本文整理汇总了Java中java.security.cert.X509Certificate.getIssuerDN方法的典型用法代码示例。如果您正苦于以下问题:Java X509Certificate.getIssuerDN方法的具体用法?Java X509Certificate.getIssuerDN怎么用?Java X509Certificate.getIssuerDN使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类java.security.cert.X509Certificate
的用法示例。
在下文中一共展示了X509Certificate.getIssuerDN方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: getCertificateChain
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public static List<X509Certificate> getCertificateChain(
List<X509Certificate> certs, X509Certificate leaf) {
List<X509Certificate> unusedCerts = new ArrayList<>(certs);
List<X509Certificate> result = new ArrayList<>(1);
result.add(leaf);
unusedCerts.remove(leaf);
X509Certificate root = leaf;
while (!root.getSubjectDN().equals(root.getIssuerDN())) {
Principal targetDn = root.getIssuerDN();
boolean issuerFound = false;
for (int i = 0; i < unusedCerts.size(); i++) {
X509Certificate unusedCert = unusedCerts.get(i);
if (targetDn.equals(unusedCert.getSubjectDN())) {
issuerFound = true;
unusedCerts.remove(i);
result.add(unusedCert);
root = unusedCert;
break;
}
}
if (!issuerFound) {
break;
}
}
return result;
}
示例2: buildChain
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
* Recursively tries to establish chain from pool of trusted certs.
*
* @param certToVerify the cert that needs to be verified.
* @param chain the chain that's being built.
* @param certs the pool of trusted certs
*
* @return true if successful, false otherwise.
*/
private boolean buildChain(X509Certificate certToVerify,
Vector<Certificate> chain,
Hashtable<Principal, Vector<Certificate>> certs) {
Principal issuer = certToVerify.getIssuerDN();
if (isSelfSigned(certToVerify)) {
// reached self-signed root cert;
// no verification needed because it's trusted.
chain.addElement(certToVerify);
return true;
}
// Get the issuer's certificate(s)
Vector<Certificate> vec = certs.get(issuer);
if (vec == null) {
return false;
}
// Try out each certificate in the vector, until we find one
// whose public key verifies the signature of the certificate
// in question.
for (Enumeration<Certificate> issuerCerts = vec.elements();
issuerCerts.hasMoreElements(); ) {
X509Certificate issuerCert
= (X509Certificate)issuerCerts.nextElement();
PublicKey issuerPubKey = issuerCert.getPublicKey();
try {
certToVerify.verify(issuerPubKey);
} catch (Exception e) {
continue;
}
if (buildChain(issuerCert, chain, certs)) {
chain.addElement(certToVerify);
return true;
}
}
return false;
}
示例3: populateCertIssuerNames
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
/**
* Populate array of Issuer DNs from certificates and convert
* each Principal to type X500Name if necessary.
*/
private void populateCertIssuerNames() {
if (certificates == null)
return;
certIssuerNames = new Principal[certificates.length];
for (int i = 0; i < certificates.length; i++) {
X509Certificate cert = certificates[i];
Principal certIssuerName = cert.getIssuerDN();
if (!(certIssuerName instanceof X500Name)) {
// must extract the original encoded form of DN for
// subsequent name comparison checks (converting to a
// String and back to an encoded DN could cause the
// types of String attribute values to be changed)
try {
X509CertInfo tbsCert =
new X509CertInfo(cert.getTBSCertificate());
certIssuerName = (Principal)
tbsCert.get(X509CertInfo.ISSUER + "." +
X509CertInfo.DN_NAME);
} catch (Exception e) {
// error generating X500Name object from the cert's
// issuer DN, leave name as is.
}
}
certIssuerNames[i] = certIssuerName;
}
}
示例4: getCertificateChain
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public ArrayList<X509Certificate> getCertificateChain(PKCS7 block)
throws IOException
{
X509Certificate userCert;
userCert = block.getCertificate(certificateSerialNumber, issuerName);
if (userCert == null)
return null;
ArrayList<X509Certificate> certList = new ArrayList<X509Certificate>();
certList.add(userCert);
X509Certificate[] pkcsCerts = block.getCertificates();
if (pkcsCerts == null
|| userCert.getSubjectDN().equals(userCert.getIssuerDN())) {
return certList;
}
Principal issuer = userCert.getIssuerDN();
int start = 0;
while (true) {
boolean match = false;
int i = start;
while (i < pkcsCerts.length) {
if (issuer.equals(pkcsCerts[i].getSubjectDN())) {
// next cert in chain found
certList.add(pkcsCerts[i]);
// if selected cert is self-signed, we're done
// constructing the chain
if (pkcsCerts[i].getSubjectDN().equals(
pkcsCerts[i].getIssuerDN())) {
start = pkcsCerts.length;
} else {
issuer = pkcsCerts[i].getIssuerDN();
X509Certificate tmpCert = pkcsCerts[start];
pkcsCerts[start] = pkcsCerts[i];
pkcsCerts[i] = tmpCert;
start++;
}
match = true;
break;
} else {
i++;
}
}
if (!match)
break;
}
return certList;
}
示例5: getCertificateChain
import java.security.cert.X509Certificate; //导入方法依赖的package包/类
public ArrayList<X509Certificate> getCertificateChain(PKCS7 block)
throws IOException
{
X509Certificate userCert;
userCert = block.getCertificate(certificateSerialNumber, issuerName);
if (userCert == null)
return null;
ArrayList<X509Certificate> certList = new ArrayList<>();
certList.add(userCert);
X509Certificate[] pkcsCerts = block.getCertificates();
if (pkcsCerts == null
|| userCert.getSubjectDN().equals(userCert.getIssuerDN())) {
return certList;
}
Principal issuer = userCert.getIssuerDN();
int start = 0;
while (true) {
boolean match = false;
int i = start;
while (i < pkcsCerts.length) {
if (issuer.equals(pkcsCerts[i].getSubjectDN())) {
// next cert in chain found
certList.add(pkcsCerts[i]);
// if selected cert is self-signed, we're done
// constructing the chain
if (pkcsCerts[i].getSubjectDN().equals(
pkcsCerts[i].getIssuerDN())) {
start = pkcsCerts.length;
} else {
issuer = pkcsCerts[i].getIssuerDN();
X509Certificate tmpCert = pkcsCerts[start];
pkcsCerts[start] = pkcsCerts[i];
pkcsCerts[i] = tmpCert;
start++;
}
match = true;
break;
} else {
i++;
}
}
if (!match)
break;
}
return certList;
}