當前位置: 首頁>>代碼示例>>Java>>正文


Java X509CertSelector.setPolicy方法代碼示例

本文整理匯總了Java中java.security.cert.X509CertSelector.setPolicy方法的典型用法代碼示例。如果您正苦於以下問題:Java X509CertSelector.setPolicy方法的具體用法?Java X509CertSelector.setPolicy怎麽用?Java X509CertSelector.setPolicy使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在java.security.cert.X509CertSelector的用法示例。


在下文中一共展示了X509CertSelector.setPolicy方法的7個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Java代碼示例。

示例1: testPolicy

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
private void testPolicy() throws IOException {
    System.out.println("X.509 Certificate Match on certificatePolicies");
    // test encoding of CertificatePoliciesExtension because we wrote the
    // code
    // bad match
    X509CertSelector selector = new X509CertSelector();
    Set<String> s = new HashSet<>();
    s.add(new String("1.2.5.7.68"));
    selector.setPolicy(s);
    checkMatch(selector, cert, false);

    // good match
    DerInputStream in = new DerInputStream(cert.getExtensionValue("2.5.29.32"));
    CertificatePoliciesExtension ext = new CertificatePoliciesExtension(false, in.getOctetString());
    List<PolicyInformation> policies = ext.get(CertificatePoliciesExtension.POLICIES);
    // match on the first policy id
    PolicyInformation policyInfo = (PolicyInformation) policies.get(0);
    s.clear();
    s.add(policyInfo.getPolicyIdentifier().getIdentifier().toString());
    selector.setPolicy(s);
    checkMatch(selector, cert, true);
}
 
開發者ID:lambdalab-mirror,項目名稱:jdk8u-jdk,代碼行數:23,代碼來源:X509CertSelectorTest.java

示例2: test_getPolicy

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
/**
 * @tests java.security.cert.X509CertSelector#getPolicy()
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "getPolicy",
    args = {}
)
public void test_getPolicy() throws IOException {
    String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1",
            "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4",
            "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5",
            "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" };

    String[] policies2 = new String[] { "1.3.6.7.3.1" };

    HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1));
    HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2));

    X509CertSelector selector = new X509CertSelector();

    selector.setPolicy(null);
    assertNull(selector.getPolicy());

    selector.setPolicy(p1);
    assertEquals("The returned date should be equal to specified", p1, selector.getPolicy());

    selector.setPolicy(p2);
    assertEquals("The returned date should be equal to specified", p2, selector.getPolicy());
}
 
開發者ID:keplersj,項目名稱:In-the-Box-Fork,代碼行數:32,代碼來源:X509CertSelectorTest.java

示例3: test_setPolicyLjava_util_Set

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
/**
 * @tests java.security.cert.X509CertSelector#setPolicy(Set<String>)
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "setPolicy",
    args = {java.util.Set.class}
)
public void test_setPolicyLjava_util_Set() throws IOException {
    String[] policies1 = new String[] { "1.3.6.1.5.5.7.3.1",
            "1.3.6.1.5.5.7.3.2", "1.3.6.1.5.5.7.3.3", "1.3.6.1.5.5.7.3.4",
            "1.3.6.1.5.5.7.3.8", "1.3.6.1.5.5.7.3.9", "1.3.6.1.5.5.7.3.5",
            "1.3.6.1.5.5.7.3.6", "1.3.6.1.5.5.7.3.7" };

    String[] policies2 = new String[] { "1.3.6.7.3.1" };

    HashSet<String> p1 = new HashSet<String>(Arrays.asList(policies1));
    HashSet<String> p2 = new HashSet<String>(Arrays.asList(policies2));

    X509CertSelector selector = new X509CertSelector();

    TestCert cert1 = new TestCert(policies1);
    TestCert cert2 = new TestCert(policies2);

    selector.setPolicy(null);
    assertTrue("Any certificate should match in the case of null "
            + "privateKeyValid criteria.", selector.match(cert1)
            && selector.match(cert2));

    selector.setPolicy(p1);
    assertTrue("The certificate should match the selection criteria.",
            selector.match(cert1));
    assertFalse("The certificate should not match the selection criteria.",
            selector.match(cert2));

    selector.setPolicy(p2);
    assertFalse("The certificate should not match the selection criteria.",
            selector.match(cert1));
    assertTrue("The certificate should match the selection criteria.",
            selector.match(cert2));
}
 
開發者ID:keplersj,項目名稱:In-the-Box-Fork,代碼行數:43,代碼來源:X509CertSelectorTest.java

示例4: if

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
private Collection<X509Certificate> getMatchingEECerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertStoreException, CertificateException, IOException {

    /*
     * Compose a CertSelector to filter out
     * certs which do not satisfy requirements.
     *
     * First, retrieve clone of current target cert constraints, and
     * then add more selection criteria based on current validation state.
     */
    X509CertSelector sel = (X509CertSelector) targetCertConstraints.clone();

    /*
     * Match on issuer (subject of previous cert)
     */
    sel.setIssuer(currentState.subjectDN);

    /*
     * Match on certificate validity date.
     */
    sel.setCertificateValid(buildParams.date());

    /*
     * Policy processing optimizations
     */
    if (currentState.explicitPolicy == 0)
        sel.setPolicy(getMatchingPolicies());

    /*
     * If previous cert has a subject key identifier extension,
     * use it to match on authority key identifier extension.
     */
    /*if (currentState.subjKeyId != null) {
      AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
            null, null);
    sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
    }*/

    /*
     * Require EE certs
     */
    sel.setBasicConstraints(-2);

    /* Retrieve matching certs from CertStores */
    HashSet<X509Certificate> eeCerts = new HashSet<>();
    addMatchingCerts(sel, certStores, eeCerts, true);

    if (debug != null) {
        debug.println("ReverseBuilder.getMatchingEECerts got "
                      + eeCerts.size() + " certs.");
    }
    return eeCerts;
}
 
開發者ID:SunburstApps,項目名稱:OpenJSharp,代碼行數:56,代碼來源:ReverseBuilder.java

示例5: X509CertSelector

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
private Collection<X509Certificate> getMatchingCACerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertificateException, CertStoreException, IOException {

    /*
     * Compose a CertSelector to filter out
     * certs which do not satisfy requirements.
     */
    X509CertSelector sel = new X509CertSelector();

    /*
     * Match on issuer (subject of previous cert)
     */
    sel.setIssuer(currentState.subjectDN);

    /*
     * Match on certificate validity date.
     */
    sel.setCertificateValid(buildParams.date());

    /*
     * Match on target subject name (checks that current cert's
     * name constraints permit it to certify target).
     * (4 is the integer type for DIRECTORY name).
     */
    byte[] subject = targetCertConstraints.getSubjectAsBytes();
    if (subject != null) {
        sel.addPathToName(4, subject);
    } else {
        X509Certificate cert = targetCertConstraints.getCertificate();
        if (cert != null) {
            sel.addPathToName(4,
                              cert.getSubjectX500Principal().getEncoded());
        }
    }

    /*
     * Policy processing optimizations
     */
    if (currentState.explicitPolicy == 0)
        sel.setPolicy(getMatchingPolicies());

    /*
     * If previous cert has a subject key identifier extension,
     * use it to match on authority key identifier extension.
     */
    /*if (currentState.subjKeyId != null) {
      AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
                            null, null);
      sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
    }*/

    /*
     * Require CA certs
     */
    sel.setBasicConstraints(0);

    /* Retrieve matching certs from CertStores */
    ArrayList<X509Certificate> reverseCerts = new ArrayList<>();
    addMatchingCerts(sel, certStores, reverseCerts, true);

    /* Sort remaining certs using name constraints */
    Collections.sort(reverseCerts, new PKIXCertComparator());

    if (debug != null)
        debug.println("ReverseBuilder.getMatchingCACerts got " +
                      reverseCerts.size() + " certs.");
    return reverseCerts;
}
 
開發者ID:SunburstApps,項目名稱:OpenJSharp,代碼行數:71,代碼來源:ReverseBuilder.java

示例6: if

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
private Collection<X509Certificate> getMatchingEECerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertStoreException, CertificateException, IOException {

  /*
   * Compose a CertSelector to filter out
   * certs which do not satisfy requirements.
   *
   * First, retrieve clone of current target cert constraints,
   * and then add more selection criteria based on current validation state.
   */
  X509CertSelector sel = (X509CertSelector) targetCertConstraints.clone();

  /*
   * Match on issuer (subject of previous cert)
   */
  sel.setIssuer(currentState.subjectDN);

  /*
   * Match on certificate validity date.
   */
  sel.setCertificateValid(date);

  /*
   * Policy processing optimizations
   */
  if (currentState.explicitPolicy == 0)
      sel.setPolicy(getMatchingPolicies());

  /*
   * If previous cert has a subject key identifier extension,
   * use it to match on authority key identifier extension.
   */
  /*if (currentState.subjKeyId != null) {
    AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
            null, null);
    sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
  }*/

  /*
   * Require EE certs
   */
  sel.setBasicConstraints(-2);

  /* Retrieve matching certs from CertStores */
  HashSet<X509Certificate> eeCerts = new HashSet<X509Certificate>();
  addMatchingCerts(sel, certStores, eeCerts, true);

  if (debug != null) {
    debug.println("ReverseBuilder.getMatchingEECerts got " + eeCerts.size()
                + " certs.");
  }
  return eeCerts;
}
 
開發者ID:openjdk,項目名稱:jdk7-jdk,代碼行數:56,代碼來源:ReverseBuilder.java

示例7: X509CertSelector

import java.security.cert.X509CertSelector; //導入方法依賴的package包/類
private Collection<X509Certificate> getMatchingCACerts
    (ReverseState currentState, List<CertStore> certStores)
    throws CertificateException, CertStoreException, IOException {

  /*
   * Compose a CertSelector to filter out
   * certs which do not satisfy requirements.
   */
  X509CertSelector sel = new X509CertSelector();

  /*
   * Match on issuer (subject of previous cert)
   */
  sel.setIssuer(currentState.subjectDN);

  /*
   * Match on certificate validity date.
   */
  sel.setCertificateValid(date);

  /*
   * Match on target subject name (checks that current cert's
   * name constraints permit it to certify target).
   * (4 is the integer type for DIRECTORY name).
   */
  sel.addPathToName(4, targetCertConstraints.getSubjectAsBytes());

  /*
   * Policy processing optimizations
   */
  if (currentState.explicitPolicy == 0)
      sel.setPolicy(getMatchingPolicies());

  /*
   * If previous cert has a subject key identifier extension,
   * use it to match on authority key identifier extension.
   */
  /*if (currentState.subjKeyId != null) {
    AuthorityKeyIdentifierExtension authKeyId = new AuthorityKeyIdentifierExtension(
            (KeyIdentifier) currentState.subjKeyId.get(SubjectKeyIdentifierExtension.KEY_ID),
                            null, null);
    sel.setAuthorityKeyIdentifier(authKeyId.getExtensionValue());
  }*/

  /*
   * Require CA certs
   */
  sel.setBasicConstraints(0);

  /* Retrieve matching certs from CertStores */
  ArrayList<X509Certificate> reverseCerts =
      new ArrayList<X509Certificate>();
  addMatchingCerts(sel, certStores, reverseCerts, true);

  /* Sort remaining certs using name constraints */
  Collections.sort(reverseCerts, new PKIXCertComparator());

  if (debug != null)
    debug.println("ReverseBuilder.getMatchingCACerts got " +
                reverseCerts.size() + " certs.");
  return reverseCerts;
}
 
開發者ID:openjdk,項目名稱:jdk7-jdk,代碼行數:63,代碼來源:ReverseBuilder.java


注:本文中的java.security.cert.X509CertSelector.setPolicy方法示例由純淨天空整理自Github/MSDocs等開源代碼及文檔管理平台,相關代碼片段篩選自各路編程大神貢獻的開源項目,源碼版權歸原作者所有,傳播和使用請參考對應項目的License;未經允許,請勿轉載。