Deque<Certificate> queue = new ArrayDeque(chain);
    List<Certificate> result = new ArrayList();
    result.add(queue.removeFirst());
    boolean foundTrustedCertificate = false;
    int c = 0;
    while (c < 9) {
        X509Certificate toVerify = (X509Certificate) result.get(result.size() - 1);
        X509Certificate trustedCert = this.trustRootIndex.findByIssuerAndSignature(toVerify);
        if (trustedCert != null) {
            if (result.size() > 1 || !toVerify.equals(trustedCert)) {
                result.add(trustedCert);
            }
            if (!verifySignature(trustedCert, trustedCert)) {
                foundTrustedCertificate = true;
                c++;
            }
        } else {
            Iterator<Certificate> i = queue.iterator();
            while (i.hasNext()) {
                X509Certificate signingCert = (X509Certificate) i.next();
                if (verifySignature(toVerify, signingCert)) {
                    i.remove();
                    result.add(signingCert);
                    c++;
                }
            }
            if (!foundTrustedCertificate) {
                throw new SSLPeerUnverifiedException("Failed to find a trusted cert that " +
                        "signed " + toVerify);
            }
        }
        return result;
    }
    throw new SSLPeerUnverifiedException("Certificate chain too long: " + result);
}
 
开发者ID:JackChan1999,项目名称:boohee_v5.6,代码行数:37,代码来源:CertificateChainCleaner.java

示例6: clean

import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
 * Returns a cleaned chain for {@code chain}.
 *
 * <p>This method throws if the complete chain to a trusted CA certificate cannot be constructed.
 * This is unexpected unless the trust root index in this class has a different trust manager than
 * what was used to establish {@code chain}.
 */
@Override public List<Certificate> clean(List<Certificate> chain, String hostname)
    throws SSLPeerUnverifiedException {
  Deque<Certificate> queue = new ArrayDeque<>(chain);
  List<Certificate> result = new ArrayList<>();
  result.add(queue.removeFirst());
  boolean foundTrustedCertificate = false;

  followIssuerChain:
  for (int c = 0; c < MAX_SIGNERS; c++) {
    X509Certificate toVerify = (X509Certificate) result.get(result.size() - 1);

    // If this cert has been signed by a trusted cert, use that. Add the trusted certificate to
    // the end of the chain unless it's already present. (That would happen if the first
    // certificate in the chain is itself a self-signed and trusted CA certificate.)
    X509Certificate trustedCert = trustRootIndex.findByIssuerAndSignature(toVerify);
    if (trustedCert != null) {
      if (result.size() > 1 || !toVerify.equals(trustedCert)) {
        result.add(trustedCert);
      }
      if (verifySignature(trustedCert, trustedCert)) {
        return result; // The self-signed cert is a root CA. We're done.
      }
      foundTrustedCertificate = true;
      continue;
    }

    // Search for the certificate in the chain that signed this certificate. This is typically
    // the next element in the chain, but it could be any element.
    for (Iterator<Certificate> i = queue.iterator(); i.hasNext(); ) {
      X509Certificate signingCert = (X509Certificate) i.next();
      if (verifySignature(toVerify, signingCert)) {
        i.remove();
        result.add(signingCert);
        continue followIssuerChain;
      }
    }

    // We've reached the end of the chain. If any cert in the chain is trusted, we're done.
    if (foundTrustedCertificate) {
      return result;
    }

    // The last link isn't trusted. Fail.
    throw new SSLPeerUnverifiedException(
        "Failed to find a trusted cert that signed " + toVerify);
  }

  throw new SSLPeerUnverifiedException("Certificate chain too long: " + result);
}
 
开发者ID:weiwenqiang,项目名称:GitHub,代码行数:57,代码来源:BasicCertificateChainCleaner.java


注:本文中的java.security.cert.X509Certificate.equals方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。