本文整理汇总了Java中sun.security.tools.KeyStoreUtil.isSelfSigned方法的典型用法代码示例。如果您正苦于以下问题:Java KeyStoreUtil.isSelfSigned方法的具体用法?Java KeyStoreUtil.isSelfSigned怎么用?Java KeyStoreUtil.isSelfSigned使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类sun.security.tools.KeyStoreUtil
的用法示例。
在下文中一共展示了KeyStoreUtil.isSelfSigned方法的4个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。
示例1: buildChain
import sun.security.tools.KeyStoreUtil; //导入方法依赖的package包/类
/**
* Recursively tries to establish chain from pool of certs starting from
* certToVerify until a self-signed cert is found, and fill the certs found
* into chain. Each cert in the chain signs the next one.
*
* This method is able to recover from an error, say, if certToVerify
* is signed by certA but certA has no issuer in certs and itself is not
* self-signed, the method can try another certB that also signs
* certToVerify and look for signer of certB, etc, etc.
*
* Each cert in chain comes with a label showing its origin. The label is
* used in the warning message when the cert is considered a risk.
*
* @param certToVerify the cert that needs to be verified.
* @param chain the chain that's being built.
* @param certs the pool of trusted certs
*
* @return true if successful, false otherwise.
*/
private boolean buildChain(Pair<String,X509Certificate> certToVerify,
Vector<Pair<String,X509Certificate>> chain,
Hashtable<Principal, Vector<Pair<String,X509Certificate>>> certs) {
if (KeyStoreUtil.isSelfSigned(certToVerify.snd)) {
// reached self-signed root cert;
// no verification needed because it's trusted.
chain.addElement(certToVerify);
return true;
}
Principal issuer = certToVerify.snd.getIssuerDN();
// Get the issuer's certificate(s)
Vector<Pair<String,X509Certificate>> vec = certs.get(issuer);
if (vec == null) {
return false;
}
// Try out each certificate in the vector, until we find one
// whose public key verifies the signature of the certificate
// in question.
for (Enumeration<Pair<String,X509Certificate>> issuerCerts = vec.elements();
issuerCerts.hasMoreElements(); ) {
Pair<String,X509Certificate> issuerCert = issuerCerts.nextElement();
PublicKey issuerPubKey = issuerCert.snd.getPublicKey();
try {
certToVerify.snd.verify(issuerPubKey);
} catch (Exception e) {
continue;
}
if (buildChain(issuerCert, chain, certs)) {
chain.addElement(certToVerify);
return true;
}
}
return false;
}
示例2: buildChain
import sun.security.tools.KeyStoreUtil; //导入方法依赖的package包/类
/**
* Recursively tries to establish chain from pool of trusted certs.
*
* @param certToVerify the cert that needs to be verified.
* @param chain the chain that's being built.
* @param certs the pool of trusted certs
*
* @return true if successful, false otherwise.
*/
private boolean buildChain(X509Certificate certToVerify,
Vector<Certificate> chain,
Hashtable<Principal, Vector<Certificate>> certs) {
Principal issuer = certToVerify.getIssuerDN();
if (KeyStoreUtil.isSelfSigned(certToVerify)) {
// reached self-signed root cert;
// no verification needed because it's trusted.
chain.addElement(certToVerify);
return true;
}
// Get the issuer's certificate(s)
Vector<Certificate> vec = certs.get(issuer);
if (vec == null) {
return false;
}
// Try out each certificate in the vector, until we find one
// whose public key verifies the signature of the certificate
// in question.
for (Enumeration<Certificate> issuerCerts = vec.elements();
issuerCerts.hasMoreElements(); ) {
X509Certificate issuerCert
= (X509Certificate)issuerCerts.nextElement();
PublicKey issuerPubKey = issuerCert.getPublicKey();
try {
certToVerify.verify(issuerPubKey);
} catch (Exception e) {
continue;
}
if (buildChain(issuerCert, chain, certs)) {
chain.addElement(certToVerify);
return true;
}
}
return false;
}
示例3: signerInfo
import sun.security.tools.KeyStoreUtil; //导入方法依赖的package包/类
/**
* Returns a string of singer info, with a newline at the end
*/
private String signerInfo(CodeSigner signer, String tab) {
if (cacheForSignerInfo.containsKey(signer)) {
return cacheForSignerInfo.get(signer);
}
StringBuilder sb = new StringBuilder();
List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
// display the signature timestamp, if present
Date timestamp;
Timestamp ts = signer.getTimestamp();
if (ts != null) {
sb.append(printTimestamp(tab, ts));
sb.append('\n');
timestamp = ts.getTimestamp();
} else {
timestamp = null;
noTimestamp = true;
}
// display the certificate(sb). The first one is end-entity cert and
// its KeyUsage should be checked.
boolean first = true;
for (Certificate c : certs) {
sb.append(printCert(tab, c, true, timestamp, first));
sb.append('\n');
first = false;
}
try {
validateCertChain(certs);
} catch (Exception e) {
chainNotValidated = true;
chainNotValidatedReason = e;
sb.append(tab).append(rb.getString(".CertPath.not.validated."))
.append(e.getLocalizedMessage()).append("]\n"); // TODO
}
if (certs.size() == 1
&& KeyStoreUtil.isSelfSigned((X509Certificate)certs.get(0))) {
signerSelfSigned = true;
}
String result = sb.toString();
cacheForSignerInfo.put(signer, result);
return result;
}
示例4: signerInfo
import sun.security.tools.KeyStoreUtil; //导入方法依赖的package包/类
/**
* Returns a string of singer info, with a newline at the end
*/
private String signerInfo(CodeSigner signer, String tab) {
if (cacheForSignerInfo.containsKey(signer)) {
return cacheForSignerInfo.get(signer);
}
StringBuilder sb = new StringBuilder();
List<? extends Certificate> certs = signer.getSignerCertPath().getCertificates();
// display the signature timestamp, if present
Date timestamp;
Timestamp ts = signer.getTimestamp();
if (ts != null) {
sb.append(printTimestamp(tab, ts));
sb.append('\n');
timestamp = ts.getTimestamp();
} else {
timestamp = null;
noTimestamp = true;
}
// display the certificate(sb). The first one is end-entity cert and
// its KeyUsage should be checked.
boolean first = true;
for (Certificate c : certs) {
sb.append(printCert(tab, c, true, timestamp, first));
sb.append('\n');
first = false;
}
try {
validateCertChain(certs);
} catch (Exception e) {
if (debug) {
e.printStackTrace();
}
if (e.getCause() != null &&
(e.getCause() instanceof CertificateExpiredException ||
e.getCause() instanceof CertificateNotYetValidException)) {
// No more warning, we alreay have hasExpiredCert or notYetValidCert
} else {
chainNotValidated = true;
chainNotValidatedReason = e;
sb.append(tab).append(rb.getString(".CertPath.not.validated."))
.append(e.getLocalizedMessage()).append("]\n"); // TODO
}
}
if (certs.size() == 1
&& KeyStoreUtil.isSelfSigned((X509Certificate)certs.get(0))) {
signerSelfSigned = true;
}
String result = sb.toString();
cacheForSignerInfo.put(signer, result);
return result;
}