Java 类java.security.cert.PKIXParameters 实例源码

项目:the-vigilantes    文件:ExportControlled.java   
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
项目:Wiab.pro    文件:CachedCertPathValidator.java   
private void validateNoCache(List<? extends X509Certificate> certs)
    throws SignatureException {
  try {
    CertPathValidator validator = CertPathValidator.getInstance(
        VALIDATOR_TYPE);
    PKIXParameters params = new PKIXParameters(trustRoots);
    params.addCertPathChecker(WAVE_OID_CHECKER);
    params.setDate(timeSource.now());

    // turn off default revocation-checking mechanism
    params.setRevocationEnabled(false);

    // TODO: add a way for clients to add certificate revocation checks,
    // perhaps by letting them pass in PKIXCertPathCheckers. This can also be
    // useful to check for Wave-specific certificate extensions.

    CertificateFactory certFactory = CertificateFactory.getInstance(
        CERTIFICATE_TYPE);
    CertPath certPath = certFactory.generateCertPath(certs);
    validator.validate(certPath, params);
  } catch (GeneralSecurityException e) {
    throw new SignatureException("Certificate validation failure", e);
  }
}
项目:ipack    文件:ExtendedPKIXParameters.java   
/**
 * Returns an instance with the parameters of a given
 * <code>PKIXParameters</code> object.
 * 
 * @param pkixParams The given <code>PKIXParameters</code>
 * @return an extended PKIX params object
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXParameters params;
    try
    {
        params = new ExtendedPKIXParameters(pkixParams.getTrustAnchors());
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
项目:ipack    文件:ExtendedPKIXBuilderParameters.java   
/**
 * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
 * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
 * <p>
 * This method can be used to get a copy from other
 * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
 * and <code>ExtendedPKIXParameters</code> instances.
 * 
 * @param pkixParams The PKIX parameters to create a copy of.
 * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXBuilderParameters params;
    try
    {
        params = new ExtendedPKIXBuilderParameters(pkixParams
                .getTrustAnchors(), X509CertStoreSelector
                .getInstance((X509CertSelector) pkixParams
                        .getTargetCertConstraints()));
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
项目:ipack    文件:PKIXCRLUtil.java   
public Set findCRLs(X509CRLStoreSelector crlselect, PKIXParameters paramsPKIX)
    throws AnnotatedException
{
    Set completeSet = new HashSet();

    // get complete CRL(s)
    try
    {
        completeSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
    }
    catch (AnnotatedException e)
    {
        throw new AnnotatedException("Exception obtaining complete CRLs.", e);
    }

    return completeSet;
}
项目:OpenVertretung    文件:ExportControlled.java   
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
项目:ProyectoPacientes    文件:ExportControlled.java   
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
项目:BibliotecaPS    文件:ExportControlled.java   
public X509TrustManagerWrapper(X509TrustManager tm, boolean verifyServerCertificate) throws CertificateException {
    this.origTm = tm;
    this.verifyServerCert = verifyServerCertificate;

    if (verifyServerCertificate) {
        try {
            Set<TrustAnchor> anch = new HashSet<TrustAnchor>();
            for (X509Certificate cert : tm.getAcceptedIssuers()) {
                anch.add(new TrustAnchor(cert, null));
            }
            this.validatorParams = new PKIXParameters(anch);
            this.validatorParams.setRevocationEnabled(false);
            this.validator = CertPathValidator.getInstance("PKIX");
            this.certFactory = CertificateFactory.getInstance("X.509");
        } catch (Exception e) {
            throw new CertificateException(e);
        }
    }
}
项目:jdk8u-jdk    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:jdk8u-jdk    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:openjdk-jdk10    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:openjdk-jdk10    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:openjdk-jdk10    文件:ValWithAnchorByName.java   
private static void runTest(CertificateFactory cf,
        List<X509Certificate> certList, TrustAnchor anchor)
        throws Exception {
    CertPath path = cf.generateCertPath(certList);
    CertPathValidator validator = CertPathValidator.getInstance("PKIX");

    System.out.println(anchor);

    // Attach the OCSP responses to a PKIXParameters object
    PKIXRevocationChecker pkrev =
            (PKIXRevocationChecker)validator.getRevocationChecker();
    Map<X509Certificate, byte[]> responseMap = new HashMap<>();
    responseMap.put(certList.get(0), DECODER.decode(EE_OCSP_RESP));
    responseMap.put(certList.get(1), DECODER.decode(INT_CA_OCSP_RESP));
    pkrev.setOcspResponses(responseMap);
    PKIXParameters params =
            new PKIXParameters(Collections.singleton(anchor));
    params.addCertPathChecker(pkrev);
    params.setDate(EVAL_DATE);

    validator.validate(path, params);
}
项目:openjdk9    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:openjdk9    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:Android-Application-ZJB    文件:GenericX509TrustManager.java   
public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
    try {
        this.mOriginalX509TrustManager.checkServerTrusted(chain, authType);
    } catch (CertificateException e1) {
        try {
            X509Certificate[] ex = this.reorderCertificateChain(chain);
            CertPathValidator validator = CertPathValidator.getInstance("PKIX");
            CertificateFactory factory = CertificateFactory.getInstance("X509");
            CertPath certPath = factory.generateCertPath(Arrays.asList(ex));
            PKIXParameters params = new PKIXParameters(this.mTrustStore);
            params.setRevocationEnabled(false);
            validator.validate(certPath, params);
        } catch (Exception e) {
            throw e1;
        }
    }

}
项目:jdk8u_jdk    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:jdk8u_jdk    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:lookaside_java-1.8.0-openjdk    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:lookaside_java-1.8.0-openjdk    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:Aki-SSL    文件:ExtendedPKIXParameters.java   
/**
 * Returns an instance with the parameters of a given
 * <code>PKIXParameters</code> object.
 * 
 * @param pkixParams The given <code>PKIXParameters</code>
 * @return an extended PKIX params object
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXParameters params;
    try
    {
        params = new ExtendedPKIXParameters(pkixParams.getTrustAnchors());
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
项目:Aki-SSL    文件:ExtendedPKIXBuilderParameters.java   
/**
 * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
 * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
 * <p>
 * This method can be used to get a copy from other
 * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
 * and <code>ExtendedPKIXParameters</code> instances.
 * 
 * @param pkixParams The PKIX parameters to create a copy of.
 * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXBuilderParameters params;
    try
    {
        params = new ExtendedPKIXBuilderParameters(pkixParams
                .getTrustAnchors(), X509CertStoreSelector
                .getInstance((X509CertSelector) pkixParams
                        .getTargetCertConstraints()));
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
项目:Aki-SSL    文件:PKIXCRLUtil.java   
public Set findCRLs(X509CRLStoreSelector crlselect, PKIXParameters paramsPKIX)
    throws AnnotatedException
{
    Set completeSet = new HashSet();

    // get complete CRL(s)
    try
    {
        completeSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
    }
    catch (AnnotatedException e)
    {
        throw new AnnotatedException("Exception obtaining complete CRLs.", e);
    }

    return completeSet;
}
项目:signer-source    文件:CertificateService.java   
private PKIXParameters createPKIXParms(
        Collection<X509Certificate> trustAnchorColl, Date dtDate)
        throws InvalidAlgorithmParameterException {
    // TODO Auto-generated method stub
    Set tmpTA = new HashSet();
    Iterator<X509Certificate> itLast = trustAnchorColl.iterator();
    while (itLast.hasNext()) {
        X509Certificate certOnPath = itLast.next();
        TrustAnchor trustAnchor = new TrustAnchor(certOnPath, null);
        tmpTA.add(trustAnchor);
    }

    PKIXParameters params = new PKIXParameters(tmpTA);
    params.setDate(dtDate);
    return params;

}
项目:cgv    文件:DisableCRLRule.java   
public RuleCheckResult validate(CACCertAuthParamParser pp) {
    CertPath cp = getCertPath(pp);
    if (cp == null) {
        logger.printToConsole("Can't load user certificate, please check " + pp.getUserCert());
        return RuleCheckResult.FALSE;
    }

    // Load the root CA certificate
    Set<TrustAnchor> trustedCerts = getTrustedCerts(pp);
    if (trustedCerts == null) {
        logger.printToConsole("Can't parse the trusted CA certificates, please check " + pp.getRootCerts());
        return RuleCheckResult.FALSE;
    }

    PKIXParameters params = initPKIXParams(trustedCerts, new ArrayList(), pp);
    RuleCheckResult result = validate(cp, params);

    return result;
}
项目:infobip-open-jdk-8    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:infobip-open-jdk-8    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:jdk8u-dev-jdk    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:jdk8u-dev-jdk    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:In-the-Box-Fork    文件:TrustManagerImpl.java   
/**
 * Creates trust manager implementation
 *
 * @param ks
 */
public TrustManagerImpl(KeyStore ks) {
    try {
        validator = CertPathValidator.getInstance("PKIX");
        factory = CertificateFactory.getInstance("X509");
        byte[] nameConstrains = null;
        Set<TrustAnchor> trusted = new HashSet<TrustAnchor>();
        for (Enumeration<String> en = ks.aliases(); en.hasMoreElements();) {
            final String alias = en.nextElement();
            final X509Certificate cert = (X509Certificate) ks.getCertificate(alias);
            if (cert != null) {
                trusted.add(new TrustAnchor(cert, nameConstrains));
            }
        }
        params = new PKIXParameters(trusted);
        params.setRevocationEnabled(false);
    } catch (Exception e) {
        err = e;
    }
}
项目:In-the-Box-Fork    文件:PKIXBuilderParametersTest.java   
/**
 * Test #1 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
 * constructor<br>
 * Assertion: creates an instance of <code>PKIXBuilderParameters</code>
 * @throws InvalidAlgorithmParameterException
 */
@TestTargetNew(
    level = TestLevel.PARTIAL_COMPLETE,
    notes = "Verifies positive case.",
    method = "PKIXBuilderParameters",
    args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector01()
    throws InvalidAlgorithmParameterException {
    Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }
    // both parameters are valid and non-null
    PKIXParameters p =
        new PKIXBuilderParameters(taSet, new X509CertSelector());
    assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
    assertNotNull("certSelector", p.getTargetCertConstraints());
}
项目:In-the-Box-Fork    文件:PKIXBuilderParametersTest.java   
/**
 * Test #2 for <code>PKIXBuilderParameters(Set, CertSelector)</code>
 * constructor<br>
 * Assertion: creates an instance of <code>PKIXBuilderParameters</code>
 * @throws InvalidAlgorithmParameterException
 */
@TestTargetNew(
    level = TestLevel.PARTIAL_COMPLETE,
    notes = "Verifies null as a CertSelector parameter.",
    method = "PKIXBuilderParameters",
    args = {java.util.Set.class, java.security.cert.CertSelector.class}
)
public final void testPKIXBuilderParametersSetCertSelector02()
    throws InvalidAlgorithmParameterException {
    Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName() + ": not performed (could not create test TrustAnchor set)");
    }
    // both parameters are valid but CertSelector is null
    PKIXParameters p = new PKIXBuilderParameters(taSet, null);
    assertTrue("instanceOf", p instanceof PKIXBuilderParameters);
    assertNull("certSelector", p.getTargetCertConstraints());
}
项目:tigase-server    文件:CertFilesTrustManager.java   
public static CertFilesTrustManager getInstance(String pathToCertsFiles) throws Exception {
    certificateFactory = CertificateFactory.getInstance("X.509");
    Set<TrustAnchor> trustAnchors = new HashSet<TrustAnchor>();

    File[] files = new File(pathToCertsFiles).listFiles();

    for (File file : files) {
        if (!file.isFile()) {
            continue;
        }
        try {
            X509Certificate cert = loadCertificate(file);
            TrustAnchor ta = new TrustAnchor(cert, null);
            trustAnchors.add(ta);
        } catch (CertificateParsingException e) {}
    }

    CertPathValidator val = CertPathValidator.getInstance(CertPathValidator.getDefaultType());

    PKIXParameters cpp = new PKIXParameters(trustAnchors);
    cpp.setRevocationEnabled(false);
    CertFilesTrustManager tm = new CertFilesTrustManager(val, cpp);
    return tm;
}
项目:In-the-Box-Fork    文件:OldPKIXParametersTest.java   
/**
 * Test for <code>toString</code> method<br>
 */
@TestTargetNew(
    level = TestLevel.COMPLETE,
    notes = "",
    method = "toString",
    args = {}
)
public final void testToString() throws Exception {
    Set<TrustAnchor> taSet = TestUtils.getTrustAnchorSet();
    if (taSet == null) {
        fail(getName()
                + ": not performed (could not create test TrustAnchor set)");
    }

    PKIXParameters p = new PKIXParameters(taSet);
    assertNotNull(p.toString());

    PKIXParameters p1 = null;
    try {
        p1.toString();
        fail("NullPointerException expected");
    } catch (NullPointerException e) {
        // expected
    }
}
项目:CryptMeme    文件:ExtendedPKIXBuilderParameters.java   
/**
 * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
 * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
 * <p>
 * This method can be used to get a copy from other
 * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
 * and <code>ExtendedPKIXParameters</code> instances.
 * 
 * @param pkixParams The PKIX parameters to create a copy of.
 * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
 */
public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
{
    ExtendedPKIXBuilderParameters params;
    try
    {
        params = new ExtendedPKIXBuilderParameters(pkixParams
                .getTrustAnchors(), X509CertStoreSelector
                .getInstance((X509CertSelector) pkixParams
                        .getTargetCertConstraints()));
    }
    catch (Exception e)
    {
        // cannot happen
        throw new RuntimeException(e.getMessage());
    }
    params.setParams(pkixParams);
    return params;
}
项目:jdk7-jdk    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:jdk7-jdk    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }
项目:openjdk-source-code-learn    文件:PKIXCertPathValidator.java   
/**
 * Internal method to setup the internal state
 */
private void populateVariables(PKIXParameters pkixParam)
{
    // default value for testDate is current time
    testDate = pkixParam.getDate();
    if (testDate == null) {
        testDate = new Date(System.currentTimeMillis());
    }

    userCheckers = pkixParam.getCertPathCheckers();
    sigProvider = pkixParam.getSigProvider();

    if (pkixParam.isRevocationEnabled()) {
        // Examine OCSP security property
        ocspEnabled = AccessController.doPrivileged(
            new GetBooleanSecurityPropertyAction
                (OCSPChecker.OCSP_ENABLE_PROP));
        onlyEECert = AccessController.doPrivileged(
            new GetBooleanSecurityPropertyAction
                ("com.sun.security.onlyCheckRevocationOfEECert"));
    }
}
项目:openjdk-source-code-learn    文件:ValidateTargetConstraints.java   
public static void createPath(String[] certs) throws Exception {
    TrustAnchor anchor = new TrustAnchor(getCertFromFile(certs[0]), null);
    List list = new ArrayList();
    for (int i = 1; i < certs.length; i++) {
        list.add(0, getCertFromFile(certs[i]));
    }
    CertificateFactory cf = CertificateFactory.getInstance("X509");
    path = cf.generateCertPath(list);

    Set anchors = Collections.singleton(anchor);
    params = new PKIXParameters(anchors);
    params.setRevocationEnabled(false);
    X509CertSelector sel = new X509CertSelector();
    sel.setSerialNumber(new BigInteger("1427"));
    params.setTargetCertConstraints(sel);
}
项目:openjdk-source-code-learn    文件:ValidateNC.java   
public static void createPath(String[] certs) throws Exception {

        X509Certificate anchorCert = getCertFromFile(certs[0]);
        byte [] nameConstraints = anchorCert.getExtensionValue("2.5.29.30");
        if (nameConstraints != null) {
            DerInputStream in = new DerInputStream(nameConstraints);
            nameConstraints = in.getOctetString();
        }
        TrustAnchor anchor = new TrustAnchor(anchorCert, nameConstraints);
        List list = new ArrayList();
        for (int i = 1; i < certs.length; i++) {
            list.add(0, getCertFromFile(certs[i]));
        }
        CertificateFactory cf = CertificateFactory.getInstance("X509");
        path = cf.generateCertPath(list);

        anchors = Collections.singleton(anchor);
        params = new PKIXParameters(anchors);
        params.setRevocationEnabled(false);
    }