本文整理汇总了Java中javax.security.auth.x500.X500Principal.equals方法的典型用法代码示例。如果您正苦于以下问题:Java X500Principal.equals方法的具体用法?Java X500Principal.equals怎么用?Java X500Principal.equals使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类javax.security.auth.x500.X500Principal的用法示例。
在下文中一共展示了X500Principal.equals方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: engineGetCertificateAlias
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
/** {@inheritDoc} */
@Override
public String engineGetCertificateAlias(final Certificate cert) {
if (!(cert instanceof X509Certificate)) {
return null;
}
final BigInteger serial = ((X509Certificate) cert).getSerialNumber();
final X500Principal principal = ((X509Certificate) cert).getIssuerX500Principal();
for (final String alias : userCertAliases) {
final X509Certificate c = (X509Certificate) engineGetCertificate(alias);
if (c.getSerialNumber() == serial && principal.equals(principal)) {
return alias;
}
}
return null;
}
示例2: processSubjectDN
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
/**
* Process name checking for the certificate subject DN.
*
* @param certificate the certificate to process
* @param trustedNames the set of trusted names
*
* @return true if the subject DN matches the set of trusted names, false otherwise
*/
protected boolean processSubjectDN(X509Certificate certificate, Set<String> trustedNames) {
log.debug("Processing subject DN");
X500Principal subjectPrincipal = certificate.getSubjectX500Principal();
if (log.isDebugEnabled()) {
log.debug("Extracted X500Principal from certificate: {}", x500DNHandler.getName(subjectPrincipal));
}
for (String trustedName : trustedNames) {
X500Principal trustedNamePrincipal = null;
try {
trustedNamePrincipal = x500DNHandler.parse(trustedName);
log.debug("Evaluating principal successfully parsed from trusted name: {}", trustedName);
if (subjectPrincipal.equals(trustedNamePrincipal)) {
if (log.isDebugEnabled()) {
log.debug("Matched subject DN to trusted names: {}", x500DNHandler.getName(subjectPrincipal));
}
return true;
}
} catch (IllegalArgumentException e) {
// Do nothing, probably wasn't a distinguished name.
// TODO maybe try and match only the "suspected" DN values above
// - maybe match with regex for '='or something
log.debug("Trusted name was not a DN or could not be parsed: {}", trustedName);
continue;
}
}
return false;
}
示例3: setCertificateIssuer
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
void setCertificateIssuer(X500Principal crlIssuer, X500Principal certIssuer) {
if (crlIssuer.equals(certIssuer)) {
this.certIssuer = null;
} else {
this.certIssuer = certIssuer;
}
}
示例4: isIdentityEquivalent
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
private static boolean isIdentityEquivalent(X509Certificate thisCert,
X509Certificate prevCert) {
if (thisCert.equals(prevCert)) {
return true;
}
// check the iPAddress field in subjectAltName extension
Object thisIPAddress = getSubjectAltName(thisCert, 7); // 7: iPAddress
Object prevIPAddress = getSubjectAltName(prevCert, 7);
if (thisIPAddress != null && prevIPAddress!= null) {
// only allow the exactly match
return Objects.equals(thisIPAddress, prevIPAddress);
}
// check the dNSName field in subjectAltName extension
Object thisDNSName = getSubjectAltName(thisCert, 2); // 2: dNSName
Object prevDNSName = getSubjectAltName(prevCert, 2);
if (thisDNSName != null && prevDNSName!= null) {
// only allow the exactly match
return Objects.equals(thisDNSName, prevDNSName);
}
// check the certificate subject and issuer
X500Principal thisSubject = thisCert.getSubjectX500Principal();
X500Principal prevSubject = prevCert.getSubjectX500Principal();
X500Principal thisIssuer = thisCert.getIssuerX500Principal();
X500Principal prevIssuer = prevCert.getIssuerX500Principal();
if (!thisSubject.getName().isEmpty() &&
!prevSubject.getName().isEmpty() &&
thisSubject.equals(prevSubject) &&
thisIssuer.equals(prevIssuer)) {
return true;
}
return false;
}
示例5: verifyNameChaining
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
/**
* Internal method to check that cert has a valid DN to be next in a chain
*/
private void verifyNameChaining(X509Certificate cert)
throws CertPathValidatorException
{
if (prevSubject != null) {
String msg = "subject/issuer name chaining";
if (debug != null)
debug.println("---checking " + msg + "...");
X500Principal currIssuer = cert.getIssuerX500Principal();
// reject null or empty issuer DNs
if (X500Name.asX500Name(currIssuer).isEmpty()) {
throw new CertPathValidatorException
(msg + " check failed: " +
"empty/null issuer DN in certificate is invalid", null,
null, -1, PKIXReason.NAME_CHAINING);
}
if (!(currIssuer.equals(prevSubject))) {
throw new CertPathValidatorException
(msg + " check failed", null, null, -1,
PKIXReason.NAME_CHAINING);
}
if (debug != null)
debug.println(msg + " verified.");
}
}
示例6: checkPair
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
private void checkPair() throws CertificateException {
/* if either of pair is missing, return w/o error */
if (forward == null || reverse == null) {
return;
}
/*
* If both elements of the pair are present, check that they
* are a valid pair.
*/
X500Principal fwSubject = forward.getSubjectX500Principal();
X500Principal fwIssuer = forward.getIssuerX500Principal();
X500Principal rvSubject = reverse.getSubjectX500Principal();
X500Principal rvIssuer = reverse.getIssuerX500Principal();
if (!fwIssuer.equals(rvSubject) || !rvIssuer.equals(fwSubject)) {
throw new CertificateException("subject and issuer names in "
+ "forward and reverse certificates do not match");
}
/* check signatures unless key parameters are missing */
try {
PublicKey pk = reverse.getPublicKey();
if (!(pk instanceof DSAPublicKey) ||
((DSAPublicKey)pk).getParams() != null) {
forward.verify(pk);
}
pk = forward.getPublicKey();
if (!(pk instanceof DSAPublicKey) ||
((DSAPublicKey)pk).getParams() != null) {
reverse.verify(pk);
}
} catch (GeneralSecurityException e) {
throw new CertificateException("invalid signature: "
+ e.getMessage());
}
}
示例7: parse
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
public void parse(String dnString) throws Exception {
System.out.println("Parsing " + dnString);
X500Principal dn = new X500Principal(dnString);
String dnString2 = dn.getName();
X500Principal dn2 = new X500Principal(dnString2);
if (dn.equals(dn2)) {
System.out.println("PASSED");
} else {
System.out.println("FAILED");
failed++;
}
}
示例8: getTrustAnchors
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
{
Collection trustColl = new ArrayList();
Iterator it = trustanchors.iterator();
X509CertSelector certSelectX509 = new X509CertSelector();
try
{
certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
byte[] ext = cert.getExtensionValue(X509Extensions.AuthorityKeyIdentifier.getId());
if (ext != null)
{
ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));
certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
byte[] keyID = authID.getKeyIdentifier();
if (keyID != null)
{
certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
}
}
}
catch (IOException ex)
{
ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
throw new CertPathReviewerException(msg);
}
while (it.hasNext())
{
TrustAnchor trust = (TrustAnchor) it.next();
if (trust.getTrustedCert() != null)
{
if (certSelectX509.match(trust.getTrustedCert()))
{
trustColl.add(trust);
}
}
else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
{
X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
X500Principal caName = new X500Principal(trust.getCAName());
if (certIssuer.equals(caName))
{
trustColl.add(trust);
}
}
}
return trustColl;
}
示例9: isSelfIssued
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
/**
* Utility method to test if a certificate is self-issued. This is
* the case iff the subject and issuer X500Principals are equal.
*/
public static boolean isSelfIssued(X509Certificate cert) {
X500Principal subject = cert.getSubjectX500Principal();
X500Principal issuer = cert.getIssuerX500Principal();
return subject.equals(issuer);
}
示例10: main
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
public static void main(String[] args) {
// test regular equals
X500Principal p1 = new X500Principal(p1String);
X500Principal p2 = new X500Principal(p2String);
printName("Principal 1:", p1String, p1);
printName("Principal 2:", p2String, p2);
if (!p1.equals(p2))
throw new SecurityException("Equals test failed: #1");
X500Principal notEqual = new X500Principal("cn=test2");
if (p1.equals(notEqual))
throw new SecurityException("Equals test failed: #2");
if (p1.equals(null))
throw new SecurityException("Equals test failed: #3");
if (p1.hashCode() != p2.hashCode())
throw new SecurityException("Equals test failed: #4");
// test multiple AVA's in an RDN
X500Principal p3 = new X500Principal(p3String);
X500Principal p4 = new X500Principal(p4String);
printName("Principal 3:", p3String, p3);
printName("Principal 4:", p4String, p4);
if (!p3.equals(p4))
throw new SecurityException("Equals test failed: #5");
if (p1.equals(p3) || p2.equals(p3))
throw new SecurityException("Equals test failed: #6");
if (p3.hashCode() != p4.hashCode())
throw new SecurityException("Equals test failed: #7");
X500Principal p5 = new X500Principal(p5String);
X500Principal p6 = new X500Principal(p6String);
printName("Principal 5:", p5String, p5);
printName("Principal 6:", p6String, p6);
if (!p5.equals(p6))
throw new SecurityException("Equals test failed: #8");
if (p5.hashCode() != p6.hashCode())
throw new SecurityException("Equals test failed: #9");
X500Principal p7 = new X500Principal(p7String);
X500Principal p8 = new X500Principal(p8String);
printName("Principal 7:", p7String, p7);
printName("Principal 8:", p8String, p8);
if (!p7.equals(p8))
throw new SecurityException("Equals test failed: #10");
if (p7.hashCode() != p8.hashCode())
throw new SecurityException("Equals test failed: #11");
System.out.println("Equals test passed");
}
示例11: main
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
public static void main(String[] args) {
try {
// create 2 different X500Principals
X500Principal p = new X500Principal("o=sun, cn=duke");
X500Principal p2 = new X500Principal("o=sun, cn=dukette");
// get the encoded bytes for the 2 principals
byte[] encoded = p.getEncoded();
byte[] encoded2 = p2.getEncoded();
// create a ByteArrayInputStream with the
// encodings from the 2 principals
byte[] all = new byte[encoded.length + encoded2.length];
System.arraycopy(encoded, 0, all, 0, encoded.length);
System.arraycopy(encoded2, 0, all, encoded.length, encoded2.length);
ByteArrayInputStream bais = new ByteArrayInputStream(all);
// create 2 new X500Principals from the ByteArrayInputStream
X500Principal pp = new X500Principal(bais);
X500Principal pp2 = new X500Principal(bais);
// sanity check the 2 new principals
if (p.equals(pp) && p2.equals(pp2) && !pp.equals(pp2)) {
System.out.println("Test 1 passed");
} else {
throw new SecurityException("Test 1 failed");
}
// corrupt the ByteArrayInputStream and see if the
// mark/reset worked
byte[] all2 = new byte[all.length];
System.arraycopy(all, 0, all2, 0, all.length);
all2[encoded.length + 2] = (byte)-1;
bais = new ByteArrayInputStream(all2);
// this should work
X500Principal ppp = new X500Principal(bais);
// this should throw an IOException due to stream corruption
int origAvailable = bais.available();
try {
X500Principal ppp2 = new X500Principal(bais);
throw new SecurityException("Test 2 (part a) failed");
} catch (IllegalArgumentException iae) {
if (bais.available() == origAvailable) {
System.out.println("Test 2 passed");
} else {
throw new SecurityException("Test 2 (part b) failed");
}
}
} catch (Exception e) {
e.printStackTrace();
throw new SecurityException(e.getMessage());
}
}
示例12: getRevokedCertificate
import javax.security.auth.x500.X500Principal; //导入方法依赖的package包/类
/**
* Get the CRL entry, if any, for the given certificate.
*
* <p>This method can be used to lookup CRL entries in indirect CRLs,
* that means CRLs that contain entries from issuers other than the CRL
* issuer. The default implementation will only return entries for
* certificates issued by the CRL issuer. Subclasses that wish to
* support indirect CRLs should override this method.
*
* @param certificate the certificate for which a CRL entry is to be looked
* up
* @return the entry for the given certificate, or null if no such entry
* exists in this CRL.
* @exception NullPointerException if certificate is null
*
* @since 1.5
*/
public X509CRLEntry getRevokedCertificate(X509Certificate certificate) {
X500Principal certIssuer = certificate.getIssuerX500Principal();
X500Principal crlIssuer = getIssuerX500Principal();
if (certIssuer.equals(crlIssuer) == false) {
return null;
}
return getRevokedCertificate(certificate.getSerialNumber());
}